diff --git a/.openpublishing.redirection.json b/.openpublishing.redirection.json
index 8d507ba71a..81696cd310 100644
--- a/.openpublishing.redirection.json
+++ b/.openpublishing.redirection.json
@@ -79,6 +79,11 @@
       "source_path": "windows/security/threat-protection/windows-defender-exploit-guard/collect-cab-files-exploit-guard-submission.md",
       "redirect_url": "https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-exploit-protection-mitigations",
       "redirect_document_id": true
+    },
+	{
+      "source_path": "windows/security/threat-protection/microsoft-defender-atp/ios-privacy-statement.md",
+      "redirect_url": "https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/ios-privacy",
+      "redirect_document_id": true
     },
     {
       "source_path": "windows/security/information-protection/windows-information-protection/create-wip-policy-using-mam-intune-azure.md",
@@ -14565,41 +14570,86 @@
       "redirect_url": "https://docs.microsoft.com/windows/client-management/mdm/policy-csps-supported-by-surface-hub",
       "redirect_document_id": false
     },
+    {
+      "source_path": "windows/client-management/mdm/policy-csps-supported-by-surface-hub.md",
+      "redirect_url": "https://docs.microsoft.com/windows/client-management/mdm/policies-in-policy-csp-supported-by-surface-hub",
+      "redirect_document_id": false
+    },
     {
       "source_path": "windows/client-management/mdm/policies-supported-by-iot-enterprise.md",
       "redirect_url": "https://docs.microsoft.com/windows/client-management/mdm/policy-csps-supported-by-iot-enterprise",
       "redirect_document_id": false
     },
+    {
+      "source_path": "windows/client-management/mdm/policy-csps-supported-by-iot-enterprise.md",
+      "redirect_url": "https://docs.microsoft.com/windows/client-management/mdm/policies-in-policy-csp-supported-by-iot-enterprise",
+      "redirect_document_id": false
+    },
     {
       "source_path": "windows/client-management/mdm/policies-supported-by-iot-core.md",
       "redirect_url": "https://docs.microsoft.com/windows/client-management/mdm/policy-csps-supported-by-iot-core",
       "redirect_document_id": false
     },
+    {
+      "source_path": "windows/client-management/mdm/policy-csps-supported-by-iot-core.md",
+      "redirect_url": "https://docs.microsoft.com/windows/client-management/mdm/policies-in-policy-csp-supported-by-iot-core",
+      "redirect_document_id": false
+    },
     {
       "source_path": "windows/client-management/mdm/policies-supported-by-hololens2.md",
       "redirect_url": "https://docs.microsoft.com/windows/client-management/mdm/policy-csps-supported-by-hololens2",
       "redirect_document_id": false
     },
+    {
+      "source_path": "windows/client-management/mdm/policy-csps-supported-by-hololens2.md",
+      "redirect_url": "https://docs.microsoft.com/windows/client-management/mdm/policies-in-policy-csp-supported-by-hololens2",
+      "redirect_document_id": false
+    },
     {
       "source_path": "windows/client-management/mdm/policies-supported-by-hololens-1st-gen-development-edition.md",
       "redirect_url": "https://docs.microsoft.com/windows/client-management/mdm/policy-csps-supported-by-hololens-1st-gen-development-edition",
       "redirect_document_id": false
     },
+    {
+      "source_path": "windows/client-management/mdm/policy-csps-supported-by-hololens-1st-gen-development-edition.md",
+      "redirect_url": "https://docs.microsoft.com/windows/client-management/mdm/policies-in-policy-csp-supported-by-hololens-1st-gen-development-edition",
+      "redirect_document_id": false
+    },
     {
       "source_path": "windows/client-management/mdm/policies-supported-by-hololens-1st-gen-commercial-suite.md",
       "redirect_url": "https://docs.microsoft.com/windows/client-management/mdm/policy-csps-supported-by-hololens-1st-gen-commercial-suite",
       "redirect_document_id": false
     },
+    {
+      "source_path": "windows/client-management/mdm/policy-csps-supported-by-hololens-1st-gen-commercial-suite.md",
+      "redirect_url": "https://docs.microsoft.com/windows/client-management/mdm/policies-in-policy-csp-supported-by-hololens-1st-gen-commercial-suite",
+      "redirect_document_id": false
+    },
     {
       "source_path": "windows/client-management/mdm/policies-admx-backed.md",
       "redirect_url": "https://docs.microsoft.com/windows/client-management/mdm/policy-csps-admx-backed",
       "redirect_document_id": false
     },
+    {
+      "source_path": "windows/client-management/mdm/policy-csps-admx-backed.md",
+      "redirect_url": "https://docs.microsoft.com/windows/client-management/mdm/policies-in-policy-csp-admx-backed",
+      "redirect_document_id": false
+    },
     {
       "source_path": "windows/client-management/mdm/policies-supported-by-group-policy.md",
       "redirect_url": "https://docs.microsoft.com/windows/client-management/mdm/policy-csps-supported-by-group-policy",
       "redirect_document_id": false
     },
+    {
+      "source_path": "windows/client-management/mdm/policy-csps-supported-by-group-policy.md",
+      "redirect_url": "https://docs.microsoft.com/windows/client-management/mdm/policies-in-policy-csp-supported-by-group-policy",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "windows/client-management/mdm/policy-csps-that-can-be-set-using-eas.md",
+      "redirect_url": "https://docs.microsoft.com/windows/client-management/mdm/policies-in-policy-csp-that-can-be-set-using-eas",
+      "redirect_document_id": false
+    },
     {
       "source_path": "windows/keep-secure/collect-wip-audit-event-logs.md",
       "redirect_url": "https://docs.microsoft.com/windows/threat-protection/windows-information-protection/collect-wip-audit-event-logs",
diff --git a/education/developers.yml b/education/developers.yml
index 9e21b6d27f..6533d8c51c 100644
--- a/education/developers.yml
+++ b/education/developers.yml
@@ -18,16 +18,16 @@ additionalContent:
         # Card
         - title: UWP apps for education
           summary: Learn how to write universal apps for education.
-          url: https://docs.microsoft.com/en-us/windows/uwp/apps-for-education/
+          url: https://docs.microsoft.com/windows/uwp/apps-for-education/
         # Card
         - title: Take a test API
           summary: Learn how web applications can use the API to provide a locked down experience for taking tests.
-          url: https://docs.microsoft.com/en-us/windows/uwp/apps-for-education/take-a-test-api
+          url: https://docs.microsoft.com/windows/uwp/apps-for-education/take-a-test-api
         # Card
         - title: Office Education Dev center
           summary: Integrate with Office 365 across devices and services to extend Microsoft enterprise-scale compliance and security to students, teachers, and staff in your education app
-          url: https://dev.office.com/industry-verticals/edu
+          url: https://developer.microsoft.com/office/edu
         # Card
         - title: Data Streamer
           summary: Bring new STEM experiences into the classroom with real-time data in Excel using Data Streamer. Data Streamer can send data to Excel from a sensor or application.
-          url: https://docs.microsoft.com/en-us/microsoft-365/education/data-streamer
\ No newline at end of file
+          url: https://docs.microsoft.com/microsoft-365/education/data-streamer
diff --git a/education/includes/education-content-updates.md b/education/includes/education-content-updates.md
new file mode 100644
index 0000000000..3c22125793
--- /dev/null
+++ b/education/includes/education-content-updates.md
@@ -0,0 +1,11 @@
+<!-- This file is generated automatically each week. Changes made to this file will be overwritten.-->
+

+
+
+## Week of October 19, 2020
+
+
+| Published On |Topic title | Change |
+|------|------------|--------|
+| 10/22/2020 | [Microsoft 365 Education Documentation for developers](/education/developers) | modified |
+| 10/22/2020 | [Windows 10 editions for education customers](/education/windows/windows-editions-for-education-customers) | modified |
diff --git a/education/windows/windows-editions-for-education-customers.md b/education/windows/windows-editions-for-education-customers.md
index 80555a4b90..4197cf6869 100644
--- a/education/windows/windows-editions-for-education-customers.md
+++ b/education/windows/windows-editions-for-education-customers.md
@@ -30,10 +30,10 @@ Windows 10, version 1607 introduces two editions designed for the unique needs o
 
 Windows 10 Pro Education builds on the commercial version of Windows 10 Pro and provides important management controls needed in schools. Windows 10 Pro Education is effectively a variant of Windows 10 Pro that provides education-specific default settings. These default settings disable tips, tricks and suggestions & Microsoft Store suggestions. More detailed information on these default settings is available in [Manage Windows 10 and Microsoft Store tips, tricks, and suggestions](https://go.microsoft.com/fwlink/?LinkId=822627).
 
-For Cortana<sup>[1](#footnote1)</sup>,
+For Cortana<sup>[1](#footnote1)</sup>:
 - If you're using version 1607, Cortana is removed.
-- If you're using new devices with version 1703, Cortana is turned on by default.
-- If you're upgrading from version 1607 to version 1703, Cortana will be enabled.
+- If you're using new devices with version 1703 or later, Cortana is turned on by default.
+- If you're upgrading from version 1607 to version 1703 or later, Cortana will be enabled.
 
 You can use the **AllowCortana** policy to turn Cortana off. For more information, see [Windows 10 configuration recommendations for education customers](configure-windows-for-education.md).
 
@@ -49,10 +49,10 @@ Customers who deploy Windows 10 Pro are able to configure the product to have si
 
 Windows 10 Education builds on Windows 10 Enterprise and provides the enterprise-grade manageability and security desired by many schools. Windows 10 Education is effectively a variant of Windows 10 Enterprise that provides education-specific default settings. These default settings disable tips, tricks and suggestions & Microsoft Store suggestions. More detailed information on these default settings is available in [Manage Windows 10 and Microsoft Store tips, tricks, and suggestions](https://go.microsoft.com/fwlink/?LinkId=822627).
 
-For Cortana<sup>1</sup>,
+For Cortana<sup>1</sup>:
 - If you're using version 1607, Cortana<sup>1</sup> is removed.
-- If you're using new devices with version 1703, Cortana is turned on by default.
-- If you're upgrading from version 1607 to version 1703, Cortana will be enabled.
+- If you're using new devices with version 1703 or later, Cortana is turned on by default.
+- If you're upgrading from version 1607 to version 1703 or later, Cortana will be enabled.
 
 You can use the **AllowCortana** policy to turn Cortana off. For more information, see [Windows 10 configuration recommendations for education customers](configure-windows-for-education.md).
 
diff --git a/windows/application-management/apps-in-windows-10.md b/windows/application-management/apps-in-windows-10.md
index 9d150d9583..31da1afc51 100644
--- a/windows/application-management/apps-in-windows-10.md
+++ b/windows/application-management/apps-in-windows-10.md
@@ -39,53 +39,53 @@ You can list all provisioned Windows apps with this PowerShell command:
 Get-AppxProvisionedPackage -Online | Format-Table DisplayName, PackageName
 ```
 
-Here are the provisioned Windows apps in Windows 10 versions 1803, 1809, 1903, and 1909.
+Here are the provisioned Windows apps in Windows 10 versions 1803, 1809, 1903, 1909, and 2004.
 
-| Package name                                 | App name                                                                                                           | 1803 | 1809 | 1903 | 1909 | Uninstall through UI? |
-|----------------------------------------------|--------------------------------------------------------------------------------------------------------------------|:----:|:----:|:----:|:----:|:---------------------:|
-| Microsoft.3DBuilder                          | [3D Builder](ms-windows-store://pdp/?PFN=Microsoft.3DBuilder_8wekyb3d8bbwe)                                        |      |      |      |      |          Yes          |
-| Microsoft.BingWeather                        | [MSN Weather](ms-windows-store://pdp/?PFN=Microsoft.BingWeather_8wekyb3d8bbwe)                                     |   x  |   x  |   x  |   x  |          Yes          |
-| Microsoft.DesktopAppInstaller                | [App Installer](ms-windows-store://pdp/?PFN=Microsoft.DesktopAppInstaller_8wekyb3d8bbwe)                           |   x  |   x  |   x  |   x  |    Via Settings App   |
-| Microsoft.GetHelp                            | [Get Help](ms-windows-store://pdp/?PFN=Microsoft.Gethelp_8wekyb3d8bbwe)                                            |   x  |   x  |   x  |   x  |           No          |
-| Microsoft.Getstarted                         | [Microsoft Tips](ms-windows-store://pdp/?PFN=Microsoft.Getstarted_8wekyb3d8bbwe)                                   |   x  |   x  |   x  |   x  |           No          |
-| Microsoft.HEIFImageExtension                 | [HEIF Image Extensions](ms-windows-store://pdp/?PFN=Microsoft.HEIFImageExtension_8wekyb3d8bbwe)                    |      |   x  |   x  |   x  |           No          |
-| Microsoft.Messaging                          | [Microsoft Messaging](ms-windows-store://pdp/?PFN=Microsoft.Messaging_8wekyb3d8bbwe)                               |   x  |   x  |   x  |   x  |           No          |
-| Microsoft.Microsoft3DViewer                  | [Mixed Reality Viewer](ms-windows-store://pdp/?PFN=Microsoft.Microsoft3DViewer_8wekyb3d8bbwe)                      |   x  |   x  |   x  |   x  |           No          |
-| Microsoft.MicrosoftOfficeHub                 | [Office](ms-windows-store://pdp/?PFN=Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe)                                |   x  |   x  |   x  |   x  |          Yes          |
-| Microsoft.MicrosoftSolitaireCollection       | [Microsoft Solitaire Collection](ms-windows-store://pdp/?PFN=Microsoft.MicrosoftSolitaireCollection_8wekyb3d8bbwe) |   x  |   x  |   x  |   x  |          Yes          |
-| Microsoft.MicrosoftStickyNotes               | [Microsoft Sticky Notes](ms-windows-store://pdp/?PFN=Microsoft.MicrosoftStickyNotes_8wekyb3d8bbwe)                 |   x  |   x  |   x  |   x  |           No          |
-| Microsoft.MixedReality.Portal                | [Mixed Reality Portal](ms-windows-store://pdp/?PFN=Microsoft.MixedReality.Portal_8wekyb3d8bbwe)                    |      |   x  |   x  |   x  |           No          |
-| Microsoft.MSPaint                            | [Paint 3D](ms-windows-store://pdp/?PFN=Microsoft.MSPaint_8wekyb3d8bbwe)                                            |   x  |   x  |   x  |   x  |           No          |
-| Microsoft.Office.OneNote                     | [OneNote for Windows 10](ms-windows-store://pdp/?PFN=Microsoft.Office.OneNote_8wekyb3d8bbwe)                                      |   x  |   x  |   x  |   x  |          Yes          |
-| Microsoft.OneConnect                         | [Mobile Plans](ms-windows-store://pdp/?PFN=Microsoft.OneConnect_8wekyb3d8bbwe)                            |   x  |   x  |   x  |   x  |           No          |
-| Microsoft.Outlook.DesktopIntegrationServices |                                                                                                                    |      |      |      |   x  |                       |
-| Microsoft.People                             | [Microsoft People](ms-windows-store://pdp/?PFN=Microsoft.People_8wekyb3d8bbwe)                                     |   x  |   x  |   x  |   x  |           No          |
-| Microsoft.Print3D                            | [Print 3D](ms-windows-store://pdp/?PFN=Microsoft.Print3D_8wekyb3d8bbwe)                                            |   x  |   x  |   x  |   x  |           No          |
-| Microsoft.ScreenSketch                       | [Snip & Sketch](ms-windows-store://pdp/?PFN=Microsoft.ScreenSketch_8wekyb3d8bbwe)                                  |      |   x  |   x  |   x  |           No          |
-| Microsoft.SkypeApp                           | [Skype](ms-windows-store://pdp/?PFN=Microsoft.SkypeApp_kzf8qxf38zg5c)                                              |   x  |   x  |   x  |   x  |           No          |
-| Microsoft.StorePurchaseApp                   | [Store Purchase App](ms-windows-store://pdp/?PFN=Microsoft.StorePurchaseApp_8wekyb3d8bbwe)                         |   x  |   x  |   x  |   x  |           No          |
-| Microsoft.VP9VideoExtensions                 |                                                                                                                    |      |   x  |   x  |   x  |           No          |
-| Microsoft.Wallet                             | [Microsoft Pay](ms-windows-store://pdp/?PFN=Microsoft.Wallet_8wekyb3d8bbwe)                                        |   x  |   x  |   x  |   x  |           No          |
-| Microsoft.WebMediaExtensions                 | [Web Media Extensions](ms-windows-store://pdp/?PFN=Microsoft.WebMediaExtensions_8wekyb3d8bbwe)                     |   x  |   x  |   x  |   x  |           No          |
-| Microsoft.WebpImageExtension                 | [Webp Image Extension](ms-windows-store://pdp/?PFN=Microsoft.WebpImageExtension_8wekyb3d8bbwe)                     |      |   x  |   x  |   x  |           No          |
-| Microsoft.Windows.Photos                     | [Microsoft Photos](ms-windows-store://pdp/?PFN=Microsoft.Windows.Photos_8wekyb3d8bbwe)                             |   x  |   x  |   x  |   x  |           No          |
-| Microsoft.WindowsAlarms                      | [Windows Alarms & Clock](ms-windows-store://pdp/?PFN=Microsoft.WindowsAlarms_8wekyb3d8bbwe)                        |   x  |   x  |   x  |   x  |           No          |
-| Microsoft.WindowsCalculator                  | [Windows Calculator](ms-windows-store://pdp/?PFN=Microsoft.WindowsCalculator_8wekyb3d8bbwe)                        |   x  |   x  |   x  |   x  |           No          |
-| Microsoft.WindowsCamera                      | [Windows Camera](ms-windows-store://pdp/?PFN=Microsoft.WindowsCamera_8wekyb3d8bbwe)                                |   x  |   x  |   x  |   x  |           No          |
-| microsoft.windowscommunicationsapps          | [Mail and Calendar](ms-windows-store://pdp/?PFN=microsoft.windowscommunicationsapps_8wekyb3d8bbwe)                 |   x  |   x  |   x  |   x  |           No          |
-| Microsoft.WindowsFeedbackHub                 | [Feedback Hub](ms-windows-store://pdp/?PFN=Microsoft.WindowsFeedbackHub_8wekyb3d8bbwe)                             |   x  |   x  |   x  |   x  |           No          |
-| Microsoft.WindowsMaps                        | [Windows Maps](ms-windows-store://pdp/?PFN=Microsoft.WindowsMaps_8wekyb3d8bbwe)                                    |   x  |   x  |   x  |   x  |           No          |
-| Microsoft.WindowsSoundRecorder               | [Windows Voice Recorder](ms-windows-store://pdp/?PFN=Microsoft.WindowsSoundRecorder_8wekyb3d8bbwe)                 |   x  |   x  |   x  |   x  |           No          |
-| Microsoft.WindowsStore                       | [Microsoft Store](ms-windows-store://pdp/?PFN=Microsoft.WindowsStore_8wekyb3d8bbwe)                                |   x  |   x  |   x  |   x  |           No          |
-| Microsoft.Xbox.TCUI                          | [Xbox Live in-game experience](ms-windows-store://pdp/?PFN=Microsoft.Xbox.TCUI_8wekyb3d8bbwe)                                         |   x  |   x  |   x  |   x  |           No          |
-| Microsoft.XboxApp                            | [Xbox Console Companion](ms-windows-store://pdp/?PFN=Microsoft.XboxApp_8wekyb3d8bbwe)                                                |   x  |   x  |   x  |   x  |           No          |
-| Microsoft.XboxGameOverlay                    | [Xbox Game Bar Plugin](ms-windows-store://pdp/?PFN=Microsoft.XboxGameOverlay_8wekyb3d8bbwe)                               |   x  |   x  |   x  |   x  |           No          |
-| Microsoft.XboxGamingOverlay                  | [Xbox Game Bar](ms-windows-store://pdp/?PFN=Microsoft.XboxGamingOverlay_8wekyb3d8bbwe)                       |   x  |   x  |   x  |   x  |           No          |
-| Microsoft.XboxIdentityProvider               | [Xbox Identity Provider](ms-windows-store://pdp/?PFN=Microsoft.XboxIdentityProvider_8wekyb3d8bbwe)                 |   x  |   x  |   x  |   x  |           No          |
-| Microsoft.XboxSpeechToTextOverlay            |                                                                                                                    |   x  |   x  |   x  |   x  |           No          |
-| Microsoft.YourPhone                          | [Your Phone](ms-windows-store://pdp/?PFN=Microsoft.YourPhone_8wekyb3d8bbwe)                                        |      |   x  |   x  |   x  |           No          |
-| Microsoft.ZuneMusic                          | [Groove Music](ms-windows-store://pdp/?PFN=Microsoft.ZuneMusic_8wekyb3d8bbwe)                                      |   x  |   x  |   x  |   x  |           No          |
-| Microsoft.ZuneVideo                          | [Movies & TV](ms-windows-store://pdp/?PFN=Microsoft.ZuneVideo_8wekyb3d8bbwe)                                       |   x  |   x  |   x  |   x  |           No          |
+| Package name                                 | App name                                                                                                           | 1803 | 1809 | 1903 | 1909 | 2004 | Uninstall through UI? |
+|----------------------------------------------|--------------------------------------------------------------------------------------------------------------------|:----:|:----:|:----:|:----:|:----:|:---------------------:|
+| Microsoft.3DBuilder                          | [3D Builder](ms-windows-store://pdp/?PFN=Microsoft.3DBuilder_8wekyb3d8bbwe)                                        |      |      |      |      |      |          Yes          |
+| Microsoft.BingWeather                        | [MSN Weather](ms-windows-store://pdp/?PFN=Microsoft.BingWeather_8wekyb3d8bbwe)                                     |   x  |   x  |   x  |   x  |   x  |          Yes          |
+| Microsoft.DesktopAppInstaller                | [App Installer](ms-windows-store://pdp/?PFN=Microsoft.DesktopAppInstaller_8wekyb3d8bbwe)                           |   x  |   x  |   x  |   x  |   x  |    Via Settings App   |
+| Microsoft.GetHelp                            | [Get Help](ms-windows-store://pdp/?PFN=Microsoft.Gethelp_8wekyb3d8bbwe)                                            |   x  |   x  |   x  |   x  |   x  |           No          |
+| Microsoft.Getstarted                         | [Microsoft Tips](ms-windows-store://pdp/?PFN=Microsoft.Getstarted_8wekyb3d8bbwe)                                   |   x  |   x  |   x  |   x  |   x  |           No          |
+| Microsoft.HEIFImageExtension                 | [HEIF Image Extensions](ms-windows-store://pdp/?PFN=Microsoft.HEIFImageExtension_8wekyb3d8bbwe)                    |      |   x  |   x  |   x  |   x  |           No          |
+| Microsoft.Messaging                          | [Microsoft Messaging](ms-windows-store://pdp/?PFN=Microsoft.Messaging_8wekyb3d8bbwe)                               |   x  |   x  |   x  |   x  |   x  |           No          |
+| Microsoft.Microsoft3DViewer                  | [Mixed Reality Viewer](ms-windows-store://pdp/?PFN=Microsoft.Microsoft3DViewer_8wekyb3d8bbwe)                      |   x  |   x  |   x  |   x  |   x  |           No          |
+| Microsoft.MicrosoftOfficeHub                 | [Office](ms-windows-store://pdp/?PFN=Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe)                                |   x  |   x  |   x  |   x  |   x  |          Yes          |
+| Microsoft.MicrosoftSolitaireCollection       | [Microsoft Solitaire Collection](ms-windows-store://pdp/?PFN=Microsoft.MicrosoftSolitaireCollection_8wekyb3d8bbwe) |   x  |   x  |   x  |   x  |   x  |          Yes          |
+| Microsoft.MicrosoftStickyNotes               | [Microsoft Sticky Notes](ms-windows-store://pdp/?PFN=Microsoft.MicrosoftStickyNotes_8wekyb3d8bbwe)                 |   x  |   x  |   x  |   x  |   x  |           No          |
+| Microsoft.MixedReality.Portal                | [Mixed Reality Portal](ms-windows-store://pdp/?PFN=Microsoft.MixedReality.Portal_8wekyb3d8bbwe)                    |      |   x  |   x  |   x  |   x  |           No          |
+| Microsoft.MSPaint                            | [Paint 3D](ms-windows-store://pdp/?PFN=Microsoft.MSPaint_8wekyb3d8bbwe)                                            |   x  |   x  |   x  |   x  |   x  |           No          |
+| Microsoft.Office.OneNote                     | [OneNote for Windows 10](ms-windows-store://pdp/?PFN=Microsoft.Office.OneNote_8wekyb3d8bbwe)                                      |   x  |   x  |   x  |   x  |   x  |          Yes          |
+| Microsoft.OneConnect                         | [Mobile Plans](ms-windows-store://pdp/?PFN=Microsoft.OneConnect_8wekyb3d8bbwe)                            |   x  |   x  |   x  |   x  |   x  |           No          |
+| Microsoft.Outlook.DesktopIntegrationServices |                                                                                                                    |      |      |      |   x  |   x  |                       |
+| Microsoft.People                             | [Microsoft People](ms-windows-store://pdp/?PFN=Microsoft.People_8wekyb3d8bbwe)                                     |   x  |   x  |   x  |   x  |   x  |           No          |
+| Microsoft.Print3D                            | [Print 3D](ms-windows-store://pdp/?PFN=Microsoft.Print3D_8wekyb3d8bbwe)                                            |   x  |   x  |   x  |   x  |   x  |           No          |
+| Microsoft.ScreenSketch                       | [Snip & Sketch](ms-windows-store://pdp/?PFN=Microsoft.ScreenSketch_8wekyb3d8bbwe)                                  |      |   x  |   x  |   x  |   x  |           No          |
+| Microsoft.SkypeApp                           | [Skype](ms-windows-store://pdp/?PFN=Microsoft.SkypeApp_kzf8qxf38zg5c)                                              |   x  |   x  |   x  |   x  |   x  |           No          |
+| Microsoft.StorePurchaseApp                   | [Store Purchase App](ms-windows-store://pdp/?PFN=Microsoft.StorePurchaseApp_8wekyb3d8bbwe)                         |   x  |   x  |   x  |   x  |   x  |           No          |
+| Microsoft.VP9VideoExtensions                 |                                                                                                                    |      |   x  |   x  |   x  |   x  |           No          |
+| Microsoft.Wallet                             | [Microsoft Pay](ms-windows-store://pdp/?PFN=Microsoft.Wallet_8wekyb3d8bbwe)                                        |   x  |   x  |   x  |   x  |   x  |           No          |
+| Microsoft.WebMediaExtensions                 | [Web Media Extensions](ms-windows-store://pdp/?PFN=Microsoft.WebMediaExtensions_8wekyb3d8bbwe)                     |   x  |   x  |   x  |   x  |   x  |           No          |
+| Microsoft.WebpImageExtension                 | [Webp Image Extension](ms-windows-store://pdp/?PFN=Microsoft.WebpImageExtension_8wekyb3d8bbwe)                     |      |   x  |   x  |   x  |   x  |           No          |
+| Microsoft.Windows.Photos                     | [Microsoft Photos](ms-windows-store://pdp/?PFN=Microsoft.Windows.Photos_8wekyb3d8bbwe)                             |   x  |   x  |   x  |   x  |   x  |           No          |
+| Microsoft.WindowsAlarms                      | [Windows Alarms & Clock](ms-windows-store://pdp/?PFN=Microsoft.WindowsAlarms_8wekyb3d8bbwe)                        |   x  |   x  |   x  |   x  |   x  |           No          |
+| Microsoft.WindowsCalculator                  | [Windows Calculator](ms-windows-store://pdp/?PFN=Microsoft.WindowsCalculator_8wekyb3d8bbwe)                        |   x  |   x  |   x  |   x  |   x  |           No          |
+| Microsoft.WindowsCamera                      | [Windows Camera](ms-windows-store://pdp/?PFN=Microsoft.WindowsCamera_8wekyb3d8bbwe)                                |   x  |   x  |   x  |   x  |   x  |           No          |
+| microsoft.windowscommunicationsapps          | [Mail and Calendar](ms-windows-store://pdp/?PFN=microsoft.windowscommunicationsapps_8wekyb3d8bbwe)                 |   x  |   x  |   x  |   x  |   x  |           No          |
+| Microsoft.WindowsFeedbackHub                 | [Feedback Hub](ms-windows-store://pdp/?PFN=Microsoft.WindowsFeedbackHub_8wekyb3d8bbwe)                             |   x  |   x  |   x  |   x  |   x  |           No          |
+| Microsoft.WindowsMaps                        | [Windows Maps](ms-windows-store://pdp/?PFN=Microsoft.WindowsMaps_8wekyb3d8bbwe)                                    |   x  |   x  |   x  |   x  |   x  |           No          |
+| Microsoft.WindowsSoundRecorder               | [Windows Voice Recorder](ms-windows-store://pdp/?PFN=Microsoft.WindowsSoundRecorder_8wekyb3d8bbwe)                 |   x  |   x  |   x  |   x  |   x  |           No          |
+| Microsoft.WindowsStore                       | [Microsoft Store](ms-windows-store://pdp/?PFN=Microsoft.WindowsStore_8wekyb3d8bbwe)                                |   x  |   x  |   x  |   x  |   x  |           No          |
+| Microsoft.Xbox.TCUI                          | [Xbox Live in-game experience](ms-windows-store://pdp/?PFN=Microsoft.Xbox.TCUI_8wekyb3d8bbwe)                                         |   x  |   x  |   x  |   x  |   x  |           No          |
+| Microsoft.XboxApp                            | [Xbox Console Companion](ms-windows-store://pdp/?PFN=Microsoft.XboxApp_8wekyb3d8bbwe)                                                |   x  |   x  |   x  |   x  |   x  |           No          |
+| Microsoft.XboxGameOverlay                    | [Xbox Game Bar Plugin](ms-windows-store://pdp/?PFN=Microsoft.XboxGameOverlay_8wekyb3d8bbwe)                               |   x  |   x  |   x  |   x  |   x  |           No          |
+| Microsoft.XboxGamingOverlay                  | [Xbox Game Bar](ms-windows-store://pdp/?PFN=Microsoft.XboxGamingOverlay_8wekyb3d8bbwe)                       |   x  |   x  |   x  |   x  |   x  |          No          |
+| Microsoft.XboxIdentityProvider               | [Xbox Identity Provider](ms-windows-store://pdp/?PFN=Microsoft.XboxIdentityProvider_8wekyb3d8bbwe)                 |   x  |   x  |   x  |   x  |   x  |           No          |
+| Microsoft.XboxSpeechToTextOverlay            |                                                                                                                    |   x  |   x  |   x  |   x  |   x  |           No          |
+| Microsoft.YourPhone                          | [Your Phone](ms-windows-store://pdp/?PFN=Microsoft.YourPhone_8wekyb3d8bbwe)                                        |      |   x  |   x  |   x  |   x  |           No          |
+| Microsoft.ZuneMusic                          | [Groove Music](ms-windows-store://pdp/?PFN=Microsoft.ZuneMusic_8wekyb3d8bbwe)                                      |   x  |   x  |   x  |   x  |   x  |           No          |
+| Microsoft.ZuneVideo                          | [Movies & TV](ms-windows-store://pdp/?PFN=Microsoft.ZuneVideo_8wekyb3d8bbwe)                                       |   x  |   x  |   x  |   x  |   x  |           No          |
 
 >[!NOTE]
 >The Store app can't be removed. If you want to remove and reinstall the Store app, you can only bring Store back by either restoring your system from a backup or resetting your system. Instead of removing the Store app, you should use group policies to hide or disable it.
diff --git a/windows/client-management/connect-to-remote-aadj-pc.md b/windows/client-management/connect-to-remote-aadj-pc.md
index bc6f44d66e..f25c37dce5 100644
--- a/windows/client-management/connect-to-remote-aadj-pc.md
+++ b/windows/client-management/connect-to-remote-aadj-pc.md
@@ -22,13 +22,10 @@ ms.topic: article
 
 - Windows 10
 
-From its release, Windows 10 has supported remote connections to PCs joined to Active Directory. Starting in Windows 10, version 1607, you can also connect to a remote PC that is [joined to Azure Active Directory (Azure AD)](https://docs.microsoft.com/azure/active-directory/user-help/device-management-azuread-joined-devices-setup).
+From its release, Windows 10 has supported remote connections to PCs joined to Active Directory. Starting in Windows 10, version 1607, you can also connect to a remote PC that is [joined to Azure Active Directory (Azure AD)](https://docs.microsoft.com/azure/active-directory/user-help/device-management-azuread-joined-devices-setup). Starting in Windows 10, version 1809, you can [use biometrics to authenticate to a remote desktop session](https://docs.microsoft.com/windows/whats-new/whats-new-windows-10-version-1809#remote-desktop-with-biometrics).
 
 ![Remote Desktop Connection client](images/rdp.png)
 
-> [!TIP]
-> Starting in Windows 10, version 1809, you can [use biometrics to authenticate to a remote desktop session.](https://docs.microsoft.com/windows/whats-new/whats-new-windows-10-version-1809#remote-desktop-with-biometrics)
-
 ## Set up
 
 - Both PCs (local and remote) must be running Windows 10, version 1607 or later. Remote connections to an Azure AD-joined PC running earlier versions of Windows 10 are not supported.
@@ -37,36 +34,39 @@ From its release, Windows 10 has supported remote connections to PCs joined to A
 Ensure [Remote Credential Guard](/windows/access-protection/remote-credential-guard), a new feature in Windows 10, version 1607, is turned off on the client PC you are using to connect to the remote PC.
 
 - On the PC you want to connect to:
+
   1. Open system properties for the remote PC.
+  
   2. Enable **Allow remote connections to this computer** and select **Allow connections only from computers running Remote Desktop with Network Level Authentication**.
 
-    ![Allow remote connections to this computer](images/allow-rdp.png)
+     ![Allow remote connections to this computer](images/allow-rdp.png)
 
-  3. If the user who joined the PC to Azure AD is the only one who is going to connect remotely, no additional configuration is needed. To allow additional users to connect to the PC, you must allow remote connections for the local **Authenticated Users** group. Click **Select Users**.
+  3. If the user who joined the PC to Azure AD is the only one who is going to connect remotely, no additional configuration is needed. To allow additional users or groups to connect to the PC, you must allow remote connections for the specified users or groups. Click **Select Users -> Add** and enter the name of the user or group.
 
-    > [!NOTE]
-    > You can specify individual Azure AD accounts for remote connections by having the user sign in to the remote device at least once, and then running the following PowerShell cmdlet:
-    > ```PowerShell
-    > net localgroup "Remote Desktop Users" /add "AzureAD\the-UPN-attribute-of-your-user"
-    > ```
-    > where *the-UPN-attribute-of-your-user* is the name of the user profile in C:\Users\, which is created based on the DisplayName attribute in Azure AD.
-    >
-    > This command only works for AADJ device users already added to any of the local groups (administrators).
-    > Otherwise this command throws the below error. For example:
-    > - for cloud only user: "There is no such global user or group : *name*"
-    > - for synced user: "There is no such global user or group : *name*" </br>
-    >
-    > In Windows 10, version 1709, the user does not have to sign in to the remote device first.
-    >
-    > In Windows 10, version 1709, you can add other Azure AD users to the **Administrators** group on a device in **Settings** and restrict remote credentials to **Administrators**. If there is a problem connecting remotely, make sure that both devices are joined to Azure AD and that TPM is functioning properly on both devices.
+     > [!NOTE]
+     > You can specify individual Azure AD accounts for remote connections by having the user sign in to the remote device at least once, and then running the following PowerShell cmdlet:
+     > ```powershell
+     > net localgroup "Remote Desktop Users" /add "AzureAD\the-UPN-attribute-of-your-user"
+     > ```
+     > where *the-UPN-attribute-of-your-user* is the name of the user profile in C:\Users\, which is created based on the DisplayName attribute in Azure AD.
+     >
+     > This command only works for AADJ device users already added to any of the local groups (administrators).
+     > Otherwise this command throws the below error. For example:
+     > - for cloud only user: "There is no such global user or group : *name*"
+     > - for synced user: "There is no such global user or group : *name*" </br>
+    
+     > [!NOTE]
+     > In Windows 10, version 1709, the user does not have to sign in to the remote device first.
+     >
+     > In Windows 10, version 1709, you can add other Azure AD users to the **Administrators** group on a device in **Settings** and restrict remote credentials to **Administrators**. If there is a problem connecting remotely, make sure that both devices are joined to Azure AD and that TPM is functioning properly on both devices.
+   
+  4. Click **Check Names**. If the **Name Not Found** window opens, click **Locations** and select this PC.
 
-  4. Enter **Authenticated Users**, then click **Check Names**. If the **Name Not Found** window opens, click **Locations** and select this PC.
+     > [!TIP]
+     > When you connect to the remote PC, enter your account name in this format: `AzureAD UPN`. The local PC must either be domain-joined or Azure AD-joined. The local PC and remote PC must be in the same Azure AD tenant.
 
-  > [!TIP]
-  > When you connect to the remote PC, enter your account name in this format: `AzureAD UPN`. The local PC must either be domain-joined or Azure AD-joined. The local PC and remote PC must be in the same Azure AD tenant.
-
-> [!Note]
-> If you cannot connect using Remote Desktop Connection 6.0, you must turn off the new features of RDP 6.0 and revert back to RDP 5.0 by making a few changes in the RDP file. See the details in the [support article](https://support.microsoft.com/help/941641/remote-desktop-connection-6-0-prompts-you-for-credentials-before-you-e).
+     > [!Note]
+     > If you cannot connect using Remote Desktop Connection 6.0, you must turn off the new features of RDP 6.0 and revert back to RDP 5.0 by making a few changes in the RDP file. See the details in the [support article](https://support.microsoft.com/help/941641/remote-desktop-connection-6-0-prompts-you-for-credentials-before-you-e).
 
 ## Supported configurations
 
diff --git a/windows/client-management/manage-windows-10-in-your-organization-modern-management.md b/windows/client-management/manage-windows-10-in-your-organization-modern-management.md
index 45de1ade9b..f4a048f445 100644
--- a/windows/client-management/manage-windows-10-in-your-organization-modern-management.md
+++ b/windows/client-management/manage-windows-10-in-your-organization-modern-management.md
@@ -53,7 +53,7 @@ As indicated in the diagram, Microsoft continues to provide support for deep man
 With Windows 10, you can continue to use traditional OS deployment, but you can also “manage out of the box.” To transform new devices into fully-configured, fully-managed devices, you can:
 
 
--   Avoid reimaging by using dynamic provisioning, enabled by a cloud-based device management services such as [Microsoft Autopilot](https://docs.microsoft.com/windows/deployment/windows-10-auto-pilot) or [Microsoft Intune](https://docs.microsoft.com/intune/understand-explore/introduction-to-microsoft-intune).
+-   Avoid reimaging by using dynamic provisioning, enabled by a cloud-based device management services such as [Microsoft Autopilot](https://docs.microsoft.com/windows/deployment/windows-10-auto-pilot) or [Microsoft Intune](https://docs.microsoft.com/mem/intune/fundamentals/).
 
 -   Create self-contained provisioning packages built with the [Windows Configuration Designer](https://technet.microsoft.com/itpro/windows/deploy/provisioning-packages).
 
@@ -69,7 +69,7 @@ You can envision user and device management as falling into these two categories
 
 -   **Corporate (CYOD) or personal (BYOD) devices used by mobile users for SaaS apps such as Office 365.** With Windows 10, your employees can self-provision their devices:
 
-    -   For corporate devices, they can set up corporate access with [Azure AD Join](https://azure.microsoft.com/documentation/articles/active-directory-azureadjoin-overview/). When you offer them Azure AD Join with automatic Intune MDM enrollment, they can bring devices into a corporate-managed state in [*one step*](https://blogs.technet.microsoft.com/ad/2015/08/14/windows-10-azure-ad-and-microsoft-intune-automatic-mdm-enrollment-powered-by-the-cloud/), all from the cloud.<br>Azure AD Join is also a great solution for temporary staff, partners, or other part-time employees. These accounts can be kept separate from the on-premises AD domain but still access needed corporate resources.
+    -   For corporate devices, they can set up corporate access with [Azure AD Join](https://azure.microsoft.com/documentation/articles/active-directory-azureadjoin-overview/). When you offer them Azure AD Join with automatic Intune MDM enrollment, they can bring devices into a corporate-managed state in [*one step*](https://techcommunity.microsoft.com/t5/azure-active-directory-identity/windows-10-azure-ad-and-microsoft-intune-automatic-mdm/ba-p/244067), all from the cloud.<br>Azure AD Join is also a great solution for temporary staff, partners, or other part-time employees. These accounts can be kept separate from the on-premises AD domain but still access needed corporate resources.
 
     -   Likewise, for personal devices, employees can use a new, simplified [BYOD experience](https://azure.microsoft.com/documentation/articles/active-directory-azureadjoin-windows10-devices/) to add their work account to Windows, then access work resources on the device.
 
@@ -135,6 +135,6 @@ There are a variety of steps you can take to begin the process of modernizing de
 
 ## Related topics
 
--   [What is Intune?](https://docs.microsoft.com/intune/introduction-intune)
+-   [What is Intune?](https://docs.microsoft.com//mem/intune/fundamentals/what-is-intune)
 -   [Windows 10 Policy CSP](https://docs.microsoft.com/windows/client-management/mdm/policy-configuration-service-provider)
 -   [Windows 10 Configuration service Providers](https://docs.microsoft.com/windows/client-management/mdm/configuration-service-provider-reference)
diff --git a/windows/client-management/mdm/TOC.md b/windows/client-management/mdm/TOC.md
index a7fbff363b..8ff993ef33 100644
--- a/windows/client-management/mdm/TOC.md
+++ b/windows/client-management/mdm/TOC.md
@@ -1,5 +1,6 @@
 # [Mobile device management](index.md)
 ## [What's new in MDM enrollment and management](new-in-windows-mdm-enrollment-management.md)
+### [Change history for MDM documentation](change-history-for-mdm-documentation.md)
 ## [Mobile device enrollment](mobile-device-enrollment.md)
 ### [MDM enrollment of Windows devices](mdm-enrollment-of-windows-devices.md)
 #### [Azure AD and Microsoft Intune: Automatic MDM enrollment in the new Portal](azure-ad-and-microsoft-intune-automatic-mdm-enrollment-in-the-new-portal.md)
@@ -159,14 +160,14 @@
 #### [Personalization DDF file](personalization-ddf.md)
 ### [Policy CSP](policy-configuration-service-provider.md)
 #### [Policy DDF file](policy-ddf-file.md)
-#### [Policy CSPs supported by Group Policy](policy-csps-supported-by-group-policy.md)
-#### [ADMX-backed policy CSPs](policy-csps-admx-backed.md)
-#### [Policy CSPs supported by HoloLens 2](policy-csps-supported-by-hololens2.md)
-#### [Policy CSPs supported by HoloLens (1st gen) Commercial Suite](policy-csps-supported-by-hololens-1st-gen-commercial-suite.md)
-#### [Policy CSPs supported by HoloLens (1st gen) Development Edition](policy-csps-supported-by-hololens-1st-gen-development-edition.md)
-#### [Policy CSPs supported by Windows 10 IoT Enterprise](policy-csps-supported-by-iot-enterprise.md)
-#### [Policy CSPs supported by Windows 10 IoT Core](policy-csps-supported-by-iot-core.md)
-#### [Policy CSPs supported by Microsoft Surface Hub](policy-csps-supported-by-surface-hub.md)
+#### [Policies in Policy CSP supported by Group Policy](policy-csps-supported-by-group-policy.md)
+#### [ADMX-backed policies in Policy CSP](policy-csps-admx-backed.md)
+#### [Policies in Policy CSP supported by HoloLens 2](policy-csps-supported-by-hololens2.md)
+#### [Policies in Policy CSP supported by HoloLens (1st gen) Commercial Suite](policy-csps-supported-by-hololens-1st-gen-commercial-suite.md)
+#### [Policies in Policy CSP supported by HoloLens (1st gen) Development Edition](policy-csps-supported-by-hololens-1st-gen-development-edition.md)
+#### [Policies in Policy CSP supported by Windows 10 IoT Enterprise](policy-csps-supported-by-iot-enterprise.md)
+#### [Policies in Policy CSP supported by Windows 10 IoT Core](policy-csps-supported-by-iot-core.md)
+#### [Policies in Policy CSP supported by Microsoft Surface Hub](policy-csps-supported-by-surface-hub.md)
 #### [Policy CSPs that can be set using Exchange Active Sync (EAS)](policy-csps-that-can-be-set-using-eas.md)
 #### [AboveLock](policy-csp-abovelock.md)
 #### [Accounts](policy-csp-accounts.md)
@@ -208,6 +209,19 @@
 #### [ADMX_SharedFolders](policy-csp-admx-sharedfolders.md)
 #### [ADMX_Sharing](policy-csp-admx-sharing.md)
 #### [ADMX_ShellCommandPromptRegEditTools](policy-csp-admx-shellcommandpromptregedittools.md)
+#### [ADMX_Smartcard](policy-csp-admx-smartcard.md)
+#### [ADMX_Snmp](policy-csp-admx-snmp.md)
+#### [ADMX_tcpip](policy-csp-admx-tcpip.md)
+#### [ADMX_Thumbnails](policy-csp-admx-thumbnails.md)
+#### [ADMX_TPM](policy-csp-admx-tpm.md)
+#### [ADMX_UserExperienceVirtualization](policy-csp-admx-userexperiencevirtualization.md)
+#### [ADMX_W32Time](policy-csp-admx-w32time.md)
+#### [ADMX_WinCal](policy-csp-admx-wincal.md)
+#### [ADMX_WindowsAnytimeUpgrade](policy-csp-admx-windowsanytimeupgrade.md)
+#### [ADMX_WindowsConnectNow](policy-csp-admx-windowsconnectnow.md)
+#### [ADMX_WindowsMediaDRM](policy-csp-admx-windowsmediadrm.md)
+#### [ADMX_WindowsMediaPlayer](policy-csp-admx-windowsmediaplayer.md)
+#### [ADMX_WinInit](policy-csp-admx-wininit.md)
 #### [ApplicationDefaults](policy-csp-applicationdefaults.md)
 #### [ApplicationManagement](policy-csp-applicationmanagement.md)
 #### [AppRuntime](policy-csp-appruntime.md)
@@ -254,9 +268,11 @@
 #### [LanmanWorkstation](policy-csp-lanmanworkstation.md)
 #### [Licensing](policy-csp-licensing.md)
 #### [LocalPoliciesSecurityOptions](policy-csp-localpoliciessecurityoptions.md)
+#### [LocalUsersAndGroups](policy-csp-localusersandgroups.md)
 #### [LockDown](policy-csp-lockdown.md)
 #### [Maps](policy-csp-maps.md)
 #### [Messaging](policy-csp-messaging.md)
+#### [MixedReality](policy-csp-mixedreality.md)
 #### [MSSecurityGuide](policy-csp-mssecurityguide.md)
 #### [MSSLegacy](policy-csp-msslegacy.md)
 #### [NetworkIsolation](policy-csp-networkisolation.md)
@@ -293,6 +309,7 @@
 #### [WindowsInkWorkspace](policy-csp-windowsinkworkspace.md)
 #### [WindowsLogon](policy-csp-windowslogon.md)
 #### [WindowsPowerShell](policy-csp-windowspowershell.md)
+#### [WindowsSandbox](policy-csp-windowssandbox.md)
 #### [WirelessDisplay](policy-csp-wirelessdisplay.md)
 ### [PolicyManager CSP](policymanager-csp.md)
 ### [Provisioning CSP](provisioning-csp.md)
diff --git a/windows/client-management/mdm/accounts-csp.md b/windows/client-management/mdm/accounts-csp.md
index 7a9545e09a..455f749b5b 100644
--- a/windows/client-management/mdm/accounts-csp.md
+++ b/windows/client-management/mdm/accounts-csp.md
@@ -52,6 +52,7 @@ This node specifies the username for a new local user account.  This setting can
 This node specifies the password for a new local user account.  This setting can be managed remotely. 
 
 Supported operation is Add.
+GET operation is not supported.  This setting will report as failed when deployed from the Endpoint Manager.
 
 <a href="" id="users-username-localusergroup"></a>**Users/_UserName_/LocalUserGroup**  
 This optional node specifies the local user group that a local user account should be joined to.  If the node is not set, the new local user account is joined just to the Standard Users group.  Set the value to 2 for Administrators group. This setting can be managed remotely.
diff --git a/windows/client-management/mdm/azure-active-directory-integration-with-mdm.md b/windows/client-management/mdm/azure-active-directory-integration-with-mdm.md
index 8e84d077d5..b511fd100f 100644
--- a/windows/client-management/mdm/azure-active-directory-integration-with-mdm.md
+++ b/windows/client-management/mdm/azure-active-directory-integration-with-mdm.md
@@ -165,7 +165,10 @@ The following image illustrates how MDM applications will show up in the Azure a
 
 ### Add cloud-based MDM to the app gallery
 
-You should work with the Azure AD engineering team if your MDM application is cloud-based. The following table shows the required information to create an entry in the Azure AD app gallery.
+> [!NOTE]
+> You should work with the Azure AD engineering team if your MDM application is cloud-based and needs to be enabled as a multi-tenant MDM application 
+
+The following table shows the required information to create an entry in the Azure AD app gallery.
 
 <table>
 <colgroup>
diff --git a/windows/client-management/mdm/change-history-for-mdm-documentation.md b/windows/client-management/mdm/change-history-for-mdm-documentation.md
new file mode 100644
index 0000000000..bfa2ec836d
--- /dev/null
+++ b/windows/client-management/mdm/change-history-for-mdm-documentation.md
@@ -0,0 +1,1078 @@
+---
+title: Change history for MDM documentation
+description: This article lists new and updated articles for Mobile Device Management.
+ms.reviewer: 
+manager: dansimp
+ms.author: dansimp
+ms.topic: article
+ms.prod: w10
+ms.technology: windows
+author: manikadhiman
+ms.localizationpriority: medium
+ms.date: 10/19/2020
+---
+
+# Change history for Mobile Device Management documentation
+
+This article lists new and updated articles for the Mobile Device Management (MDM) documentation. Updated articles are those that had content addition, removal, or corrections—minor fixes, such as correction of typos, style, or formatting issues are not listed.
+
+## October 2020
+
+|New or updated article | Description|
+|--- | ---|
+| [Policy CSP](policy-configuration-service-provider.md) | Added the following new policies<br>- [LocalUsersAndGroups/Configure](policy-csp-localusersandgroups.md#localusersandgroups-configure)<br>- [MixedReality/AADGroupMembershipCacheValidityInDays](policy-csp-mixedreality.md#mixedreality-aadgroupmembershipcachevalidityindays)<br>- [MixedReality/BrightnessButtonDisabled](policy-csp-mixedreality.md#mixedreality-brightnessbuttondisabled)<br>- [MixedReality/FallbackDiagnostics](policy-csp-mixedreality.md#mixedreality-fallbackdiagnostics)<br>- [MixedReality/MicrophoneDisabled](policy-csp-mixedreality.md#mixedreality-microphonedisabled)<br>- [MixedReality/VolumeButtonDisabled](policy-csp-mixedreality.md#mixedreality-volumebuttondisabled)<br>- [Update/DisableWUfBSafeguards](policy-csp-update.md#update-disablewufbsafeguards)<br>- [WindowsSandbox/AllowAudioInput](policy-csp-windowssandbox.md#windowssandbox-allowaudioinput)<br>- [WindowsSandbox/AllowClipboardRedirection](policy-csp-windowssandbox.md#windowssandbox-allowclipboardredirection)<br>- [WindowsSandbox/AllowNetworking](policy-csp-windowssandbox.md#windowssandbox-allownetworking)<br>- [WindowsSandbox/AllowPrinterRedirection](policy-csp-windowssandbox.md#windowssandbox-allowprinterredirection)<br>- [WindowsSandbox/AllowVGPU](policy-csp-windowssandbox.md#windowssandbox-allowvgpu)<br>- [WindowsSandbox/AllowVideoInput](policy-csp-windowssandbox.md#windowssandbox-allowvideoinput) |
+
+## September 2020
+
+|New or updated article | Description|
+|--- | ---|
+|[NetworkQoSPolicy CSP](networkqospolicy-csp.md)|Updated support information of the NetworkQoSPolicy CSP.|
+|[Policy CSP - LocalPoliciesSecurityOptions](policy-csp-localpoliciessecurityoptions.md)|Removed the following unsupported LocalPoliciesSecurityOptions policy settings from the documentation:<br>- RecoveryConsole_AllowAutomaticAdministrativeLogon <br>- DomainMember_DigitallyEncryptOrSignSecureChannelDataAlways<br>- DomainMember_DigitallyEncryptSecureChannelDataWhenPossible<br>- DomainMember_DisableMachineAccountPasswordChanges<br>- SystemObjects_RequireCaseInsensitivityForNonWindowsSubsystems<br>|
+
+## August 2020
+
+|New or updated article | Description|
+|--- | ---|
+|[Policy CSP - System](policy-csp-system.md)|Removed the following policy settings:<br> - System/AllowDesktopAnalyticsProcessing <br>- System/AllowMicrosoftManagedDesktopProcessing <br> - System/AllowUpdateComplianceProcessing<br> - System/AllowWUfBCloudProcessing <br>|
+
+## July 2020
+
+|New or updated article | Description|
+|--- | ---|
+|[Policy CSP - System](policy-csp-system.md)|Added the following new policy settings:<br>  - System/AllowDesktopAnalyticsProcessing <br>- System/AllowMicrosoftManagedDesktopProcessing <br> - System/AllowUpdateComplianceProcessing<br> - System/AllowWUfBCloudProcessing <br> <br><br>Updated the following policy setting:<br>-  <a href="./policy-csp-system.md#system-allowcommercialdatapipeline" id="system-allowcommercialdatapipeline">System/AllowCommercialDataPipeline</a> <br>|
+
+## June 2020
+
+|New or updated article | Description|
+|--- | ---|
+|[BitLocker CSP](bitlocker-csp.md)|Added SKU support table for **AllowStandardUserEncryption**.|
+|[Policy CSP - NetworkIsolation](policy-csp-networkisolation.md)|Updated the description from Boolean to Integer for the following policy settings:<br>EnterpriseIPRangesAreAuthoritative, EnterpriseProxyServersAreAuthoritative.|
+
+## May 2020
+
+|New or updated article | Description|
+|--- | ---|
+|[BitLocker CSP](bitlocker-csp.md)|Added the bitmask table for the Status/DeviceEncryptionStatus node.|
+|[Policy CSP - RestrictedGroups](policy-csp-restrictedgroups.md)| Updated the topic with additional details. Added policy timeline table. 
+
+## February 2020
+
+|New or updated article | Description|
+|--- | ---|
+|[CertificateStore CSP](certificatestore-csp.md)<br>[ClientCertificateInstall CSP](clientcertificateinstall-csp.md)|Added details about SubjectName value.|
+
+## January 2020
+
+|New or updated article | Description|
+|--- | ---|
+|[Policy CSP - Defender](policy-csp-defender.md)|Added descriptions for supported actions for Defender/ThreatSeverityDefaultAction.|
+
+## November 2019
+
+|New or updated article | Description|
+|--- | ---|
+|[Policy CSP - DeliveryOptimization](policy-csp-deliveryoptimization.md)|Added option 5 in the supported values list for DeliveryOptimization/DOGroupIdSource.|
+|[DiagnosticLog CSP](diagnosticlog-csp.md)|Added substantial updates to this CSP doc.|
+
+## October 2019
+
+|New or updated article | Description|
+|--- | ---|
+|[BitLocker CSP](bitlocker-csp.md)|Added the following new nodes:<br>ConfigureRecoveryPasswordRotation, RotateRecoveryPasswords, RotateRecoveryPasswordsStatus, RotateRecoveryPasswordsRequestID.|
+|[Defender CSP](defender-csp.md)|Added the following new nodes:<br>Health/TamperProtectionEnabled, Health/IsVirtualMachine, Configuration, Configuration/TamperProtection, Configuration/EnableFileHashComputation.|
+
+## September 2019
+
+|New or updated article | Description|
+|--- | ---|
+|[EnterpriseModernAppManagement CSP](enterprisemodernappmanagement-csp.md)|Added the following new node:<br>IsStub.|
+|[Policy CSP - Defender](policy-csp-defender.md)|Updated the supported value list for Defender/ScheduleScanDay policy.|
+|[Policy CSP - DeviceInstallation](policy-csp-deviceinstallation.md)|Added the following new policies: <br>DeviceInstallation/AllowInstallationOfMatchingDeviceInstanceIDs, DeviceInstallation/PreventInstallationOfMatchingDeviceInstanceIDs.|
+
+## August 2019
+
+|New or updated article | Description|
+|--- | ---|
+|[DiagnosticLog CSP](diagnosticlog-csp.md)<br>[DiagnosticLog DDF](diagnosticlog-ddf.md)|Added version 1.4 of the CSP in Windows 10, version 1903. Added the new 1.4 version of the DDF. Added the following new nodes:<br>Policy, Policy/Channels, Policy/Channels/ChannelName, Policy/Channels/ChannelName/MaximumFileSize, Policy/Channels/ChannelName/SDDL, Policy/Channels/ChannelName/ActionWhenFull, Policy/Channels/ChannelName/Enabled, DiagnosticArchive, DiagnosticArchive/ArchiveDefinition, DiagnosticArchive/ArchiveResults.|
+|[Enroll a Windows 10 device automatically using Group Policy](enroll-a-windows-10-device-automatically-using-group-policy.md)|Enhanced the article to include additional reference links and the following two topics:<br>Verify auto-enrollment requirements and settings, Troubleshoot auto-enrollment of devices.|
+
+## July 2019
+
+|New or updated article | Description|
+|--- | ---|
+|[Policy CSP](policy-configuration-service-provider.md)|Added the following list:<br>Policies supported by HoloLens 2|
+|[ApplicationControl CSP](applicationcontrol-csp.md)|Added new CSP in Windows 10, version 1903.|
+|[PassportForWork CSP](passportforwork-csp.md)|Added the following new nodes in Windows 10, version 1903:<br>SecurityKey, SecurityKey/UseSecurityKeyForSignin|
+|[Policy CSP - Privacy](policy-csp-privacy.md)|Added the following new policies:<br>LetAppsActivateWithVoice, LetAppsActivateWithVoiceAboveLock|
+|Create a custom configuration service provider|Deleted the following documents from the CSP reference because extensibility via CSPs is not currently supported:<br>Create a custom configuration service provider<br>Design a custom configuration service provider<br>IConfigServiceProvider2<br>IConfigServiceProvider2::ConfigManagerNotification<br>IConfigServiceProvider2::GetNode<br>ICSPNode<br>ICSPNode::Add<br>ICSPNode::Clear<br>ICSPNode::Copy<br>ICSPNode::DeleteChild<br>ICSPNode::DeleteProperty<br>ICSPNode::Execute<br>ICSPNode::GetChildNodeNames<br>ICSPNode::GetProperty<br>ICSPNode::GetPropertyIdentifiers<br>ICSPNode::GetValue<br>ICSPNode::Move<br>ICSPNode::SetProperty<br>ICSPNode::SetValue<br>ICSPNodeTransactioning<br>ICSPValidate<br>Samples for writing a custom configuration service provider.|
+
+## June 2019
+
+|New or updated article | Description|
+|--- | ---|
+|[Policy CSP - DeviceHealthMonitoring](policy-csp-devicehealthmonitoring.md)|Added the following new policies:<br>AllowDeviceHealthMonitoring, ConfigDeviceHealthMonitoringScope, ConfigDeviceHealthMonitoringUploadDestination.|
+|[Policy CSP - TimeLanguageSettings](policy-csp-timelanguagesettings.md)|Added the following new policy:<br>ConfigureTimeZone.|
+
+## May 2019
+
+|New or updated article | Description|
+|--- | ---|
+|[DeviceStatus CSP](devicestatus-csp.md)|Updated description of the following nodes:<br>DeviceStatus/Antivirus/SignatureStatus, DeviceStatus/Antispyware/SignatureStatus.|
+|[EnrollmentStatusTracking CSP](enrollmentstatustracking-csp.md)|Added new CSP in Windows 10, version 1903.|
+|[Policy CSP - DeliveryOptimization](policy-csp-deliveryoptimization.md)|Added the following new policies:<br> DODelayCacheServerFallbackBackground, DODelayCacheServerFallbackForeground.<br><br>Updated description of the following policies:<br>DOMinRAMAllowedToPeer, DOMinFileSizeToCache, DOMinDiskSizeAllowedToPeer.|
+|[Policy CSP - Experience](policy-csp-experience.md)|Added the following new policy:<br>ShowLockOnUserTile.|
+|[Policy CSP - InternetExplorer](policy-csp-internetexplorer.md)|Added the following new policies:<br>AllowEnhancedSuggestionsInAddressBar, DisableActiveXVersionListAutoDownload, DisableCompatView, DisableFeedsBackgroundSync, DisableGeolocation, DisableWebAddressAutoComplete, NewTabDefaultPage.|
+|[Policy CSP - Power](policy-csp-power.md)|Added the following new policies:<br>EnergySaverBatteryThresholdOnBattery, EnergySaverBatteryThresholdPluggedIn, SelectLidCloseActionOnBattery, SelectLidCloseActionPluggedIn, SelectPowerButtonActionOnBattery, SelectPowerButtonActionPluggedIn, SelectSleepButtonActionOnBattery, SelectSleepButtonActionPluggedIn, TurnOffHybridSleepOnBattery, TurnOffHybridSleepPluggedIn, UnattendedSleepTimeoutOnBattery, UnattendedSleepTimeoutPluggedIn.|
+|[Policy CSP - Search](policy-csp-search.md)|Added the following new policy:<br>AllowFindMyFiles.|
+|[Policy CSP - ServiceControlManager](policy-csp-servicecontrolmanager.md)|Added the following new policy:<br>SvchostProcessMitigation.|
+|[Policy CSP - System](policy-csp-system.md)|Added the following new policies:<br>AllowCommercialDataPipeline, TurnOffFileHistory.|
+|[Policy CSP - Troubleshooting](policy-csp-troubleshooting.md)|Added the following new policy:<br>AllowRecommendations.|
+|[Policy CSP - Update](policy-csp-update.md)|Added the following new policies:<br>AutomaticMaintenanceWakeUp, ConfigureDeadlineForFeatureUpdates, ConfigureDeadlineForQualityUpdates, ConfigureDeadlineGracePeriod, ConfigureDeadlineNoAutoReboot.|
+|[Policy CSP - WindowsLogon](policy-csp-windowslogon.md)|Added the following new policies:<br>AllowAutomaticRestartSignOn, ConfigAutomaticRestartSignOn, EnableFirstLogonAnimation.<br><br>Removed the following policy:<br>SignInLastInteractiveUserAutomaticallyAfterASystemInitiatedRestart. This policy is replaced by AllowAutomaticRestartSignOn.|
+
+## April 2019
+
+|                                         New or updated article                                          |                                                                                                                                                                                                          Description                                                                                                                                                                                                          |
+|-------------------------------------------------------------------------------------------------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
+| [Win32 and Desktop Bridge app policy configuration](win32-and-centennial-app-policy-configuration.md) | Added the following warning at the end of the Overview section:<br>Some operating system components have built in functionality to check devices for domain membership. MDM enforces the configured policy values only if the devices are domain joined, otherwise it does not. However, you can still import ADMX files and set ADMX-backed policies regardless of whether the device is domain joined or non-domain joined. |
+|                          [Policy CSP - UserRights](policy-csp-userrights.md)                          |                                                                                                                                  Added a note stating if you use Intune custom profiles to assign UserRights policies, you must use the CDATA tag (<![CDATA[...]]>) to wrap the data fields.                                                                                                                                  |
+
+## March 2019
+
+|New or updated article | Description|
+|--- | ---|
+|[Policy CSP - Storage](policy-csp-storage.md)|Updated ADMX Info of the following policies:<br>AllowStorageSenseGlobal, AllowStorageSenseTemporaryFilesCleanup, ConfigStorageSenseCloudContentDehydrationThreshold, ConfigStorageSenseDownloadsCleanupThreshold, ConfigStorageSenseGlobalCadence, ConfigStorageSenseRecycleBinCleanupThreshold. <br><br>Updated description of ConfigStorageSenseDownloadsCleanupThreshold.|
+
+## February 2019
+
+|New or updated article | Description|
+|--- | ---|
+|[Policy CSP](policy-configuration-service-provider.md)|Updated supported policies for Holographic.|
+
+## January 2019
+
+|New or updated article | Description|
+|--- | ---|
+|[Policy CSP - Storage](policy-csp-storage.md)|Added the following new policies: AllowStorageSenseGlobal, ConfigStorageSenseGlobalCadence, AllowStorageSenseTemporaryFilesCleanup, ConfigStorageSenseRecycleBinCleanupThreshold, ConfigStorageSenseDownloadsCleanupThreshold, and ConfigStorageSenseCloudContentCleanupThreshold.|
+|[SharedPC CSP](sharedpc-csp.md)|Updated values and supported operations.|
+|[Mobile device management](index.md)|Updated information about MDM Security Baseline.|
+
+## December 2018
+
+|New or updated article | Description|
+|--- | ---|
+|[BitLocker CSP](bitlocker-csp.md)|Updated AllowWarningForOtherDiskEncryption policy description to describe silent and non-silent encryption scenarios, as well as where and how the recovery key is backed up for each scenario.|
+
+## September 2018
+
+|New or updated article | Description|
+|--- | ---|
+|[Mobile device management](index.md#mmat) | Added information about the MDM Migration Analysis Tool (MMAT).|
+|[Policy CSP - DeviceGuard](policy-csp-deviceguard.md) | Updated ConfigureSystemGuardLaunch policy and replaced EnableSystemGuard with it.|
+
+## August 2018
+
+<table class="mx-tdBreakAll">
+<colgroup>
+<col width="25%" />
+<col width="75%" />
+</colgroup>
+<thead>
+<tr class="header">
+<th>New or updated article</th>
+<th>Description</th>
+</tr>
+</thead>
+<tbody>
+<tr>
+<td style="vertical-align:top"><a href="bitlocker-csp.md" data-raw-source="[BitLocker CSP](bitlocker-csp.md)">BitLocker CSP</a></td>
+<td style="vertical-align:top"><p>Added support for Windows 10 Pro starting in the version 1809.</p>
+</td></tr>
+<tr>
+<td style="vertical-align:top"><a href="office-csp.md" data-raw-source="[Office CSP](office-csp.md)">Office CSP</a></td>
+<td style="vertical-align:top"><p>Added FinalStatus setting in Windows 10, version 1809.</p>
+</td></tr>
+<tr>
+<td style="vertical-align:top"><a href="remotewipe-csp.md" data-raw-source="[RemoteWipe CSP](remotewipe-csp.md)">RemoteWipe CSP</a></td>
+<td style="vertical-align:top"><p>Added new settings in Windows 10, version 1809.</p>
+</td></tr>
+<tr>
+<td style="vertical-align:top"><a href="tenantlockdown-csp.md" data-raw-source="[TenantLockdown CSP](tenantlockdown-csp.md)">TenantLockdown CSP</a></td>
+<td style="vertical-align:top"><p>Added new CSP in Windows 10, version 1809.</p>
+</td></tr>
+<tr>
+<td style="vertical-align:top"><a href="windowsdefenderapplicationguard-csp.md" data-raw-source="[WindowsDefenderApplicationGuard CSP](windowsdefenderapplicationguard-csp.md)">WindowsDefenderApplicationGuard CSP</a></td>
+<td style="vertical-align:top"><p>Added new settings in Windows 10, version 1809.</p>
+</td></tr>
+<tr>
+<td style="vertical-align:top"><a href="policy-ddf-file.md" data-raw-source="[Policy DDF file](policy-ddf-file.md)">Policy DDF file</a></td>
+<td style="vertical-align:top"><p>Posted an updated version of the Policy DDF for Windows 10, version 1809.</p>
+</td></tr>
+<tr>
+<td style="vertical-align:top"><a href="policy-configuration-service-provider.md" data-raw-source="[Policy CSP](policy-configuration-service-provider.md)">Policy CSP</a></td>
+<td style="vertical-align:top"><p>Added the following new policies in Windows 10, version 1809:</p>
+<ul>
+<li>Browser/AllowFullScreenMode</li>
+<li>Browser/AllowPrelaunch</li>
+<li>Browser/AllowPrinting</li>
+<li>Browser/AllowSavingHistory</li>
+<li>Browser/AllowSideloadingOfExtensions</li>
+<li>Browser/AllowTabPreloading</li>
+<li>Browser/AllowWebContentOnNewTabPage</li>
+<li>Browser/ConfigureFavoritesBar</li>
+<li>Browser/ConfigureHomeButton</li>
+<li>Browser/ConfigureKioskMode</li>
+<li>Browser/ConfigureKioskResetAfterIdleTimeout</li>
+<li>Browser/ConfigureOpenMicrosoftEdgeWith</li>
+<li>Browser/ConfigureTelemetryForMicrosoft365Analytics</li>
+<li>Browser/PreventCertErrorOverrides</li>
+<li>Browser/SetHomeButtonURL</li>
+<li>Browser/SetNewTabPageURL</li>
+<li>Browser/UnlockHomeButton</li>
+<li>Experience/DoNotSyncBrowserSettings</li>
+<li>Experience/PreventUsersFromTurningOnBrowserSyncing</li>
+<li>Kerberos/UPNNameHints</li>
+<li>Privacy/AllowCrossDeviceClipboard</li>
+<li>Privacy/DisablePrivacyExperience</li>
+<li>Privacy/UploadUserActivities</li>
+<li>System/AllowDeviceNameInDiagnosticData</li>
+<li>System/ConfigureMicrosoft365UploadEndpoint</li>
+<li>System/DisableDeviceDelete</li>
+<li>System/DisableDiagnosticDataViewer</li>
+<li>Storage/RemovableDiskDenyWriteAccess</li>
+<li>Update/UpdateNotificationLevel</li>
+</ul>
+<p>Start/DisableContextMenus - added in Windows 10, version 1803.</p>
+<p>RestrictedGroups/ConfigureGroupMembership - added new schema to apply and retrieve the policy.</p>
+</td></tr>
+</tbody>
+</table>
+
+## July 2018
+
+<table class="mx-tdBreakAll">
+<colgroup>
+<col width="25%" />
+<col width="75%" />
+</colgroup>
+<thead>
+<tr class="header">
+<th>New or updated article</th>
+<th>Description</th>
+</tr>
+</thead>
+<tbody>
+<tr>
+<td style="vertical-align:top"><a href="assignedaccess-csp.md" data-raw-source="[AssignedAccess CSP](assignedaccess-csp.md)">AssignedAccess CSP</a></td>
+<td style="vertical-align:top"><p>Added the following note:</p>
+<ul>
+<li>You can only assign one single app kiosk profile to an individual user account on a device. The single app profile does not support domain groups.</li>
+</ul>
+</td></tr>
+<tr>
+<td style="vertical-align:top"><a href="passportforwork-csp.md" data-raw-source="[PassportForWork  CSP](passportforwork-csp.md)">PassportForWork  CSP</a></td>
+<td style="vertical-align:top"><p>Added new settings in Windows 10, version 1809.</p>
+</td></tr>
+<tr>
+<td style="vertical-align:top"><a href="enterprisemodernappmanagement-csp.md" data-raw-source="[EnterpriseModernAppManagement  CSP](enterprisemodernappmanagement-csp.md)">EnterpriseModernAppManagement  CSP</a></td>
+<td style="vertical-align:top"><p>Added NonRemovable setting under AppManagement node in Windows 10, version 1809.</p>
+</td></tr>
+<tr>
+<td style="vertical-align:top"><a href="win32compatibilityappraiser-csp.md" data-raw-source="[Win32CompatibilityAppraiser  CSP](win32compatibilityappraiser-csp.md)">Win32CompatibilityAppraiser  CSP</a></td>
+<td style="vertical-align:top"><p>Added new configuration service provider in Windows 10, version 1809.</p>
+</td></tr>
+<tr>
+<td style="vertical-align:top"><a href="windowslicensing-csp.md" data-raw-source="[WindowsLicensing  CSP](windowslicensing-csp.md)">WindowsLicensing  CSP</a></td>
+<td style="vertical-align:top"><p>Added S mode settings and SyncML examples in Windows 10, version 1809.</p>
+</td></tr>
+<tr>
+<td style="vertical-align:top"><a href="supl-csp.md" data-raw-source="[SUPL CSP](supl-csp.md)">SUPL CSP</a></td>
+<td style="vertical-align:top"><p>Added 3 new certificate nodes in Windows 10, version 1809.</p>
+</td></tr>
+<tr>
+<td style="vertical-align:top"><a href="defender-csp.md" data-raw-source="[Defender CSP](defender-csp.md)">Defender CSP</a></td>
+<td style="vertical-align:top"><p>Added a new node Health/ProductStatus in Windows 10, version 1809.</p>
+</td></tr>
+<tr>
+<td style="vertical-align:top"><a href="bitlocker-csp.md" data-raw-source="[BitLocker CSP](bitlocker-csp.md)">BitLocker CSP</a></td>
+<td style="vertical-align:top"><p>Added a new node AllowStandardUserEncryption in Windows 10, version 1809.</p>
+</td></tr>
+<tr>
+<td style="vertical-align:top"><a href="devdetail-csp.md" data-raw-source="[DevDetail CSP](devdetail-csp.md)">DevDetail CSP</a></td>
+<td style="vertical-align:top"><p>Added a new node SMBIOSSerialNumber in Windows 10, version 1809.</p>
+</td></tr>
+<tr>
+<td style="vertical-align:top"><a href="policy-configuration-service-provider.md" data-raw-source="[Policy CSP](policy-configuration-service-provider.md)">Policy CSP</a></td>
+<td style="vertical-align:top"><p>Added the following new policies in Windows 10, version 1809:</p>
+<ul>
+<li>ApplicationManagement/LaunchAppAfterLogOn</li>
+<li>ApplicationManagement/ScheduleForceRestartForUpdateFailures </li>
+<li>Authentication/EnableFastFirstSignIn (Preview mode only)</li>
+<li>Authentication/EnableWebSignIn (Preview mode only)</li>
+<li>Authentication/PreferredAadTenantDomainName</li>
+<li>Defender/CheckForSignaturesBeforeRunningScan</li>
+<li>Defender/DisableCatchupFullScan </li>
+<li>Defender/DisableCatchupQuickScan </li>
+<li>Defender/EnableLowCPUPriority</li>
+<li>Defender/SignatureUpdateFallbackOrder</li>
+<li>Defender/SignatureUpdateFileSharesSources</li>
+<li>DeviceGuard/ConfigureSystemGuardLaunch</li>
+<li>DeviceInstallation/AllowInstallationOfMatchingDeviceIDs</li>
+<li>DeviceInstallation/AllowInstallationOfMatchingDeviceSetupClasses</li>
+<li>DeviceInstallation/PreventDeviceMetadataFromNetwork</li>
+<li>DeviceInstallation/PreventInstallationOfDevicesNotDescribedByOtherPolicySettings</li>
+<li>DmaGuard/DeviceEnumerationPolicy</li>
+<li>Experience/AllowClipboardHistory</li>
+<li>Security/RecoveryEnvironmentAuthentication</li>
+<li>TaskManager/AllowEndTask</li>
+<li>WindowsDefenderSecurityCenter/DisableClearTpmButton</li>
+<li>WindowsDefenderSecurityCenter/DisableTpmFirmwareUpdateWarning</li>
+<li>WindowsDefenderSecurityCenter/HideWindowsSecurityNotificationAreaControl</li>
+<li>WindowsLogon/DontDisplayNetworkSelectionUI</li>
+</ul>
+<p>Recent changes:</p>
+<ul>
+<li>DataUsage/SetCost3G - deprecated in Windows 10, version 1809.</li>
+</ul>
+</td></tr>
+</tbody>
+</table>
+
+## June 2018
+
+<table class="mx-tdBreakAll">
+<colgroup>
+<col width="25%" />
+<col width="75%" />
+</colgroup>
+<thead>
+<tr class="header">
+<th>New or updated article</th>
+<th>Description</th>
+</tr>
+</thead>
+<tbody>
+<tr>
+<td style="vertical-align:top"><a href="wifi-csp.md" data-raw-source="[Wifi CSP](wifi-csp.md)">Wifi CSP</a></td>
+<td style="vertical-align:top"><p>Added a new node WifiCost in Windows 10, version 1809.</p>
+</td></tr>
+<tr>
+<td style="vertical-align:top"><a href="diagnose-mdm-failures-in-windows-10.md" data-raw-source="[Diagnose MDM failures in Windows 10](diagnose-mdm-failures-in-windows-10.md)">Diagnose MDM failures in Windows 10</a></td>
+<td style="vertical-align:top"><p>Recent changes:</p>
+<ul>
+<li>Added procedure for collecting logs remotely from Windows 10 Holographic.</li>
+<li>Added procedure for downloading the MDM Diagnostic Information log.</li>
+</ul>
+</td></tr>
+<tr>
+<td style="vertical-align:top"><a href="bitlocker-csp.md" data-raw-source="[Bitlocker CSP](bitlocker-csp.md)">Bitlocker CSP</a></td>
+<td style="vertical-align:top"><p>Added new node AllowStandardUserEncryption in Windows 10, version 1809.</p>
+</td></tr>
+<tr>
+<td style="vertical-align:top"><a href="policy-configuration-service-provider.md" data-raw-source="[Policy CSP](policy-configuration-service-provider.md)">Policy CSP</a></td>
+<td style="vertical-align:top"><p>Recent changes:</p>
+<ul>
+<li>AccountPoliciesAccountLockoutPolicy/AccountLockoutDuration - removed from docs. Not supported.</li>
+<li>AccountPoliciesAccountLockoutPolicy/AccountLockoutThreshold - removed from docs. Not supported.</li>
+<li>AccountPoliciesAccountLockoutPolicy/ResetAccountLockoutCounterAfter - removed from docs. Not supported.</li>
+<li>LocalPoliciesSecurityOptions/NetworkAccess_LetEveryonePermissionsApplyToAnonymousUsers - removed from docs. Not supported.</li>
+<li>System/AllowFontProviders is not supported in HoloLens (1st gen) Commercial Suite.</li>
+<li>Security/RequireDeviceEncryption is supported in the Home SKU.</li>
+<li>Start/StartLayout - added a table of SKU support information.</li>
+<li>Start/ImportEdgeAssets - added a table of SKU support information.</li>
+</ul>
+<p>Added the following new policies in Windows 10, version 1809:</p>
+<ul>
+<li>Update/EngagedRestartDeadlineForFeatureUpdates</li>
+<li>Update/EngagedRestartSnoozeScheduleForFeatureUpdates</li>
+<li>Update/EngagedRestartTransitionScheduleForFeatureUpdates</li>
+<li>Update/SetDisablePauseUXAccess</li>
+<li>Update/SetDisableUXWUAccess</li>
+</ul>
+</td></tr>
+<tr>
+<td style="vertical-align:top"><a href="wirednetwork-csp.md" data-raw-source="[WiredNetwork CSP](wirednetwork-csp.md)">WiredNetwork CSP</a></td>
+<td style="vertical-align:top">New CSP added in Windows 10, version 1809.
+</td></tr>
+</tbody>
+</table>
+
+## May 2018
+
+<table class="mx-tdBreakAll">
+<colgroup>
+<col width="25%" />
+<col width="75%" />
+</colgroup>
+<thead>
+<tr class="header">
+<th>New or updated article</th>
+<th>Description</th>
+</tr>
+</thead>
+<tbody>
+<tr>
+<td style="vertical-align:top"><a href="policy-ddf-file.md" data-raw-source="[Policy DDF file](policy-ddf-file.md)">Policy DDF file</a></td>
+<td style="vertical-align:top"><p>Updated the DDF files in the Windows 10 version 1703 and 1709.</p>
+<ul>
+<li><a href="https://download.microsoft.com/download/8/C/4/8C43C116-62CB-470B-9B69-76A3E2BC32A8/PolicyDDF_all.xml" data-raw-source="[Download the Policy DDF file for Windows 10, version 1709](https://download.microsoft.com/download/8/C/4/8C43C116-62CB-470B-9B69-76A3E2BC32A8/PolicyDDF_all.xml)">Download the Policy DDF file for Windows 10, version 1709</a></li>
+<li><a href="https://download.microsoft.com/download/7/2/C/72C36C37-20F9-41BF-8E23-721F6FFC253E/PolicyDDF_all.xml" data-raw-source="[Download the Policy DDF file for Windows 10, version 1703](https://download.microsoft.com/download/7/2/C/72C36C37-20F9-41BF-8E23-721F6FFC253E/PolicyDDF_all.xml)">Download the Policy DDF file for Windows 10, version 1703</a></li>
+</ul>
+</td></tr>
+</tbody>
+</table>
+
+## April 2018
+
+<table class="mx-tdBreakAll">
+<colgroup>
+<col width="25%" />
+<col width="75%" />
+</colgroup>
+<thead>
+<tr class="header">
+<th>New or updated article</th>
+<th>Description</th>
+</tr>
+</thead>
+<tbody>
+<tr>
+<td style="vertical-align:top"><a href="windowsdefenderapplicationguard-csp.md" data-raw-source="[WindowsDefenderApplicationGuard CSP](windowsdefenderapplicationguard-csp.md)">WindowsDefenderApplicationGuard CSP</a></td>
+<td style="vertical-align:top"><p>Added the following node in Windows 10, version 1803:</p>
+<ul>
+<li>Settings/AllowVirtualGPU</li>
+<li>Settings/SaveFilesToHost</li>
+</ul>
+</td></tr>
+<tr>
+<td style="vertical-align:top"><a href="\networkproxy--csp.md" data-raw-source="[NetworkProxy CSP](\networkproxy--csp.md)">NetworkProxy CSP</a></td>
+<td style="vertical-align:top"><p>Added the following node in Windows 10, version 1803:</p>
+<ul>
+<li>ProxySettingsPerUser</li>
+</ul>
+</td></tr>
+<tr>
+<td style="vertical-align:top"><a href="accounts-csp.md" data-raw-source="[Accounts CSP](accounts-csp.md)">Accounts CSP</a></td>
+<td style="vertical-align:top"><p>Added a new CSP in Windows 10, version 1803.</p>
+</td></tr>
+<tr>
+<td style="vertical-align:top"><a href="https://aka.ms/mmat" data-raw-source="[MDM Migration Analysis Tool (MMAT)](https://aka.ms/mmat)">MDM Migration Analysis Tool (MMAT)</a></td>
+<td style="vertical-align:top"><p>Updated version available. MMAT is a tool you can use to determine which Group Policies are set on a target user/computer and cross-reference them against the list of supported MDM policies.</p>
+</td></tr>
+<tr>
+<td style="vertical-align:top"><a href="configuration-service-provider-reference.md#csp-ddf-files-download" data-raw-source="[CSP DDF files download](configuration-service-provider-reference.md#csp-ddf-files-download)">CSP DDF files download</a></td>
+<td style="vertical-align:top"><p>Added the DDF download of Windows 10, version 1803 configuration service providers.</p>
+</td></tr>
+<tr>
+<td style="vertical-align:top"><a href="policy-configuration-service-provider.md" data-raw-source="[Policy CSP](policy-configuration-service-provider.md)">Policy CSP</a></td>
+<td style="vertical-align:top"><p>Added the following new policies for Windows 10, version 1803:</p>
+<ul>
+<li>Bluetooth/AllowPromptedProximalConnections</li>
+<li>KioskBrowser/EnableEndSessionButton</li>
+<li>LocalPoliciesSecurityOptions/NetworkSecurity_RestrictNTLM_AddRemoteServerExceptionsForNTLMAuthentication</li>
+<li>LocalPoliciesSecurityOptions/NetworkSecurity_RestrictNTLM_AuditIncomingNTLMTraffic</li>
+<li>LocalPoliciesSecurityOptions/NetworkSecurity_RestrictNTLM_IncomingNTLMTraffic</li>
+<li>LocalPoliciesSecurityOptions/NetworkSecurity_RestrictNTLM_OutgoingNTLMTrafficToRemoteServers</li>
+</ul>
+</td></tr>
+</tbody>
+</table>
+
+## March 2018
+
+<table class="mx-tdBreakAll">
+<colgroup>
+<col width="25%" />
+<col width="75%" />
+</colgroup>
+<thead>
+<tr class="header">
+<th>New or updated article</th>
+<th>Description</th>
+</tr>
+</thead>
+<tbody>
+<tr>
+<td style="vertical-align:top"><a href="euiccs-csp.md" data-raw-source="[eUICCs CSP](euiccs-csp.md)">eUICCs CSP</a></td>
+<td style="vertical-align:top"><p>Added the following node in Windows 10, version 1803:</p>
+<ul>
+<li>IsEnabled</li>
+</ul>
+</td></tr>
+<tr>
+<td style="vertical-align:top"><a href="devicestatus-csp.md" data-raw-source="[DeviceStatus CSP](devicestatus-csp.md)">DeviceStatus CSP</a></td>
+<td style="vertical-align:top"><p>Added the following node in Windows 10, version 1803:</p>
+<ul>
+<li>OS/Mode</li>
+</ul>
+</td></tr>
+<tr>
+<td style="vertical-align:top"><a href="understanding-admx-backed-policies.md" data-raw-source="[Understanding ADMX-backed policies](understanding-admx-backed-policies.md)">Understanding ADMX-backed policies</a></td>
+<td style="vertical-align:top"><p>Added the following videos:</p>
+<ul>
+<li><a href="https://www.microsoft.com/showcase/video.aspx?uuid=bdc9b54b-11b0-4bdb-a022-c339d16e7121" data-raw-source="[How to create a custom xml to enable an ADMX-backed policy and deploy the XML in Intune](https://www.microsoft.com/showcase/video.aspx?uuid=bdc9b54b-11b0-4bdb-a022-c339d16e7121)">How to create a custom xml to enable an ADMX-backed policy and deploy the XML in Intune</a></li>
+<li><a href="https://www.microsoft.com/showcase/video.aspx?uuid=a59888b1-429f-4a49-8570-c39a143d9a73" data-raw-source="[How to import a custom ADMX file to a device using Intune](https://www.microsoft.com/showcase/video.aspx?uuid=a59888b1-429f-4a49-8570-c39a143d9a73)">How to import a custom ADMX file to a device using Intune</a></li>
+</ul>
+</td></tr>
+<tr>
+<td style="vertical-align:top"><a href="accountmanagement-csp.md" data-raw-source="[AccountManagement CSP](accountmanagement-csp.md)">AccountManagement CSP</a></td>
+<td style="vertical-align:top"><p>Added a new CSP in Windows 10, version 1803.</p>
+</td></tr>
+<tr>
+<td style="vertical-align:top"><a href="rootcacertificates-csp.md" data-raw-source="[RootCATrustedCertificates CSP](rootcacertificates-csp.md)">RootCATrustedCertificates CSP</a></td>
+<td style="vertical-align:top"><p>Added the following node in Windows 10, version 1803:</p>
+<ul>
+<li>UntrustedCertificates</li>
+</ul>
+</td></tr>
+<tr>
+<td style="vertical-align:top"><a href="policy-configuration-service-provider.md" data-raw-source="[Policy CSP](policy-configuration-service-provider.md)">Policy CSP</a></td>
+<td style="vertical-align:top"><p>Added the following new policies for Windows 10, version 1803:</p>
+<ul>
+<li>ApplicationDefaults/EnableAppUriHandlers</li>
+<li>ApplicationManagement/MSIAllowUserControlOverInstall</li>
+<li>ApplicationManagement/MSIAlwaysInstallWithElevatedPrivileges</li>
+<li>Connectivity/AllowPhonePCLinking</li>
+<li>Notifications/DisallowCloudNotification</li>
+<li>Notifications/DisallowTileNotification</li>
+<li>RestrictedGroups/ConfigureGroupMembership</li>
+</ul>
+<p>The following existing policies were updated:</p>
+<ul>
+<li>Browser/AllowCookies - updated the supported values. There are 3 values - 0, 1, 2.</li>
+<li>InternetExplorer/AllowSiteToZoneAssignmentList - updated the description and added an example SyncML</li>
+<li>TextInput/AllowIMENetworkAccess - introduced new suggestion services in Japanese IME in addition to cloud suggestion.</li>
+</ul>
+<p>Added a new section:</p>
+<ul>
+<li><a href="policy-csps-supported-by-group-policy.md" data-raw-source="[[Policies in Policy CSP supported by Group Policy](policy-csps-supported-by-group-policy.md)">[Policies in Policy CSP supported by Group Policy</a> - list of policies in Policy CSP that has corresponding Group Policy. The policy description contains the GP information, such as GP policy name and variable name.</li>
+</ul>
+</td></tr>
+<tr>
+<td style="vertical-align:top"><a href="policy-csp-bluetooth.md" data-raw-source="[Policy CSP - Bluetooth](policy-csp-bluetooth.md)">Policy CSP - Bluetooth</a></td>
+<td style="vertical-align:top"><p>Added new section <a href="policy-csp-bluetooth.md#servicesallowedlist-usage-guide" data-raw-source="[ServicesAllowedList usage guide](policy-csp-bluetooth.md#servicesallowedlist-usage-guide)">ServicesAllowedList usage guide</a>.</p>
+</td></tr>
+<tr>
+<td style="vertical-align:top"><a href="multisim-csp.md" data-raw-source="[MultiSIM CSP](multisim-csp.md)">MultiSIM CSP</a></td>
+<td style="vertical-align:top"><p>Added SyncML examples and updated the settings descriptions.</p>
+</td></tr>
+<tr class="odd">
+<td style="vertical-align:top"><a href="remotewipe-csp.md" data-raw-source="[RemoteWipe CSP](remotewipe-csp.md)">RemoteWipe CSP</a></td>
+<td style="vertical-align:top"><p>Reverted back to Windows 10, version 1709. Removed previous draft documentation for version 1803.</p>
+</td></tr>
+</tbody>
+</table>
+
+## February 2018
+
+<table class="mx-tdBreakAll">
+<colgroup>
+<col width="25%" />
+<col width="75%" />
+</colgroup>
+<thead>
+<tr class="header">
+<th>New or updated article</th>
+<th>Description</th>
+</tr>
+</thead>
+<tbody>
+<tr>
+<td style="vertical-align:top"><a href="policy-configuration-service-provider.md" data-raw-source="[Policy CSP](policy-configuration-service-provider.md)">Policy CSP</a></td>
+<td style="vertical-align:top"><p>Added the following new policies for Windows 10, version 1803:</p>
+<ul>
+<li>Display/DisablePerProcessDpiForApps</li>
+<li>Display/EnablePerProcessDpi</li>
+<li>Display/EnablePerProcessDpiForApps</li>
+<li>Experience/AllowWindowsSpotlightOnSettings</li>
+<li>TextInput/ForceTouchKeyboardDockedState</li>
+<li>TextInput/TouchKeyboardDictationButtonAvailability</li>
+<li>TextInput/TouchKeyboardEmojiButtonAvailability</li>
+<li>TextInput/TouchKeyboardFullModeAvailability</li>
+<li>TextInput/TouchKeyboardHandwritingModeAvailability</li>
+<li>TextInput/TouchKeyboardNarrowModeAvailability</li>
+<li>TextInput/TouchKeyboardSplitModeAvailability</li>
+<li>TextInput/TouchKeyboardWideModeAvailability</li>
+<ul>
+</td></tr>
+<tr class="odd">
+<td style="vertical-align:top"><a href="vpnv2-profile-xsd.md" data-raw-source="[VPNv2 ProfileXML XSD](vpnv2-profile-xsd.md)">VPNv2 ProfileXML XSD</a></td>
+<td style="vertical-align:top"><p>Updated the XSD and Plug-in profile example for VPNv2 CSP.</p>
+</td></tr>
+<tr class="odd">
+<td style="vertical-align:top"><a href="assignedaccess-csp.md" data-raw-source="[AssignedAccess CSP](assignedaccess-csp.md)">AssignedAccess CSP</a></td>
+<td style="vertical-align:top"><p>Added the following nodes in Windows 10, version 1803:</p>
+<ul>
+<li>Status</li>
+<li>ShellLauncher</li>
+<li>StatusConfiguration</li>
+</ul>
+<p>Updated the AssigneAccessConfiguration schema. Starting in Windows 10, version 1803 AssignedAccess CSP is supported in HoloLens (1st gen) Commercial Suite. Added example for HoloLens (1st gen) Commercial Suite.</p>
+</td></tr>
+<tr class="odd">
+<td style="vertical-align:top"><a href="multisim-csp.md" data-raw-source="[MultiSIM CSP](multisim-csp.md)">MultiSIM CSP</a></td>
+<td style="vertical-align:top"><p>Added a new CSP in Windows 10, version 1803.</p>
+</td></tr>
+<tr class="odd">
+<td style="vertical-align:top"><a href="enterprisemodernappmanagement-csp.md" data-raw-source="[EnterpriseModernAppManagement CSP](enterprisemodernappmanagement-csp.md)">EnterpriseModernAppManagement CSP</a></td>
+<td style="vertical-align:top"><p>Added the following node in Windows 10, version 1803:</p>
+<ul>
+<li>MaintainProcessorArchitectureOnUpdate</li>
+</ul>
+</td></tr>
+</tbody>
+</table>
+
+## January 2018
+
+<table class="mx-tdBreakAll">
+<colgroup>
+<col width="25%" />
+<col width="75%" />
+</colgroup>
+<thead>
+<tr class="header">
+<th>New or updated article</th>
+<th>Description</th>
+</tr>
+</thead>
+<tbody>
+<tr>
+<td style="vertical-align:top"><a href="policy-configuration-service-provider.md" data-raw-source="[Policy CSP](policy-configuration-service-provider.md)">Policy CSP</a></td>
+<td style="vertical-align:top"><p>Added the following new policies for Windows 10, version 1803:</p>
+<ul>
+<li>Browser/AllowConfigurationUpdateForBooksLibrary</li>
+<li>Browser/AlwaysEnableBooksLibrary</li>
+<li>Browser/EnableExtendedBooksTelemetry</li>
+<li>Browser/UseSharedFolderForBooks</li>
+<li>DeliveryOptimization/DODelayBackgroundDownloadFromHttp</li>
+<li>DeliveryOptimization/DODelayForegroundDownloadFromHttp</li>
+<li>DeliveryOptimization/DOGroupIdSource</li>
+<li>DeliveryOptimization/DOPercentageMaxBackDownloadBandwidth</li>
+<li>DeliveryOptimization/DOPercentageMaxForeDownloadBandwidth</li>
+<li>DeliveryOptimization/DORestrictPeerSelectionBy</li>
+<li>DeliveryOptimization/DOSetHoursToLimitBackgroundDownloadBandwidth</li>
+<li>DeliveryOptimization/DOSetHoursToLimitForegroundDownloadBandwidth</li>
+<li>KioskBrowser/BlockedUrlExceptions</li>
+<li>KioskBrowser/BlockedUrls</li>
+<li>KioskBrowser/DefaultURL</li>
+<li>KioskBrowser/EnableHomeButton</li>
+<li>KioskBrowser/EnableNavigationButtons</li>
+<li>KioskBrowser/RestartOnIdleTime</li>
+<li>LocalPoliciesSecurityOptions/Devices_AllowUndockWithoutHavingToLogon</li>
+<li>LocalPoliciesSecurityOptions/Devices_AllowedToFormatAndEjectRemovableMedia</li>
+<li>LocalPoliciesSecurityOptions/Devices_PreventUsersFromInstallingPrinterDriversWhenConnectingToSharedPrinters</li>
+<li>LocalPoliciesSecurityOptions/Devices_RestrictCDROMAccessToLocallyLoggedOnUserOnly</li>
+<li>LocalPoliciesSecurityOptions/InteractiveLogon_SmartCardRemovalBehavior</li>
+<li>LocalPoliciesSecurityOptions/MicrosoftNetworkClient_DigitallySignCommunicationsIfServerAgrees</li>
+<li>LocalPoliciesSecurityOptions/MicrosoftNetworkClient_SendUnencryptedPasswordToThirdPartySMBServers</li>
+<li>LocalPoliciesSecurityOptions/MicrosoftNetworkServer_DigitallySignCommunicationsAlways</li>
+<li>LocalPoliciesSecurityOptions/MicrosoftNetworkServer_DigitallySignCommunicationsIfClientAgrees</li>
+<li>LocalPoliciesSecurityOptions/NetworkAccess_DoNotAllowAnonymousEnumerationOfSAMAccounts</li>
+<li>LocalPoliciesSecurityOptions/NetworkAccess_DoNotAllowAnonymousEnumerationOfSamAccountsAndShares</li>
+<li>LocalPoliciesSecurityOptions/NetworkAccess_RestrictAnonymousAccessToNamedPipesAndShares</li>
+<li>LocalPoliciesSecurityOptions/NetworkAccess_RestrictClientsAllowedToMakeRemoteCallsToSAM</li>
+<li>LocalPoliciesSecurityOptions/NetworkSecurity_DoNotStoreLANManagerHashValueOnNextPasswordChange</li>
+<li>LocalPoliciesSecurityOptions/NetworkSecurity_LANManagerAuthenticationLevel</li>
+<li>LocalPoliciesSecurityOptions/NetworkSecurity_MinimumSessionSecurityForNTLMSSPBasedClients</li>
+<li>LocalPoliciesSecurityOptions/NetworkSecurity_MinimumSessionSecurityForNTLMSSPBasedServers</li>
+<li>LocalPoliciesSecurityOptions/Shutdown_ClearVirtualMemoryPageFile</li>
+<li>LocalPoliciesSecurityOptions/UserAccountControl_DetectApplicationInstallationsAndPromptForElevation</li>
+<li>LocalPoliciesSecurityOptions/UserAccountControl_UseAdminApprovalMode</li>
+<li>RestrictedGroups/ConfigureGroupMembership</li>
+<li>Search/AllowCortanaInAAD</li>
+<li>Search/DoNotUseWebResults</li>
+<li>Security/ConfigureWindowsPasswords</li>
+<li>System/FeedbackHubAlwaysSaveDiagnosticsLocally</li>
+<li>SystemServices/ConfigureHomeGroupListenerServiceStartupMode</li>
+<li>SystemServices/ConfigureHomeGroupProviderServiceStartupMode</li>
+<li>SystemServices/ConfigureXboxAccessoryManagementServiceStartupMode</li>
+<li>SystemServices/ConfigureXboxLiveAuthManagerServiceStartupMode</li>
+<li>SystemServices/ConfigureXboxLiveGameSaveServiceStartupMode</li>
+<li>SystemServices/ConfigureXboxLiveNetworkingServiceStartupMode</li>
+<li>TaskScheduler/EnableXboxGameSaveTask</li>
+<li>TextInput/EnableTouchKeyboardAutoInvokeInDesktopMode</li>
+<li>Update/ConfigureFeatureUpdateUninstallPeriod</li>
+<li>UserRights/AccessCredentialManagerAsTrustedCaller</li>
+<li>UserRights/AccessFromNetwork</li>
+<li>UserRights/ActAsPartOfTheOperatingSystem</li>
+<li>UserRights/AllowLocalLogOn</li>
+<li>UserRights/BackupFilesAndDirectories</li>
+<li>UserRights/ChangeSystemTime</li>
+<li>UserRights/CreateGlobalObjects</li>
+<li>UserRights/CreatePageFile</li>
+<li>UserRights/CreatePermanentSharedObjects</li>
+<li>UserRights/CreateSymbolicLinks</li>
+<li>UserRights/CreateToken</li>
+<li>UserRights/DebugPrograms</li>
+<li>UserRights/DenyAccessFromNetwork</li>
+<li>UserRights/DenyLocalLogOn</li>
+<li>UserRights/DenyRemoteDesktopServicesLogOn</li>
+<li>UserRights/EnableDelegation</li>
+<li>UserRights/GenerateSecurityAudits</li>
+<li>UserRights/ImpersonateClient</li>
+<li>UserRights/IncreaseSchedulingPriority</li>
+<li>UserRights/LoadUnloadDeviceDrivers</li>
+<li>UserRights/LockMemory</li>
+<li>UserRights/ManageAuditingAndSecurityLog</li>
+<li>UserRights/ManageVolume</li>
+<li>UserRights/ModifyFirmwareEnvironment</li>
+<li>UserRights/ModifyObjectLabel</li>
+<li>UserRights/ProfileSingleProcess</li>
+<li>UserRights/RemoteShutdown</li>
+<li>UserRights/RestoreFilesAndDirectories</li>
+<li>UserRights/TakeOwnership</li>
+<li>WindowsDefenderSecurityCenter/DisableAccountProtectionUI</li>
+<li>WindowsDefenderSecurityCenter/DisableDeviceSecurityUI</li>
+<li>WindowsDefenderSecurityCenter/HideRansomwareDataRecovery</li>
+<li>WindowsDefenderSecurityCenter/HideSecureBoot</li>
+<li>WindowsDefenderSecurityCenter/HideTPMTroubleshooting</li>
+</ul>
+<p>Added the following policies the were added in Windows 10, version 1709</p>
+<ul>
+<li>DeviceLock/MinimumPasswordAge</li>
+<li>Settings/AllowOnlineTips</li>
+<li>System/DisableEnterpriseAuthProxy </li>
+</ul>
+<p>Security/RequireDeviceEncryption - updated to show it is supported in desktop.</p>
+</tr>
+<tr class="odd">
+<td style="vertical-align:top"><a href="bitlocker-csp.md" data-raw-source="[BitLocker CSP](bitlocker-csp.md)">BitLocker CSP</a></td>
+<td style="vertical-align:top"><p>Updated the description for AllowWarningForOtherDiskEncryption to describe changes added in Windows 10, version 1803.</p>
+</td></tr>
+<tr class="odd">
+<td style="vertical-align:top"><a href="enterprisemodernappmanagement-csp.md" data-raw-source="[EnterpriseModernAppManagement CSP](enterprisemodernappmanagement-csp.md)">EnterpriseModernAppManagement CSP</a></td>
+<td style="vertical-align:top"><p>Added new node MaintainProcessorArchitectureOnUpdate in Windows 10, next major update.</p>
+</td></tr>
+<tr class="odd">
+<td style="vertical-align:top"><a href="dmclient-csp.md" data-raw-source="[DMClient CSP](dmclient-csp.md)">DMClient CSP</a></td>
+<td style="vertical-align:top"><p>Added ./User/Vendor/MSFT/DMClient/Provider/[ProviderID]/FirstSyncStatus node. Also added the following nodes in Windows 10, version 1803:</p>
+<ul>
+<li>AADSendDeviceToken</li>
+<li>BlockInStatusPage</li>
+<li>AllowCollectLogsButton</li>
+<li>CustomErrorText</li>
+<li>SkipDeviceStatusPage</li>
+<li>SkipUserStatusPage</li>
+</ul>
+</td></tr>
+<tr class="odd">
+<td style="vertical-align:top"><a href="defender-csp.md" data-raw-source="[Defender CSP](defender-csp.md)">Defender CSP</a></td>
+<td style="vertical-align:top"><p>Added new node (OfflineScan) in Windows 10, version 1803.</p>
+</td></tr>
+<tr class="odd">
+<td style="vertical-align:top"><a href="uefi-csp.md" data-raw-source="[UEFI CSP](uefi-csp.md)">UEFI CSP</a></td>
+<td style="vertical-align:top"><p>Added a new CSP in Windows 10, version 1803.</p>
+</td></tr>
+<tr class="odd">
+<td style="vertical-align:top"><a href="update-csp.md" data-raw-source="[Update CSP](update-csp.md)">Update CSP</a></td>
+<td style="vertical-align:top"><p>Added the following nodes in Windows 10, version 1803:</p>
+<ul>
+<li>Rollback</li>
+<li>Rollback/FeatureUpdate</li>
+<li>Rollback/QualityUpdateStatus</li>
+<li>Rollback/FeatureUpdateStatus</li>
+</ul>
+</td></tr>
+</tbody>
+</table>
+
+## December 2017
+
+<table class="mx-tdBreakAll">
+<colgroup>
+<col width="25%" />
+<col width="75%" />
+</colgroup>
+<thead>
+<tr class="header">
+<th>New or updated article</th>
+<th>Description</th>
+</tr>
+</thead>
+<tbody>
+<tr class="odd">
+<td style="vertical-align:top"><a href="configuration-service-provider-reference.md" data-raw-source="[Configuration service provider reference](configuration-service-provider-reference.md)">Configuration service provider reference</a></td>
+<td style="vertical-align:top"><p>Added new section <a href="configuration-service-provider-reference.md#csp-ddf-files-download" data-raw-source="[CSP DDF files download](configuration-service-provider-reference.md#csp-ddf-files-download)">CSP DDF files download</a></p>
+</td></tr>
+</tbody>
+</table>
+
+## November 2017
+
+<table class="mx-tdBreakAll">
+<colgroup>
+<col width="25%" />
+<col width="75%" />
+</colgroup>
+<thead>
+<tr class="header">
+<th>New or updated article</th>
+<th>Description</th>
+</tr>
+</thead>
+<tbody>
+<tr class="odd">
+<td style="vertical-align:top"><a href="policy-configuration-service-provider.md" data-raw-source="[Policy CSP](policy-configuration-service-provider.md)">Policy CSP</a></td>
+<td style="vertical-align:top"><p>Added the following policies for Windows 10, version 1709:</p>
+<ul>
+<li>Authentication/AllowFidoDeviceSignon</li>
+<li>Cellular/LetAppsAccessCellularData</li>
+<li>Cellular/LetAppsAccessCellularData_ForceAllowTheseApps</li>
+<li>Cellular/LetAppsAccessCellularData_ForceDenyTheseApps</li>
+<li>Cellular/LetAppsAccessCellularData_UserInControlOfTheseApps</li>
+<li>Start/HidePeopleBar</li>
+<li>Storage/EnhancedStorageDevices</li>
+<li>Update/ManagePreviewBuilds</li>
+<li>WirelessDisplay/AllowMdnsAdvertisement</li>
+<li>WirelessDisplay/AllowMdnsDiscovery</li>
+</ul>
+<p>Added missing policies from previous releases:</p>
+<ul>
+<li>Connectivity/DisallowNetworkConnectivityActiveTest</li>
+<li>Search/AllowWindowsIndexer</li>
+</ul>
+</td></tr>
+</tbody>
+</table>
+
+## October 2017
+
+<table class="mx-tdBreakAll">
+<colgroup>
+<col width="25%" />
+<col width="75%" />
+</colgroup>
+<thead>
+<tr class="header">
+<th>New or updated article</th>
+<th>Description</th>
+</tr>
+</thead>
+<tbody>
+<tr class="odd">
+<td style="vertical-align:top"><a href="policy-ddf-file.md" data-raw-source="[Policy DDF file](policy-ddf-file.md)">Policy DDF file</a></td>
+<td style="vertical-align:top"><p>Updated the DDF content for Windows 10 version 1709. Added a link to the download of Policy DDF for Windows 10, version 1709.</p>
+</td></tr>
+<tr class="odd">
+<td style="vertical-align:top"><a href="policy-configuration-service-provider.md" data-raw-source="[Policy CSP](policy-configuration-service-provider.md)">Policy CSP</a></td>
+<td style="vertical-align:top"><p>Updated the following policies:</p>
+<ul>
+<li>Defender/ControlledFolderAccessAllowedApplications - string separator is |.</li>
+<li>Defender/ControlledFolderAccessProtectedFolders - string separator is |.</li>
+</ul>
+</td></tr>
+<tr class="even">
+<td style="vertical-align:top"><a href="euiccs-csp.md" data-raw-source="[eUICCs CSP](euiccs-csp.md)">eUICCs CSP</a></td>
+<td style="vertical-align:top"><p>Added new CSP in Windows 10, version 1709.</p>
+</td></tr>
+<tr class="odd">
+<td style="vertical-align:top"><a href="assignedaccess-csp.md" data-raw-source="[AssignedAccess CSP](assignedaccess-csp.md)">AssignedAccess CSP</a></td>
+<td style="vertical-align:top"><p>Added SyncML examples for the new Configuration node.</p>
+</td></tr>
+<tr class="odd">
+<td style="vertical-align:top"><a href="dmclient-csp.md" data-raw-source="[DMClient CSP](dmclient-csp.md)">DMClient CSP</a></td>
+<td style="vertical-align:top"><p>Added new nodes to the DMClient CSP in Windows 10, version 1709. Updated the CSP and DDF topics.</p>
+</td></tr>
+</tbody>
+</table>
+
+## September 2017
+
+<table class="mx-tdBreakAll">
+<colgroup>
+<col width="25%" />
+<col width="75%" />
+</colgroup>
+<thead>
+<tr class="header">
+<th>New or updated article</th>
+<th>Description</th>
+</tr>
+</thead>
+<tbody>
+<tr class="odd">
+<td style="vertical-align:top"><a href="policy-configuration-service-provider.md" data-raw-source="[Policy CSP](policy-configuration-service-provider.md)">Policy CSP</a></td>
+<td style="vertical-align:top"><p>Added the following new policies for Windows 10, version 1709:</p>
+<ul>
+<li>Authentication/AllowAadPasswordReset</li>
+<li>Handwriting/PanelDefaultModeDocked</li>
+<li>Search/AllowCloudSearch</li>
+<li>System/LimitEnhancedDiagnosticDataWindowsAnalytics</li>
+</ul>
+<p>Added new settings to Update/BranchReadinessLevel policy in Windows 10 version 1709.</p>
+</td></tr>
+<tr class="even">
+<td style="vertical-align:top"><a href="assignedaccess-csp.md" data-raw-source="[AssignedAccess CSP](assignedaccess-csp.md)">AssignedAccess CSP</a></td>
+<td style="vertical-align:top"><p>Starting in Windows 10, version 1709, AssignedAccess CSP is also supported in Windows 10 Pro.</p>
+</td></tr>
+<tr class="odd">
+<td style="vertical-align:top">Microsoft Store for Business and Microsoft Store</td>
+<td style="vertical-align:top"><p>Windows Store for Business name changed to Microsoft Store for Business. Windows Store name changed to Microsoft Store.</p>
+</td></tr>
+<tr class="even">
+<td style="vertical-align:top">The <a href="https://msdn.microsoft.com/library/mt221945.aspx" data-raw-source="[\[MS-MDE2\]: Mobile Device Enrollment Protocol Version 2](https://msdn.microsoft.com/library/mt221945.aspx)">[MS-MDE2]: Mobile Device Enrollment Protocol Version 2</a></td>
+<td style="vertical-align:top"><p>The Windows 10 enrollment protocol was updated. The following elements were added to the RequestSecurityToken message:</p>
+<ul>
+<li>UXInitiated - boolean value that indicates whether the enrollment is user initiated from the Settings page. </li>
+<li>ExternalMgmtAgentHint - a string the agent uses to give hints the enrollment server may need.</li>
+<li>DomainName - fully qualified domain name if the device is domain-joined.</li>
+</ul>
+<p>For examples, see section 4.3.1 RequestSecurityToken of the MS-MDE2 protocol documentation.</p>
+</td></tr>
+<tr class="odd">
+<td style="vertical-align:top"><a href="enterpriseapn-csp.md" data-raw-source="[EnterpriseAPN CSP](enterpriseapn-csp.md)">EnterpriseAPN CSP</a></td>
+<td style="vertical-align:top"><p>Added a SyncML example.</p>
+</td></tr>
+<tr class="odd">
+<td style="vertical-align:top"><a href="vpnv2-csp.md" data-raw-source="[VPNv2 CSP](vpnv2-csp.md)">VPNv2 CSP</a></td>
+<td style="vertical-align:top"><p>Added RegisterDNS setting in Windows 10, version 1709.</p>
+</td></tr>
+<tr class="odd">
+<td style="vertical-align:top"><a href="enroll-a-windows-10-device-automatically-using-group-policy.md" data-raw-source="[Enroll a Windows 10 device automatically using Group Policy](enroll-a-windows-10-device-automatically-using-group-policy.md)">Enroll a Windows 10 device automatically using Group Policy</a></td>
+<td style="vertical-align:top"><p>Added new topic to introduce a new Group Policy for automatic MDM enrollment.</p>
+</td></tr>
+<tr class="odd">
+<td style="vertical-align:top"><a href="mdm-enrollment-of-windows-devices.md" data-raw-source="[MDM enrollment of Windows-based devices](mdm-enrollment-of-windows-devices.md)">MDM enrollment of Windows-based devices</a></td>
+<td style="vertical-align:top"><p>New features in the Settings app:</p>
+<ul>
+<li>User sees installation progress of critical policies during MDM enrollment.</li>
+<li>User knows what policies, profiles, apps MDM has configured</li>
+<li>IT helpdesk can get detailed MDM diagnostic information using client tools</li>
+</ul>
+<p>For details, see <a href="mdm-enrollment-of-windows-devices.md#manage-connections" data-raw-source="[Manage connections](mdm-enrollment-of-windows-devices.md#manage-connections)">Managing connections</a> and <a href="mdm-enrollment-of-windows-devices.md#collecting-diagnostic-logs" data-raw-source="[Collecting diagnostic logs](mdm-enrollment-of-windows-devices.md#collecting-diagnostic-logs)">Collecting diagnostic logs</a></p>
+</td></tr>
+</tbody>
+</table>
+
+## August 2017
+
+<table class="mx-tdBreakAll">
+<colgroup>
+<col width="25%" />
+<col width="75%" />
+</colgroup>
+<thead>
+<tr class="header">
+<th>New or updated article</th>
+<th>Description</th>
+</tr>
+</thead>
+<tbody>
+<tr class="odd">
+<td style="vertical-align:top"><a href="enable-admx-backed-policies-in-mdm.md" data-raw-source="[Enable ADMX-backed policies in MDM](enable-admx-backed-policies-in-mdm.md)">Enable ADMX-backed policies in MDM</a></td>
+<td style="vertical-align:top"><p>Added new step-by-step guide to enable ADMX-backed policies.</p>
+</td></tr>
+<tr class="odd">
+<td style="vertical-align:top"><a href="mobile-device-enrollment.md" data-raw-source="[Mobile device enrollment](mobile-device-enrollment.md)">Mobile device enrollment</a></td>
+<td style="vertical-align:top"><p>Added the following statement:</p>
+<ul>
+<li>Devices that are joined to an on-premises Active Directory can enroll into MDM via the Work access page in <strong>Settings</strong>. However, the enrollment can only target the user enrolled with user-specific policies. Device targeted policies will continue to impact all users of the device.</li>
+</ul>
+</td></tr>
+<tr class="odd">
+<td style="vertical-align:top"><a href="cm-cellularentries-csp.md" data-raw-source="[CM\_CellularEntries CSP](cm-cellularentries-csp.md)">CM_CellularEntries CSP</a></td>
+<td style="vertical-align:top"><p>Updated the description of the PuposeGroups node to add the GUID for applications. This node is required instead of optional.</p>
+</td></tr>
+<tr class="odd">
+<td style="vertical-align:top"><a href="enterprisedataprotection-csp.md" data-raw-source="[EnterpriseDataProtection CSP](enterprisedataprotection-csp.md)">EnterpriseDataProtection CSP</a></td>
+<td style="vertical-align:top"><p>Updated the Settings/EDPEnforcementLevel values to the following:</p>
+<ul>
+<li> 0 (default) – Off / No protection (decrypts previously protected data).</li>
+<li>  1 – Silent mode (encrypt and audit only).</li>
+<li>  2 – Allow override mode (encrypt, prompt and allow overrides, and audit).</li>
+<li>  3 – Hides overrides (encrypt, prompt but hide overrides, and audit).</li>
+</ul>
+</td></tr>
+<tr class="odd">
+<td style="vertical-align:top"><a href="applocker-csp.md" data-raw-source="[AppLocker CSP](applocker-csp.md)">AppLocker CSP</a></td>
+<td style="vertical-align:top"><p>Added two new SyncML examples (to disable the calendar app and to block usage of the map app) in <a href="applocker-csp.md#allow-list-examples" data-raw-source="[Allowlist examples](applocker-csp.md#allow-list-examples)">Allow list examples</a>.</p>
+</td></tr>
+<tr class="odd">
+<td style="vertical-align:top"><a href="devicemanageability-csp.md" data-raw-source="[DeviceManageability CSP](devicemanageability-csp.md)">DeviceManageability CSP</a></td>
+<td style="vertical-align:top"><p>Added the following settings in Windows 10, version 1709:</p>
+<ul>
+<li>Provider/<em>ProviderID</em>/ConfigInfo</li>
+<li> Provider/<em>ProviderID</em>/EnrollmentInfo</li>
+</ul>
+</td></tr>
+<tr class="odd">
+<td style="vertical-align:top"><a href="office-csp.md" data-raw-source="[Office CSP](office-csp.md)">Office CSP</a></td>
+<td style="vertical-align:top"><p>Added the following setting in Windows 10, version 1709:</p>
+<ul>
+<li>Installation/CurrentStatus</li>
+</ul>
+</td></tr>
+<tr class="odd">
+<td style="vertical-align:top"><a href="bitlocker-csp.md" data-raw-source="[BitLocker CSP](bitlocker-csp.md)">BitLocker CSP</a></td>
+<td style="vertical-align:top">Added information to the ADMX-backed policies. Changed the minimum personal identification number (PIN) length to 4 digits in SystemDrivesRequireStartupAuthentication and SystemDrivesMinimumPINLength in Windows 10, version 1709.
+</td></tr>
+<tr class="odd">
+<td style="vertical-align:top"><a href="firewall-csp.md" data-raw-source="[Firewall CSP](firewall-csp.md)">Firewall CSP</a></td>
+<td style="vertical-align:top">Updated the CSP and DDF topics. Here are the changes:
+<ul>
+<li>Removed the two settings - FirewallRules/FirewallRuleName/FriendlyName and FirewallRules/FirewallRuleName/IcmpTypesAndCodes.</li>
+<li>Changed some data types from integer to bool.</li>
+<li>Updated the list of supported operations for some settings.</li>
+<li>Added default values.</li>
+</ul>
+</td></tr>
+<tr class="odd">
+<td style="vertical-align:top"><a href="policy-ddf-file.md" data-raw-source="[Policy DDF file](policy-ddf-file.md)">Policy DDF file</a></td>
+<td style="vertical-align:top">Added another Policy DDF file <a href="https://download.microsoft.com/download/6/1/C/61C022FD-6F5D-4F73-9047-17F630899DC4/PolicyDDF_all_version1607_8C.xml" data-raw-source="[download](https://download.microsoft.com/download/6/1/C/61C022FD-6F5D-4F73-9047-17F630899DC4/PolicyDDF_all_version1607_8C.xml)">download</a> for the 8C release of Windows 10, version 1607, which added the following policies:
+<ul>
+<li>Browser/AllowMicrosoftCompatibilityList</li>
+<li>Update/DisableDualScan</li>
+<li>Update/FillEmptyContentUrls</li>
+</ul>
+</td></tr>
+<tr class="even">
+<td style="vertical-align:top"><a href="policy-configuration-service-provider.md" data-raw-source="[Policy CSP](policy-configuration-service-provider.md)">Policy CSP</a></td>
+<td style="vertical-align:top"><p>Added the following new policies for Windows 10, version 1709:</p>
+<ul>
+<li>Browser/ProvisionFavorites</li>
+<li>Browser/LockdownFavorites</li>
+<li>ExploitGuard/ExploitProtectionSettings</li>
+<li>Games/AllowAdvancedGamingServices</li>
+<li>LocalPoliciesSecurityOptions/Accounts_BlockMicrosoftAccounts</li>
+<li>LocalPoliciesSecurityOptions/Accounts_LimitLocalAccountUseOfBlankPasswordsToConsoleLogonOnly</li>
+<li>LocalPoliciesSecurityOptions/Accounts_RenameAdministratorAccount</li>
+<li>LocalPoliciesSecurityOptions/Accounts_RenameGuestAccount</li>
+<li>LocalPoliciesSecurityOptions/InteractiveLogon_DisplayUserInformationWhenTheSessionIsLocked</li>
+<li>LocalPoliciesSecurityOptions/Interactivelogon_DoNotDisplayLastSignedIn</li>
+<li>LocalPoliciesSecurityOptions/Interactivelogon_DoNotDisplayUsernameAtSignIn</li>
+<li>LocalPoliciesSecurityOptions/Interactivelogon_DoNotRequireCTRLALTDEL</li>
+<li>LocalPoliciesSecurityOptions/InteractiveLogon_MachineInactivityLimit</li>
+<li>LocalPoliciesSecurityOptions/InteractiveLogon_MessageTextForUsersAttemptingToLogOn</li>
+<li>LocalPoliciesSecurityOptions/InteractiveLogon_MessageTitleForUsersAttemptingToLogOn</li>
+<li>LocalPoliciesSecurityOptions/NetworkSecurity_AllowPKU2UAuthenticationRequests</li>
+<li>LocalPoliciesSecurityOptions/Shutdown_AllowSystemToBeShutDownWithoutHavingToLogOn</li>
+<li>LocalPoliciesSecurityOptions/UserAccountControl_AllowUIAccessApplicationsToPromptForElevation</li>
+<li>LocalPoliciesSecurityOptions/UserAccountControl_BehaviorOfTheElevationPromptForAdministrators</li>
+<li>LocalPoliciesSecurityOptions/UserAccountControl_BehaviorOfTheElevationPromptForStandardUsers</li>
+<li>LocalPoliciesSecurityOptions/UserAccountControl_OnlyElevateExecutableFilesThatAreSignedAndValidated</li>
+<li>LocalPoliciesSecurityOptions/UserAccountControl_OnlyElevateUIAccessApplicationsThatAreInstalledInSecureLocations</li>
+<li>LocalPoliciesSecurityOptions/UserAccountControl_RunAllAdministratorsInAdminApprovalMode</li>
+<li>LocalPoliciesSecurityOptions/UserAccountControl_SwitchToTheSecureDesktopWhenPromptingForElevation</li>
+<li>LocalPoliciesSecurityOptions/UserAccountControl_VirtualizeFileAndRegistryWriteFailuresToPerUserLocations</li>
+<li>Privacy/EnableActivityFeed</li>
+<li>Privacy/PublishUserActivities</li>
+<li>Update/DisableDualScan</li>
+<li>Update/AllowAutoWindowsUpdateDownloadOverMeteredNetwork</li>
+</ul>
+<p>Changed the name of new policy to CredentialProviders/DisableAutomaticReDeploymentCredentials from CredentialProviders/EnableWindowsAutopilotResetCredentials.</p>
+<p>Changed the names of the following policies:</p>
+<ul>
+<li>Defender/GuardedFoldersAllowedApplications to Defender/ControlledFolderAccessAllowedApplications</li>
+<li>Defender/GuardedFoldersList to Defender/ControlledFolderAccessProtectedFolders</li>
+<li>Defender/EnableGuardMyFolders to Defender/EnableControlledFolderAccess</li>
+</ul>
+<p>Added links to the additional <a href="policy-csp-bitlocker.md" data-raw-source="[ADMX-backed BitLocker policies](policy-csp-bitlocker.md)">ADMX-backed BitLocker policies</a>.</p>
+<p>There were issues reported with the previous release of the following policies. These issues were fixed in Window 10, version 1709:</p>
+<ul>
+<li>Privacy/AllowAutoAcceptPairingAndPrivacyConsentPrompts</li>
+<li>Start/HideAppList</li>
+</ul>
+</td></tr>
+</tbody>
+</table>
diff --git a/windows/client-management/mdm/devicestatus-csp.md b/windows/client-management/mdm/devicestatus-csp.md
index 06e4d21323..6ab35ba018 100644
--- a/windows/client-management/mdm/devicestatus-csp.md
+++ b/windows/client-management/mdm/devicestatus-csp.md
@@ -36,9 +36,8 @@ Supported operation is Get.
 <a href="" id="devicestatus-cellularidentities"></a>**DeviceStatus/CellularIdentities**  
 Required. Node for queries on the SIM cards.
 
-> **Note**  Multiple SIMs are supported.
-
- 
+>[!NOTE]
+>Multiple SIMs are supported.
 
 <a href="" id="devicestatus-cellularidentities-imei"></a>**DeviceStatus/CellularIdentities/**<strong>*IMEI*</strong>  
 The unique International Mobile Station Equipment Identity (IMEI) number of the mobile device. An IMEI is present for each SIM card on the device.
@@ -107,7 +106,7 @@ Supported operation is Get.
 Node for the compliance query.
 
 <a href="" id="devicestatus-compliance-encryptioncompliance"></a>**DeviceStatus/Compliance/EncryptionCompliance**  
-Boolean value that indicates compliance with the enterprise encryption policy. The value is one of the following:
+Boolean value that indicates compliance with the enterprise encryption policy for OS (system) drives. The value is one of the following:
 
 -   0 - not encrypted
 -   1 - encrypted
diff --git a/windows/client-management/mdm/enable-admx-backed-policies-in-mdm.md b/windows/client-management/mdm/enable-admx-backed-policies-in-mdm.md
index 805f9ee481..d79b428c0e 100644
--- a/windows/client-management/mdm/enable-admx-backed-policies-in-mdm.md
+++ b/windows/client-management/mdm/enable-admx-backed-policies-in-mdm.md
@@ -33,7 +33,7 @@ See [Support Tip: Ingesting Office ADMX-backed policies using Microsoft Intune](
 ## Enable a policy
 
 > [!NOTE]
-> See [Understanding ADMX-backed policy CSPs](https://docs.microsoft.com/windows/client-management/mdm/understanding-admx-backed-policies).
+> See [Understanding ADMX-backed policies in Policy CSP](https://docs.microsoft.com/windows/client-management/mdm/understanding-admx-backed-policies).
 
 1.  Find the policy from the list [ADMX-backed policies](policy-csps-admx-backed.md). You need the following information listed in the policy description.  
     - GP English name
diff --git a/windows/client-management/mdm/firewall-csp.md b/windows/client-management/mdm/firewall-csp.md
index 1fae08c646..bf8a5ea5ad 100644
--- a/windows/client-management/mdm/firewall-csp.md
+++ b/windows/client-management/mdm/firewall-csp.md
@@ -248,10 +248,10 @@ Sample syncxml to provision the firewall settings to evaluate
 <p style="margin-left: 20px">Value type is string. Supported operations are Add, Get, Replace, and Delete.</p>
 
 <a href="" id="localaddressranges"></a>**FirewallRules/*FirewallRuleName*/LocalAddressRanges**
-<p style="margin-left: 20px">Comma separated list of local addresses covered by the rule. The default value is &quot;<em>&quot;. Valid tokens include:</p>
+<p style="margin-left: 20px">Comma separated list of local addresses covered by the rule. The default value is "*". Valid tokens include:</p>
 <ul>
-<li>&quot;</em>&quot; indicates any local address. If present, this must be the only token included.</li>
-<li>A subnet can be specified using either the subnet mask or network prefix notation. If neither a subnet mask not a network prefix is specified, the subnet mask defaults to 255.255.255.255.</li>
+<li>"*" indicates any local address. If present, this must be the only token included.</li>
+<li>A subnet can be specified using either the subnet mask or network prefix notation. If neither a subnet mask nor a network prefix is specified, the subnet mask defaults to 255.255.255.255.</li>
 <li>A valid IPv6 address.</li>
 <li>An IPv4 address range in the format of &quot;start address - end address&quot; with no spaces included.</li>
 <li>An IPv6 address range in the format of &quot;start address - end address&quot; with no spaces included.</li>
@@ -260,9 +260,9 @@ Sample syncxml to provision the firewall settings to evaluate
 <p style="margin-left: 20px">Value type is string. Supported operations are Add, Get, Replace, and Delete.</p>
 
 <a href="" id="remoteaddressranges"></a>**FirewallRules/*FirewallRuleName*/RemoteAddressRanges**
-<p style="margin-left: 20px">List of comma separated tokens specifying the remote addresses covered by the rule. The default value is &quot;<em>&quot;. Valid tokens include:</p>
+<p style="margin-left: 20px">List of comma separated tokens specifying the remote addresses covered by the rule. The default value is "*". Valid tokens include:</p>
 <ul>
-<li>&quot;</em>&quot; indicates any remote address. If present, this must be the only token included.</li>
+<li>"*" indicates any remote address. If present, this must be the only token included.</li>
 <li>&quot;Defaultgateway&quot;</li>
 <li>&quot;DHCP&quot;</li>
 <li>&quot;DNS&quot;</li>
diff --git a/windows/client-management/mdm/new-in-windows-mdm-enrollment-management.md b/windows/client-management/mdm/new-in-windows-mdm-enrollment-management.md
index d919c5f1a7..9f14f29625 100644
--- a/windows/client-management/mdm/new-in-windows-mdm-enrollment-management.md
+++ b/windows/client-management/mdm/new-in-windows-mdm-enrollment-management.md
@@ -13,1693 +13,208 @@ ms.prod: w10
 ms.technology: windows
 author: manikadhiman
 ms.localizationpriority: medium
-ms.date: 08/18/2020
+ms.date: 10/20/2020
 ---
 
 # What's new in mobile device enrollment and management
 
-
-This topic provides information about what's new and breaking changes in Windows 10 mobile device management (MDM) enrollment and management experience across all Windows 10 devices.
+This article provides information about what's new in Windows 10 mobile device management (MDM) enrollment and management experience across all Windows 10 devices. This article also provides details about the breaking changes and known issues and frequently asked questions.
 
 For details about Microsoft mobile device management protocols for Windows 10 see [\[MS-MDM\]: Mobile Device Management Protocol](https://go.microsoft.com/fwlink/p/?LinkId=619346) and [\[MS-MDE2\]: Mobile Device Enrollment Protocol Version 2]( https://go.microsoft.com/fwlink/p/?LinkId=619347). 
 
-- **What’s new in MDM for Windows 10 versions**
-  - [What’s new in MDM for Windows 10, version 2004](#whats-new-in-mdm-for-windows-10-version-2004)
-  - [What’s new in MDM for Windows 10, version 1909](#whats-new-in-mdm-for-windows-10-version-1909)
-  - [What’s new in MDM for Windows 10, version 1903](#whats-new-in-mdm-for-windows-10-version-1903)
-  - [What’s new in MDM for Windows 10, version 1809](#whats-new-in-mdm-for-windows-10-version-1809)
-  - [What’s new in MDM for Windows 10, version 1803](#whats-new-in-mdm-for-windows-10-version-1803)
-  - [What’s new in MDM for Windows 10, version 1709](#whats-new-in-mdm-for-windows-10-version-1709)
-  - [What’s new in MDM for Windows 10, version 1703](#whats-new-in-mdm-for-windows-10-version-1703)
-  - [What’s new in MDM for Windows 10, version 1607](#whats-new-in-mdm-for-windows-10-version-1607)
-  - [What’s new in MDM for Windows 10, version 1511](#whats-new-in-mdm-for-windows-10-version-1511)
+## What’s new in MDM for Windows 10, version 20H2
 
-- **Breaking changes and known issues**
-  - [Get command inside an atomic command is not supported](#get-command-inside-an-atomic-command-is-not-supported)
-  - [Notification channel URI not preserved during upgrade from Windows 8.1 to Windows 10](#notification-channel-uri-not-preserved-during-upgrade-from-windows-81-to-windows-10)
-  - [Apps installed using WMI classes are not removed](#apps-installed-using-wmi-classes-are-not-removed)
-  - [Passing CDATA in SyncML does not work](#passing-cdata-in-syncml-does-not-work)
-  - [SSL settings in IIS server for SCEP must be set to "Ignore"](#ssl-settings-in-iis-server-for-scep-must-be-set-to-ignore)
-  - [MDM enrollment fails on the mobile device when traffic is going through proxy](#mdm-enrollment-fails-on-the-mobile-device-when-traffic-is-going-through-proxy)
-  - [Server-initiated unenrollment failure](#server-initiated-unenrollment-failure)
-  - [Certificates causing issues with Wi-Fi and VPN](#certificates-causing-issues-with-wi-fi-and-vpn)
-  - [Version information for mobile devices](#version-information-for-mobile-devices)
-    - [Apps dependent on Microsoft Frameworks may get blocked in phones prior to build 10586.218](#apps-dependent-on-microsoft-frameworks-may-get-blocked-in-phones-prior-to-build-10586218)
-  - [Multiple certificates might cause Wi-Fi connection instabilities in Windows 10 Mobile](#multiple-certificates-might-cause-wi-fi-connection-instabilities-in-windows-10-mobile)
-  - [Remote PIN reset not supported in Azure Active Directory joined mobile devices](#remote-pin-reset-not-supported-in-azure-active-directory-joined-mobile-devices)
-  - [MDM client will immediately check-in with the MDM server after client renews WNS channel URI](#mdm-client-will-immediately-check-in-with-the-mdm-server-after-client-renews-wns-channel-uri)
-  - [User provisioning failure in Azure Active Directory joined Windows 10 PC](#user-provisioning-failure-in-azure-active-directory-joined-windows-10-pc)
-  - [Requirements to note for VPN certificates also used for Kerberos Authentication](#requirements-to-note-for-vpn-certificates-also-used-for-kerberos-authentication)
-  - [Device management agent for the push-button reset is not working](#device-management-agent-for-the-push-button-reset-is-not-working)
-
-- **Frequently Asked Questions**
-  - [Can there be more than 1 MDM server to enroll and manage devices in Windows 10?](#can-there-be-more-than-1-mdm-server-to-enroll-and-manage-devices-in-windows-10)
-  - [How do I set the maximum number of Azure Active Directory joined devices per user?](#how-do-i-set-the-maximum-number-of-azure-active-directory-joined-devices-per-user)
-  - [What is dmwappushsvc?](#what-is-dmwappushsvc)
-
-- **Change history in MDM documentation**
-    - [September 2020](#september-2020)
-    - [August 2020](#august-2020)
-    - [July 2020](#july-2020)
-    - [June 2020](#june-2020)
-    - [May 2020](#may-2020)
-    - [February 2020](#february-2020)
-    - [January 2020](#january-2020)
-    - [November 2019](#november-2019)
-    - [October 2019](#october-2019)
-    - [September 2019](#september-2019)
-    - [August 2019](#august-2019)
-    - [July 2019](#july-2019)
-    - [June 2019](#june-2019)
-    - [May 2019](#may-2019)
-    - [April 2019](#april-2019)
-    - [March 2019](#march-2019)
-    - [February 2019](#february-2019)
-    - [January 2019](#january-2019)
-    - [December 2018](#december-2018)
-    - [September 2018](#september-2018)
-    - [August 2018](#august-2018)
-    - [July 2018](#july-2018)
-    - [June 2018](#june-2018)
-    - [May 2018](#may-2018)
-    - [April 2018](#april-2018)
-    - [March 2018](#march-2018)
-    - [February 2018](#february-2018)
-    - [January 2018](#january-2018)
-    - [December 2017](#december-2017)
-    - [November 2017](#november-2017)
-    - [October 2017](#october-2017)
-    - [September 2017](#september-2017)
-    - [August 2017](#august-2017)
+|New or updated article|Description|
+|-----|-----|
+| [Policy CSP](policy-configuration-service-provider.md) | Added the following new policies in Windows 10, version 20H2:<br>- [LocalUsersAndGroups/Configure](policy-csp-localusersandgroups.md#localusersandgroups-configure)<br>- [MixedReality/AADGroupMembershipCacheValidityInDays](policy-csp-mixedreality.md#mixedreality-aadgroupmembershipcachevalidityindays)<br>- [MixedReality/BrightnessButtonDisabled](policy-csp-mixedreality.md#mixedreality-brightnessbuttondisabled)<br>- [MixedReality/FallbackDiagnostics](policy-csp-mixedreality.md#mixedreality-fallbackdiagnostics)<br>- [MixedReality/MicrophoneDisabled](policy-csp-mixedreality.md#mixedreality-microphonedisabled)<br>- [MixedReality/VolumeButtonDisabled](policy-csp-mixedreality.md#mixedreality-volumebuttondisabled)<br>- [WindowsSandbox/AllowAudioInput](policy-csp-windowssandbox.md#windowssandbox-allowaudioinput)<br>- [WindowsSandbox/AllowClipboardRedirection](policy-csp-windowssandbox.md#windowssandbox-allowclipboardredirection)<br>- [WindowsSandbox/AllowNetworking](policy-csp-windowssandbox.md#windowssandbox-allownetworking)<br>- [WindowsSandbox/AllowPrinterRedirection](policy-csp-windowssandbox.md#windowssandbox-allowprinterredirection)<br>- [WindowsSandbox/AllowVGPU](policy-csp-windowssandbox.md#windowssandbox-allowvgpu)<br>- [WindowsSandbox/AllowVideoInput](policy-csp-windowssandbox.md#windowssandbox-allowvideoinput) |
+| [WindowsDefenderApplicationGuard CSP](windowsdefenderapplicationguard-csp.md) | Updated the description of the following node:<br>- Settings/AllowWindowsDefenderApplicationGuard |
 
 ## What’s new in MDM for Windows 10, version 2004
-<table class="mx-tdBreakAll">
-<colgroup>
-<col width="25%" />
-<col width="75%" />
-</colgroup>
-<thead>
-<tr class="header">
-<th>New or updated topic</th>
-<th>Description</th>
-</tr>
-</thead>
-<tbody>
-<tr>
-<td style="vertical-align:top"><a href="policy-configuration-service-provider.md" data-raw-source="[Policy CSP](policy-configuration-service-provider.md)">Policy CSP</a></td>
-<td style="vertical-align:top"><p>Added the following new policies in Windows 10, version 2004:</p>
-<ul>
-<li><a href="policy-csp-applicationmanagement.md#applicationmanagement-blocknonadminuserinstall" data-raw-source="[ApplicationManagement/BlockNonAdminUserInstall](policy-csp-applicationmanagement.md#applicationmanagement-blocknonadminuserinstall)">ApplicationManagement/BlockNonAdminUserInstall</a></li>
-<li><a href="policy-csp-bluetooth.md#bluetooth-setminimumencryptionkeysize" data-raw-source="[Bluetooth/SetMinimumEncryptionKeySize](policy-csp-bluetooth.md#bluetooth-setminimumencryptionkeysize)">Bluetooth/SetMinimumEncryptionKeySize</a></li>
-<li><a href="policy-csp-deliveryoptimization.md#deliveryoptimization-docachehostsource" data-raw-source="[DeliveryOptimization/DOCacheHostSource](policy-csp-deliveryoptimization.md#deliveryoptimization-docachehostsource)">DeliveryOptimization/DOCacheHostSource</a></li>
-<li><a href="policy-csp-deliveryoptimization.md#deliveryoptimization-domaxbackgrounddownloadbandwidth" data-raw-source="[DeliveryOptimization/DOMaxBackgroundDownloadBandwidth](policy-csp-deliveryoptimization.md#deliveryoptimization-domaxbackgrounddownloadbandwidth)">DeliveryOptimization/DOMaxBackgroundDownloadBandwidth</a></li>
-<li><a href="policy-csp-deliveryoptimization.md#deliveryoptimization-domaxforegrounddownloadbandwidth" data-raw-source="[DeliveryOptimization/DOMaxForegroundDownloadBandwidth](policy-csp-deliveryoptimization.md#deliveryoptimization-domaxforegrounddownloadbandwidth)">DeliveryOptimization/DOMaxForegroundDownloadBandwidth</a></li>
-<li><a href="policy-csp-education.md#education-allowgraphingcalculator" data-raw-source="[Education/AllowGraphingCalculator](policy-csp-education.md#education-allowgraphingcalculator)">Education/AllowGraphingCalculator</a></li>
-<li><a href="policy-csp-textinput.md#textinput-configurejapaneseimeversion" data-raw-source="[TextInput/ConfigureJapaneseIMEVersion](policy-csp-textinput.md#textinput-configurejapaneseimeversion)">TextInput/ConfigureJapaneseIMEVersion</a></li>
-<li><a href="policy-csp-textinput.md#textinput-configuresimplifiedchineseimeversion" data-raw-source="[TextInput/ConfigureSimplifiedChineseIMEVersion](policy-csp-textinput.md#textinput-configuresimplifiedchineseimeversion)">TextInput/ConfigureSimplifiedChineseIMEVersion</a></li>
-<li><a href="policy-csp-textinput.md#textinput-configuretraditionalchineseimeversion" data-raw-source="[TextInput/ConfigureTraditionalChineseIMEVersion](policy-csp-textinput.md#textinput-configuretraditionalchineseimeversion)">TextInput/ConfigureTraditionalChineseIMEVersion</a></li></ul>
 
-<p>Updated the following policy in Windows 10, version 2004:</p>
-<ul>
-<li><a href="policy-csp-deliveryoptimization.md#deliveryoptimization-docachehost" data-raw-source="[DeliveryOptimization/DOCacheHost](policy-csp-deliveryoptimization.md#deliveryoptimization-docachehost)">DeliveryOptimization/DOCacheHost</a></li></ul>
-
-<p>Deprecated the following policies in Windows 10, version 2004:</p>
-<ul>
-<li><a href="policy-csp-deliveryoptimization.md#deliveryoptimization-domaxdownloadbandwidth" data-raw-source="[DeliveryOptimization/DOMaxDownloadBandwidth](policy-csp-deliveryoptimization.md#deliveryoptimization-domaxdownloadbandwidth)">DeliveryOptimization/DOMaxDownloadBandwidth</a></li>
-<li><a href="policy-csp-deliveryoptimization.md#deliveryoptimization-domaxuploadbandwidth" data-raw-source="[DeliveryOptimization/DOMaxUploadBandwidth](policy-csp-deliveryoptimization.md#deliveryoptimization-domaxuploadbandwidth)">DeliveryOptimization/DOMaxUploadBandwidth</a></li>
-<li><a href="policy-csp-deliveryoptimization.md#deliveryoptimization-dopercentagemaxdownloadbandwidth" data-raw-source="[DeliveryOptimization/DOPercentageMaxDownloadBandwidth](policy-csp-deliveryoptimization.md#deliveryoptimization-dopercentagemaxdownloadbandwidth)">DeliveryOptimization/DOPercentageMaxDownloadBandwidth</a></li></ul>
-</td></tr>
-<tr>
-<td style="vertical-align:top"><a href="devdetail-csp.md" data-raw-source="[DevDetail CSP](devdetail-csp.md)">DevDetail CSP</a></td>
-<td style="vertical-align:top"><p>Added the following new node:<br>Ext/Microsoft/DNSComputerName</p>
-</td></tr>
-<tr>
-<td style="vertical-align:top"><a href="enterprisemodernappmanagement-csp.md" data-raw-source="[EnterpriseModernAppManagement CSP](enterprisemodernappmanagement-csp.md)">EnterpriseModernAppManagement CSP</a></td>
-<td style="vertical-align:top"><p>Added the following new node:<br>IsStub</p>
-</td></tr>
-<tr>
-<td style="vertical-align:top"><a href="supl-csp.md" data-raw-source="[SUPL CSP](supl-csp.md)">SUPL CSP</a></td>
-<td style="vertical-align:top"><p>Added the following new node:<br>FullVersion</p>
-</td></tr>
-</tbody>
-</table>
+| New or updated article | Description |
+|-----|-----|
+| [Policy CSP](policy-configuration-service-provider.md) | Added the following new policies in Windows 10, version 2004: <br>- [ApplicationManagement/BlockNonAdminUserInstall](policy-csp-applicationmanagement.md#applicationmanagement-blocknonadminuserinstall)<br>- [Bluetooth/SetMinimumEncryptionKeySize](policy-csp-bluetooth.md#bluetooth-setminimumencryptionkeysize)<br>- [DeliveryOptimization/DOCacheHostSource](policy-csp-deliveryoptimization.md#deliveryoptimization-docachehostsource)<br>- [DeliveryOptimization/DOMaxBackgroundDownloadBandwidth](policy-csp-deliveryoptimization.md#deliveryoptimization-domaxbackgrounddownloadbandwidth)<br>- [DeliveryOptimization/DOMaxForegroundDownloadBandwidth](policy-csp-deliveryoptimization.md#deliveryoptimization-domaxforegrounddownloadbandwidth)<br>- [Education/AllowGraphingCalculator](policy-csp-education.md#education-allowgraphingcalculator)<br>- [TextInput/ConfigureJapaneseIMEVersion](policy-csp-textinput.md#textinput-configurejapaneseimeversion)<br>- [TextInput/ConfigureSimplifiedChineseIMEVersion](policy-csp-textinput.md#textinput-configuresimplifiedchineseimeversion)<br>- [TextInput/ConfigureTraditionalChineseIMEVersion](policy-csp-textinput.md#textinput-configuretraditionalchineseimeversion)<br><br>Updated the following policy in Windows 10, version 2004:<br>- [DeliveryOptimization/DOCacheHost](policy-csp-deliveryoptimization.md#deliveryoptimization-docachehost)<br><br>Deprecated the following policies in Windows 10, version 2004:<br>- [DeliveryOptimization/DOMaxDownloadBandwidth](policy-csp-deliveryoptimization.md#deliveryoptimization-domaxdownloadbandwidth)<br>- [DeliveryOptimization/DOMaxUploadBandwidth](policy-csp-deliveryoptimization.md#deliveryoptimization-domaxuploadbandwidth)<br>- [DeliveryOptimization/DOPercentageMaxDownloadBandwidth](policy-csp-deliveryoptimization.md#deliveryoptimization-dopercentagemaxdownloadbandwidth) |
+| [DevDetail CSP](devdetail-csp.md) | Added the following new node:<br>- Ext/Microsoft/DNSComputerName |
+| [EnterpriseModernAppManagement CSP](enterprisemodernappmanagement-csp.md) | Added the following new node:<br>- IsStub |
+| [SUPL CSP](supl-csp.md) | Added the following new node:<br>- FullVersion |
 
 ## What’s new in MDM for Windows 10, version 1909
-<table class="mx-tdBreakAll">
-<colgroup>
-<col width="25%" />
-<col width="75%" />
-</colgroup>
-<thead>
-<tr class="header">
-<th>New or updated topic</th>
-<th>Description</th>
-</tr>
-</thead>
-<tbody>
-<tr>
-<td style="vertical-align:top"><a href="bitlocker-csp.md" data-raw-source="[BitLocker CSP](bitlocker-csp.md)">BitLocker CSP</a></td>
-<td style="vertical-align:top"><br>Added the following new nodes in Windows 10, version 1909:</p>
-ConfigureRecoveryPasswordRotation, RotateRecoveryPasswords, RotateRecoveryPasswordsStatus, RotateRecoveryPasswordsRequestID.</li>
-</td></tr>
-</tbody>
-</table>
+
+| New or updated article | Description |
+|-----|-----|
+| [BitLocker CSP](bitlocker-csp.md) | Added the following new nodes in Windows 10, version 1909:<br>- ConfigureRecoveryPasswordRotation<br>- RotateRecoveryPasswords<br>- RotateRecoveryPasswordsStatus<br>- RotateRecoveryPasswordsRequestID|
 
 ## What’s new in MDM for Windows 10, version 1903
-<table class="mx-tdBreakAll">
-<colgroup>
-<col width="25%" />
-<col width="75%" />
-</colgroup>
-<thead>
-<tr class="header">
-<th>New or updated topic</th>
-<th>Description</th>
-</tr>
-</thead>
-<tbody>
-<tr>
-<td style="vertical-align:top"><a href="policy-configuration-service-provider.md" data-raw-source="[Policy CSP](policy-configuration-service-provider.md)">Policy CSP</a></td>
-<td style="vertical-align:top"><p>Added the following new policies in Windows 10, version 1903:</p>
-<ul>
-<li><a href="policy-csp-deliveryoptimization.md#deliveryoptimization-dodelaycacheserverfallbackbackground" data-raw-source="[DeliveryOptimization/DODelayCacheServerFallbackBackground](policy-csp-deliveryoptimization.md#deliveryoptimization-dodelaycacheserverfallbackbackground)">DeliveryOptimization/DODelayCacheServerFallbackBackground</a></li>
-<li><a href="policy-csp-deliveryoptimization.md#deliveryoptimization-dodelaycacheserverfallbackforeground" data-raw-source="[DeliveryOptimization/DODelayCacheServerFallbackForeground](policy-csp-deliveryoptimization.md#deliveryoptimization-dodelaycacheserverfallbackforeground)">DeliveryOptimization/DODelayCacheServerFallbackForeground</a></li>
-<li><a href="policy-csp-devicehealthmonitoring.md#devicehealthmonitoring-allowdevicehealthmonitoring" data-raw-source="[DeviceHealthMonitoring/AllowDeviceHealthMonitoring](policy-csp-devicehealthmonitoring.md#devicehealthmonitoring-allowdevicehealthmonitoring)">DeviceHealthMonitoring/AllowDeviceHealthMonitoring</a></li>
-<li><a href="policy-csp-devicehealthmonitoring.md#devicehealthmonitoring-configdevicehealthmonitoringscope" data-raw-source="[DeviceHealthMonitoring/ConfigDeviceHealthMonitoringScope](policy-csp-devicehealthmonitoring.md#devicehealthmonitoring-configdevicehealthmonitoringscope)">DeviceHealthMonitoring/ConfigDeviceHealthMonitoringScope</a></li>
-<li><a href="policy-csp-devicehealthmonitoring.md#devicehealthmonitoring-configdevicehealthmonitoringuploaddestination" data-raw-source="[DeviceHealthMonitoring/ConfigDeviceHealthMonitoringUploadDestination](policy-csp-devicehealthmonitoring.md#devicehealthmonitoring-configdevicehealthmonitoringuploaddestination)">DeviceHealthMonitoring/ConfigDeviceHealthMonitoringUploadDestination</a></li>
-<li><a href="policy-csp-deviceinstallation.md#deviceinstallation-allowinstallationofmatchingdeviceinstanceids" data-raw-source="[DeviceInstallation/AllowInstallationOfMatchingDeviceInstanceIDs](policy-csp-deviceinstallation.md#deviceinstallation-allowinstallationofmatchingdeviceinstanceids)">DeviceInstallation/AllowInstallationOfMatchingDeviceInstanceIDs</a></li>
-<li><a href="policy-csp-deviceinstallation.md#deviceinstallation-preventinstallationofmatchingdeviceinstanceids" data-raw-source="[DeviceInstallation/PreventInstallationOfMatchingDeviceInstanceIDs](policy-csp-deviceinstallation.md#deviceinstallation-preventinstallationofmatchingdeviceinstanceids)">DeviceInstallation/PreventInstallationOfMatchingDeviceInstanceIDs</a></li>
-<li><a href="policy-csp-experience.md#experience-showlockonusertile" data-raw-source="[Experience/ShowLockOnUserTile](policy-csp-experience.md#experience-showlockonusertile)">Experience/ShowLockOnUserTile</a></li>
-<li><a href="policy-csp-internetexplorer.md#internetexplorer-allowenhancedsuggestionsinaddressbar" data-raw-source="[InternetExplorer/AllowEnhancedSuggestionsInAddressBar](policy-csp-internetexplorer.md#internetexplorer-allowenhancedsuggestionsinaddressbar)">InternetExplorer/AllowEnhancedSuggestionsInAddressBar</a></li>
-<li><a href="policy-csp-internetexplorer.md#internetexplorer-disableactivexversionlistautodownload" data-raw-source="[InternetExplorer/DisableActiveXVersionListAutoDownload](policy-csp-internetexplorer.md#internetexplorer-disableactivexversionlistautodownload)">InternetExplorer/DisableActiveXVersionListAutoDownload</a></li>
-<li><a href="policy-csp-internetexplorer.md#internetexplorer-disablecompatview" data-raw-source="[InternetExplorer/DisableCompatView](policy-csp-internetexplorer.md#internetexplorer-disablecompatview)">InternetExplorer/DisableCompatView</a></li>
-<li><a href="policy-csp-internetexplorer.md#internetexplorer-disablefeedsbackgroundsync" data-raw-source="[InternetExplorer/DisableFeedsBackgroundSync](policy-csp-internetexplorer.md#internetexplorer-disablefeedsbackgroundsync)">InternetExplorer/DisableFeedsBackgroundSync</a></li>
-<li><a href="policy-csp-internetexplorer.md#internetexplorer-disablegeolocation" data-raw-source="[InternetExplorer/DisableGeolocation](policy-csp-internetexplorer.md#internetexplorer-disablegeolocation)">InternetExplorer/DisableGeolocation</a></li>
-<li><a href="policy-csp-internetexplorer.md#internetexplorer-disablewebaddressautocomplete" data-raw-source="[InternetExplorer/DisableWebAddressAutoComplete](policy-csp-internetexplorer.md#internetexplorer-disablewebaddressautocomplete)">InternetExplorer/DisableWebAddressAutoComplete</a></li>
-<li><a href="policy-csp-internetexplorer.md#internetexplorer-newtabdefaultpage" data-raw-source="[InternetExplorer/NewTabDefaultPage](policy-csp-internetexplorer.md#internetexplorer-newtabdefaultpage)">InternetExplorer/NewTabDefaultPage</a></li>
-<li><a href="policy-csp-power.md#power-energysaverbatterythresholdonbattery" data-raw-source="[Power/EnergySaverBatteryThresholdOnBattery](policy-csp-power.md#power-energysaverbatterythresholdonbattery)">Power/EnergySaverBatteryThresholdOnBattery</a></li>
-<li><a href="policy-csp-power.md#power-energysaverbatterythresholdpluggedin" data-raw-source="[Power/EnergySaverBatteryThresholdPluggedIn](policy-csp-power.md#power-energysaverbatterythresholdpluggedin)">Power/EnergySaverBatteryThresholdPluggedIn</a></li>
-<li><a href="policy-csp-power.md#power-selectlidcloseactiononbattery" data-raw-source="[Power/SelectLidCloseActionOnBattery](policy-csp-power.md#power-selectlidcloseactiononbattery)">Power/SelectLidCloseActionOnBattery</a></li>
-<li><a href="policy-csp-power.md#power-selectlidcloseactionpluggedin" data-raw-source="[Power/SelectLidCloseActionPluggedIn](policy-csp-power.md#power-selectlidcloseactionpluggedin)">Power/SelectLidCloseActionPluggedIn</a></li>
-<li><a href="policy-csp-power.md#power-selectpowerbuttonactiononbattery" data-raw-source="[Power/SelectPowerButtonActionOnBattery](policy-csp-power.md#power-selectpowerbuttonactiononbattery)">Power/SelectPowerButtonActionOnBattery</a></li>
-<li><a href="policy-csp-power.md#power-selectpowerbuttonactionpluggedin" data-raw-source="[Power/SelectPowerButtonActionPluggedIn](policy-csp-power.md#power-selectpowerbuttonactionpluggedin)">Power/SelectPowerButtonActionPluggedIn</a></li>
-<li><a href="policy-csp-power.md#power-selectsleepbuttonactiononbattery" data-raw-source="[Power/SelectSleepButtonActionOnBattery](policy-csp-power.md#power-selectsleepbuttonactiononbattery)">Power/SelectSleepButtonActionOnBattery</a></li>
-<li><a href="policy-csp-power.md#power-selectsleepbuttonactionpluggedin" data-raw-source="[Power/SelectSleepButtonActionPluggedIn](policy-csp-power.md#power-selectsleepbuttonactionpluggedin)">Power/SelectSleepButtonActionPluggedIn</a></li>
-<li><a href="policy-csp-power.md#power-turnoffhybridsleeponbattery" data-raw-source="[Power/TurnOffHybridSleepOnBattery](policy-csp-power.md#power-turnoffhybridsleeponbattery)">Power/TurnOffHybridSleepOnBattery</a></li>
-<li><a href="policy-csp-power.md#power-turnoffhybridsleeppluggedin" data-raw-source="[Power/TurnOffHybridSleepPluggedIn](policy-csp-power.md#power-turnoffhybridsleeppluggedin)">Power/TurnOffHybridSleepPluggedIn</a></li>
-<li><a href="policy-csp-power.md#power-unattendedsleeptimeoutonbattery" data-raw-source="[Power/UnattendedSleepTimeoutOnBattery](policy-csp-power.md#power-unattendedsleeptimeoutonbattery)">Power/UnattendedSleepTimeoutOnBattery</a></li>
-<li><a href="policy-csp-power.md#power-unattendedsleeptimeoutpluggedin" data-raw-source="[Power/UnattendedSleepTimeoutPluggedIn](policy-csp-power.md#power-unattendedsleeptimeoutpluggedin)">Power/UnattendedSleepTimeoutPluggedIn</a></li>
-<li><a href="policy-csp-privacy.md#privacy-letappsactivatewithvoice" data-raw-source="[Privacy/LetAppsActivateWithVoice](policy-csp-privacy.md#privacy-letappsactivatewithvoice)">Privacy/LetAppsActivateWithVoice</a></li>
-<li><a href="policy-csp-privacy.md#privacy-letappsactivatewithvoiceabovelock" data-raw-source="[Privacy/LetAppsActivateWithVoiceAboveLock](policy-csp-privacy.md#privacy-letappsactivatewithvoiceabovelock)">Privacy/LetAppsActivateWithVoiceAboveLock</a></li>
-<li><a href="policy-csp-search.md#search-allowfindmyfiles" data-raw-source="[Search/AllowFindMyFiles](policy-csp-search.md#search-allowfindmyfiles)">Search/AllowFindMyFiles</a></li>
-<li><a href="policy-csp-servicecontrolmanager.md#servicecontrolmanager-svchostprocessmitigation" data-raw-source="[ServiceControlManager/SvchostProcessMitigation](policy-csp-servicecontrolmanager.md#servicecontrolmanager-svchostprocessmitigation)">ServiceControlManager/SvchostProcessMitigation</a></li>
-<li><a href="policy-csp-system.md#system-allowcommercialdatapipeline" data-raw-source="[System/AllowCommercialDataPipeline](policy-csp-system.md#system-allowcommercialdatapipeline)">System/AllowCommercialDataPipeline</a></li>
-<li><a href="policy-csp-system.md#system-turnofffilehistory" data-raw-source="[System/TurnOffFileHistory](policy-csp-system.md#system-turnofffilehistory)">System/TurnOffFileHistory</a></li>
-<li><a href="policy-csp-timelanguagesettings.md#timelanguagesettings-configuretimezone" data-raw-source="[TimeLanguageSettings/ConfigureTimeZone](policy-csp-timelanguagesettings.md#timelanguagesettings-configuretimezone)">TimeLanguageSettings/ConfigureTimeZone</a></li>
-<li><a href="policy-csp-troubleshooting.md#troubleshooting-allowrecommendations" data-raw-source="[Troubleshooting/AllowRecommendations](policy-csp-troubleshooting.md#troubleshooting-allowrecommendations)">Troubleshooting/AllowRecommendations</a></li>
-<li><a href="policy-csp-update.md#update-automaticmaintenancewakeup" data-raw-source="[Update/AutomaticMaintenanceWakeUp](policy-csp-update.md#update-automaticmaintenancewakeup)">Update/AutomaticMaintenanceWakeUp</a></li>
-<li><a href="policy-csp-update.md#update-configuredeadlineforfeatureupdates" data-raw-source="[Update/ConfigureDeadlineForFeatureUpdates](policy-csp-update.md#update-configuredeadlineforfeatureupdates)">Update/ConfigureDeadlineForFeatureUpdates</a></li>
-<li><a href="policy-csp-update.md#update-configuredeadlineforqualityupdates" data-raw-source="[Update/ConfigureDeadlineForQualityUpdates](policy-csp-update.md#update-configuredeadlineforqualityupdates)">Update/ConfigureDeadlineForQualityUpdates</a></li>
-<li><a href="policy-csp-update.md#update-configuredeadlinegraceperiod" data-raw-source="[Update/ConfigureDeadlineGracePeriod](policy-csp-update.md#update-configuredeadlinegraceperiod)">Update/ConfigureDeadlineGracePeriod</a></li>
-<li><a href="policy-csp-windowslogon.md#windowslogon-allowautomaticrestartsignon" data-raw-source="[WindowsLogon/AllowAutomaticRestartSignOn](policy-csp-windowslogon.md#windowslogon-allowautomaticrestartsignon)">WindowsLogon/AllowAutomaticRestartSignOn</a></li>
-<li><a href="policy-csp-windowslogon.md#windowslogon-configautomaticrestartsignon" data-raw-source="[WindowsLogon/ConfigAutomaticRestartSignOn](policy-csp-windowslogon.md#windowslogon-configautomaticrestartsignon)">WindowsLogon/ConfigAutomaticRestartSignOn</a></li>
-<li><a href="policy-csp-windowslogon.md#windowslogon-enablefirstlogonanimation" data-raw-source="[WindowsLogon/EnableFirstLogonAnimation](policy-csp-windowslogon.md#windowslogon-enablefirstlogonanimation)">WindowsLogon/EnableFirstLogonAnimation</a></li>
-<tr>
-<td style="vertical-align:top"><a href="policy-csp-audit.md" data-raw-source="[Policy CSP - Audit](policy-csp-audit.md)">Policy CSP - Audit</a></td>
-<td style="vertical-align:top"><p>Added new Audit policies in Windows 10, version 1903.</p>
-</td></tr>
-<tr>
-</td></tr>
-<tr>
-<td style="vertical-align:top"><a href="applicationcontrol-csp.md" data-raw-source="[ApplicationControl CSP](applicationcontrol-csp.md)">ApplicationControl CSP</a></td>
-<td style="vertical-align:top"><p>Added new CSP in Windows 10, version 1903.</p>
-</td></tr>
-<tr>
-<td style="vertical-align:top"><a href="defender-csp.md" data-raw-source="[Defender CSP](defender-csp.md)">Defender CSP</a></td>
-<td style="vertical-align:top"><p>Added the following new nodes:<br>Health/TamperProtectionEnabled, Health/IsVirtualMachine, Configuration, Configuration/TamperProtection, Configuration/EnableFileHashComputation.</p>
-</td></tr>
-<tr>
-<td style="vertical-align:top"><a href="diagnosticlog-csp.md" data-raw-source="[DiagnosticLog CSP](diagnosticlog-csp.md)">DiagnosticLog CSP</a><br>
-<a href="diagnosticlog-ddf.md" data-raw-source="[DiagnosticLog DDF](diagnosticlog-ddf.md)">DiagnosticLog DDF</a></td>
-<td style="vertical-align:top"><p>Added version 1.4 of the CSP in Windows 10, version 1903. Added the new 1.4 version of the DDF. Added the following new nodes:<br>
-Policy, Policy/Channels, Policy/Channels/ChannelName, Policy/Channels/ChannelName/MaximumFileSize, Policy/Channels/ChannelName/SDDL, Policy/Channels/ChannelName/ActionWhenFull, Policy/Channels/ChannelName/Enabled, DiagnosticArchive, DiagnosticArchive/ArchiveDefinition, DiagnosticArchive/ArchiveResults.
-</p>
-</td></tr>
-<tr>
-<td style="vertical-align:top"><a href="enrollmentstatustracking-csp.md" data-raw-source="[EnrollmentStatusTracking CSP](enrollmentstatustracking-csp.md)">EnrollmentStatusTracking CSP</a></td>
-<td style="vertical-align:top"><p>Added new CSP in Windows 10, version 1903.</p>
-</td></tr>
-<tr>
-<td style="vertical-align:top"><a href="passportforwork-csp.md" data-raw-source="[PassportForWork CSP](passportforwork-csp.md)">PassportForWork CSP</a></td>
-<td style="vertical-align:top"><p>Added the following new nodes in Windows 10, version 1903:<br>SecurityKey, SecurityKey/UseSecurityKeyForSignin</p>
-</td></tr>
-</tbody>
-</table>
+
+| New or updated article | Description |
+|-----|-----|
+|[Policy CSP](policy-configuration-service-provider.md) | Added the following new policies in Windows 10, version 1903:<br>- [DeliveryOptimization/DODelayCacheServerFallbackBackground](policy-csp-deliveryoptimization.md#deliveryoptimization-dodelaycacheserverfallbackbackground)<br>- [DeliveryOptimization/DODelayCacheServerFallbackForeground](policy-csp-deliveryoptimization.md#deliveryoptimization-dodelaycacheserverfallbackforeground)<br>- [DeviceHealthMonitoring/AllowDeviceHealthMonitoring](policy-csp-devicehealthmonitoring.md#devicehealthmonitoring-allowdevicehealthmonitoring)<br>- [DeviceHealthMonitoring/ConfigDeviceHealthMonitoringScope](policy-csp-devicehealthmonitoring.md#devicehealthmonitoring-configdevicehealthmonitoringscope)<br>- [DeviceHealthMonitoring/ConfigDeviceHealthMonitoringUploadDestination](policy-csp-devicehealthmonitoring.md#devicehealthmonitoring-configdevicehealthmonitoringuploaddestination)<br>- [DeviceInstallation/AllowInstallationOfMatchingDeviceInstanceIDs](policy-csp-deviceinstallation.md#deviceinstallation-allowinstallationofmatchingdeviceinstanceids)<br>- [DeviceInstallation/PreventInstallationOfMatchingDeviceInstanceIDs](policy-csp-deviceinstallation.md#deviceinstallation-preventinstallationofmatchingdeviceinstanceids)<br>- [Experience/ShowLockOnUserTile](policy-csp-experience.md#experience-showlockonusertile)<br>- [InternetExplorer/AllowEnhancedSuggestionsInAddressBar](policy-csp-internetexplorer.md#internetexplorer-allowenhancedsuggestionsinaddressbar)<br>- [InternetExplorer/DisableActiveXVersionListAutoDownload](policy-csp-internetexplorer.md#internetexplorer-disableactivexversionlistautodownload)<br>- [InternetExplorer/DisableCompatView](policy-csp-internetexplorer.md#internetexplorer-disablecompatview)<br>- [InternetExplorer/DisableFeedsBackgroundSync](policy-csp-internetexplorer.md#internetexplorer-disablefeedsbackgroundsync)<br>- [InternetExplorer/DisableGeolocation](policy-csp-internetexplorer.md#internetexplorer-disablegeolocation)<br>- [InternetExplorer/DisableWebAddressAutoComplete](policy-csp-internetexplorer.md#internetexplorer-disablewebaddressautocomplete)<br>- [InternetExplorer/NewTabDefaultPage](policy-csp-internetexplorer.md#internetexplorer-newtabdefaultpage)<br>- [Power/EnergySaverBatteryThresholdOnBattery](policy-csp-power.md#power-energysaverbatterythresholdonbattery)<br>- [Power/EnergySaverBatteryThresholdPluggedIn](policy-csp-power.md#power-energysaverbatterythresholdpluggedin)<br>- [Power/SelectLidCloseActionOnBattery](policy-csp-power.md#power-selectlidcloseactiononbattery)<br>- [Power/SelectLidCloseActionPluggedIn](policy-csp-power.md#power-selectlidcloseactionpluggedin)<br>- [Power/SelectPowerButtonActionOnBattery](policy-csp-power.md#power-selectpowerbuttonactiononbattery)<br>- [Power/SelectPowerButtonActionPluggedIn](policy-csp-power.md#power-selectpowerbuttonactionpluggedin)<br>- [Power/SelectSleepButtonActionOnBattery](policy-csp-power.md#power-selectsleepbuttonactiononbattery)<br>- [Power/SelectSleepButtonActionPluggedIn](policy-csp-power.md#power-selectsleepbuttonactionpluggedin)<br>- [Power/TurnOffHybridSleepOnBattery](policy-csp-power.md#power-turnoffhybridsleeponbattery)<br>- [Power/TurnOffHybridSleepPluggedIn](policy-csp-power.md#power-turnoffhybridsleeppluggedin)<br>- [Power/UnattendedSleepTimeoutOnBattery](policy-csp-power.md#power-unattendedsleeptimeoutonbattery)<br>- [Power/UnattendedSleepTimeoutPluggedIn](policy-csp-power.md#power-unattendedsleeptimeoutpluggedin)<br>- [Privacy/LetAppsActivateWithVoice](policy-csp-privacy.md#privacy-letappsactivatewithvoice)<br>- [Privacy/LetAppsActivateWithVoiceAboveLock](policy-csp-privacy.md#privacy-letappsactivatewithvoiceabovelock)<br>- [Search/AllowFindMyFiles](policy-csp-search.md#search-allowfindmyfiles)<br>- [ServiceControlManager/SvchostProcessMitigation](policy-csp-servicecontrolmanager.md#servicecontrolmanager-svchostprocessmitigation)<br>- [System/AllowCommercialDataPipeline](policy-csp-system.md#system-allowcommercialdatapipeline)<br>- [System/TurnOffFileHistory](policy-csp-system.md#system-turnofffilehistory)<br>- [TimeLanguageSettings/ConfigureTimeZone](policy-csp-timelanguagesettings.md#timelanguagesettings-configuretimezone)<br>- [Troubleshooting/AllowRecommendations](policy-csp-troubleshooting.md#troubleshooting-allowrecommendations)<br>- [Update/AutomaticMaintenanceWakeUp](policy-csp-update.md#update-automaticmaintenancewakeup)<br>- [Update/ConfigureDeadlineForFeatureUpdates](policy-csp-update.md#update-configuredeadlineforfeatureupdates)<br>- [Update/ConfigureDeadlineForQualityUpdates](policy-csp-update.md#update-configuredeadlineforqualityupdates)<br>- [Update/ConfigureDeadlineGracePeriod](policy-csp-update.md#update-configuredeadlinegraceperiod)<br>- [WindowsLogon/AllowAutomaticRestartSignOn](policy-csp-windowslogon.md#windowslogon-allowautomaticrestartsignon)<br>- [WindowsLogon/ConfigAutomaticRestartSignOn](policy-csp-windowslogon.md#windowslogon-configautomaticrestartsignon)<br>- [WindowsLogon/EnableFirstLogonAnimation](policy-csp-windowslogon.md#windowslogon-enablefirstlogonanimation)|
+| [Policy CSP - Audit](policy-csp-audit.md) | Added the new Audit policy CSP. |
+| [ApplicationControl CSP](applicationcontrol-csp.md) | Added the new CSP. |
+| [Defender CSP](defender-csp.md) | Added the following new nodes:<br>- Health/TamperProtectionEnabled<br>- Health/IsVirtualMachine<br>- Configuration<br>- Configuration/TamperProtection<br>- Configuration/EnableFileHashComputation |
+| [DiagnosticLog CSP](diagnosticlog-csp.md) <br> [DiagnosticLog DDF](diagnosticlog-ddf.md) | Added version 1.4 of the CSP in Windows 10, version 1903. <br>Added the new 1.4 version of the DDF. <br>Added the following new nodes:<br>- Policy<br>- Policy/Channels<br>- Policy/Channels/ChannelName<br>- Policy/Channels/ChannelName/MaximumFileSize<br>- Policy/Channels/ChannelName/SDDL<br>- Policy/Channels/ChannelName/ActionWhenFull<br>- Policy/Channels/ChannelName/Enabled<br>- DiagnosticArchive<br>- DiagnosticArchive/ArchiveDefinition<br>- DiagnosticArchive/ArchiveResults |
+| [EnrollmentStatusTracking CSP](enrollmentstatustracking-csp.md) | Added the new CSP. |
+| [PassportForWork CSP](passportforwork-csp.md) | Added the following new nodes:<br>- SecurityKey<br>- SecurityKey/UseSecurityKeyForSignin |
+
 
 ## What’s new in MDM for Windows 10, version 1809
 
-<table class="mx-tdBreakAll">
-<colgroup>
-<col width="25%" />
-<col width="75%" />
-</colgroup>
-<thead>
-<tr class="header">
-<th>New or updated topic</th>
-<th>Description</th>
-</tr>
-</thead>
-<tbody>
-<tr>
-<td style="vertical-align:top"><a href="policy-configuration-service-provider.md" data-raw-source="[Policy CSP](policy-configuration-service-provider.md)">Policy CSP</a></td>
-<td style="vertical-align:top"><p>Added the following new policies in Windows 10, version 1809:</p>
-<ul>
-<li>ApplicationManagement/LaunchAppAfterLogOn</li>
-<li>ApplicationManagement/ScheduleForceRestartForUpdateFailures </li>
-<li>Authentication/EnableFastFirstSignIn (Preview mode only)</li>
-<li>Authentication/EnableWebSignIn (Preview mode only)</li>
-<li>Authentication/PreferredAadTenantDomainName</li>
-<li>Browser/AllowFullScreenMode</li>
-<li>Browser/AllowPrelaunch</li>
-<li>Browser/AllowPrinting</li>
-<li>Browser/AllowSavingHistory</li>
-<li>Browser/AllowSideloadingOfExtensions</li>
-<li>Browser/AllowTabPreloading</li>
-<li>Browser/AllowWebContentOnNewTabPage</li>
-<li>Browser/ConfigureFavoritesBar</li>
-<li>Browser/ConfigureHomeButton</li>
-<li>Browser/ConfigureKioskMode</li>
-<li>Browser/ConfigureKioskResetAfterIdleTimeout</li>
-<li>Browser/ConfigureOpenMicrosoftEdgeWith</li>
-<li>Browser/ConfigureTelemetryForMicrosoft365Analytics</li>
-<li>Browser/PreventCertErrorOverrides</li>
-<li>Browser/SetHomeButtonURL</li>
-<li>Browser/SetNewTabPageURL</li>
-<li>Browser/UnlockHomeButton</li>
-<li>Defender/CheckForSignaturesBeforeRunningScan</li>
-<li>Defender/DisableCatchupFullScan </li>
-<li>Defender/DisableCatchupQuickScan </li>
-<li>Defender/EnableLowCPUPriority</li>
-<li>Defender/SignatureUpdateFallbackOrder</li>
-<li>Defender/SignatureUpdateFileSharesSources</li>
-<li>DeviceGuard/ConfigureSystemGuardLaunch</li>
-<li>DeviceInstallation/AllowInstallationOfMatchingDeviceIDs</li>
-<li>DeviceInstallation/AllowInstallationOfMatchingDeviceSetupClasses</li>
-<li>DeviceInstallation/PreventDeviceMetadataFromNetwork</li>
-<li>DeviceInstallation/PreventInstallationOfDevicesNotDescribedByOtherPolicySettings</li>
-<li>DmaGuard/DeviceEnumerationPolicy</li>
-<li>Experience/AllowClipboardHistory</li>
-<li>Experience/DoNotSyncBrowserSettings</li>
-<li>Experience/PreventUsersFromTurningOnBrowserSyncing</li>
-<li>Kerberos/UPNNameHints</li>
-<li>Privacy/AllowCrossDeviceClipboard</li>
-<li>Privacy/DisablePrivacyExperience</li>
-<li>Privacy/UploadUserActivities</li>
-<li>Security/RecoveryEnvironmentAuthentication</li>
-<li>System/AllowDeviceNameInDiagnosticData</li>
-<li>System/ConfigureMicrosoft365UploadEndpoint</li>
-<li>System/DisableDeviceDelete</li>
-<li>System/DisableDiagnosticDataViewer</li>
-<li>Storage/RemovableDiskDenyWriteAccess</li>
-<li>TaskManager/AllowEndTask</li>
-<li>Update/EngagedRestartDeadlineForFeatureUpdates</li>
-<li>Update/EngagedRestartSnoozeScheduleForFeatureUpdates</li>
-<li>Update/EngagedRestartTransitionScheduleForFeatureUpdates</li>
-<li>Update/SetDisablePauseUXAccess</li>
-<li>Update/SetDisableUXWUAccess</li>
-<li>WindowsDefenderSecurityCenter/DisableClearTpmButton</li>
-<li>WindowsDefenderSecurityCenter/DisableTpmFirmwareUpdateWarning</li>
-<li>WindowsDefenderSecurityCenter/HideWindowsSecurityNotificationAreaControl</li>
-<li>WindowsLogon/DontDisplayNetworkSelectionUI</li>
-</ul>
-</td></tr>
-<tr>
-<td style="vertical-align:top"><a href="passportforwork-csp.md" data-raw-source="[PassportForWork  CSP](passportforwork-csp.md)">PassportForWork  CSP</a></td>
-<td style="vertical-align:top"><p>Added new settings in Windows 10, version 1809.</p>
-</td></tr>
-<tr>
-<td style="vertical-align:top"><a href="enterprisemodernappmanagement-csp.md" data-raw-source="[EnterpriseModernAppManagement  CSP](enterprisemodernappmanagement-csp.md)">EnterpriseModernAppManagement  CSP</a></td>
-<td style="vertical-align:top"><p>Added NonRemovable setting under AppManagement node in Windows 10, version 1809.</p>
-</td></tr>
-<tr>
-<td style="vertical-align:top"><a href="win32compatibilityappraiser-csp.md" data-raw-source="[Win32CompatibilityAppraiser  CSP](win32compatibilityappraiser-csp.md)">Win32CompatibilityAppraiser  CSP</a></td>
-<td style="vertical-align:top"><p>Added new configuration service provider in Windows 10, version 1809.</p>
-</td></tr>
-<tr>
-<td style="vertical-align:top"><a href="windowslicensing-csp.md" data-raw-source="[WindowsLicensing  CSP](windowslicensing-csp.md)">WindowsLicensing  CSP</a></td>
-<td style="vertical-align:top"><p>Added S mode settings and SyncML examples in Windows 10, version 1809.</p>
-</td></tr>
-<tr>
-<td style="vertical-align:top"><a href="supl-csp.md" data-raw-source="[SUPL CSP](supl-csp.md)">SUPL CSP</a></td>
-<td style="vertical-align:top"><p>Added 3 new certificate nodes in Windows 10, version 1809.</p>
-</td></tr>
-<tr>
-<td style="vertical-align:top"><a href="defender-csp.md" data-raw-source="[Defender CSP](defender-csp.md)">Defender CSP</a></td>
-<td style="vertical-align:top"><p>Added a new node Health/ProductStatus in Windows 10, version 1809.</p>
-</td></tr>
-<tr>
-<td style="vertical-align:top"><a href="bitlocker-csp.md" data-raw-source="[BitLocker CSP](bitlocker-csp.md)">BitLocker CSP</a></td>
-<td style="vertical-align:top"><p>Added a new node AllowStandardUserEncryption in Windows 10, version 1809. Added support for Windows 10 Pro.</p>
-</td></tr>
-<tr>
-<td style="vertical-align:top"><a href="devdetail-csp.md" data-raw-source="[DevDetail CSP](devdetail-csp.md)">DevDetail CSP</a></td>
-<td style="vertical-align:top"><p>Added a new node SMBIOSSerialNumber in Windows 10, version 1809.</p>
-</td></tr>
-<tr>
-<td style="vertical-align:top"><a href="wifi-csp.md" data-raw-source="[Wifi CSP](wifi-csp.md)">Wifi CSP</a></td>
-<td style="vertical-align:top"><p>Added a new node WifiCost in Windows 10, version 1809.</p>
-</td></tr>
-<tr>
-<td style="vertical-align:top"><a href="windowsdefenderapplicationguard-csp.md" data-raw-source="[WindowsDefenderApplicationGuard CSP](windowsdefenderapplicationguard-csp.md)">WindowsDefenderApplicationGuard CSP</a></td>
-<td style="vertical-align:top"><p>Added new settings in Windows 10, version 1809.</p>
-</td></tr>
-<tr>
-<td style="vertical-align:top"><a href="remotewipe-csp.md" data-raw-source="[RemoteWipe CSP](remotewipe-csp.md)">RemoteWipe CSP</a></td>
-<td style="vertical-align:top"><p>Added new settings in Windows 10, version 1809.</p>
-</td></tr>
-<tr>
-<td style="vertical-align:top"><a href="tenantlockdown-csp.md" data-raw-source="[TenantLockdown CSP](tenantlockdown-csp.md)">TenantLockdown CSP</a></td>
-<td style="vertical-align:top"><p>Added new CSP in Windows 10, version 1809.</p>
-</td></tr>
-<tr>
-<td style="vertical-align:top"><a href="office-csp.md" data-raw-source="[Office CSP](office-csp.md)">Office CSP</a></td>
-<td style="vertical-align:top"><p>Added FinalStatus setting in Windows 10, version 1809.</p>
-</td></tr>
-</tbody>
-</table>
+| New or updated article | Description |
+|-----|-----|
+|[Policy CSP](policy-configuration-service-provider.md) | Added the following new policy settings in Windows 10, version 1809:<br>- ApplicationManagement/LaunchAppAfterLogOn<br>- ApplicationManagement/ScheduleForceRestartForUpdateFailures<br>- Authentication/EnableFastFirstSignIn (Preview mode only)<br>- Authentication/EnableWebSignIn (Preview mode only)<br>- Authentication/PreferredAadTenantDomainName<br>- Browser/AllowFullScreenMode<br>- Browser/AllowPrelaunch<br>- Browser/AllowPrinting<br>- Browser/AllowSavingHistory<br>- Browser/AllowSideloadingOfExtensions<br>- Browser/AllowTabPreloading<br>- Browser/AllowWebContentOnNewTabPage<br>- Browser/ConfigureFavoritesBar<br>- Browser/ConfigureHomeButton<br>- Browser/ConfigureKioskMode<br>- Browser/ConfigureKioskResetAfterIdleTimeout<br>- Browser/ConfigureOpenMicrosoftEdgeWith<br>- Browser/ConfigureTelemetryForMicrosoft365Analytics<br>- Browser/PreventCertErrorOverrides<br>- Browser/SetHomeButtonURL<br>- Browser/SetNewTabPageURL<br>- Browser/UnlockHomeButton<br>- Defender/CheckForSignaturesBeforeRunningScan<br>- Defender/DisableCatchupFullScan<br>- Defender/DisableCatchupQuickScan<br>- Defender/EnableLowCPUPriority<br>- Defender/SignatureUpdateFallbackOrder<br>- Defender/SignatureUpdateFileSharesSources<br>- DeviceGuard/ConfigureSystemGuardLaunch<br>- DeviceInstallation/AllowInstallationOfMatchingDeviceIDs<br>- DeviceInstallation/AllowInstallationOfMatchingDeviceSetupClasses<br>- DeviceInstallation/PreventDeviceMetadataFromNetwork<br>- DeviceInstallation/PreventInstallationOfDevicesNotDescribedByOtherPolicySettings<br>- DmaGuard/DeviceEnumerationPolicy<br>- Experience/AllowClipboardHistory<br>- Experience/DoNotSyncBrowserSettings<br>- Experience/PreventUsersFromTurningOnBrowserSyncing<br>- Kerberos/UPNNameHints<br>- Privacy/AllowCrossDeviceClipboard<br>- Privacy/DisablePrivacyExperience<br>- Privacy/UploadUserActivities<br>- Security/RecoveryEnvironmentAuthentication<br>- System/AllowDeviceNameInDiagnosticData<br>- System/ConfigureMicrosoft365UploadEndpoint<br>- System/DisableDeviceDelete<br>- System/DisableDiagnosticDataViewer<br>- Storage/RemovableDiskDenyWriteAccess<br>- TaskManager/AllowEndTask<br>- Update/DisableWUfBSafeguards<br>- Update/EngagedRestartDeadlineForFeatureUpdates<br>- Update/EngagedRestartSnoozeScheduleForFeatureUpdates<br>- Update/EngagedRestartTransitionScheduleForFeatureUpdates<br>- Update/SetDisablePauseUXAccess<br>- Update/SetDisableUXWUAccess<br>- WindowsDefenderSecurityCenter/DisableClearTpmButton<br>- WindowsDefenderSecurityCenter/DisableTpmFirmwareUpdateWarning<br>- WindowsDefenderSecurityCenter/HideWindowsSecurityNotificationAreaControl<br>- WindowsLogon/DontDisplayNetworkSelectionUI |
+| [BitLocker CSP](bitlocker-csp.md) | Added a new node AllowStandardUserEncryption in Windows 10, version 1809. Added support for Windows 10 Pro. |
+| [Defender CSP](defender-csp.md) | Added a new node Health/ProductStatus in Windows 10, version 1809. |
+| [DevDetail CSP](devdetail-csp.md) | Added a new node SMBIOSSerialNumber in Windows 10, version 1809. |
+| [EnterpriseModernAppManagement CSP](enterprisemodernappmanagement-csp.md) | Added NonRemovable setting under AppManagement node in Windows 10, version 1809. |
+| [Office CSP](office-csp.md) | Added FinalStatus setting in Windows 10, version 1809. |
+| [PassportForWork CSP](passportforwork-csp.md) | Added new settings in Windows 10, version 1809. |
+| [RemoteWipe CSP](remotewipe-csp.md) | Added new settings in Windows 10, version 1809. |
+| [SUPL CSP](supl-csp.md) | Added 3 new certificate nodes in Windows 10, version 1809. |
+| [TenantLockdown CSP](tenantlockdown-csp.md) | Added new CSP in Windows 10, version 1809. |
+| [Wifi CSP](wifi-csp.md) | Added a new node WifiCost in Windows 10, version 1809. |
+| [WindowsDefenderApplicationGuard CSP](windowsdefenderapplicationguard-csp.md) | Added new settings in Windows 10, version 1809. |
+| [WindowsLicensing CSP](windowslicensing-csp.md) | Added S mode settings and SyncML examples in Windows 10, version 1809. |
+| [Win32CompatibilityAppraiser CSP](win32compatibilityappraiser-csp.md) | Added new configuration service provider in Windows 10, version 1809. |
+
 
 ## What’s new in MDM for Windows 10, version 1803
 
-<table class="mx-tdBreakAll">
-<colgroup>
-<col width="25%" />
-<col width="75%" />
-</colgroup>
-<thead>
-<tr class="header">
-<th>New or updated topic</th>
-<th>Description</th>
-</tr>
-</thead>
-<tbody>
-<tr>
-<td style="vertical-align:top"><a href="policy-configuration-service-provider.md" data-raw-source="[Policy CSP](policy-configuration-service-provider.md)">Policy CSP</a></td>
-<td style="vertical-align:top"><p>Added the following new policies for Windows 10, version 1803:</p>
-<ul>
-<li>ApplicationDefaults/EnableAppUriHandlers</li>
-<li>ApplicationManagement/MSIAllowUserControlOverInstall</li>
-<li>ApplicationManagement/MSIAlwaysInstallWithElevatedPrivileges</li>
-<li>Bluetooth/AllowPromptedProximalConnections</li>
-<li>Browser/AllowConfigurationUpdateForBooksLibrary</li>
-<li>Browser/AlwaysEnableBooksLibrary</li>
-<li>Browser/EnableExtendedBooksTelemetry</li>
-<li>Browser/UseSharedFolderForBooks</li>
-<li>Connectivity/AllowPhonePCLinking</li>
-<li>DeliveryOptimization/DODelayBackgroundDownloadFromHttp</li>
-<li>DeliveryOptimization/DODelayForegroundDownloadFromHttp</li>
-<li>DeliveryOptimization/DOGroupIdSource</li>
-<li>DeliveryOptimization/DOPercentageMaxBackDownloadBandwidth</li>
-<li>DeliveryOptimization/DOPercentageMaxForeDownloadBandwidth</li>
-<li>DeliveryOptimization/DORestrictPeerSelectionBy</li>
-<li>DeliveryOptimization/DOSetHoursToLimitBackgroundDownloadBandwidth</li>
-<li>DeliveryOptimization/DOSetHoursToLimitForegroundDownloadBandwidth</li>
-<li>Display/DisablePerProcessDpiForApps</li>
-<li>Display/EnablePerProcessDpi</li>
-<li>Display/EnablePerProcessDpiForApps</li>
-<li>Experience/AllowWindowsSpotlightOnSettings</li>
-<li>KioskBrowser/BlockedUrlExceptions</li>
-<li>KioskBrowser/BlockedUrls</li>
-<li>KioskBrowser/DefaultURL</li>
-<li>KioskBrowser/EnableEndSessionButton</li>
-<li>KioskBrowser/EnableHomeButton</li>
-<li>KioskBrowser/EnableNavigationButtons</li>
-<li>KioskBrowser/RestartOnIdleTime</li>
-<li>LanmanWorkstation/EnableInsecureGuestLogons</li>
-<li>LocalPoliciesSecurityOptions/Devices_AllowUndockWithoutHavingToLogon</li>
-<li>LocalPoliciesSecurityOptions/Devices_AllowedToFormatAndEjectRemovableMedia</li>
-<li>LocalPoliciesSecurityOptions/Devices_PreventUsersFromInstallingPrinterDriversWhenConnectingToSharedPrinters</li>
-<li>LocalPoliciesSecurityOptions/Devices_RestrictCDROMAccessToLocallyLoggedOnUserOnly</li>
-<li>LocalPoliciesSecurityOptions/InteractiveLogon_SmartCardRemovalBehavior</li>
-<li>LocalPoliciesSecurityOptions/MicrosoftNetworkClient_DigitallySignCommunicationsIfServerAgrees</li>
-<li>LocalPoliciesSecurityOptions/MicrosoftNetworkClient_SendUnencryptedPasswordToThirdPartySMBServers</li>
-<li>LocalPoliciesSecurityOptions/MicrosoftNetworkServer_DigitallySignCommunicationsAlways</li>
-<li>LocalPoliciesSecurityOptions/MicrosoftNetworkServer_DigitallySignCommunicationsIfClientAgrees</li>
-<li>LocalPoliciesSecurityOptions/NetworkAccess_DoNotAllowAnonymousEnumerationOfSAMAccounts</li>
-<li>LocalPoliciesSecurityOptions/NetworkAccess_DoNotAllowAnonymousEnumerationOfSamAccountsAndShares</li>
-<li>LocalPoliciesSecurityOptions/NetworkAccess_RestrictAnonymousAccessToNamedPipesAndShares</li>
-<li>LocalPoliciesSecurityOptions/NetworkAccess_RestrictClientsAllowedToMakeRemoteCallsToSAM</li>
-<li>LocalPoliciesSecurityOptions/NetworkSecurity_DoNotStoreLANManagerHashValueOnNextPasswordChange</li>
-<li>LocalPoliciesSecurityOptions/NetworkSecurity_LANManagerAuthenticationLevel</li>
-<li>LocalPoliciesSecurityOptions/NetworkSecurity_MinimumSessionSecurityForNTLMSSPBasedServers</li>
-<li>LocalPoliciesSecurityOptions/NetworkSecurity_RestrictNTLM_AddRemoteServerExceptionsForNTLMAuthentication</li>
-<li>LocalPoliciesSecurityOptions/NetworkSecurity_RestrictNTLM_AuditIncomingNTLMTraffic</li>
-<li>LocalPoliciesSecurityOptions/NetworkSecurity_RestrictNTLM_IncomingNTLMTraffic</li>
-<li>LocalPoliciesSecurityOptions/NetworkSecurity_RestrictNTLM_OutgoingNTLMTrafficToRemoteServers</li>
-<li>LocalPoliciesSecurityOptions/Shutdown_ClearVirtualMemoryPageFile</li>
-<li>LocalPoliciesSecurityOptions/UserAccountControl_DetectApplicationInstallationsAndPromptForElevation</li>
-<li>LocalPoliciesSecurityOptions/UserAccountControl_UseAdminApprovalMode</li>
-<li>Notifications/DisallowCloudNotification</li>
-<li>RestrictedGroups/ConfigureGroupMembership</li>
-<li>Search/AllowCortanaInAAD</li>
-<li>Search/DoNotUseWebResults</li>
-<li>Security/ConfigureWindowsPasswords</li>
-<li>Start/DisableContextMenus</li>
-<li>System/FeedbackHubAlwaysSaveDiagnosticsLocally</li>
-<li>SystemServices/ConfigureHomeGroupListenerServiceStartupMode</li>
-<li>SystemServices/ConfigureHomeGroupProviderServiceStartupMode</li>
-<li>SystemServices/ConfigureXboxAccessoryManagementServiceStartupMode</li>
-<li>SystemServices/ConfigureXboxLiveAuthManagerServiceStartupMode</li>
-<li>SystemServices/ConfigureXboxLiveGameSaveServiceStartupMode</li>
-<li>SystemServices/ConfigureXboxLiveNetworkingServiceStartupMode</li>
-<li>TaskScheduler/EnableXboxGameSaveTask</li>
-<li>TextInput/EnableTouchKeyboardAutoInvokeInDesktopMode</li>
-<li>TextInput/ForceTouchKeyboardDockedState</li>
-<li>TextInput/TouchKeyboardDictationButtonAvailability</li>
-<li>TextInput/TouchKeyboardEmojiButtonAvailability</li>
-<li>TextInput/TouchKeyboardFullModeAvailability</li>
-<li>TextInput/TouchKeyboardHandwritingModeAvailability</li>
-<li>TextInput/TouchKeyboardNarrowModeAvailability</li>
-<li>TextInput/TouchKeyboardSplitModeAvailability</li>
-<li>TextInput/TouchKeyboardWideModeAvailability</li>
-<li>Update/ConfigureFeatureUpdateUninstallPeriod</li>
-<li>Update/TargetReleaseVersion</li>
-<li>UserRights/AccessCredentialManagerAsTrustedCaller</li>
-<li>UserRights/AccessFromNetwork</li>
-<li>UserRights/ActAsPartOfTheOperatingSystem</li>
-<li>UserRights/AllowLocalLogOn</li>
-<li>UserRights/BackupFilesAndDirectories</li>
-<li>UserRights/ChangeSystemTime</li>
-<li>UserRights/CreateGlobalObjects</li>
-<li>UserRights/CreatePageFile</li>
-<li>UserRights/CreatePermanentSharedObjects</li>
-<li>UserRights/CreateSymbolicLinks</li>
-<li>UserRights/CreateToken</li>
-<li>UserRights/DebugPrograms</li>
-<li>UserRights/DenyAccessFromNetwork</li>
-<li>UserRights/DenyLocalLogOn</li>
-<li>UserRights/DenyRemoteDesktopServicesLogOn</li>
-<li>UserRights/EnableDelegation</li>
-<li>UserRights/GenerateSecurityAudits</li>
-<li>UserRights/ImpersonateClient</li>
-<li>UserRights/IncreaseSchedulingPriority</li>
-<li>UserRights/LoadUnloadDeviceDrivers</li>
-<li>UserRights/LockMemory</li>
-<li>UserRights/ManageAuditingAndSecurityLog</li>
-<li>UserRights/ManageVolume</li>
-<li>UserRights/ModifyFirmwareEnvironment</li>
-<li>UserRights/ModifyObjectLabel</li>
-<li>UserRights/ProfileSingleProcess</li>
-<li>UserRights/RemoteShutdown</li>
-<li>UserRights/RestoreFilesAndDirectories</li>
-<li>UserRights/TakeOwnership</li>
-<li>WindowsDefenderSecurityCenter/DisableAccountProtectionUI</li>
-<li>WindowsDefenderSecurityCenter/DisableDeviceSecurityUI</li>
-<li>WindowsDefenderSecurityCenter/HideRansomwareDataRecovery</li>
-<li>WindowsDefenderSecurityCenter/HideSecureBoot</li>
-<li>WindowsDefenderSecurityCenter/HideTPMTroubleshooting</li>
-</ul>
-<p>Security/RequireDeviceEncryption - updated to show it is supported in desktop.</p>
-</tr>
-<tr class="odd">
-<td style="vertical-align:top"><a href="bitlocker-csp.md" data-raw-source="[BitLocker CSP](bitlocker-csp.md)">BitLocker CSP</a></td>
-<td style="vertical-align:top"><p>Updated the description for AllowWarningForOtherDiskEncryption to describe changes added in Windows 10, version 1803.</p>
-</td></tr>
-<tr class="odd">
-<td style="vertical-align:top"><a href="dmclient-csp.md" data-raw-source="[DMClient CSP](dmclient-csp.md)">DMClient CSP</a></td>
-<td style="vertical-align:top"><p>Added ./User/Vendor/MSFT/DMClient/Provider/[ProviderID]/FirstSyncStatus node. Also added the following nodes in Windows 10, version 1803:</p>
-<ul>
-<li>AADSendDeviceToken</li>
-<li>BlockInStatusPage</li>
-<li>AllowCollectLogsButton</li>
-<li>CustomErrorText</li>
-<li>SkipDeviceStatusPage</li>
-<li>SkipUserStatusPage</li>
-</ul>
-</td></tr>
-<tr class="odd">
-<td style="vertical-align:top"><a href="defender-csp.md" data-raw-source="[Defender CSP](defender-csp.md)">Defender CSP</a></td>
-<td style="vertical-align:top"><p>Added new node (OfflineScan) in Windows 10, version 1803.</p>
-</td></tr>
-<tr class="odd">
-<td style="vertical-align:top"><a href="uefi-csp.md" data-raw-source="[UEFI CSP](uefi-csp.md)">UEFI CSP</a></td>
-<td style="vertical-align:top"><p>Added a new CSP in Windows 10, version 1803.</p>
-</td></tr>
-<tr class="odd">
-<td style="vertical-align:top"><a href="update-csp.md" data-raw-source="[Update CSP](update-csp.md)">Update CSP</a></td>
-<td style="vertical-align:top"><p>Added the following nodes in Windows 10, version 1803:</p>
-<ul>
-<li>Rollback</li>
-<li>Rollback/FeatureUpdate</li>
-<li>Rollback/QualityUpdateStatus</li>
-<li>Rollback/FeatureUpdateStatus</li>
-</ul>
-</td></tr>
-<tr class="odd">
-<td style="vertical-align:top"><a href="assignedaccess-csp.md" data-raw-source="[AssignedAccess CSP](assignedaccess-csp.md)">AssignedAccess CSP</a></td>
-<td style="vertical-align:top"><p>Added the following nodes in Windows 10, version 1803:</p>
-<ul>
-<li>Status</li>
-<li>ShellLauncher</li>
-<li>StatusConfiguration</li>
-</ul>
-<p>Updated the AssigneAccessConfiguration schema. Starting in Windows 10, version 1803 AssignedAccess CSP is supported in HoloLens (1st gen) Commercial Suite. Added example for HoloLens (1st gen) Commercial Suite.</p>
-</td></tr>
-<tr class="odd">
-<td style="vertical-align:top"><a href="multisim-csp.md" data-raw-source="[MultiSIM CSP](multisim-csp.md)">MultiSIM CSP</a></td>
-<td style="vertical-align:top"><p>Added a new CSP in Windows 10, version 1803.</p>
-</td></tr>
-<tr class="odd">
-<td style="vertical-align:top"><a href="enterprisemodernappmanagement-csp.md" data-raw-source="[EnterpriseModernAppManagement CSP](enterprisemodernappmanagement-csp.md)">EnterpriseModernAppManagement CSP</a></td>
-<td style="vertical-align:top"><p>Added the following node in Windows 10, version 1803:</p>
-<ul>
-<li>MaintainProcessorArchitectureOnUpdate</li>
-</ul>
-</td></tr>
-<tr>
-<td style="vertical-align:top"><a href="euiccs-csp.md" data-raw-source="[eUICCs CSP](euiccs-csp.md)">eUICCs CSP</a></td>
-<td style="vertical-align:top"><p>Added the following node in Windows 10, version 1803:</p>
-<ul>
-<li>IsEnabled</li>
-</ul>
-</td></tr>
-<tr>
-<td style="vertical-align:top"><a href="devicestatus-csp.md" data-raw-source="[DeviceStatus CSP](devicestatus-csp.md)">DeviceStatus CSP</a></td>
-<td style="vertical-align:top"><p>Added the following node in Windows 10, version 1803:</p>
-<ul>
-<li>OS/Mode</li>
-</ul>
-</td></tr>
-<tr>
-<td style="vertical-align:top"><a href="accountmanagement-csp.md" data-raw-source="[AccountManagement CSP](accountmanagement-csp.md)">AccountManagement CSP</a></td>
-<td style="vertical-align:top"><p>Added a new CSP in Windows 10, version 1803.</p>
-</td></tr>
-<tr>
-<td style="vertical-align:top"><a href="rootcacertificates-csp.md" data-raw-source="[RootCATrustedCertificates CSP](rootcacertificates-csp.md)">RootCATrustedCertificates CSP</a></td>
-<td style="vertical-align:top"><p>Added the following node in Windows 10, version 1803:</p>
-<ul>
-<li>UntrustedCertificates</li>
-</ul>
-</td></tr>
-<tr>
-<td style="vertical-align:top"><a href="\networkproxy--csp.md" data-raw-source="[NetworkProxy CSP](\networkproxy--csp.md)">NetworkProxy CSP</a></td>
-<td style="vertical-align:top"><p>Added the following node in Windows 10, version 1803:</p>
-<ul>
-<li>ProxySettingsPerUser</li>
-</ul>
-</td></tr>
-<tr>
-<td style="vertical-align:top"><a href="accounts-csp.md" data-raw-source="[Accounts CSP](accounts-csp.md)">Accounts CSP</a></td>
-<td style="vertical-align:top"><p>Added a new CSP in Windows 10, version 1803.</p>
-</td></tr>
-<tr>
-<td style="vertical-align:top"><a href="https://aka.ms/mmat" data-raw-source="[MDM Migration Analysis Too (MMAT)](https://aka.ms/mmat)">MDM Migration Analysis Too (MMAT)</a></td>
-<td style="vertical-align:top"><p>Updated version available. MMAT is a tool you can use to determine which Group Policies are set on a target user/computer and cross-reference them against the list of supported MDM policies.</p>
-</td></tr>
-<tr>
-<td style="vertical-align:top"><a href="configuration-service-provider-reference.md#csp-ddf-files-download" data-raw-source="[CSP DDF files download](configuration-service-provider-reference.md#csp-ddf-files-download)">CSP DDF files download</a></td>
-<td style="vertical-align:top"><p>Added the DDF download of Windows 10, version 1803 configuration service providers.</p>
-</td></tr>
-</tbody>
-</table>
+| New or updated article | Description |
+|-----|-----|
+|[Policy CSP](policy-configuration-service-provider.md) | Added the following new policies for Windows 10, version 1803:<br>- ApplicationDefaults/EnableAppUriHandlers<br>- ApplicationManagement/MSIAllowUserControlOverInstall<br>- ApplicationManagement/MSIAlwaysInstallWithElevatedPrivileges<br>- Bluetooth/AllowPromptedProximalConnections<br>- Browser/AllowConfigurationUpdateForBooksLibrary<br>- Browser/AlwaysEnableBooksLibrary<br>- Browser/EnableExtendedBooksTelemetry<br>- Browser/UseSharedFolderForBooks<br>- Connectivity/AllowPhonePCLinking<br>- DeliveryOptimization/DODelayBackgroundDownloadFromHttp<br>- DeliveryOptimization/DODelayForegroundDownloadFromHttp<br>- DeliveryOptimization/DOGroupIdSource<br>- DeliveryOptimization/DOPercentageMaxBackDownloadBandwidth<br>- DeliveryOptimization/DOPercentageMaxForeDownloadBandwidth<br>- DeliveryOptimization/DORestrictPeerSelectionBy<br>- DeliveryOptimization/DOSetHoursToLimitBackgroundDownloadBandwidth<br>- DeliveryOptimization/DOSetHoursToLimitForegroundDownloadBandwidth<br>- Display/DisablePerProcessDpiForApps<br>- Display/EnablePerProcessDpi<br>- Display/EnablePerProcessDpiForApps<br>- Experience/AllowWindowsSpotlightOnSettings<br>- KioskBrowser/BlockedUrlExceptions<br>- KioskBrowser/BlockedUrls<br>- KioskBrowser/DefaultURL<br>- KioskBrowser/EnableEndSessionButton<br>- KioskBrowser/EnableHomeButton<br>- KioskBrowser/EnableNavigationButtons<br>- KioskBrowser/RestartOnIdleTime<br>- LanmanWorkstation/EnableInsecureGuestLogons<br>- LocalPoliciesSecurityOptions/Devices_AllowUndockWithoutHavingToLogon<br>- LocalPoliciesSecurityOptions/Devices_AllowedToFormatAndEjectRemovableMedia<br>- LocalPoliciesSecurityOptions/Devices_PreventUsersFromInstallingPrinterDriversWhenConnectingToSharedPrinters<br>- LocalPoliciesSecurityOptions/Devices_RestrictCDROMAccessToLocallyLoggedOnUserOnly<br>- LocalPoliciesSecurityOptions/InteractiveLogon_SmartCardRemovalBehavior<br>- LocalPoliciesSecurityOptions/MicrosoftNetworkClient_DigitallySignCommunicationsIfServerAgrees<br>- LocalPoliciesSecurityOptions/MicrosoftNetworkClient_SendUnencryptedPasswordToThirdPartySMBServers<br>- LocalPoliciesSecurityOptions/MicrosoftNetworkServer_DigitallySignCommunicationsAlways<br>- LocalPoliciesSecurityOptions/MicrosoftNetworkServer_DigitallySignCommunicationsIfClientAgrees<br>- LocalPoliciesSecurityOptions/NetworkAccess_DoNotAllowAnonymousEnumerationOfSAMAccounts<br>- LocalPoliciesSecurityOptions/NetworkAccess_DoNotAllowAnonymousEnumerationOfSamAccountsAndShares<br>- LocalPoliciesSecurityOptions/NetworkAccess_RestrictAnonymousAccessToNamedPipesAndShares<br>- LocalPoliciesSecurityOptions/NetworkAccess_RestrictClientsAllowedToMakeRemoteCallsToSAM<br>- LocalPoliciesSecurityOptions/NetworkSecurity_DoNotStoreLANManagerHashValueOnNextPasswordChange<br>- LocalPoliciesSecurityOptions/NetworkSecurity_LANManagerAuthenticationLevel<br>- LocalPoliciesSecurityOptions/NetworkSecurity_MinimumSessionSecurityForNTLMSSPBasedServers<br>- LocalPoliciesSecurityOptions/NetworkSecurity_RestrictNTLM_AddRemoteServerExceptionsForNTLMAuthentication<br>- LocalPoliciesSecurityOptions/NetworkSecurity_RestrictNTLM_AuditIncomingNTLMTraffic<br>- LocalPoliciesSecurityOptions/NetworkSecurity_RestrictNTLM_IncomingNTLMTraffic<br>- LocalPoliciesSecurityOptions/NetworkSecurity_RestrictNTLM_OutgoingNTLMTrafficToRemoteServers<br>- LocalPoliciesSecurityOptions/Shutdown_ClearVirtualMemoryPageFile<br>- LocalPoliciesSecurityOptions/UserAccountControl_DetectApplicationInstallationsAndPromptForElevation<br>- LocalPoliciesSecurityOptions/UserAccountControl_UseAdminApprovalMode<br>- Notifications/DisallowCloudNotification<br>- RestrictedGroups/ConfigureGroupMembership<br>- Search/AllowCortanaInAAD<br>- Search/DoNotUseWebResults<br>- Security/ConfigureWindowsPasswords<br>- Start/DisableContextMenus<br>- System/FeedbackHubAlwaysSaveDiagnosticsLocally<br>- SystemServices/ConfigureHomeGroupListenerServiceStartupMode<br>- SystemServices/ConfigureHomeGroupProviderServiceStartupMode<br>- SystemServices/ConfigureXboxAccessoryManagementServiceStartupMode<br>- SystemServices/ConfigureXboxLiveAuthManagerServiceStartupMode<br>- SystemServices/ConfigureXboxLiveGameSaveServiceStartupMode<br>- SystemServices/ConfigureXboxLiveNetworkingServiceStartupMode<br>- TaskScheduler/EnableXboxGameSaveTask<br>- TextInput/EnableTouchKeyboardAutoInvokeInDesktopMode<br>- TextInput/ForceTouchKeyboardDockedState<br>- TextInput/TouchKeyboardDictationButtonAvailability<br>- TextInput/TouchKeyboardEmojiButtonAvailability<br>- TextInput/TouchKeyboardFullModeAvailability<br>- TextInput/TouchKeyboardHandwritingModeAvailability<br>- TextInput/TouchKeyboardNarrowModeAvailability<br>- TextInput/TouchKeyboardSplitModeAvailability<br>- TextInput/TouchKeyboardWideModeAvailability<br>- Update/ConfigureFeatureUpdateUninstallPeriod<br>- Update/TargetReleaseVersion<br>- UserRights/AccessCredentialManagerAsTrustedCaller<br>- UserRights/AccessFromNetwork<br>- UserRights/ActAsPartOfTheOperatingSystem<br>- UserRights/AllowLocalLogOn<br>- UserRights/BackupFilesAndDirectories<br>- UserRights/ChangeSystemTime<br>- UserRights/CreateGlobalObjects<br>- UserRights/CreatePageFile<br>- UserRights/CreatePermanentSharedObjects<br>- UserRights/CreateSymbolicLinks<br>- UserRights/CreateToken<br>- UserRights/DebugPrograms<br>- UserRights/DenyAccessFromNetwork<br>- UserRights/DenyLocalLogOn<br>- UserRights/DenyRemoteDesktopServicesLogOn<br>- UserRights/EnableDelegation<br>- UserRights/GenerateSecurityAudits<br>- UserRights/ImpersonateClient<br>- UserRights/IncreaseSchedulingPriority<br>- UserRights/LoadUnloadDeviceDrivers<br>- UserRights/LockMemory<br>- UserRights/ManageAuditingAndSecurityLog<br>- UserRights/ManageVolume<br>- UserRights/ModifyFirmwareEnvironment<br>- UserRights/ModifyObjectLabel<br>- UserRights/ProfileSingleProcess<br>- UserRights/RemoteShutdown<br>- UserRights/RestoreFilesAndDirectories<br>- UserRights/TakeOwnership<br>- WindowsDefenderSecurityCenter/DisableAccountProtectionUI<br>- WindowsDefenderSecurityCenter/DisableDeviceSecurityUI<br>- WindowsDefenderSecurityCenter/HideRansomwareDataRecovery<br>- WindowsDefenderSecurityCenter/HideSecureBoot<br>- WindowsDefenderSecurityCenter/HideTPMTroubleshooting<br>- Security/RequireDeviceEncryption - updated to show it is supported in desktop. |
+| [Accounts CSP](accounts-csp.md) | Added a new CSP in Windows 10, version 1803. |
+| [AccountManagement CSP](accountmanagement-csp.md) | Added a new CSP in Windows 10, version 1803. |
+| [AssignedAccess CSP](assignedaccess-csp.md) | Added the following nodes in Windows 10, version 1803:<br>- Status<br>- ShellLauncher<br>- StatusConfiguration <br><br>Updated the AssigneAccessConfiguration schema. Starting in Windows 10, version 1803 AssignedAccess CSP is supported in HoloLens (1st gen) Commercial Suite. Added example for HoloLens (1st gen) Commercial Suite. | 
+| [BitLocker CSP](bitlocker-csp.md) | Updated the description for AllowWarningForOtherDiskEncryption to describe changes added in Windows 10, version 1803. |
+| [CSP DDF files download](configuration-service-provider-reference.md#csp-ddf-files-download) | Added the DDF download of Windows 10, version 1803 configuration service providers. |
+| [Defender CSP](defender-csp.md) | Added new node (OfflineScan) in Windows 10, version 1803. |
+| [DeviceStatus CSP](devicestatus-csp.md) | Added the following node in Windows 10, version 1803:<br>- OS/Mode |
+| [DMClient CSP](dmclient-csp.md) | Added ./User/Vendor/MSFT/DMClient/Provider/[ProviderID]/FirstSyncStatus node. Also added the following nodes in Windows 10, version 1803:<br>- AADSendDeviceToken<br>- BlockInStatusPage<br>- AllowCollectLogsButton<br>- CustomErrorText<br>- SkipDeviceStatusPage<br>- SkipUserStatusPage |
+| [EnterpriseModernAppManagement CSP](enterprisemodernappmanagement-csp.md) | Added the following node in Windows 10, version 1803:<br>- MaintainProcessorArchitectureOnUpdate |
+| [eUICCs CSP](euiccs-csp.md) | Added the following node in Windows 10, version 1803:<br>- IsEnabled |
+| [MDM Migration Analysis Too (MMAT)](https://aka.ms/mmat) | MDM Migration Analysis Too (MMAT) <br>Updated version available. MMAT is a tool you can use to determine which Group Policies are set on a target user/computer and cross-reference them against the list of supported MDM policies. |
+| [MultiSIM CSP](multisim-csp.md) | Added a new CSP in Windows 10, version 1803. |
+| [NetworkProxy CSP](networkproxy-csp.md) | Added the following node in Windows 10, version 1803:<br>- ProxySettingsPerUser |
+| [RootCATrustedCertificates CSP](rootcacertificates-csp.md) | Added the following node in Windows 10, version 1803:<br>- UntrustedCertificates |
+| [UEFI CSP](uefi-csp.md) | Added a new CSP in Windows 10, version 1803. |
+| [Update CSP](update-csp.md) | Added the following nodes in Windows 10, version 1803:<br>- Rollback<br>- Rollback/FeatureUpdate<br>- Rollback/QualityUpdateStatus<br>- Rollback/FeatureUpdateStatus |
 
 ## What’s new in MDM for Windows 10, version 1709
 
-<table class="mx-tdBreakAll">
-<colgroup>
-<col width="25%" />
-<col width="75%" />
-</colgroup>
-<thead>
-<tr class="header">
-<th>Item</th>
-<th>Description</th>
-</tr>
-</thead>
-<tbody>
-<tr class="even">
-<td style="vertical-align:top">The <a href="https://msdn.microsoft.com/library/mt221945.aspx" data-raw-source="[\[MS-MDE2\]: Mobile Device Enrollment Protocol Version 2](https://msdn.microsoft.com/library/mt221945.aspx)">[MS-MDE2]: Mobile Device Enrollment Protocol Version 2</a></td>
-<td style="vertical-align:top"><p>The Windows 10 enrollment protocol was updated. The following elements were added to the RequestSecurityToken message:</p>
-<ul>
-<li>UXInitiated - boolean value that indicates whether the enrollment is user initiated from the Settings page. </li>
-<li>ExternalMgmtAgentHint - a string the agent uses to give hints the enrollment server may need.</li>
-<li>DomainName - fully qualified domain name if the device is domain-joined.</li>
-</ul>
-<p>For examples, see section 4.3.1 RequestSecurityToken of the MS-MDE2 protocol documentation.</p>
-</td></tr>
-<tr class="even">
-<td style="vertical-align:top"><a href="firewall-csp.md" data-raw-source="[Firewall CSP](firewall-csp.md)">Firewall CSP</a></td>
-<td style="vertical-align:top"><p>Added new CSP in Windows 10, version 1709.</p>
-</td></tr>
-<tr class="even">
-<td style="vertical-align:top"><a href="euiccs-csp.md" data-raw-source="[eUICCs CSP](euiccs-csp.md)">eUICCs CSP</a></td>
-<td style="vertical-align:top"><p>Added new CSP in Windows 10, version 1709.</p>
-</td></tr>
-<tr class="odd">
-<td style="vertical-align:top"><a href="windowsdefenderapplicationguard-csp.md" data-raw-source="[WindowsDefenderApplicationGuard CSP](windowsdefenderapplicationguard-csp.md)">WindowsDefenderApplicationGuard CSP</a></td>
-<td style="vertical-align:top">New CSP added in Windows 10, version 1709. Also added the DDF topic <a href="windowsdefenderapplicationguard-ddf-file.md" data-raw-source="[WindowsDefenderApplicationGuard DDF file](windowsdefenderapplicationguard-ddf-file.md)">WindowsDefenderApplicationGuard DDF file</a>.</td>
-</tr>
-<tr class="even">
-<td style="vertical-align:top"><a href="cm-proxyentries-csp.md" data-raw-source="[CM_ProxyEntries CSP](cm-proxyentries-csp.md)">CM_ProxyEntries CSP</a> and <a href="cmpolicy-csp.md" data-raw-source="[CMPolicy CSP](cmpolicy-csp.md)">CMPolicy CSP</a></td>
-<td style="vertical-align:top">In Windows 10, version 1709, support for desktop SKUs were added to these CSPs. The table of SKU information in the <a href="configuration-service-provider-reference.md" data-raw-source="[Configuration service provider reference](configuration-service-provider-reference.md)">Configuration service provider reference</a> was updated.</td>
-</tr>
-<tr class="odd">
-<td style="vertical-align:top"><a href="windowsdefenderapplicationguard-csp.md" data-raw-source="[WindowsDefenderApplicationGuard CSP](windowsdefenderapplicationguard-csp.md)">WindowsDefenderApplicationGuard CSP</a></td>
-<td style="vertical-align:top">New CSP added in Windows 10, version 1709. Also added the DDF topic <a href="windowsdefenderapplicationguard-ddf-file.md" data-raw-source="[WindowsDefenderApplicationGuard DDF file](windowsdefenderapplicationguard-ddf-file.md)">WindowsDefenderApplicationGuard DDF file</a>.</td>
-</tr>
-<tr class="even">
-<td style="vertical-align:top"><a href="vpnv2-csp.md" data-raw-source="[VPNv2 CSP](vpnv2-csp.md)">VPNv2 CSP</a></td>
-<td style="vertical-align:top"><p>Added DeviceTunnel and RegisterDNS settings in Windows 10, version 1709.</p>
-</td></tr>
-<tr class="odd">
-<td style="vertical-align:top"><a href="devicestatus-csp.md" data-raw-source="[DeviceStatus CSP](devicestatus-csp.md)">DeviceStatus CSP</a></td>
-<td style="vertical-align:top"><p>Added the following settings in Windows 10, version 1709:</p>
-<ul>
-<li>DeviceStatus/DomainName</li>
-<li>DeviceStatus/DeviceGuard/VirtualizationBasedSecurityHwReq</li>
-<li>DeviceStatus/DeviceGuard/VirtualizationBasedSecurityStatus</li>
-<li>DeviceStatus/DeviceGuard/LsaCfgCredGuardStatus</li>
-</ul>
-</td></tr>
-<tr class="even">
-<td style="vertical-align:top"><a href="assignedaccess-csp.md" data-raw-source="[AssignedAccess CSP](assignedaccess-csp.md)">AssignedAccess CSP</a></td>
-<td style="vertical-align:top"><p>Added the following setting in Windows 10, version 1709.</p>
-<ul>
-<li>Configuration</li>
-</ul>
-<p>Starting in Windows 10, version 1709, AssignedAccess CSP is supported in Windows 10 Pro.</p>
-</td></tr>
-<tr class="odd">
-<td style="vertical-align:top"><a href="devicemanageability-csp.md" data-raw-source="[DeviceManageability CSP](devicemanageability-csp.md)">DeviceManageability CSP</a></td>
-<td style="vertical-align:top"><p>Added the following settings in Windows 10, version 1709:</p>
-<ul>
-<li>Provider/<em>ProviderID</em>/ConfigInfo</li>
-<li> Provider/<em>ProviderID</em>/EnrollmentInfo</li>
-</ul>
-</td></tr>
-<tr class="odd">
-<td style="vertical-align:top"><a href="office-csp.md" data-raw-source="[Office CSP](office-csp.md)">Office CSP</a></td>
-<td style="vertical-align:top"><p>Added the following setting in Windows 10, version 1709:</p>
-<ul>
-<li>Installation/CurrentStatus</li>
-</ul>
-</td></tr>
-<tr class="odd">
-<td style="vertical-align:top"><a href="dmclient-csp.md" data-raw-source="[DMClient CSP](dmclient-csp.md)">DMClient CSP</a></td>
-<td style="vertical-align:top"><p>Added new nodes to the DMClient CSP in Windows 10, version 1709. Updated the CSP and DDF topics.</p>
-</td></tr>
-<tr class="odd">
-<td style="vertical-align:top"><a href="bitlocker-csp.md" data-raw-source="[Bitlocker CSP](bitlocker-csp.md)">Bitlocker CSP</a></td>
-<td style="vertical-align:top"><p>Changed the minimum personal identification number (PIN) length to 4 digits in SystemDrivesRequireStartupAuthentication and SystemDrivesMinimumPINLength in Windows 10, version 1709.</p>
-</td></tr>
-<tr class="odd">
-<td style="vertical-align:top"><a href="policy-csps-admx-backed.md" data-raw-source="[ADMX-backed policies in Policy CSP](policy-csps-admx-backed.md)">ADMX-backed policies in Policy CSP</a></td>
-<td style="vertical-align:top"><p>Added new policies.</p>
-</td></tr>
-<tr class="odd">
-<td style="vertical-align:top">Microsoft Store for Business and Microsoft Store</td>
-<td style="vertical-align:top"><p>Windows Store for Business name changed to Microsoft Store for Business. Windows Store name changed to Microsoft Store.</p>
-</td></tr>
-<td style="vertical-align:top"><a href="mdm-enrollment-of-windows-devices.md" data-raw-source="[MDM enrollment of Windows-based devices](mdm-enrollment-of-windows-devices.md)">MDM enrollment of Windows-based devices</a></td>
-<td style="vertical-align:top"><p>New features in the Settings app:</p>
-<ul>
-<li>User sees installation progress of critical policies during MDM enrollment.</li>
-<li>User knows what policies, profiles, apps MDM has configured</li>
-<li>IT helpdesk can get detailed MDM diagnostic information using client tools</li>
-</ul>
-<p>For details, see <a href="mdm-enrollment-of-windows-devices.md#manage-connections" data-raw-source="[Manage connection](mdm-enrollment-of-windows-devices.md#manage-connections)">Managing connection</a> and <a href="mdm-enrollment-of-windows-devices.md#collecting-diagnostic-logs" data-raw-source="[Collecting diagnostic logs](mdm-enrollment-of-windows-devices.md#collecting-diagnostic-logs)">Collecting diagnostic logs</a></p>
-</td></tr>
-<tr class="odd">
-<td style="vertical-align:top"><a href="enroll-a-windows-10-device-automatically-using-group-policy.md" data-raw-source="[Enroll a Windows 10 device automatically using Group Policy](enroll-a-windows-10-device-automatically-using-group-policy.md)">Enroll a Windows 10 device automatically using Group Policy</a></td>
-<td style="vertical-align:top"><p>Added new topic to introduce a new Group Policy for automatic MDM enrollment.</p>
-</td></tr>
-<tr class="odd">
-<td style="vertical-align:top"><a href="policy-configuration-service-provider.md" data-raw-source="[Policy CSP](policy-configuration-service-provider.md)">Policy CSP</a></td>
-<td style="vertical-align:top"><p>Added the following new policies for Windows 10, version 1709:</p>
-<ul>
-<li>Authentication/AllowAadPasswordReset</li>
-<li>Authentication/AllowFidoDeviceSignon</li>
-<li>Browser/LockdownFavorites</li>
-<li>Browser/ProvisionFavorites</li>
-<li>Cellular/LetAppsAccessCellularData</li>
-<li>Cellular/LetAppsAccessCellularData_ForceAllowTheseApps</li>
-<li>Cellular/LetAppsAccessCellularData_ForceDenyTheseApps</li>
-<li>Cellular/LetAppsAccessCellularData_UserInControlOfTheseApps</li>
-<li>CredentialProviders/DisableAutomaticReDeploymentCredentials</li>
-<li>DeviceGuard/EnableVirtualizationBasedSecurity</li>
-<li>DeviceGuard/RequirePlatformSecurityFeatures</li>
-<li>DeviceGuard/LsaCfgFlags</li>
-<li>DeviceLock/MinimumPasswordAge</li>
-<li>ExploitGuard/ExploitProtectionSettings</li>
-<li>Games/AllowAdvancedGamingServices</li>
-<li>Handwriting/PanelDefaultModeDocked</li>
-<li>LocalPoliciesSecurityOptions/Accounts_BlockMicrosoftAccounts</li>
-<li>LocalPoliciesSecurityOptions/Accounts_LimitLocalAccountUseOfBlankPasswordsToConsoleLogonOnly</li>
-<li>LocalPoliciesSecurityOptions/Accounts_RenameAdministratorAccount</li>
-<li>LocalPoliciesSecurityOptions/Accounts_RenameGuestAccount</li>
-<li>LocalPoliciesSecurityOptions/InteractiveLogon_DisplayUserInformationWhenTheSessionIsLocked</li>
-<li>LocalPoliciesSecurityOptions/Interactivelogon_DoNotDisplayLastSignedIn</li>
-<li>LocalPoliciesSecurityOptions/Interactivelogon_DoNotDisplayUsernameAtSignIn</li>
-<li>LocalPoliciesSecurityOptions/Interactivelogon_DoNotRequireCTRLALTDEL</li>
-<li>LocalPoliciesSecurityOptions/InteractiveLogon_MachineInactivityLimit</li>
-<li>LocalPoliciesSecurityOptions/InteractiveLogon_MessageTextForUsersAttemptingToLogOn</li>
-<li>LocalPoliciesSecurityOptions/InteractiveLogon_MessageTitleForUsersAttemptingToLogOn</li>
-<li>LocalPoliciesSecurityOptions/NetworkSecurity_AllowLocalSystemToUseComputerIdentityForNTLM</li>
-<li>LocalPoliciesSecurityOptions/NetworkSecurity_AllowPKU2UAuthenticationRequests</li>
-<li>LocalPoliciesSecurityOptions/Shutdown_AllowSystemToBeShutDownWithoutHavingToLogOn</li>
-<li>LocalPoliciesSecurityOptions/UserAccountControl_AllowUIAccessApplicationsToPromptForElevation</li>
-<li>LocalPoliciesSecurityOptions/UserAccountControl_BehaviorOfTheElevationPromptForAdministrators</li>
-<li>LocalPoliciesSecurityOptions/UserAccountControl_BehaviorOfTheElevationPromptForStandardUsers</li>
-<li>LocalPoliciesSecurityOptions/UserAccountControl_OnlyElevateExecutableFilesThatAreSignedAndValidated</li>
-<li>LocalPoliciesSecurityOptions/UserAccountControl_OnlyElevateUIAccessApplicationsThatAreInstalledInSecureLocations</li>
-<li>LocalPoliciesSecurityOptions/UserAccountControl_RunAllAdministratorsInAdminApprovalMode</li>
-<li>LocalPoliciesSecurityOptions/UserAccountControl_SwitchToTheSecureDesktopWhenPromptingForElevation</li>
-<li>LocalPoliciesSecurityOptions/UserAccountControl_VirtualizeFileAndRegistryWriteFailuresToPerUserLocations</li>
-<li>Power/DisplayOffTimeoutOnBattery</li>
-<li>Power/DisplayOffTimeoutPluggedIn</li>
-<li>Power/HibernateTimeoutOnBattery</li>
-<li>Power/HibernateTimeoutPluggedIn</li>
-<li>Power/StandbyTimeoutOnBattery</li>
-<li>Power/StandbyTimeoutPluggedIn</li>
-<li>Privacy/EnableActivityFeed</li>
-<li>Privacy/PublishUserActivities</li>
-<li>Defender/AttackSurfaceReductionOnlyExclusions</li>
-<li>Defender/AttackSurfaceReductionRules</li>
-<li>Defender/CloudBlockLevel </li>
-<li>Defender/CloudExtendedTimeout</li>
-<li>Defender/ControlledFolderAccessAllowedApplications</li>
-<li>Defender/ControlledFolderAccessProtectedFolders</li>
-<li>Defender/EnableControlledFolderAccess</li>
-<li>Defender/EnableNetworkProtection</li>
-<li>Education/DefaultPrinterName</li>
-<li>Education/PreventAddingNewPrinters</li>
-<li>Education/PrinterNames</li>
-<li>Search/AllowCloudSearch</li>
-<li>Security/ClearTPMIfNotReady</li>
-<li>Settings/AllowOnlineTips</li>
-<li>Start/HidePeopleBar</li>
-<li>Storage/AllowDiskHealthModelUpdates</li>
-<li>System/DisableEnterpriseAuthProxy </li>
-<li>System/LimitEnhancedDiagnosticDataWindowsAnalytics</li>
-<li>Update/AllowAutoWindowsUpdateDownloadOverMeteredNetwork</li>
-<li>Update/DisableDualScan</li>
-<li>Update/ManagePreviewBuilds</li>
-<li>Update/ScheduledInstallEveryWeek</li>
-<li>Update/ScheduledInstallFirstWeek</li>
-<li>Update/ScheduledInstallFourthWeek</li>
-<li>Update/ScheduledInstallSecondWeek</li>
-<li>Update/ScheduledInstallThirdWeek</li>
-<li>WindowsDefenderSecurityCenter/CompanyName</li>
-<li>WindowsDefenderSecurityCenter/DisableAppBrowserUI</li>
-<li>WindowsDefenderSecurityCenter/DisableEnhancedNotifications</li>
-<li>WindowsDefenderSecurityCenter/DisableFamilyUI</li>
-<li>WindowsDefenderSecurityCenter/DisableHealthUI</li>
-<li>WindowsDefenderSecurityCenter/DisableNetworkUI</li>
-<li>WindowsDefenderSecurityCenter/DisableNotifications</li>
-<li>WindowsDefenderSecurityCenter/DisableVirusUI</li>
-<li>WindowsDefenderSecurityCenter/DisallowExploitProtectionOverride</li>
-<li>WindowsDefenderSecurityCenter/Email</li>
-<li>WindowsDefenderSecurityCenter/EnableCustomizedToasts</li>
-<li>WindowsDefenderSecurityCenter/EnableInAppCustomization</li>
-<li>WindowsDefenderSecurityCenter/Phone</li>
-<li>WindowsDefenderSecurityCenter/URL</li>
-<li>WirelessDisplay/AllowMdnsAdvertisement</li>
-<li>WirelessDisplay/AllowMdnsDiscovery</li>
-</ul>
-</td></tr>
-</tbody>
-</table>
+| New or updated article | Description |
+|-----|-----|
+| The [The [MS-MDE2]: Mobile Device Enrollment Protocol Version 2](https://docs.microsoft.com/openspecs/windows_protocols/ms-mde2/4d7eadd5-3951-4f1c-8159-c39e07cbe692?redirectedfrom=MSDN) | The Windows 10 enrollment protocol was updated. The following elements were added to the RequestSecurityToken message:<br>- UXInitiated - boolean value that indicates whether the enrollment is user initiated from the Settings page.<br>-ExternalMgmtAgentHint - a string the agent uses to give hints the enrollment server may need.<br>- DomainName - fully qualified domain name if the device is domain-joined. |
+| [Firewall CSP](firewall-csp.md) | Added new CSP in Windows 10, version 1709. |
+| [eUICCs CSP](euiccs-csp.md) | Added new CSP in Windows 10, version 1709. |
+| [WindowsDefenderApplicationGuard CSP](windowsdefenderapplicationguard-csp.md)<br>[WindowsDefenderApplicationGuard DDF file](windowsdefenderapplicationguard-ddf-file.md) | New CSP added in Windows 10, version 1709. Also added the DDF topic. |
+| [CM_ProxyEntries CSP](cm-proxyentries-csp.md) and [CMPolicy CSP](cmpolicy-csp.md) | In Windows 10, version 1709, support for desktop SKUs were added to these CSPs. |
+| [VPNv2 CSP](vpnv2-csp.md) | Added DeviceTunnel and RegisterDNS settings in Windows 10, version 1709. |
+| [DeviceStatus CSP](devicestatus-csp.md) | Added the following settings in Windows 10, version 1709:<br>- DeviceStatus/DomainName<br>- DeviceStatus/DeviceGuard/VirtualizationBasedSecurityHwReq<br>- DeviceStatus/DeviceGuard/VirtualizationBasedSecurityStatus<br>- DeviceStatus/DeviceGuard/LsaCfgCredGuardStatus |
+| [AssignedAccess CSP](assignedaccess-csp.md) | Added the following setting in Windows 10, version 1709: <br>- Configuration <br> Starting in Windows 10, version 1709, AssignedAccess CSP is supported in Windows 10 Pro. |
+| [DeviceManageability CSP](devicemanageability-csp.md) | Added the following settings in Windows 10, version 1709:<br>- Provider/_ProviderID_/ConfigInfo<br>- Provider/_ProviderID_/EnrollmentInfo |
+| [Office CSP](office-csp.md) | Added the following setting in Windows 10, version 1709:<br>- Installation/CurrentStatus |
+| [DMClient CSP](dmclient-csp.md) | Added new nodes to the DMClient CSP in Windows 10, version 1709. Updated the CSP and DDF articles. |
+| [Bitlocker CSP](bitlocker-csp.md) | Changed the minimum personal identification number (PIN) length to 4 digits in SystemDrivesRequireStartupAuthentication and SystemDrivesMinimumPINLength in Windows 10, version 1709. |
+| [ADMX-backed policies in Policy CSP](policy-csps-admx-backed.md) | Added new policies. |
+| Microsoft Store for Business and Microsoft Store | Windows Store for Business name changed to Microsoft Store for Business. Windows Store name changed to Microsoft Store. |
+| [MDM enrollment of Windows-based devices](mdm-enrollment-of-windows-devices.md) | New features in the Settings app:<br>- User sees installation progress of critical policies during MDM enrollment.<br>- User knows what policies, profiles, apps MDM has configured<br>- IT helpdesk can get detailed MDM diagnostic information using client tools <br> For details, see [Managing connection](https://docs.microsoft.com/windows/client-management/mdm/mdm-enrollment-of-windows-devices#manage-connections) and [Collecting diagnostic logs](https://docs.microsoft.com/windows/client-management/mdm/mdm-enrollment-of-windows-devices#collecting-diagnostic-logs).|
+| [Enroll a Windows 10 device automatically using Group Policy](enroll-a-windows-10-device-automatically-using-group-policy.md) | Added new topic to introduce a new Group Policy for automatic MDM enrollment. |
+| [Policy CSP](policy-configuration-service-provider.md) | Added the following new policies for Windows 10, version 1709:<br>- Authentication/AllowAadPasswordReset<br>- Authentication/AllowFidoDeviceSignon<br>- Browser/LockdownFavorites<br>- Browser/ProvisionFavorites<br>- Cellular/LetAppsAccessCellularData<br>- Cellular/LetAppsAccessCellularData_ForceAllowTheseApps<br>- Cellular/LetAppsAccessCellularData_ForceDenyTheseApps<br>- Cellular/LetAppsAccessCellularData_UserInControlOfTheseApps<br>- CredentialProviders/DisableAutomaticReDeploymentCredentials<br>- DeviceGuard/EnableVirtualizationBasedSecurity<br>- DeviceGuard/RequirePlatformSecurityFeatures<br>- DeviceGuard/LsaCfgFlags<br>- DeviceLock/MinimumPasswordAge<br>- ExploitGuard/ExploitProtectionSettings<br>- Games/AllowAdvancedGamingServices<br>- Handwriting/PanelDefaultModeDocked<br>- LocalPoliciesSecurityOptions/Accounts_BlockMicrosoftAccounts<br>- LocalPoliciesSecurityOptions/Accounts_LimitLocalAccountUseOfBlankPasswordsToConsoleLogonOnly<br>- LocalPoliciesSecurityOptions/Accounts_RenameAdministratorAccount<br>- LocalPoliciesSecurityOptions/Accounts_RenameGuestAccount<br>- LocalPoliciesSecurityOptions/InteractiveLogon_DisplayUserInformationWhenTheSessionIsLocked<br>- LocalPoliciesSecurityOptions/Interactivelogon_DoNotDisplayLastSignedIn<br>- LocalPoliciesSecurityOptions/Interactivelogon_DoNotDisplayUsernameAtSignIn<br>- LocalPoliciesSecurityOptions/Interactivelogon_DoNotRequireCTRLALTDEL<br>- LocalPoliciesSecurityOptions/InteractiveLogon_MachineInactivityLimit<br>- LocalPoliciesSecurityOptions/InteractiveLogon_MessageTextForUsersAttemptingToLogOn<br>- LocalPoliciesSecurityOptions/InteractiveLogon_MessageTitleForUsersAttemptingToLogOn<br>- LocalPoliciesSecurityOptions/NetworkSecurity_AllowLocalSystemToUseComputerIdentityForNTLM<br>- LocalPoliciesSecurityOptions/NetworkSecurity_AllowPKU2UAuthenticationRequests<br>- LocalPoliciesSecurityOptions/Shutdown_AllowSystemToBeShutDownWithoutHavingToLogOn<br>- LocalPoliciesSecurityOptions/UserAccountControl_AllowUIAccessApplicationsToPromptForElevation<br>- LocalPoliciesSecurityOptions/UserAccountControl_BehaviorOfTheElevationPromptForAdministrators<br>- LocalPoliciesSecurityOptions/UserAccountControl_BehaviorOfTheElevationPromptForStandardUsers<br>- LocalPoliciesSecurityOptions/UserAccountControl_OnlyElevateExecutableFilesThatAreSignedAndValidated<br>- LocalPoliciesSecurityOptions/UserAccountControl_OnlyElevateUIAccessApplicationsThatAreInstalledInSecureLocations<br>- LocalPoliciesSecurityOptions/UserAccountControl_RunAllAdministratorsInAdminApprovalMode<br>- LocalPoliciesSecurityOptions/UserAccountControl_SwitchToTheSecureDesktopWhenPromptingForElevation<br>- LocalPoliciesSecurityOptions/UserAccountControl_VirtualizeFileAndRegistryWriteFailuresToPerUserLocations<br>- Power/DisplayOffTimeoutOnBattery<br>- Power/DisplayOffTimeoutPluggedIn<br>- Power/HibernateTimeoutOnBattery<br>- Power/HibernateTimeoutPluggedIn<br>- Power/StandbyTimeoutOnBattery<br>- Power/StandbyTimeoutPluggedIn<br>- Privacy/EnableActivityFeed<br>- Privacy/PublishUserActivities<br>- Defender/AttackSurfaceReductionOnlyExclusions<br>- Defender/AttackSurfaceReductionRules<br>- Defender/CloudBlockLevel<br>- Defender/CloudExtendedTimeout<br>- Defender/ControlledFolderAccessAllowedApplications<br>- Defender/ControlledFolderAccessProtectedFolders<br>- Defender/EnableControlledFolderAccess<br>- Defender/EnableNetworkProtection<br>- Education/DefaultPrinterName<br>- Education/PreventAddingNewPrinters<br>- Education/PrinterNames<br>- Search/AllowCloudSearch<br>- Security/ClearTPMIfNotReady<br>- Settings/AllowOnlineTips<br>- Start/HidePeopleBar<br>- Storage/AllowDiskHealthModelUpdates<br>- System/DisableEnterpriseAuthProxy<br>- System/LimitEnhancedDiagnosticDataWindowsAnalytics<br>- Update/AllowAutoWindowsUpdateDownloadOverMeteredNetwork<br>- Update/DisableDualScan<br>- Update/ManagePreviewBuilds<br>- Update/ScheduledInstallEveryWeek<br>- Update/ScheduledInstallFirstWeek<br>- Update/ScheduledInstallFourthWeek<br>- Update/ScheduledInstallSecondWeek<br>- Update/ScheduledInstallThirdWeek<br>- WindowsDefenderSecurityCenter/CompanyName<br>- WindowsDefenderSecurityCenter/DisableAppBrowserUI<br>- WindowsDefenderSecurityCenter/DisableEnhancedNotifications<br>- WindowsDefenderSecurityCenter/DisableFamilyUI<br>- WindowsDefenderSecurityCenter/DisableHealthUI<br>- WindowsDefenderSecurityCenter/DisableNetworkUI<br>- WindowsDefenderSecurityCenter/DisableNotifications<br>- WindowsDefenderSecurityCenter/DisableVirusUI<br>- WindowsDefenderSecurityCenter/DisallowExploitProtectionOverride<br>- WindowsDefenderSecurityCenter/Email<br>- WindowsDefenderSecurityCenter/EnableCustomizedToasts<br>- WindowsDefenderSecurityCenter/EnableInAppCustomization<br>- WindowsDefenderSecurityCenter/Phone<br>- WindowsDefenderSecurityCenter/URL<br>- WirelessDisplay/AllowMdnsAdvertisement<br>- WirelessDisplay/AllowMdnsDiscovery |
+
 
 ## What’s new in MDM for Windows 10, version 1703
 
-<table class="mx-tdBreakAll">
-<colgroup>
-<col width="25%" />
-<col width="75%" />
-</colgroup>
-<thead>
-<tr class="header">
-<th>Item</th>
-<th>Description</th>
-</tr>
-</thead>
-<tbody>
-<tr class="odd">
-<td style="vertical-align:top"><p><a href="update-csp.md" data-raw-source="[Update CSP](update-csp.md)">Update CSP</a></p></td>
-<td style="vertical-align:top"><p>Added the following nodes:</p>
-<ul>
-<li>FailedUpdates/<em>Failed Update Guid</em>/RevisionNumber</li>
-<li>InstalledUpdates/<em>Installed Update Guid</em>/RevisionNumber</li>
-<li>PendingRebootUpdates/<em>Pending Reboot Update Guid</em>/RevisionNumber</li>
-</ul>
-</td>
-</tr>
-<tr class="even">
-<td style="vertical-align:top"><a href="cm-cellularentries-csp.md" data-raw-source="[CM_CellularEntries CSP](cm-cellularentries-csp.md)">CM_CellularEntries CSP</a></td>
-<td style="vertical-align:top"><p>To PurposeGroups setting, added the following values:</p>
-<ul>
-<li>Purchase - 95522B2B-A6D1-4E40-960B-05E6D3F962AB </li>
-<li>Administrative - 2FFD9261-C23C-4D27-8DCF-CDE4E14A3364</li>
-</ul>
-</td></tr>
-<tr class="odd">
-<td style="vertical-align:top"><p><a href="certificatestore-csp.md" data-raw-source="[CertificateStore CSP](certificatestore-csp.md)">CertificateStore CSP</a></p></td>
-<td style="vertical-align:top"><p>Added the following setting:</p>
-<ul>
-<li>My/WSTEP/Renew/RetryAfterExpiryInterval</li>
-</ul>
-</td>
-</tr>
-<tr class="even">
-<td style="vertical-align:top"><p><a href="clientcertificateinstall-csp.md" data-raw-source="[ClientCertificateInstall CSP](clientcertificateinstall-csp.md)">ClientCertificateInstall CSP</a></p></td>
-<td style="vertical-align:top"><p>Added the following setting:</p>
-<ul>
-<li>SCEP/UniqueID/Install/AADKeyIdentifierList</li>
-</ul>
-</td>
-</tr>
-<tr class="odd">
-<td style="vertical-align:top"><p><a href="dmacc-csp.md" data-raw-source="[DMAcc CSP](dmacc-csp.md)">DMAcc CSP</a></p></td>
-<td style="vertical-align:top"><p>Added the following setting:</p>
-<ul>
-<li>AccountUID/EXT/Microsoft/InitiateSession</li>
-</ul>
-</td>
-</tr>
-<tr class="even">
-<td style="vertical-align:top"><p><a href="dmclient-csp.md" data-raw-source="[DMClient CSP](dmclient-csp.md)">DMClient CSP</a></p></td>
-<td style="vertical-align:top"><p>Added the following nodes and settings:</p>
-<ul>
-<li>HWDevID</li>
-<li>Provider/ProviderID/ManagementServerToUpgradeTo</li>
-<li>Provider/ProviderID/CustomEnrollmentCompletePage</li>
-<li>Provider/ProviderID/CustomEnrollmentCompletePage/Title</li>
-<li>Provider/ProviderID/CustomEnrollmentCompletePage/BodyText</li>
-<li>Provider/ProviderID/CustomEnrollmentCompletePage/HyperlinkHref</li>
-<li>Provider/ProviderID/CustomEnrollmentCompletePage/HyperlinkText</li>
-</ul>
-</td>
-</tr>
-<tr class="odd">
-<td style="vertical-align:top"><p><a href="cellularsettings-csp.md" data-raw-source="[CellularSettings CSP](cellularsettings-csp.md)">CellularSettings CSP</a></p><p><a href="cm-cellularentries-csp.md" data-raw-source="[CM_CellularEntries CSP](cm-cellularentries-csp.md)">CM_CellularEntries CSP</a></p><p><a href="enterpriseapn-csp.md" data-raw-source="[EnterpriseAPN CSP](enterpriseapn-csp.md)">EnterpriseAPN CSP</a></p></td>
-<td style="vertical-align:top"><p>For these CSPs, support was added for Windows 10 Home, Pro, Enterprise, and Education editions.</p>
-</td></tr>
-<tr class="even">
-<td style="vertical-align:top"><a href="secureassessment-csp.md" data-raw-source="[SecureAssessment CSP](secureassessment-csp.md)">SecureAssessment CSP</a></td>
-<td style="vertical-align:top"><p>Added the following settings:</p>
-<ul>
-<li>AllowTextSuggestions</li>
-<li>RequirePrinting</li>
-</ul>
-</td>
-</tr>
-<tr class="even">
-<td style="vertical-align:top"><a href="enterpriseapn-csp.md" data-raw-source="[EnterpriseAPN CSP](enterpriseapn-csp.md)">EnterpriseAPN CSP</a></td>
-<td style="vertical-align:top"><p>Added the following setting:</p>
-<ul>
-<li>Roaming</li>
-</ul>
-</td>
-</tr>
-<tr class="odd">
-<td style="vertical-align:top"><a href="messaging-csp.md" data-raw-source="[Messaging CSP](messaging-csp.md)">Messaging CSP</a></td>
-<td style="vertical-align:top"><p>Added new CSP. This CSP is only supported in Windows 10 Mobile and Mobile Enterprise editions.</p>
-</td>
-</tr>
-<tr class="even">
-<td style="vertical-align:top"><a href="policy-configuration-service-provider.md" data-raw-source="[Policy CSP](policy-configuration-service-provider.md)">Policy CSP</a></td>
-<td style="vertical-align:top"><p>Added the following new policies: </p>
-<ul>
-<li>Accounts/AllowMicrosoftAccountSignInAssistant</li>
-<li>ApplicationDefaults/DefaultAssociationsConfiguration</li>
-<li>Browser/AllowAddressBarDropdown</li>
-<li>Browser/AllowFlashClickToRun</li>
-<li>Browser/AllowMicrosoftCompatibilityList</li>
-<li>Browser/AllowSearchEngineCustomization</li>
-<li>Browser/ClearBrowsingDataOnExit</li>
-<li>Browser/ConfigureAdditionalSearchEngines</li>
-<li>Browser/DisableLockdownOfStartPages</li>
-<li>Browser/PreventFirstRunPage</li>
-<li>Browser/PreventLiveTileDataCollection</li>
-<li>Browser/SetDefaultSearchEngine</li>
-<li>Browser/SyncFavoritesBetweenIEAndMicrosoftEdge</li>
-<li>Connectivity/AllowConnectedDevices</li>
-<li>DeliveryOptimization/DOAllowVPNPeerCaching</li>
-<li>DeliveryOptimization/DOMinBatteryPercentageAllowedToUpload</li>
-<li>DeliveryOptimization/DOMinDiskSizeAllowedToPeer</li>
-<li>DeliveryOptimization/DOMinFileSizeToCache</li>
-<li>DeliveryOptimization/DOMinRAMAllowedToPeer</li>
-<li>DeviceLock/MaxInactivityTimeDeviceLockWithExternalDisplay</li>
-<li>Display/TurnOffGdiDPIScalingForApps</li>
-<li>Display/TurnOnGdiDPIScalingForApps</li>
-<li>EnterpriseCloudPrint/CloudPrinterDiscoveryEndPoint</li>
-<li>EnterpriseCloudPrint/CloudPrintOAuthAuthority</li>
-<li>EnterpriseCloudPrint/CloudPrintOAuthClientId</li>
-<li>EnterpriseCloudPrint/CloudPrintResourceId</li>
-<li>EnterpriseCloudPrint/DiscoveryMaxPrinterLimit</li>
-<li>EnterpriseCloudPrint/MopriaDiscoveryResourceId</li>
-<li>Experience/AllowFindMyDevice</li>
-<li>Experience/AllowTailoredExperiencesWithDiagnosticData</li>
-<li>Experience/AllowWindowsSpotlightOnActionCenter</li>
-<li>Experience/AllowWindowsSpotlightWindowsWelcomeExperience</li>
-<li>Location/EnableLocation</li>
-<li>Messaging/AllowMMS</li>
-<li>Messaging/AllowRCS</li>
-<li>Privacy/LetAppsAccessTasks</li>
-<li>Privacy/LetAppsAccessTasks_ForceAllowTheseApps</li>
-<li>Privacy/LetAppsAccessTasks_ForceDenyTheseApps</li>
-<li>Privacy/LetAppsAccessTasks_UserInControlOfTheseApps</li>
-<li>Privacy/LetAppsGetDiagnosticInfo</li>
-<li>Privacy/LetAppsGetDiagnosticInfo_ForceAllowTheseApps</li>
-<li>Privacy/LetAppsGetDiagnosticInfo_ForceDenyTheseApps</li>
-<li>Privacy/LetAppsGetDiagnosticInfo_UserInControlOfTheseApps</li>
-<li>Privacy/LetAppsRunInBackground</li>
-<li>Privacy/LetAppsRunInBackground_ForceAllowTheseApps</li>
-<li>Privacy/LetAppsRunInBackground_ForceDenyTheseApps</li>
-<li>Privacy/LetAppsRunInBackground_UserInControlOfTheseApps</li>
-<li>Settings/ConfigureTaskbarCalendar</li>
-<li>Settings/PageVisibilityList</li>
-<li>SmartScreen/EnableAppInstallControl</li>
-<li>SmartScreen/EnableSmartScreenInShell</li>
-<li>SmartScreen/PreventOverrideForFilesInShell</li>
-<li>Start/AllowPinnedFolderDocuments</li>
-<li>Start/AllowPinnedFolderDownloads</li>
-<li>Start/AllowPinnedFolderFileExplorer</li>
-<li>Start/AllowPinnedFolderHomeGroup</li>
-<li>Start/AllowPinnedFolderMusic</li>
-<li>Start/AllowPinnedFolderNetwork</li>
-<li>Start/AllowPinnedFolderPersonalFolder </li>
-<li>Start/AllowPinnedFolderPictures</li>
-<li>Start/AllowPinnedFolderSettings</li>
-<li>Start/AllowPinnedFolderVideos</li>
-<li>Start/HideAppList</li>
-<li>Start/HideChangeAccountSettings</li>
-<li>Start/HideFrequentlyUsedApps</li>
-<li>Start/HideHibernate</li>
-<li>Start/HideLock</li>
-<li>Start/HidePowerButton</li>
-<li>Start/HideRecentJumplists</li>
-<li>Start/HideRecentlyAddedApps</li>
-<li>Start/HideRestart</li>
-<li>Start/HideShutDown</li>
-<li>Start/HideSignOut</li>
-<li>Start/HideSleep</li>
-<li>Start/HideSwitchAccount</li>
-<li>Start/HideUserTile</li>
-<li>Start/ImportEdgeAssets</li>
-<li>Start/NoPinningToTaskbar</li>
-<li>System/AllowFontProviders</li>
-<li>System/DisableOneDriveFileSync</li>
-<li>TextInput/AllowKeyboardTextSuggestions</li>
-<li>TimeLanguageSettings/AllowSet24HourClock</li>
-<li>Update/ActiveHoursMaxRange</li>
-<li>Update/AutoRestartDeadlinePeriodInDays</li>
-<li>Update/AutoRestartNotificationSchedule</li>
-<li>Update/AutoRestartRequiredNotificationDismissal</li>
-<li>Update/DetectionFrequency</li>
-<li>Update/EngagedRestartDeadline</li>
-<li>Update/EngagedRestartSnoozeSchedule</li>
-<li>Update/EngagedRestartTransitionSchedule</li>
-<li>Update/IgnoreMOAppDownloadLimit</li>
-<li>Update/IgnoreMOUpdateDownloadLimit</li>
-<li>Update/PauseFeatureUpdatesStartTime</li>
-<li>Update/PauseQualityUpdatesStartTime</li>
-<li>Update/SetAutoRestartNotificationDisable</li>
-<li>Update/SetEDURestart</li>
-<li>WiFi/AllowWiFiDirect</li>
-<li>WindowsLogon/HideFastUserSwitching</li>
-<li>WirelessDisplay/AllowProjectionFromPC</li>
-<li>WirelessDisplay/AllowProjectionFromPCOverInfrastructure</li>
-<li>WirelessDisplay/AllowProjectionToPCOverInfrastructure</li>
-<li>WirelessDisplay/AllowUserInputFromWirelessDisplayReceiver</li>
-</ul><p>Removed TextInput/AllowLinguisticDataCollection</p>
-<p>Starting in Windows 10, version 1703, Update/UpdateServiceUrl is not supported in Windows 10 Mobile Enterprise and IoT Enterprise</p>
-<p>Starting in Windows 10, version 1703, the maximum value of  Update/DeferFeatureUpdatesPeriodInDays has been increased from 180 days, to 365 days.</p>
-<p>Starting in Windows 10, version 1703, in Browser/HomePages you can use the &quot;&lt;about:blank&gt;&quot; value if you don’t want to send traffic to Microsoft.</p>
-<p>Starting in Windows 10, version 1703, Start/StartLayout can now be set on a per-device basis in addition to the pre-existing per-user basis.</p>
-<p>Added the ConfigOperations/ADMXInstall node and setting, which is used to ingest ADMX files.</p>
-</td></tr>
-<tr class="odd">
-<td style="vertical-align:top"><a href="devdetail-csp.md" data-raw-source="[DevDetail CSP](devdetail-csp.md)">DevDetail CSP</a></td>
-<td style="vertical-align:top"><p>Added the following setting:</p>
-<ul>
-<li>DeviceHardwareData</li>
-</ul>
-</td>
-</tr>
-<tr class="even">
-<td style="vertical-align:top"><a href="cleanpc-csp.md" data-raw-source="[CleanPC CSP](cleanpc-csp.md)">CleanPC CSP</a></td>
-<td style="vertical-align:top"><p>Added new CSP.</p></td>
-</tr>
-<tr class="odd">
-<td style="vertical-align:top"><a href="developersetup-csp.md" data-raw-source="[DeveloperSetup CSP](developersetup-csp.md)">DeveloperSetup CSP</a></td>
-<td style="vertical-align:top"><p>Added new CSP.</p></td>
-</tr>
-<tr class="even">
-<td style="vertical-align:top"><a href="networkproxy-csp.md" data-raw-source="[NetworkProxy CSP](networkproxy-csp.md)">NetworkProxy CSP</a></td>
-<td style="vertical-align:top"><p>Added new CSP.</p></td>
-</tr>
-<tr class="odd">
-<td style="vertical-align:top"><a href="bitlocker-csp.md" data-raw-source="[BitLocker CSP](bitlocker-csp.md)">BitLocker CSP</a></td>
-<td style="vertical-align:top"><p>Added new CSP.</p>
-<p>Added the following setting:</p>
-<ul>
-<li>AllowWarningForOtherDiskEncryption</li>
-</ul>
-</td>
-</tr>
-<tr class="even">
-<td style="vertical-align:top"><a href="enterprisedataprotection-csp.md" data-raw-source="[EnterpriseDataProtection CSP](enterprisedataprotection-csp.md)">EnterpriseDataProtection CSP</a></td>
-<td style="vertical-align:top"><p>Starting in Windows 10, version 1703, AllowUserDecryption is no longer supported.</p><p>Added the following settings:</p>
-<ul>
-<li>RevokeOnMDMHandoff</li>
-<li>SMBAutoEncryptedFileExtensions</li>
-</ul></td>
-</tr>
-<tr class="odd">
-<td style="vertical-align:top"><a href="dynamicmanagement-csp.md" data-raw-source="[DynamicManagement CSP](dynamicmanagement-csp.md)">DynamicManagement CSP</a></td>
-<td style="vertical-align:top"><p>Added new CSP.</p></td>
-</tr>
-<tr class="even">
-<td style="vertical-align:top"><a href="implement-server-side-mobile-application-management.md" data-raw-source="[Implement server-side support for mobile application management on Windows](implement-server-side-mobile-application-management.md)">Implement server-side support for mobile application management on Windows</a></td>
-<td style="vertical-align:top"><p>New mobile application management (MAM) support added in Windows 10, version 1703.</p></td>
-</tr>
-<tr class="odd">
-<td style="vertical-align:top"><p><a href="passportforwork-csp.md" data-raw-source="[PassportForWork CSP](passportforwork-csp.md)">PassportForWork CSP</a></p></td>
-<td style="vertical-align:top"><p>Added the following new node and settings:</p>
-<ul>
-<li><em>TenantId</em>/Policies/ExcludeSecurityDevices (only for ./Device/Vendor/MSFT)</li>
-<li><em>TenantId</em>/Policies/ExcludeSecurityDevices/TPM12 (only for ./Device/Vendor/MSFT)</li>
-<li><em>TenantId</em>/Policies/EnablePinRecovery</li>
-</ul></td>
-</tr>
-<tr class="even">
-<td style="vertical-align:top"><a href="office-csp.md" data-raw-source="[Office CSP](office-csp.md)">Office CSP</a></td>
-<td style="vertical-align:top"><p>Added new CSP.</p></td>
-</tr>
-<tr class="odd">
-<td style="vertical-align:top"><a href="personalization-csp.md" data-raw-source="[Personalization CSP](personalization-csp.md)">Personalization CSP</a></td>
-<td style="vertical-align:top"><p>Added new CSP.</p></td>
-</tr>
-<tr class="even">
-<td style="vertical-align:top"><a href="enterpriseappvmanagement-csp.md" data-raw-source="[EnterpriseAppVManagement CSP](enterpriseappvmanagement-csp.md)">EnterpriseAppVManagement CSP</a></td>
-<td style="vertical-align:top"><p>Added new CSP.</p></td>
-</tr>
-<tr class="odd">
-<td style="vertical-align:top"><a href="healthattestation-csp.md" data-raw-source="[HealthAttestation CSP](healthattestation-csp.md)">HealthAttestation CSP</a></td>
-<td style="vertical-align:top"><p>Added the following settings:</p>
-<ul>
-<li>HASEndpoint - added in Windows 10, version 1607, but not documented</li>
-<li>TpmReadyStatus - added in the March service release of Windows 10, version 1607</li>
-</ul></td>
-</tr>
-<tr class="even">
-<td style="vertical-align:top"><p><a href="surfacehub-csp.md" data-raw-source="[SurfaceHub CSP](surfacehub-csp.md)">SurfaceHub CSP</a></p></td>
-<td style="vertical-align:top"><p>Added the following nodes and settings:</p>
-<ul>
-<li>InBoxApps/SkypeForBusiness</li>
-<li>InBoxApps/SkypeForBusiness/DomainName</li>
-<li>InBoxApps/Connect</li>
-<li>InBoxApps/Connect/AutoLaunch</li>
-<li>Properties/DefaultVolume</li>
-<li>Properties/ScreenTimeout</li>
-<li>Properties/SessionTimeout</li>
-<li>Properties/SleepTimeout</li>
-<li>Properties/AllowSessionResume</li>
-<li>Properties/AllowAutoProxyAuth</li>
-<li>Properties/DisableSigninSuggestions</li>
-<li>Properties/DoNotShowMyMeetingsAndFiles</li>
-</ul>
-</td>
-</tr>
-<tr class="odd">
-<td style="vertical-align:top"><a href="networkqospolicy-csp.md" data-raw-source="[NetworkQoSPolicy CSP](networkqospolicy-csp.md)">NetworkQoSPolicy CSP</a></td>
-<td style="vertical-align:top"><p>Added new CSP.</p></td>
-</tr>
-<tr class="even">
-<td style="vertical-align:top"><p><a href="windowslicensing-csp.md" data-raw-source="[WindowsLicensing CSP](windowslicensing-csp.md)">WindowsLicensing CSP</a></p></td>
-<td style="vertical-align:top"><p>Added the following setting:</p>
-<ul>
-<li>ChangeProductKey</li>
-</ul>
-</td>
-</tr>
-<tr class="odd">
-<td style="vertical-align:top"><a href="windowsadvancedthreatprotection-csp.md" data-raw-source="[WindowsAdvancedThreatProtection CSP](windowsadvancedthreatprotection-csp.md)">WindowsAdvancedThreatProtection CSP</a></td>
-<td style="vertical-align:top"><p>Added the following setting:</p>
-<ul>
-<li>Configuration/TelemetryReportingFrequency</li>
-</ul>
-</td>
-</tr>
-<tr class="even">
-<td style="vertical-align:top"><a href="dmsessionactions-csp.md" data-raw-source="[DMSessionActions CSP](dmsessionactions-csp.md)">DMSessionActions CSP</a></td>
-<td style="vertical-align:top"><p>Added new CSP.</p>
-</td></tr>
-<tr class="odd">
-<td style="vertical-align:top"><a href="dmsessionactions-csp.md" data-raw-source="[SharedPC CSP](dmsessionactions-csp.md)">SharedPC CSP</a></td>
-<td style="vertical-align:top"><p>Added new settings in Windows 10, version 1703.</p>
-<ul>
-<li>RestrictLocalStorage</li>
-<li>KioskModeAUMID</li>
-<li>KioskModeUserTileDisplayText</li>
-<li>InactiveThreshold</li>
-<li>MaxPageFileSizeMB</li>
-</ul>
-<p>The default value for SetEduPolicies changed to false. The default value for SleepTimeout changed to 300.</p>
-</td></tr>
-<tr class="even">
-<td style="vertical-align:top"><a href="remotelock-csp.md" data-raw-source="[RemoteLock CSP](remotelock-csp.md)">RemoteLock CSP</a></td>
-<td style="vertical-align:top"><p>Added following setting:</p>
-<ul>
-<li>LockAndRecoverPIN</li>
-</ul>
-</td></tr>
-<tr class="odd">
-<td style="vertical-align:top"><a href="nodecache-csp.md" data-raw-source="[NodeCache CSP](nodecache-csp.md)">NodeCache CSP</a></td>
-<td style="vertical-align:top"><p>Added following settings:</p>
-<ul>
-<li>ChangedNodesData</li>
-<li>AutoSetExpectedValue</li>
-</ul>
-</td></tr>
-<tr class="even">
-<td style="vertical-align:top"><a href="https://download.microsoft.com/download/C/7/C/C7C94663-44CF-4221-ABCA-BC895F42B6C2/Windows10_1703_DDF_download.zip" data-raw-source="[Download all the DDF files for Windows 10, version 1703](https://download.microsoft.com/download/C/7/C/C7C94663-44CF-4221-ABCA-BC895F42B6C2/Windows10_1703_DDF_download.zip)">Download all the DDF files for Windows 10, version 1703</a></td>
-<td style="vertical-align:top"><p>Added a zip file containing the DDF XML files of the CSPs. The link to the download is available in the DDF topics of various CSPs.</p>
-</td></tr>
-<tr class="odd">
-<td style="vertical-align:top"><a href="remotewipe-csp.md" data-raw-source="[RemoteWipe CSP](remotewipe-csp.md)">RemoteWipe CSP</a></td>
-<td style="vertical-align:top"><p>Added new setting in Windows 10, version 1703.</p>
-<ul>
-<li>doWipeProtected</li>
-</ul>
-</td></tr>
-<tr class="even">
-<td style="vertical-align:top"><a href="https://msdn.microsoft.com/library/windows/hardware/dn905224" data-raw-source="[MDM Bridge WMI Provider](https://msdn.microsoft.com/library/windows/hardware/dn905224)">MDM Bridge WMI Provider</a></td>
-<td style="vertical-align:top"><p>Added new classes and properties.</p>
-</td></tr>
-<td style="vertical-align:top"><a href="understanding-admx-backed-policies.md" data-raw-source="[Understanding ADMX-backed policies](understanding-admx-backed-policies.md)">Understanding ADMX-backed policies</a></td>
-<td style="vertical-align:top"><p>Added a section describing SyncML examples of various ADMX elements.</p>
-</td></tr>
-<tr class="odd">
-<td style="vertical-align:top"><a href="win32-and-centennial-app-policy-configuration.md" data-raw-source="[Win32 and Desktop Bridge app policy configuration](win32-and-centennial-app-policy-configuration.md)">Win32 and Desktop Bridge app policy configuration</a></td>
-<td style="vertical-align:top">New topic.</td>
-</tr>
-<tr class="odd">
-<td style="vertical-align:top"><a href="appv-deploy-and-config.md" data-raw-source="[Deploy and configure App-V apps using MDM](appv-deploy-and-config.md)">Deploy and configure App-V apps using MDM</a></td>
-<td style="vertical-align:top"><p>Added a new topic describing how to deploy and configure App-V apps using MDM.</p>
-</td></tr>
-<tr class="even">
-<td style="vertical-align:top"><a href="enterprisedesktopappmanagement-csp.md" data-raw-source="[EnterpriseDesktopAppManagement CSP](enterprisedesktopappmanagement-csp.md)">EnterpriseDesktopAppManagement CSP</a></td>
-<td style="vertical-align:top"><p>Added new setting in the March service release of Windows 10, version 1607.</p>
-<ul>
-<li>MSI/UpgradeCode/[Guid]</li>
-</ul>
-</td></tr>
-<tr class="odd">
-<td style="vertical-align:top"><a href="reporting-csp.md" data-raw-source="[Reporting CSP](reporting-csp.md)">Reporting CSP</a></td>
-<td style="vertical-align:top"><p>Added new settings in Windows 10, version 1703.</p>
-<ul>
-<li>EnterpriseDataProtection/RetrieveByTimeRange/Type</li>
-<li>EnterpriseDataProtection/RetrieveByCount/Type</li>
-</ul>
-</td></tr>
-<tr class="even">
-<td style="vertical-align:top"><a href="mdm-enrollment-of-windows-devices.md#connect-your-windows-10-based-device-to-work-using-a-deep-link" data-raw-source="[Connecting your Windows 10-based device to work using a deep link](mdm-enrollment-of-windows-devices.md#connect-your-windows-10-based-device-to-work-using-a-deep-link)">Connect your Windows 10-based device to work using a deep link</a></td>
-<td style="vertical-align:top"><p>Added following deep link parameters to the table:</p>
-<ul>
-<li>Username</li>
-<li>Servername</li>
-<li>Accesstoken</li>
-<li>Deviceidentifier</li>
-<li>Tenantidentifier</li>
-<li>Ownership</li>
-</ul>
-</td></tr>
-<tr class="odd">
-<td style="vertical-align:top">MDM support for Windows 10 S</td>
-<td style="vertical-align:top"><p>Updated the following topics to indicate MDM support in Windows 10 S.</p>
-<ul>
-<li><a href="configuration-service-provider-reference.md" data-raw-source="[Configuration service provider reference](configuration-service-provider-reference.md)">Configuration service provider reference</a></li>
-<li><a href="policy-configuration-service-provider.md" data-raw-source="[Policy CSP](policy-configuration-service-provider.md)">Policy CSP</a></li>
-</ul>
-</td></tr>
-<tr class="even">
-<td style="vertical-align:top"><a href="tpmpolicy-csp.md" data-raw-source="[TPMPolicy CSP](tpmpolicy-csp.md)">TPMPolicy CSP</a></td>
-<td style="vertical-align:top">New CSP added in Windows 10, version 1703.</td>
-</tr>
-</tbody>
-</table> 
-
+| New or updated article | Description |
+|-----|-----|
+| [Update CSP](update-csp.md) | Added the following nodes:<br>- FailedUpdates/_Failed Update Guid_/RevisionNumber<br>- InstalledUpdates/_Installed Update Guid_/RevisionNumber<br>- PendingRebootUpdates/_Pending Reboot Update Guid_/RevisionNumber |
+| [CM_CellularEntries CSP](cm-cellularentries-csp.md) | To PurposeGroups setting, added the following values:<br>- Purchase - 95522B2B-A6D1-4E40-960B-05E6D3F962AB<br>- Administrative - 2FFD9261-C23C-4D27-8DCF-CDE4E14A3364 |
+| [CertificateStore CSP](certificatestore-csp.md) | Added the following setting:<br>- My/WSTEP/Renew/RetryAfterExpiryInterval |
+| [ClientCertificateInstall CSP](clientcertificateinstall-csp.md) | Added the following setting:<br>- SCEP/UniqueID/Install/AADKeyIdentifierList |
+| [DMAcc CSP](dmacc-csp.md) | Added the following setting:<br>- AccountUID/EXT/Microsoft/InitiateSession |
+| [DMClient CSP](dmclient-csp.md) | Added the following nodes and settings:<br>- HWDevID<br>- Provider/ProviderID/ManagementServerToUpgradeTo<br>- Provider/ProviderID/CustomEnrollmentCompletePage<br>- Provider/ProviderID/CustomEnrollmentCompletePage/Title<br>- Provider/ProviderID/CustomEnrollmentCompletePage/BodyText<br>- Provider/ProviderID/CustomEnrollmentCompletePage/HyperlinkHref<br>- Provider/ProviderID/CustomEnrollmentCompletePage/HyperlinkText |
+| [CellularSettings CSP](cellularsettings-csp.md)<br>[CM_CellularEntries CSP](cm-cellularentries-csp.md)<br>[EnterpriseAPN CSP](enterpriseapn-csp.md) | For these CSPs, support was added for Windows 10 Home, Pro, Enterprise, and Education editions. |
+| [SecureAssessment CSP](secureassessment-csp.md) | Added the following settings:<br>- AllowTextSuggestions<br>- RequirePrinting |
+| [EnterpriseAPN CSP](enterpriseapn-csp.md) | Added the following setting:<br>- Roaming |
+| [Messaging CSP](messaging-csp.md) | Added new CSP. This CSP is only supported in Windows 10 Mobile and Mobile Enterprise editions. |
+| [Policy CSP](policy-configuration-service-provider.md) | Added the following new policies:<br>- Accounts/AllowMicrosoftAccountSignInAssistant<br>- ApplicationDefaults/DefaultAssociationsConfiguration<br>- Browser/AllowAddressBarDropdown<br>- Browser/AllowFlashClickToRun<br>- Browser/AllowMicrosoftCompatibilityList<br>- Browser/AllowSearchEngineCustomization<br>- Browser/ClearBrowsingDataOnExit<br>- Browser/ConfigureAdditionalSearchEngines<br>- Browser/DisableLockdownOfStartPages<br>- Browser/PreventFirstRunPage<br>- Browser/PreventLiveTileDataCollection<br>- Browser/SetDefaultSearchEngine<br>- Browser/SyncFavoritesBetweenIEAndMicrosoftEdge<br>- Connectivity/AllowConnectedDevices<br>- DeliveryOptimization/DOAllowVPNPeerCaching<br>- DeliveryOptimization/DOMinBatteryPercentageAllowedToUpload<br>- DeliveryOptimization/DOMinDiskSizeAllowedToPeer<br>- DeliveryOptimization/DOMinFileSizeToCache<br>- DeliveryOptimization/DOMinRAMAllowedToPeer<br>- DeviceLock/MaxInactivityTimeDeviceLockWithExternalDisplay<br>- Display/TurnOffGdiDPIScalingForApps<br>- Display/TurnOnGdiDPIScalingForApps<br>- EnterpriseCloudPrint/CloudPrinterDiscoveryEndPoint<br>- EnterpriseCloudPrint/CloudPrintOAuthAuthority<br>- EnterpriseCloudPrint/CloudPrintOAuthClientId<br>- EnterpriseCloudPrint/CloudPrintResourceId<br>- EnterpriseCloudPrint/DiscoveryMaxPrinterLimit<br>- EnterpriseCloudPrint/MopriaDiscoveryResourceId<br>- Experience/AllowFindMyDevice<br>- Experience/AllowTailoredExperiencesWithDiagnosticData<br>- Experience/AllowWindowsSpotlightOnActionCenter<br>- Experience/AllowWindowsSpotlightWindowsWelcomeExperience<br>- Location/EnableLocation<br>- Messaging/AllowMMS<br>- Messaging/AllowRCS<br>- Privacy/LetAppsAccessTasks<br>- Privacy/LetAppsAccessTasks_ForceAllowTheseApps<br>- Privacy/LetAppsAccessTasks_ForceDenyTheseApps<br>- Privacy/LetAppsAccessTasks_UserInControlOfTheseApps<br>- Privacy/LetAppsGetDiagnosticInfo<br>- Privacy/LetAppsGetDiagnosticInfo_ForceAllowTheseApps<br>- Privacy/LetAppsGetDiagnosticInfo_ForceDenyTheseApps<br>- Privacy/LetAppsGetDiagnosticInfo_UserInControlOfTheseApps<br>- Privacy/LetAppsRunInBackground<br>- Privacy/LetAppsRunInBackground_ForceAllowTheseApps<br>- Privacy/LetAppsRunInBackground_ForceDenyTheseApps<br>- Privacy/LetAppsRunInBackground_UserInControlOfTheseApps<br>- Settings/ConfigureTaskbarCalendar<br>- Settings/PageVisibilityList<br>- SmartScreen/EnableAppInstallControl<br>- SmartScreen/EnableSmartScreenInShell<br>- SmartScreen/PreventOverrideForFilesInShell<br>- Start/AllowPinnedFolderDocuments<br>- Start/AllowPinnedFolderDownloads<br>- Start/AllowPinnedFolderFileExplorer<br>- Start/AllowPinnedFolderHomeGroup<br>- Start/AllowPinnedFolderMusic<br>- Start/AllowPinnedFolderNetwork<br>- Start/AllowPinnedFolderPersonalFolder<br>- Start/AllowPinnedFolderPictures<br>- Start/AllowPinnedFolderSettings<br>- Start/AllowPinnedFolderVideos<br>- Start/HideAppList<br>- Start/HideChangeAccountSettings<br>- Start/HideFrequentlyUsedApps<br>- Start/HideHibernate<br>- Start/HideLock<br>- Start/HidePowerButton<br>- Start/HideRecentJumplists<br>- Start/HideRecentlyAddedApps<br>- Start/HideRestart<br>- Start/HideShutDown<br>- Start/HideSignOut<br>- Start/HideSleep<br>- Start/HideSwitchAccount<br>- Start/HideUserTile<br>- Start/ImportEdgeAssets<br>- Start/NoPinningToTaskbar<br>- System/AllowFontProviders<br>- System/DisableOneDriveFileSync<br>- TextInput/AllowKeyboardTextSuggestions<br>- TimeLanguageSettings/AllowSet24HourClock<br>- Update/ActiveHoursMaxRange<br>- Update/AutoRestartDeadlinePeriodInDays<br>- Update/AutoRestartNotificationSchedule<br>- Update/AutoRestartRequiredNotificationDismissal<br>- Update/DetectionFrequency<br>- Update/EngagedRestartDeadline<br>- Update/EngagedRestartSnoozeSchedule<br>- Update/EngagedRestartTransitionSchedule<br>- Update/IgnoreMOAppDownloadLimit<br>- Update/IgnoreMOUpdateDownloadLimit<br>- Update/PauseFeatureUpdatesStartTime<br>- Update/PauseQualityUpdatesStartTime<br>- Update/SetAutoRestartNotificationDisable<br>- Update/SetEDURestart<br>- WiFi/AllowWiFiDirect<br>- WindowsLogon/HideFastUserSwitching<br>- WirelessDisplay/AllowProjectionFromPC<br>- WirelessDisplay/AllowProjectionFromPCOverInfrastructure<br>- WirelessDisplay/AllowProjectionToPCOverInfrastructure<br>- WirelessDisplay/AllowUserInputFromWirelessDisplayReceiver<br>Removed TextInput/AllowLinguisticDataCollection<br>Starting in Windows 10, version 1703, Update/UpdateServiceUrl is not supported in Windows 10 Mobile Enterprise and IoT Enterprise<br>Starting in Windows 10, version 1703, the maximum value of Update/DeferFeatureUpdatesPeriodInDays has been increased from 180 days, to 365 days.<br>Starting in Windows 10, version 1703, in Browser/HomePages you can use the &quot;&lt;about:blank&gt;&quot; value if you don’t want to send traffic to Microsoft.<br>Starting in Windows 10, version 1703, Start/StartLayout can now be set on a per-device basis in addition to the pre-existing per-user basis.<br>Added the ConfigOperations/ADMXInstall node and setting, which is used to ingest ADMX files. |
+| [DevDetail CSP](devdetail-csp.md) | Added the following setting:<br>- DeviceHardwareData |
+| [CleanPC CSP](cleanpc-csp.md) | Added the new CSP. |
+| [DeveloperSetup CSP](developersetup-csp.md) | Added the new CSP. |
+| [NetworkProxy CSP](networkproxy-csp.md) | Added the new CSP. |
+| [BitLocker CSP](bitlocker-csp.md) | Added the new CSP.<br><p>Added the following setting:<br>- AllowWarningForOtherDiskEncryption |
+| [EnterpriseDataProtection CSP](enterprisedataprotection-csp.md) | Starting in Windows 10, version 1703, AllowUserDecryption is no longer supported.<br>Added the following settings:<br>- RevokeOnMDMHandoff<br>- SMBAutoEncryptedFileExtensions |
+| [DynamicManagement CSP](dynamicmanagement-csp.md) | Added the new CSP. |
+| [Implement server-side support for mobile application management on Windows](https://docs.microsoft.com/windows/client-management/mdm/implement-server-side-mobile-application-management) | New mobile application management (MAM) support added in Windows 10, version 1703. |
+| [PassportForWork CSP](passportforwork-csp.md) | Added the following new node and settings:<br>- _TenantId_/Policies/ExcludeSecurityDevices (only for ./Device/Vendor/MSFT)<br>- _TenantId_/Policies/ExcludeSecurityDevices/TPM12 (only for ./Device/Vendor/MSFT)<br>- _TenantId_/Policies/EnablePinRecovery |
+| [Office CSP](office-csp.md) | Added the new CSP. |
+| [Personalization CSP](personalization-csp.md) | Added the new CSP. |
+| [EnterpriseAppVManagement CSP](enterpriseappvmanagement-csp.md) | Added the new CSP. |
+| [HealthAttestation CSP](healthattestation-csp.md) | Added the following settings:<br>- HASEndpoint - added in Windows 10, version 1607, but not documented<br>- TpmReadyStatus - added in the March service release of Windows 10, version 1607 |
+| [SurfaceHub CSP](surfacehub-csp.md) | Added the following nodes and settings:<br>- InBoxApps/SkypeForBusiness<br>- InBoxApps/SkypeForBusiness/DomainName<br>- InBoxApps/Connect<br>- InBoxApps/Connect/AutoLaunch<br>- Properties/DefaultVolume<br>- Properties/ScreenTimeout<br>- Properties/SessionTimeout<br>- Properties/SleepTimeout<br>- Properties/AllowSessionResume<br>- Properties/AllowAutoProxyAuth<br>- Properties/DisableSigninSuggestions<br>- Properties/DoNotShowMyMeetingsAndFiles |
+| [NetworkQoSPolicy CSP](networkqospolicy-csp.md) | Added the new CSP. |
+| [WindowsLicensing CSP](windowslicensing-csp.md) | Added the following setting:<br>- ChangeProductKey |
+| [WindowsAdvancedThreatProtection CSP](windowsadvancedthreatprotection-csp.md) | Added the following setting:<br>- Configuration/TelemetryReportingFrequency |
+| [DMSessionActions CSP](dmsessionactions-csp.md) | Added the new CSP. |
+| [SharedPC CSP](dmsessionactions-csp.md) | Added new settings in Windows 10, version 1703:<br>- RestrictLocalStorage<br>- KioskModeAUMID<br>- KioskModeUserTileDisplayText<br>- InactiveThreshold<br>- MaxPageFileSizeMB<br>The default value for SetEduPolicies changed to false. The default value for SleepTimeout changed to 300. |
+| [RemoteLock CSP](remotelock-csp.md) | Added following setting:<br>- LockAndRecoverPIN |
+| [NodeCache CSP](nodecache-csp.md) | Added following settings:<br>- ChangedNodesData<br>- AutoSetExpectedValue |
+| [Download all the DDF files for Windows 10, version 1703](https://download.microsoft.com/download/C/7/C/C7C94663-44CF-4221-ABCA-BC895F42B6C2/Windows10_1703_DDF_download.zip) | Added a zip file containing the DDF XML files of the CSPs. The link to the download is available in the DDF articles of various CSPs. |
+| [RemoteWipe CSP](remotewipe-csp.md) | Added new setting in Windows 10, version 1703:<br>- doWipeProtected |
+| [MDM Bridge WMI Provider](https://msdn.microsoft.com/library/windows/hardware/dn905224) | Added new classes and properties. |
+| [Understanding ADMX-backed policies](https://docs.microsoft.com/windows/client-management/mdm/understanding-admx-backed-policies) | Added a section describing SyncML examples of various ADMX elements. |
+| [Win32 and Desktop Bridge app policy configuration](https://docs.microsoft.com/windows/client-management/mdm/win32-and-centennial-app-policy-configuration) | New article. |
+| [Deploy and configure App-V apps using MDM](https://docs.microsoft.com/windows/client-management/mdm/appv-deploy-and-config) | Added a new article describing how to deploy and configure App-V apps using MDM. |
+| [EnterpriseDesktopAppManagement CSP](enterprisedesktopappmanagement-csp.md) | Added new setting in the March service release of Windows 10, version 1607.<br>- MSI/UpgradeCode/[Guid] |
+| [Reporting CSP](reporting-csp.md) | Added new settings in Windows 10, version 1703.<br>- EnterpriseDataProtection/RetrieveByTimeRange/Type<br>- EnterpriseDataProtection/RetrieveByCount/Type |
+| [Connect your Windows 10-based device to work using a deep link](https://docs.microsoft.com/windows/client-management/mdm/mdm-enrollment-of-windows-devices#connect-your-windows-10-based-device-to-work-using-a-deep-link) | Added following deep link parameters to the table:<br>- Username<br>- Servername<br>- Accesstoken<br>- Deviceidentifier<br>- Tenantidentifier<br>- Ownership |
+| MDM support for Windows 10 S | Updated the following articles to indicate MDM support in Windows 10 S.<br>- [Configuration service provider reference](configuration-service-provider-reference.md)<br>- [Policy CSP](policy-configuration-service-provider.md) |
+| [TPMPolicy CSP](tpmpolicy-csp.md) | Added the new CSP. |
 
 ## What’s new in MDM for Windows 10, version 1607
 
-<table class="mx-tdBreakAll">
-<colgroup>
-<col width="25%" />
-<col width="75%" />
-</colgroup>
-<thead>
-<tr class="header">
-<th>Item</th>
-<th>Description</th>
-</tr>
-</thead>
-<tbody>
-<tr class="odd">
-<td style="vertical-align:top"><p>Sideloading of apps</p></td>
-<td style="vertical-align:top"><p>Starting in Windows 10, version 1607, sideloading of apps is only allowed through <a href="enterprisemodernappmanagement-csp.md" data-raw-source="[EnterpriseModernAppManagement CSP](enterprisemodernappmanagement-csp.md)">EnterpriseModernAppManagement CSP</a>. Product keys (5x5) will no longer be supported to enable sideloading on Windows 10, version 1607 devices.</p></td>
-</tr>
-<tr class="even">
-<td style="vertical-align:top"><p>New value for <a href="nodecache-csp.md" data-raw-source="[NodeCache CSP](nodecache-csp.md)">NodeCache CSP</a></p></td>
-<td style="vertical-align:top"><p>In <a href="nodecache-csp.md" data-raw-source="[NodeCache CSP](nodecache-csp.md)">NodeCache CSP</a>, the value of NodeCache root node starting in Windows 10, version 1607 is com.microsoft/1.0/MDM/NodeCache.</p></td>
-</tr>
-<tr class="odd">
-<td style="vertical-align:top"><a href="enterprisedataprotection-csp.md" data-raw-source="[EnterpriseDataProtection CSP](enterprisedataprotection-csp.md)">EnterpriseDataProtection CSP</a></td>
-<td style="vertical-align:top"><p>New CSP.</p></td>
-</tr>
-<tr class="even">
-<td style="vertical-align:top"><a href="policy-configuration-service-provider.md" data-raw-source="[Policy CSP](policy-configuration-service-provider.md)">Policy CSP</a></td>
-<td style="vertical-align:top"><p>Removed the following policies:</p>
-<ul>
-<li>DataProtection/AllowAzureRMSForEDP - moved this policy to <a href="enterprisedataprotection-csp.md" data-raw-source="[EnterpriseDataProtection CSP](enterprisedataprotection-csp.md)">EnterpriseDataProtection CSP</a></li>
-<li>DataProtection/AllowUserDecryption - moved this policy to <a href="enterprisedataprotection-csp.md" data-raw-source="[EnterpriseDataProtection CSP](enterprisedataprotection-csp.md)">EnterpriseDataProtection CSP</a></li>
-<li>DataProtection/EDPEnforcementLevel - moved this policy to <a href="enterprisedataprotection-csp.md" data-raw-source="[EnterpriseDataProtection CSP](enterprisedataprotection-csp.md)">EnterpriseDataProtection CSP</a></li>
-<li>DataProtection/RequireProtectionUnderLockConfig - moved this policy to <a href="enterprisedataprotection-csp.md" data-raw-source="[EnterpriseDataProtection CSP](enterprisedataprotection-csp.md)">EnterpriseDataProtection CSP</a></li>
-<li>DataProtection/RevokeOnUnenroll - moved this policy to <a href="enterprisedataprotection-csp.md" data-raw-source="[EnterpriseDataProtection CSP](enterprisedataprotection-csp.md)">EnterpriseDataProtection CSP</a></li>
-<li>DataProtection/EnterpriseCloudResources - moved this policy to NetworkIsolation policy</li>
-<li>DataProtection/EnterpriseInternalProxyServers - moved this policy to NetworkIsolation policy</li>
-<li>DataProtection/EnterpriseIPRange - moved this policy to NetworkIsolation policy</li>
-<li>DataProtection/EnterpriseNetworkDomainNames - moved this policy to NetworkIsolation policy</li>
-<li>DataProtection/EnterpriseProxyServers - moved this policy to NetworkIsolation policy</li>
-<li>Security/AllowAutomaticDeviceEncryptionForAzureADJoinedDevices - this policy has been deprecated.</li>
-</ul>
-<p>Added the <strong>WiFi/AllowManualWiFiConfiguration</strong> and <strong>WiFi/AllowWiFi</strong> policies for Windows 10, version 1607:</p>
-<ul>
-<li>Windows 10 Pro</li>
-<li>Windows 10 Enterprise</li>
-<li>Windows 10 Education</li>
-</ul>
-<p>Added the following new policies:</p>
-<ul>
-<li>AboveLock/AllowCortanaAboveLock</li>
-<li>ApplicationManagement/DisableStoreOriginatedApps</li>
-<li>Authentication/AllowSecondaryAuthenticationDevice</li>
-<li>Bluetooth/AllowPrepairing</li>
-<li>Browser/AllowExtensions</li>
-<li>Browser/PreventAccessToAboutFlagsInMicrosoftEdge</li>
-<li>Browser/ShowMessageWhenOpeningSitesInInternetExplorer</li>
-<li>DeliveryOptimization/DOAbsoluteMaxCacheSize</li>
-<li>DeliveryOptimization/DOMaxDownloadBandwidth</li>
-<li>DeliveryOptimization/DOMinBackgroundQoS</li>
-<li>DeliveryOptimization/DOModifyCacheDrive</li>
-<li>DeliveryOptimization/DOMonthlyUploadDataCap</li>
-<li>DeliveryOptimization/DOPercentageMaxDownloadBandwidth</li>
-<li>DeviceLock/EnforceLockScreenAndLogonImage</li>
-<li>DeviceLock/EnforceLockScreenProvider</li>
-<li>Defender/PUAProtection</li>
-<li>Experience/AllowThirdPartySuggestionsInWindowsSpotlight</li>
-<li>Experience/AllowWindowsSpotlight</li>
-<li>Experience/ConfigureWindowsSpotlightOnLockScreen</li>
-<li>Experience/DoNotShowFeedbackNotifications</li>
-<li>Licensing/AllowWindowsEntitlementActivation</li>
-<li>Licensing/DisallowKMSClientOnlineAVSValidation</li>
-<li>LockDown/AllowEdgeSwipe</li>
-<li>Maps/EnableOfflineMapsAutoUpdate</li>
-<li>Maps/AllowOfflineMapsDownloadOverMeteredConnection</li>
-<li>Messaging/AllowMessageSync</li>
-<li>NetworkIsolation/EnterpriseCloudResources</li>
-<li>NetworkIsolation/EnterpriseInternalProxyServers</li>
-<li>NetworkIsolation/EnterpriseIPRange</li>
-<li>NetworkIsolation/EnterpriseIPRangesAreAuthoritative</li>
-<li>NetworkIsolation/EnterpriseNetworkDomainNames</li>
-<li>NetworkIsolation/EnterpriseProxyServers</li>
-<li>NetworkIsolation/EnterpriseProxyServersAreAuthoritative</li>
-<li>NetworkIsolation/NeutralResources</li>
-<li>Notifications/DisallowNotificationMirroring</li>
-<li>Privacy/DisableAdvertisingId</li>
-<li>Privacy/LetAppsAccessAccountInfo</li>
-<li>Privacy/LetAppsAccessAccountInfo_ForceAllowTheseApps</li>
-<li>Privacy/LetAppsAccessAccountInfo_ForceDenyTheseApps</li>
-<li>Privacy/LetAppsAccessAccountInfo_UserInControlOfTheseApps</li>
-<li>Privacy/LetAppsAccessCalendar</li>
-<li>Privacy/LetAppsAccessCalendar_ForceAllowTheseApps</li>
-<li>Privacy/LetAppsAccessCalendar_ForceDenyTheseApps</li>
-<li>Privacy/LetAppsAccessCalendar_UserInControlOfTheseApps</li>
-<li>Privacy/LetAppsAccessCallHistory</li>
-<li>Privacy/LetAppsAccessCallHistory_ForceAllowTheseApps</li>
-<li>Privacy/LetAppsAccessCallHistory_ForceDenyTheseApps</li>
-<li>Privacy/LetAppsAccessCallHistory_UserInControlOfTheseApps</li>
-<li>Privacy/LetAppsAccessCamera</li>
-<li>Privacy/LetAppsAccessCamera_ForceAllowTheseApps</li>
-<li>Privacy/LetAppsAccessCamera_ForceDenyTheseApps</li>
-<li>Privacy/LetAppsAccessCamera_UserInControlOfTheseApps</li>
-<li>Privacy/LetAppsAccessContacts</li>
-<li>Privacy/LetAppsAccessContacts_ForceAllowTheseApps</li>
-<li>Privacy/LetAppsAccessContacts_ForceDenyTheseApps</li>
-<li>Privacy/LetAppsAccessContacts_UserInControlOfTheseApps</li>
-<li>Privacy/LetAppsAccessEmail</li>
-<li>Privacy/LetAppsAccessEmail_ForceAllowTheseApps</li>
-<li>Privacy/LetAppsAccessEmail_ForceDenyTheseApps</li>
-<li>Privacy/LetAppsAccessEmail_UserInControlOfTheseApps</li>
-<li>Privacy/LetAppsAccessLocation</li>
-<li>Privacy/LetAppsAccessLocation_ForceAllowTheseApps</li>
-<li>Privacy/LetAppsAccessLocation_ForceDenyTheseApps</li>
-<li>Privacy/LetAppsAccessLocation_UserInControlOfTheseApps</li>
-<li>Privacy/LetAppsAccessMessaging</li>
-<li>Privacy/LetAppsAccessMessaging_ForceAllowTheseApps</li>
-<li>Privacy/LetAppsAccessMessaging_ForceDenyTheseApps</li>
-<li>Privacy/LetAppsAccessMessaging_UserInControlOfTheseApps</li>
-<li>Privacy/LetAppsAccessMicrophone</li>
-<li>Privacy/LetAppsAccessMicrophone_ForceAllowTheseApps</li>
-<li>Privacy/LetAppsAccessMicrophone_ForceDenyTheseApps</li>
-<li>Privacy/LetAppsAccessMicrophone_UserInControlOfTheseApps</li>
-<li>Privacy/LetAppsAccessMotion</li>
-<li>Privacy/LetAppsAccessMotion_ForceAllowTheseApps</li>
-<li>Privacy/LetAppsAccessMotion_ForceDenyTheseApps</li>
-<li>Privacy/LetAppsAccessMotion_UserInControlOfTheseApps</li>
-<li>Privacy/LetAppsAccessNotifications</li>
-<li>Privacy/LetAppsAccessNotifications_ForceAllowTheseApps</li>
-<li>Privacy/LetAppsAccessNotifications_ForceDenyTheseApps</li>
-<li>Privacy/LetAppsAccessNotifications_UserInControlOfTheseApps</li>
-<li>Privacy/LetAppsAccessPhone</li>
-<li>Privacy/LetAppsAccessPhone_ForceAllowTheseApps</li>
-<li>Privacy/LetAppsAccessPhone_ForceDenyTheseApps</li>
-<li>Privacy/LetAppsAccessPhone_UserInControlOfTheseApps</li>
-<li>Privacy/LetAppsAccessRadios</li>
-<li>Privacy/LetAppsAccessRadios_ForceAllowTheseApps</li>
-<li>Privacy/LetAppsAccessRadios_ForceDenyTheseApps</li>
-<li>Privacy/LetAppsAccessRadios_UserInControlOfTheseApps</li>
-<li>Privacy/LetAppsAccessTrustedDevices</li>
-<li>Privacy/LetAppsAccessTrustedDevices_ForceAllowTheseApps</li>
-<li>Privacy/LetAppsAccessTrustedDevices_ForceDenyTheseApps</li>
-<li>Privacy/LetAppsAccessTrustedDevices_UserInControlOfTheseApps</li>
-<li>Privacy/LetAppsSyncWithDevices</li>
-<li>Privacy/LetAppsSyncWithDevices_ForceAllowTheseApps</li>
-<li>Privacy/LetAppsSyncWithDevices_ForceDenyTheseApps</li>
-<li>Privacy/LetAppsSyncWithDevices_UserInControlOfTheseApps</li>
-<li>Security/PreventAutomaticDeviceEncryptionForAzureADJoinedDevices</li>
-<li>Settings/AllowEditDeviceName</li>
-<li>Speech/AllowSpeechModelUpdate</li>
-<li>System/TelemetryProxy</li>
-<li>Update/ActiveHoursStart</li>
-<li>Update/ActiveHoursEnd</li>
-<li>Update/AllowMUUpdateService</li>
-<li>Update/BranchReadinessLevel</li>
-<li>Update/DeferFeatureUpdatesPeriodInDays</li>
-<li>Update/DeferQualityUpdatesPeriodInDays</li>
-<li>Update/ExcludeWUDriversInQualityUpdate</li>
-<li>Update/PauseFeatureUpdates</li>
-<li>Update/PauseQualityUpdates</li>
-<li>Update/SetProxyBehaviorForUpdateDetection</li>
-<li>Update/UpdateServiceUrlAlternate (Added in the January service release of Windows 10, version 1607)</li>
-<li>WindowsInkWorkspace/AllowWindowsInkWorkspace</li>
-<li>WindowsInkWorkspace/AllowSuggestedAppsInWindowsInkWorkspace</li>
-<li>WirelessDisplay/AllowProjectionToPC</li>
-<li>WirelessDisplay/RequirePinForPairing</li>
-</ul>
-<p>Updated the <strong>Privacy/AllowAutoAcceptPairingAndPrivacyConsentPrompts</strong> description to remove outdated information.</p>
-<p>Updated DeliveryOptimization/DODownloadMode to add new values.</p>
-<p>Updated Experience/AllowCortana description to clarify what each supported value does.</p>
-<p>Updated Security/AntiTheftMode description to clarify what each supported value does.</p></td>
-</tr>
-<tr class="odd">
-<td style="vertical-align:top"><a href="dmclient-csp.md" data-raw-source="[DMClient CSP](dmclient-csp.md)">DMClient CSP</a></td>
-<td style="vertical-align:top"><p>Added the following settings:</p>
-<ul>
-<li>ManagementServerAddressList</li>
-<li>AADDeviceID</li>
-<li>EnrollmentType</li>
-<li>HWDevID</li>
-<li>CommercialID</li>
-</ul>
-<p>Removed the EnrollmentID setting.</p></td>
-</tr>
-<tr class="odd">
-<td style="vertical-align:top"><a href="devicemanageability-csp.md" data-raw-source="[DeviceManageability CSP](devicemanageability-csp.md)">DeviceManageability CSP</a></td>
-<td style="vertical-align:top"><p>New CSP.</p></td>
-</tr>
-<tr class="even">
-<td style="vertical-align:top"><a href="devicestatus-csp.md" data-raw-source="[DeviceStatus CSP](devicestatus-csp.md)">DeviceStatus CSP</a></td>
-<td style="vertical-align:top"><p>Added the following new settings:</p>
-<ul>
-<li>DeviceStatus/TPM/SpecificationVersion</li>
-<li>DeviceStatus/OS/Edition</li>
-<li>DeviceStatus/Antivirus/SignatureStatus</li>
-<li>DeviceStatus/Antivirus/Status</li>
-<li>DeviceStatus/Antispyware/SignatureStatus</li>
-<li>DeviceStatus/Antispyware/Status</li>
-<li>DeviceStatus/Firewall/Status</li>
-<li>DeviceStatus/UAC/Status</li>
-<li>DeviceStatus/Battery/Status</li>
-<li>DeviceStatus/Battery/EstimatedChargeRemaining</li>
-<li>DeviceStatus/Battery/EstimatedRuntime</li>
-</ul></td>
-</tr>
-<tr class="odd">
-<td style="vertical-align:top"><a href="assignedaccess-csp.md" data-raw-source="[AssignedAccess CSP](assignedaccess-csp.md)">AssignedAccess CSP</a></td>
-<td style="vertical-align:top"><p>Added SyncML examples.</p></td>
-</tr>
-<tr class="even">
-<td style="vertical-align:top"><a href="enterpriseassignedaccess-csp.md" data-raw-source="[EnterpriseAssignedAccess CSP](enterpriseassignedaccess-csp.md)">EnterpriseAssignedAccess CSP</a></td>
-<td style="vertical-align:top"><ul>
-<li>Added a new Folder table entry in the AssignedAccess/AssignedAccessXml description.</li>
-<li>Updated the DDF and XSD file sections.</li>
-</ul></td>
-</tr>
-<tr class="odd">
-<td style="vertical-align:top"><a href="secureassessment-csp.md" data-raw-source="[SecureAssessment CSP](secureassessment-csp.md)">SecureAssessment CSP</a></td>
-<td style="vertical-align:top"><p>New CSP for Windows 10, version 1607</p></td>
-</tr>
-<tr class="even">
-<td style="vertical-align:top"><a href="diagnosticlog-csp.md" data-raw-source="[DiagnosticLog CSP](diagnosticlog-csp.md)">DiagnosticLog CSP</a>
-<p><a href="diagnosticlog-ddf.md" data-raw-source="[DiagnosticLog DDF](diagnosticlog-ddf.md)">DiagnosticLog DDF</a></p></td>
-<td style="vertical-align:top"><p>Added version 1.3 of the CSP with two new settings. Added the new 1.3 version of the DDF. Added the following new settings in Windows 10, version 1607.</p>
-<ul>
-<li>DeviceStateData</li>
-<li>DeviceStateData/MdmConfiguration</li>
-</ul></td>
-</tr>
-<tr class="odd">
-<td style="vertical-align:top"><a href="reboot-csp.md" data-raw-source="[Reboot CSP](reboot-csp.md)">Reboot CSP</a></td>
-<td style="vertical-align:top"><p>New CSP for Windows 10, version 1607</p></td>
-</tr>
-<tr class="even">
-<td style="vertical-align:top"><a href="cmpolicyenterprise-csp.md" data-raw-source="[CMPolicyEnterprise CSP](cmpolicyenterprise-csp.md)">CMPolicyEnterprise CSP</a></td>
-<td style="vertical-align:top"><p>New CSP for Windows 10, version 1607</p></td>
-</tr>
-<tr class="odd">
-<td style="vertical-align:top"><a href="vpnv2-csp.md" data-raw-source="[VPNv2 CSP](vpnv2-csp.md)">VPNv2 CSP</a></td>
-<td style="vertical-align:top"><p>Added the following settings for Windows 10, version 1607</p>
-<ul>
-<li><em>ProfileName</em>/RouteList/routeRowId/ExclusionRoute</li>
-<li><em>ProfileName</em>/DomainNameInformationList/<em>dniRowId</em>/AutoTrigger</li>
-<li><em>ProfileName</em>/DomainNameInformationList/dniRowId/Persistent</li>
-<li><em>ProfileName</em>/ProfileXML</li>
-<li><em>ProfileName</em>/DeviceCompliance/Enabled</li>
-<li><em>ProfileName</em>/DeviceCompliance/Sso</li>
-<li><em>ProfileName</em>/DeviceCompliance/Sso/Enabled</li>
-<li><em>ProfileName</em>/DeviceCompliance/Sso/IssuerHash</li>
-<li><em>ProfileName</em>/DeviceCompliance/Sso/Eku</li>
-<li><em>ProfileName</em>/NativeProfile/CryptographySuite</li>
-<li><em>ProfileName</em>/NativeProfile/CryptographySuite/AuthenticationTransformConstants</li>
-<li><em>ProfileName</em>/NativeProfile/CryptographySuite/CipherTransformConstants</li>
-<li><em>ProfileName</em>/NativeProfile/CryptographySuite/EncryptionMethod</li>
-<li><em>ProfileName</em>/NativeProfile/CryptographySuite/IntegrityCheckMethod</li>
-<li><em>ProfileName</em>/NativeProfile/CryptographySuite/DHGroup</li>
-<li><em>ProfileName</em>/NativeProfile/CryptographySuite/PfsGroup</li>
-<li><em>ProfileName</em>/NativeProfile/L2tpPsk</li>
-</ul></td>
-</tr>
-<tr class="even">
-<td style="vertical-align:top"><a href="win32appinventory-csp.md" data-raw-source="[Win32AppInventory CSP](win32appinventory-csp.md)">Win32AppInventory CSP</a>
-<p><a href="win32appinventory-ddf-file.md" data-raw-source="[Win32AppInventory DDF](win32appinventory-ddf-file.md)">Win32AppInventory DDF</a></p></td>
-<td style="vertical-align:top"><p>New CSP for Windows 10, version 1607.</p></td>
-</tr>
-<tr class="odd">
-<td style="vertical-align:top"><a href="sharedpc-csp.md" data-raw-source="[SharedPC CSP](sharedpc-csp.md)">SharedPC CSP</a></td>
-<td style="vertical-align:top"><p>New CSP for Windows 10, version 1607.</p></td>
-</tr>
-<tr class="even">
-<td style="vertical-align:top"><a href="windowsadvancedthreatprotection-csp.md" data-raw-source="[WindowsAdvancedThreatProtection CSP](windowsadvancedthreatprotection-csp.md)">WindowsAdvancedThreatProtection CSP</a></td>
-<td style="vertical-align:top"><p>New CSP for Windows 10, version 1607.</p></td>
-</tr>
-<tr class="odd">
-<td style="vertical-align:top"><a href="https://msdn.microsoft.com/library/windows/hardware/dn905224" data-raw-source="[MDM Bridge WMI Provider](https://msdn.microsoft.com/library/windows/hardware/dn905224)">MDM Bridge WMI Provider</a></td>
-<td style="vertical-align:top"><p>Added new classes for Windows 10, version 1607.</p></td>
-</tr>
-<tr class="even">
-<td style="vertical-align:top"><a href="mdm-enrollment-of-windows-devices.md" data-raw-source="[MDM enrollment of Windows devices](mdm-enrollment-of-windows-devices.md)">MDM enrollment of Windows devices</a></td>
-<td style="vertical-align:top"><p>Topic renamed from &quot;Enrollment UI&quot;.</p>
-<p>Completely updated enrollment procedures and screenshots.</p></td>
-</tr>
-<tr class="odd">
-<td style="vertical-align:top"><a href="unifiedwritefilter-csp.md" data-raw-source="[UnifiedWriteFilter CSP](unifiedwritefilter-csp.md)">UnifiedWriteFilter CSP</a>
-<p><a href="unifiedwritefilter-ddf.md" data-raw-source="[UnifiedWriteFilter DDF File](unifiedwritefilter-ddf.md)">UnifiedWriteFilter DDF File</a></p></td>
-<td style="vertical-align:top"><p>Added the following new setting for Windows 10, version 1607:</p>
-<ul>
-<li>NextSession/HORMEnabled</li>
-</ul></td>
-</tr>
-<tr class="even">
-<td style="vertical-align:top"><a href="certificatestore-csp.md" data-raw-source="[CertificateStore CSP](certificatestore-csp.md)">CertificateStore CSP</a>
-<p><a href="certificatestore-ddf-file.md" data-raw-source="[CertificateStore DDF file](certificatestore-ddf-file.md)">CertificateStore DDF file</a></p></td>
-<td style="vertical-align:top"><p>Added the following new settings in Windows 10, version 1607:</p>
-<ul>
-<li>My/WSTEP/Renew/LastRenewalAttemptTime</li>
-<li>My/WSTEP/Renew/RenewNow</li>
-</ul></td>
-</tr>
-<tr class="even">
-<td style="vertical-align:top"><p><a href="windowslicensing-csp.md" data-raw-source="[WindowsLicensing CSP](windowslicensing-csp.md)">WindowsLicensing CSP</a></p></td>
-<td style="vertical-align:top"><p>Added the following new node and settings in Windows 10, version 1607, but not documented:</p>
-<ul>
-<li>Subscriptions</li>
-<li>Subscriptions/SubscriptionId</li>
-<li>Subscriptions/SubscriptionId/Status</li>
-<li>Subscriptions/SubscriptionId/Name</li>
-</ul>
-</td>
-</tr>
-<tr class="even">
-<td style="vertical-align:top"><p><a href="wifi-csp.md" data-raw-source="[WiFi CSP](wifi-csp.md)">WiFi CSP</a></p></td>
-<td style="vertical-align:top"><p>Deprecated the following node in Windows 10, version 1607:</p>
-<ul>
-<li>DisableInternetConnectivityChecks</li>
-</ul>
-</tr>
-</td>
-</tbody>
-</table>
+| New or updated article | Description |
+|-----|-----|
+| Sideloading of apps | Starting in Windows 10, version 1607, sideloading of apps is only allowed through [EnterpriseModernAppManagement CSP](enterprisemodernappmanagement-csp.md). Product keys (5x5) will no longer be supported to enable sideloading on Windows 10, version 1607 devices. |
+| [NodeCache CSP](nodecache-csp.md) | The value of NodeCache root node starting in Windows 10, version 1607 is com.microsoft/1.0/MDM/NodeCache. |
+| [EnterpriseDataProtection CSP](enterprisedataprotection-csp.md) | New CSP. |
+| [Policy CSP](policy-configuration-service-provider.md) | Removed the following policies:<br>- DataProtection/AllowAzureRMSForEDP - moved this policy to [EnterpriseDataProtection CSP](enterprisedataprotection-csp.md)<br>- DataProtection/AllowUserDecryption - moved this policy to [EnterpriseDataProtection CSP](enterprisedataprotection-csp.md)<br>- DataProtection/EDPEnforcementLevel - moved this policy to [EnterpriseDataProtection CSP](enterprisedataprotection-csp.md)<br>- DataProtection/RequireProtectionUnderLockConfig - moved this policy to [EnterpriseDataProtection CSP](enterprisedataprotection-csp.md)<br>- DataProtection/RevokeOnUnenroll - moved this policy to [EnterpriseDataProtection CSP](enterprisedataprotection-csp.md)<br>- DataProtection/EnterpriseCloudResources - moved this policy to NetworkIsolation policy<br>- DataProtection/EnterpriseInternalProxyServers - moved this policy to NetworkIsolation policy<br>- DataProtection/EnterpriseIPRange - moved this policy to NetworkIsolation policy<br>- DataProtection/EnterpriseNetworkDomainNames - moved this policy to NetworkIsolation policy<br>- DataProtection/EnterpriseProxyServers - moved this policy to NetworkIsolation policy<br>- Security/AllowAutomaticDeviceEncryptionForAzureADJoinedDevices - this policy has been deprecated.<br><br>Added the WiFi/AllowManualWiFiConfiguration and WiFi/AllowWiFi policies for Windows 10, version 1607:<br>- Windows 10 Pro<br>- Windows 10 Enterprise<br>- Windows 10 Education<br><br>Added the following new policies:<br>- AboveLock/AllowCortanaAboveLock<br>- ApplicationManagement/DisableStoreOriginatedApps<br>- Authentication/AllowSecondaryAuthenticationDevice<br>- Bluetooth/AllowPrepairing<br>- Browser/AllowExtensions<br>- Browser/PreventAccessToAboutFlagsInMicrosoftEdge<br>- Browser/ShowMessageWhenOpeningSitesInInternetExplorer<br>- DeliveryOptimization/DOAbsoluteMaxCacheSize<br>- DeliveryOptimization/DOMaxDownloadBandwidth<br>- DeliveryOptimization/DOMinBackgroundQoS<br>- DeliveryOptimization/DOModifyCacheDrive<br>- DeliveryOptimization/DOMonthlyUploadDataCap<br>- DeliveryOptimization/DOPercentageMaxDownloadBandwidth<br>- DeviceLock/EnforceLockScreenAndLogonImage<br>- DeviceLock/EnforceLockScreenProvider<br>- Defender/PUAProtection<br>- Experience/AllowThirdPartySuggestionsInWindowsSpotlight<br>- Experience/AllowWindowsSpotlight<br>- Experience/ConfigureWindowsSpotlightOnLockScreen<br>- Experience/DoNotShowFeedbackNotifications<br>- Licensing/AllowWindowsEntitlementActivation<br>- Licensing/DisallowKMSClientOnlineAVSValidation<br>- LockDown/AllowEdgeSwipe<br>- Maps/EnableOfflineMapsAutoUpdate<br>- Maps/AllowOfflineMapsDownloadOverMeteredConnection<br>- Messaging/AllowMessageSync<br>- NetworkIsolation/EnterpriseCloudResources<br>- NetworkIsolation/EnterpriseInternalProxyServers<br>- NetworkIsolation/EnterpriseIPRange<br>- NetworkIsolation/EnterpriseIPRangesAreAuthoritative<br>- NetworkIsolation/EnterpriseNetworkDomainNames<br>- NetworkIsolation/EnterpriseProxyServers<br>- NetworkIsolation/EnterpriseProxyServersAreAuthoritative<br>- NetworkIsolation/NeutralResources<br>- Notifications/DisallowNotificationMirroring<br>- Privacy/DisableAdvertisingId<br>- Privacy/LetAppsAccessAccountInfo<br>- Privacy/LetAppsAccessAccountInfo_ForceAllowTheseApps<br>- Privacy/LetAppsAccessAccountInfo_ForceDenyTheseApps<br>- Privacy/LetAppsAccessAccountInfo_UserInControlOfTheseApps<br>- Privacy/LetAppsAccessCalendar<br>- Privacy/LetAppsAccessCalendar_ForceAllowTheseApps<br>- Privacy/LetAppsAccessCalendar_ForceDenyTheseApps<br>- Privacy/LetAppsAccessCalendar_UserInControlOfTheseApps<br>- Privacy/LetAppsAccessCallHistory<br>- Privacy/LetAppsAccessCallHistory_ForceAllowTheseApps<br>- Privacy/LetAppsAccessCallHistory_ForceDenyTheseApps<br>- Privacy/LetAppsAccessCallHistory_UserInControlOfTheseApps<br>- Privacy/LetAppsAccessCamera<br>- Privacy/LetAppsAccessCamera_ForceAllowTheseApps<br>- Privacy/LetAppsAccessCamera_ForceDenyTheseApps<br>- Privacy/LetAppsAccessCamera_UserInControlOfTheseApps<br>- Privacy/LetAppsAccessContacts<br>- Privacy/LetAppsAccessContacts_ForceAllowTheseApps<br>- Privacy/LetAppsAccessContacts_ForceDenyTheseApps<br>- Privacy/LetAppsAccessContacts_UserInControlOfTheseApps<br>- Privacy/LetAppsAccessEmail<br>- Privacy/LetAppsAccessEmail_ForceAllowTheseApps<br>- Privacy/LetAppsAccessEmail_ForceDenyTheseApps<br>- Privacy/LetAppsAccessEmail_UserInControlOfTheseApps<br>- Privacy/LetAppsAccessLocation<br>- Privacy/LetAppsAccessLocation_ForceAllowTheseApps<br>- Privacy/LetAppsAccessLocation_ForceDenyTheseApps<br>- Privacy/LetAppsAccessLocation_UserInControlOfTheseApps<br>- Privacy/LetAppsAccessMessaging<br>- Privacy/LetAppsAccessMessaging_ForceAllowTheseApps<br>- Privacy/LetAppsAccessMessaging_ForceDenyTheseApps<br>- Privacy/LetAppsAccessMessaging_UserInControlOfTheseApps<br>- Privacy/LetAppsAccessMicrophone<br>- Privacy/LetAppsAccessMicrophone_ForceAllowTheseApps<br>- Privacy/LetAppsAccessMicrophone_ForceDenyTheseApps<br>- Privacy/LetAppsAccessMicrophone_UserInControlOfTheseApps<br>- Privacy/LetAppsAccessMotion<br>- Privacy/LetAppsAccessMotion_ForceAllowTheseApps<br>- Privacy/LetAppsAccessMotion_ForceDenyTheseApps<br>- Privacy/LetAppsAccessMotion_UserInControlOfTheseApps<br>- Privacy/LetAppsAccessNotifications<br>- Privacy/LetAppsAccessNotifications_ForceAllowTheseApps<br>- Privacy/LetAppsAccessNotifications_ForceDenyTheseApps<br>- Privacy/LetAppsAccessNotifications_UserInControlOfTheseApps<br>- Privacy/LetAppsAccessPhone<br>- Privacy/LetAppsAccessPhone_ForceAllowTheseApps<br>- Privacy/LetAppsAccessPhone_ForceDenyTheseApps<br>- Privacy/LetAppsAccessPhone_UserInControlOfTheseApps<br>- Privacy/LetAppsAccessRadios<br>- Privacy/LetAppsAccessRadios_ForceAllowTheseApps<br>- Privacy/LetAppsAccessRadios_ForceDenyTheseApps<br>- Privacy/LetAppsAccessRadios_UserInControlOfTheseApps<br>- Privacy/LetAppsAccessTrustedDevices<br>- Privacy/LetAppsAccessTrustedDevices_ForceAllowTheseApps<br>- Privacy/LetAppsAccessTrustedDevices_ForceDenyTheseApps<br>- Privacy/LetAppsAccessTrustedDevices_UserInControlOfTheseApps<br>- Privacy/LetAppsSyncWithDevices<br>- Privacy/LetAppsSyncWithDevices_ForceAllowTheseApps<br>- Privacy/LetAppsSyncWithDevices_ForceDenyTheseApps<br>- Privacy/LetAppsSyncWithDevices_UserInControlOfTheseApps<br>- Security/PreventAutomaticDeviceEncryptionForAzureADJoinedDevices<br>- Settings/AllowEditDeviceName<br>- Speech/AllowSpeechModelUpdate<br>- System/TelemetryProxy<br>- Update/ActiveHoursStart<br>- Update/ActiveHoursEnd<br>- Update/AllowMUUpdateService<br>- Update/BranchReadinessLevel<br>- Update/DeferFeatureUpdatesPeriodInDays<br>- Update/DeferQualityUpdatesPeriodInDays<br>- Update/ExcludeWUDriversInQualityUpdate<br>- Update/PauseFeatureUpdates<br>- Update/PauseQualityUpdates<br>- Update/SetProxyBehaviorForUpdateDetection<br>- Update/UpdateServiceUrlAlternate (Added in the January service release of Windows 10, version 1607)<br>- WindowsInkWorkspace/AllowWindowsInkWorkspace<br>- WindowsInkWorkspace/AllowSuggestedAppsInWindowsInkWorkspace<br>- WirelessDisplay/AllowProjectionToPC<br>- WirelessDisplay/RequirePinForPairing<br><br>Updated the Privacy/AllowAutoAcceptPairingAndPrivacyConsentPrompts description to remove outdated information.<br><br>Updated DeliveryOptimization/DODownloadMode to add new values.<br><br>Updated Experience/AllowCortana description to clarify what each supported value does.<br><br>Updated Security/AntiTheftMode description to clarify what each supported value does. |
+| [DMClient CSP](dmclient-csp.md) | Added the following settings:<br>- ManagementServerAddressList<br>- AADDeviceID<br>- EnrollmentType<br>- HWDevID<br>- CommercialID<br><br>Removed the EnrollmentID setting. |
+| [DeviceManageability CSP](devicemanageability-csp.md) | New CSP. |
+| [DeviceStatus CSP](devicestatus-csp.md) | Added the following new settings:<br>- DeviceStatus/TPM/SpecificationVersion<br>- DeviceStatus/OS/Edition<br>- DeviceStatus/Antivirus/SignatureStatus<br>- DeviceStatus/Antivirus/Status<br>- DeviceStatus/Antispyware/SignatureStatus<br>- DeviceStatus/Antispyware/Status<br>- DeviceStatus/Firewall/Status<br>- DeviceStatus/UAC/Status<br>- DeviceStatus/Battery/Status<br>- DeviceStatus/Battery/EstimatedChargeRemaining<br>- DeviceStatus/Battery/EstimatedRuntime |
+| [AssignedAccess CSP](assignedaccess-csp.md) | Added SyncML examples. |
+| [EnterpriseAssignedAccess CSP](enterpriseassignedaccess-csp.md) | Added a new Folder table entry in the AssignedAccess/AssignedAccessXml description.<br>Updated the DDF and XSD file sections. |
+| [SecureAssessment CSP](secureassessment-csp.md) | New CSP. |
+| [DiagnosticLog CSP](diagnosticlog-csp.md)<br>[DiagnosticLog DDF](diagnosticlog-ddf.md) | Added version 1.3 of the CSP with two new settings.<br><br>Added the new 1.3 version of the DDF.<br><br>Added the following new settings in Windows 10, version 1607<br>- DeviceStateData<br>- DeviceStateData/MdmConfiguration |
+| [Reboot CSP](reboot-csp.md) | New CSP. |
+| [CMPolicyEnterprise CSP](cmpolicyenterprise-csp.md) | New CSP. |
+| [VPNv2 CSP](vpnv2-csp.md) | Added the following settings for Windows 10, version 1607:<br>- _ProfileName_/RouteList/routeRowId/ExclusionRoute<br>- _ProfileName_/DomainNameInformationList/_dniRowId_/AutoTrigger<br>- _ProfileName_/DomainNameInformationList/dniRowId/Persistent<br>- _ProfileName_/ProfileXML<br>- _ProfileName_/DeviceCompliance/Enabled<br>- _ProfileName_/DeviceCompliance/Sso<br>- _ProfileName_/DeviceCompliance/Sso/Enabled<br>- _ProfileName_/DeviceCompliance/Sso/IssuerHash<br>- _ProfileName_/DeviceCompliance/Sso/Eku<br>- _ProfileName_/NativeProfile/CryptographySuite<br>- _ProfileName_/NativeProfile/CryptographySuite/AuthenticationTransformConstants<br>- _ProfileName_/NativeProfile/CryptographySuite/CipherTransformConstants<br>- _ProfileName_/NativeProfile/CryptographySuite/EncryptionMethod<br>- _ProfileName_/NativeProfile/CryptographySuite/IntegrityCheckMethod<br>- _ProfileName_/NativeProfile/CryptographySuite/DHGroup<br>- _ProfileName_/NativeProfile/CryptographySuite/PfsGroup<br>- _ProfileName_/NativeProfile/L2tpPsk |
+| [Win32AppInventory CSP](win32appinventory-csp.md) | New CSP. |
+| [SharedPC CSP](sharedpc-csp.md) | New CSP. |
+| [WindowsAdvancedThreatProtection CSP](windowsadvancedthreatprotection-csp.md) | New CSP. |
+| [MDM Bridge WMI Provider](https://msdn.microsoft.com/library/windows/hardware/dn905224) | Added new classes for Windows 10, version 1607. |
+| [MDM enrollment of Windows devices](mdm-enrollment-of-windows-devices.md) | Article renamed from &quot;Enrollment UI&quot;.<br><br>Completely updated enrollment procedures and screenshots. |
+| [UnifiedWriteFilter CSP](unifiedwritefilter-csp.md)<br>[UnifiedWriteFilter DDF File](unifiedwritefilter-ddf.md) | Added the following new setting for Windows 10, version 1607:<br>- NextSession/HORMEnabled |
+| [CertificateStore CSP](certificatestore-csp.md)<br>[CertificateStore DDF file](certificatestore-ddf-file.md) | Added the following new settings in Windows 10, version 1607:<br>- My/WSTEP/Renew/LastRenewalAttemptTime<br>- My/WSTEP/Renew/RenewNow |
+| [WindowsLicensing CSP](windowslicensing-csp.md) | Added the following new node and settings in Windows 10, version 1607, but not documented:<br>- Subscriptions<br>- Subscriptions/SubscriptionId<br>- Subscriptions/SubscriptionId/Status<br>- Subscriptions/SubscriptionId/Name |
+| [WiFi CSP](wifi-csp.md) | Deprecated the following node in Windows 10, version 1607:<br>- DisableInternetConnectivityChecks |
 
 ## What’s new in MDM for Windows 10, version 1511
 
-<table class="mx-tdBreakAll">
-<colgroup>
-<col width="25%" />
-<col width="75%" />
-</colgroup>
-<thead>
-<tr class="header">
-<th>Item</th>
-<th>Description</th>
-</tr>
-</thead>
-<tbody>
-<tr class="odd">
-<td style="vertical-align:top"><p>New configuration service providers added in Windows 10, version 1511</p></td>
-<td style="vertical-align:top"><ul>
-<li><a href="alljoynmanagement-csp.md" data-raw-source="[AllJoynManagement CSP](alljoynmanagement-csp.md)">AllJoynManagement CSP</a></li>
-<li><a href="maps-csp.md" data-raw-source="[Maps CSP](maps-csp.md)">Maps CSP</a></li>
-<li><a href="reporting-csp.md" data-raw-source="[Reporting CSP](reporting-csp.md)">Reporting CSP</a></li>
-<li><a href="surfacehub-csp.md" data-raw-source="[SurfaceHub CSP](surfacehub-csp.md)">SurfaceHub CSP</a></li>
-<li><a href="windowssecurityauditing-csp.md" data-raw-source="[WindowsSecurityAuditing CSP](windowssecurityauditing-csp.md)">WindowsSecurityAuditing CSP</a></li>
-</ul></td>
-</tr>
-<tr class="even">
-<td style="vertical-align:top"><p>New and updated policies in Policy CSP</p></td>
-<td style="vertical-align:top"><p>The following policies have been added to the <a href="policy-configuration-service-provider.md" data-raw-source="[Policy CSP](policy-configuration-service-provider.md)">Policy CSP</a>:</p>
-<ul>
-<li>ApplicationManagement/AllowWindowsBridgeForAndroidAppsExecution</li>
-<li>Bluetooth/ServicesAllowedList</li>
-<li>DataProtection/AllowAzureRMSForEDP</li>
-<li>DataProtection/RevokeOnUnenroll</li>
-<li>DeviceLock/DevicePasswordExpiration</li>
-<li>DeviceLock/DevicePasswordHistory</li>
-<li>TextInput/AllowInputPanel</li>
-<li>Update/PauseDeferrals</li>
-<li>Update/RequireDeferUpdate</li>
-<li>Update/RequireUpdateApproval</li>
-</ul>
-<p>The following policies have been updated in the Policy CSP:</p>
-<ul>
-<li>System/AllowLocation</li>
-<li>Update/RequireDeferUpgrade</li>
-</ul>
-<p>The following policies have been deprecated in the Policy CSP:</p>
-<ul>
-<li>TextInput/AllowKoreanExtendedHanja</li>
-<li>WiFi/AllowWiFiHotSpotReporting</li>
-</ul></td>
-</tr>
-<tr class="odd">
-<td style="vertical-align:top"><p>Management tool for the Microsoft Store for Business</p></td>
-<td style="vertical-align:top"><p>New topics. The Store for Business has a new web service designed for the enterprise to acquire, manage, and distribute applications in bulk. It enables several capabilities that are required for the enterprise to manage the lifecycle of applications from acquisition to updates.</p></td>
-</tr>
-<tr class="even">
-<td style="vertical-align:top"><p>Custom header for generic alert</p></td>
-<td style="vertical-align:top"><p>The MDM-GenericAlert is a new custom header that hosts one or more alert information provided in the http messages sent by the device to the server during an OMA DM session. The generic alert is sent if the session is triggered by the device due to one or more critical or fatal alerts. Here is alert format:</p>
-<code>MDM-GenericAlert: &lt;AlertType1&gt;&lt;AlertType2&gt;</code>
-<p>If present, the MDM-GenericAlert is presented in every the outgoing MDM message in the same OMA DM session. For more information about generic alerts, see section 8.7 in the OMA Device Management Protocol, Approved Version 1.2.1 in this <a href="https://go.microsoft.com/fwlink/p/?LinkId=267526" data-raw-source="[OMA website](https://go.microsoft.com/fwlink/p/?LinkId=267526)">OMA website</a>.</p></td>
-</tr>
-<tr class="odd">
-<td style="vertical-align:top"><p>Alert message for slow client response</p></td>
-<td style="vertical-align:top"><p>When the MDM server sends a configuration request, sometimes it takes the client longer than the HTTP timeout to get all information together and then the session ends unexpectedly due to timeout. By default, the MDM client does not send an alert that a DM request is pending.</p>
-<p>To work around the timeout, you can use EnableOmaDmKeepAliveMessage setting to keep the session alive by sending a heartbeat message back to the server. This is achieved by sending a SyncML message with a specific device alert element in the body until the client is able to respond back to the server with the requested information. For details, see EnableOmaDmKeepAliveMessage node in the <a href="dmclient-csp.md" data-raw-source="[DMClient CSP](dmclient-csp.md)">DMClient CSP</a>.</p></td>
-</tr>
-<tr class="even">
-<td style="vertical-align:top"><p>New node in DMClient CSP</p></td>
-<td style="vertical-align:top"><p>Added a new node EnableOmaDmKeepAliveMessage to the <a href="dmclient-csp.md" data-raw-source="[DMClient CSP](dmclient-csp.md)">DMClient CSP</a> and updated the ManagementServerAddress to indicate that it can contain a list of URLs.</p></td>
-</tr>
-<tr class="odd">
-<td style="vertical-align:top"><p>New nodes in EnterpriseModernAppManagement CSP</p></td>
-<td style="vertical-align:top"><p>Added the following nodes to the <a href="enterprisemodernappmanagement-csp.md" data-raw-source="[EnterpriseModernAppManagement CSP](enterprisemodernappmanagement-csp.md)">EnterpriseModernAppManagement CSP</a>:</p>
-<ul>
-<li>AppManagement/GetInventoryQuery</li>
-<li>AppManagement/GetInventoryResults</li>
-<li>.../<em>PackageFamilyName</em>/AppSettingPolicy/<em>SettingValue</em></li>
-<li>AppLicenses/StoreLicenses/<em>LicenseID</em>/LicenseCategory</li>
-<li>AppLicenses/StoreLicenses/<em>LicenseID</em>/LicenseUsage</li>
-<li>AppLicenses/StoreLicenses/<em>LicenseID</em>/RequesterID</li>
-<li>AppLicenses/StoreLicenses/<em>LicenseID</em>/GetLicenseFromStore</li>
-</ul></td>
-</tr>
-<tr class="even">
-<td style="vertical-align:top"><p>New nodes in EnterpriseExt CSP</p></td>
-<td style="vertical-align:top"><p>Added the following nodes to the <a href="enterpriseext-csp.md" data-raw-source="[EnterpriseExt CSP](enterpriseext-csp.md)">EnterpriseExt CSP</a>:</p>
-<ul>
-<li>DeviceCustomData (CustomID, CustomeString)</li>
-<li>Brightness (Default, MaxAuto)</li>
-<li>LedAlertNotification (State, Intensity, Period, DutyCycle, Cyclecount)</li>
-</ul></td>
-</tr>
-<tr class="odd">
-<td style="vertical-align:top"><p>New node in EnterpriseExtFileSystem CSP</p></td>
-<td style="vertical-align:top"><p>Added OemProfile node to <a href="enterpriseextfilessystem-csp.md" data-raw-source="[EnterpriseExtFileSystem CSP](enterpriseextfilessystem-csp.md)">EnterpriseExtFileSystem CSP</a>.</p></td>
-</tr>
-<tr class="even">
-<td style="vertical-align:top"><p>New nodes in PassportForWork CSP</p></td>
-<td style="vertical-align:top"><p>Added the following nodes to <a href="passportforwork-csp.md" data-raw-source="[PassportForWork CSP](passportforwork-csp.md)">PassportForWork CSP</a>:</p>
-<ul>
-<li>TenantId/Policies/PINComplexity/History</li>
-<li>TenantId/Policies/PINComplexity/Expiration</li>
-<li>TenantId/Policies/Remote/UseRemotePassport (only for ./Device/Vendor/MSFT)</li>
-<li>Biometrics/UseBiometrics (only for ./Device/Vendor/MSFT)</li>
-<li>Biometrics/FacialFeaturesUseEnhancedAntiSpoofing (only for ./Device/Vendor/MSFT)</li>
-</ul></td>
-</tr>
-<tr class="odd">
-<td style="vertical-align:top"><p>Updated EnterpriseAssignedAccess CSP</p></td>
-<td style="vertical-align:top"><p>Here are the changes to the <a href="enterpriseassignedaccess-csp.md" data-raw-source="[EnterpriseAssignedAccess CSP](enterpriseassignedaccess-csp.md)">EnterpriseAssignedAccess CSP</a>:</p>
-<ul>
-<li>In AssignedAccessXML node, added new page settings and quick action settings.</li>
-<li>In AssignedAccessXML node, added an example about how to pin applications in multiple app packages using the AUMID.</li>
-<li>Updated the <a href="enterpriseassignedaccess-xsd.md" data-raw-source="[EnterpriseAssignedAccess XSD](enterpriseassignedaccess-xsd.md)">EnterpriseAssignedAccess XSD</a> topic.</li>
-</ul></td>
-</tr>
-<tr class="even">
-<td style="vertical-align:top"><p>New nodes in the DevDetail CSP</p></td>
-<td style="vertical-align:top"><p>Here are the changes to the <a href="devdetail-csp.md" data-raw-source="[DevDetail CSP](devdetail-csp.md)">DevDetail CSP</a>:</p>
-<ul>
-<li>Added TotalStore and TotalRAM settings.</li>
-<li>Added support for Replace command for the DeviceName setting.</li>
-</ul></td>
-</tr>
-<tr class="odd">
-<td style="vertical-align:top"><p>Handling large objects</p></td>
-<td style="vertical-align:top"><p>Added support for the client to handle uploading of large objects to the server.</p></td>
-</tr>
-</tbody>
-</table>
+| New or updated article | Description |
+|-----|-----|
+| New configuration service providers added in Windows 10, version 1511 | - [AllJoynManagement CSP](alljoynmanagement-csp.md)<br>- [Maps CSP](maps-csp.md)<br>- [Reporting CSP](reporting-csp.md)<br>- [SurfaceHub CSP](surfacehub-csp.md)<br>- [WindowsSecurityAuditing CSP](windowssecurityauditing-csp.md) |
+| [Policy CSP](policy-configuration-service-provider.md) | Added the following new policy settings:<br>- ApplicationManagement/AllowWindowsBridgeForAndroidAppsExecution<br>- Bluetooth/ServicesAllowedList<br>- DataProtection/AllowAzureRMSForEDP<br>- DataProtection/RevokeOnUnenroll<br>- DeviceLock/DevicePasswordExpiration<br>- DeviceLock/DevicePasswordHistory<br>- TextInput/AllowInputPanel<br>- Update/PauseDeferrals<br>- Update/RequireDeferUpdate<br>- Update/RequireUpdateApproval<br><br>Updated the following policy settings:<br>- System/AllowLocation<br>- Update/RequireDeferUpgrade<br><br>Deprecated the following policy settings:<br>- TextInput/AllowKoreanExtendedHanja<br>- WiFi/AllowWiFiHotSpotReporting |
+| Management tool for the Microsoft Store for Business | New articles. The Store for Business has a new web service designed for the enterprise to acquire, manage, and distribute applications in bulk. It enables several capabilities that are required for the enterprise to manage the lifecycle of applications from acquisition to updates. |
+| Custom header for generic alert | The MDM-GenericAlert is a new custom header that hosts one or more alert information provided in the http messages sent by the device to the server during an OMA DM session. The generic alert is sent if the session is triggered by the device due to one or more critical or fatal alerts. Here is alert format: `MDM-GenericAlert: <AlertType1><AlertType2>`<br><br>If present, the MDM-GenericAlert is presented in every the outgoing MDM message in the same OMA DM session. For more information about generic alerts, see section 8.7 in the OMA Device Management Protocol, Approved Version 1.2.1 in this [OMA website](https://go.microsoft.com/fwlink/p/?LinkId=267526). |
+| Alert message for slow client response | When the MDM server sends a configuration request, sometimes it takes the client longer than the HTTP timeout to get all information together and then the session ends unexpectedly due to timeout. By default, the MDM client does not send an alert that a DM request is pending.<br><br>To work around the timeout, you can use EnableOmaDmKeepAliveMessage setting to keep the session alive by sending a heartbeat message back to the server. This is achieved by sending a SyncML message with a specific device alert element in the body until the client is able to respond back to the server with the requested information. For details, see EnableOmaDmKeepAliveMessage node in the [DMClient CSP](dmclient-csp.md). |
+| [DMClient CSP](dmclient-csp.md) | Added a new node EnableOmaDmKeepAliveMessage to the [EnterpriseModernAppManagement CSP](enterprisemodernappmanagement-csp.md) and updated the ManagementServerAddress to indicate that it can contain a list of URLs. |
+| [EnterpriseModernAppManagement CSP](enterprisemodernappmanagement-csp.md) | Added the following new nodes:<br>- AppManagement/GetInventoryQuery<br>- AppManagement/GetInventoryResults<br>- .../_PackageFamilyName_/AppSettingPolicy/_SettingValue_<br>- AppLicenses/StoreLicenses/_LicenseID_/LicenseCategory<br>- AppLicenses/StoreLicenses/_LicenseID_/LicenseUsage<br>- AppLicenses/StoreLicenses/_LicenseID_/RequesterID<br>- AppLicenses/StoreLicenses/_LicenseID_/GetLicenseFromStore |
+| [EnterpriseExt CSP](enterpriseext-csp.md) | Added the following new nodes:<br>- DeviceCustomData (CustomID, CustomeString)<br>- Brightness (Default, MaxAuto)<br>- LedAlertNotification (State, Intensity, Period, DutyCycle, Cyclecount) |
+| [EnterpriseExtFileSystem CSP](enterpriseextfilessystem-csp.md) | Added the OemProfile node.
+| [PassportForWork CSP](passportforwork-csp.md) | Added the following new nodes:<br>- TenantId/Policies/PINComplexity/History<br>- TenantId/Policies/PINComplexity/Expiration<br>- TenantId/Policies/Remote/UseRemotePassport (only for ./Device/Vendor/MSFT)<br>- Biometrics/UseBiometrics (only for ./Device/Vendor/MSFT)<br>- Biometrics/FacialFeaturesUseEnhancedAntiSpoofing (only for ./Device/Vendor/MSFT) |
+| [EnterpriseAssignedAccess CSP](enterpriseassignedaccess-csp.md) | The following updates are done to the [EnterpriseAssignedAccess CSP](enterpriseassignedaccess-csp.md):<br>- In AssignedAccessXML node, added new page settings and quick action settings.<br>- In AssignedAccessXML node, added an example about how to pin applications in multiple app packages using the AUMID.<br>- Updated the [EnterpriseAssignedAccess XSD](enterpriseassignedaccess-xsd.md) article. |
+| [DevDetail CSP](devdetail-csp.md) | The following updates are done to [DevDetail CSP](devdetail-csp.md):<br>- Added TotalStore and TotalRAM settings.<br>- Added support for Replace command for the DeviceName setting. |
+| Handling large objects | Added support for the client to handle uploading of large objects to the server. |
 
 ## Breaking changes and known issues
 
@@ -1815,8 +330,7 @@ The following list describes the prerequisites for a certificate to be used with
 The following XML sample explains the properties for the EAP TLS XML including certificate filtering.
 
 > [!NOTE]
->For PEAP or TTLS Profiles the EAP TLS XML is embedded within some PEAP or TTLS specific elements.
-
+> For PEAP or TTLS Profiles the EAP TLS XML is embedded within some PEAP or TTLS specific elements.
  
 ```xml
 <EapHostConfig xmlns="http://www.microsoft.com/provisioning/EapHostConfig">
@@ -1918,13 +432,11 @@ The following XML sample explains the properties for the EAP TLS XML including c
 ```
 
 > [!NOTE]
->The EAP TLS XSD is located at **%systemdrive%\\Windows\\schemas\\EAPMethods\\eaptlsconnectionpropertiesv3.xsd**
-
- 
+> The EAP TLS XSD is located at **%systemdrive%\\Windows\\schemas\\EAPMethods\\eaptlsconnectionpropertiesv3.xsd**
 
 Alternatively you can use the following procedure to create an EAP Configuration XML.
 
-1.  Follow steps 1 through 7 in the [EAP configuration](eap-configuration.md) topic.
+1.  Follow steps 1 through 7 in the [EAP configuration](eap-configuration.md) article.
 2.  In the Microsoft VPN SelfHost Properties dialog box, select **Microsoft : Smart Card or other Certificate** from the drop down (this selects EAP TLS.)
 
     ![vpn selfhost properties window](images/certfiltering1.png)
@@ -1941,7 +453,7 @@ Alternatively you can use the following procedure to create an EAP Configuration
     ![configure certificate selection window](images/certfiltering3.png)
 6.  Click **OK** to close the windows to get back to the main rasphone.exe dialog box.
 7.  Close the rasphone dialog box.
-8.  Continue following the procedure in the [EAP configuration](eap-configuration.md) topic from Step 9 to get an EAP TLS profile with appropriate filtering.
+8.  Continue following the procedure in the [EAP configuration](eap-configuration.md) article from Step 9 to get an EAP TLS profile with appropriate filtering.
 
 > [!NOTE]
 > You can also set all the other applicable EAP Properties through this UI as well. A guide to what these properties mean can be found in [Extensible Authentication Protocol (EAP) Settings for Network Access](https://technet.microsoft.com/library/hh945104.aspx).
@@ -1970,7 +482,7 @@ The DM agent for [push-button reset](https://msdn.microsoft.com/windows/hardware
 ## Frequently Asked Questions
 
 
-### **Can there be more than 1 MDM server to enroll and manage devices in Windows 10?**
+### **Can there be more than one MDM server to enroll and manage devices in Windows 10?**
 No. Only one MDM is allowed.
 
 ### **How do I set the maximum number of Azure Active Directory joined devices per user?**
@@ -1991,1059 +503,6 @@ What is dmwappushsvc? | It is a Windows service that ships in Windows 10 operati
 What data is handled by dmwappushsvc? | It is a component handling the internal workings of the management platform and involved in processing messages that have been received by the device remotely for management. The messages in the queue are serviced by another component that is also part of the Windows management stack to process messages. The service also routes and authenticates WAP messages received by the device to internal OS components that process them further: MMS, NabSync, SI/SL. |
 How do I turn if off? | The service can be stopped from the "Services" console on the device (Start > Run > services.msc). However, since this is a component part of the OS and  required for the proper functioning of the device, we strongly recommend not to do this. |
 
-## Change history in MDM documentation
+## Change history for MDM documentation
 
-### September 2020
-|New or updated topic | Description|
-|--- | ---|
-|[NetworkQoSPolicy CSP](networkqospolicy-csp.md)|Updated support information of the NetworkQoSPolicy CSP.|
-|[Policy CSP - LocalPoliciesSecurityOptions](policy-csp-localpoliciessecurityoptions.md)|Removed the following unsupported LocalPoliciesSecurityOptions policy settings from the documentation:<br>- RecoveryConsole_AllowAutomaticAdministrativeLogon <br>- DomainMember_DigitallyEncryptOrSignSecureChannelDataAlways<br>- DomainMember_DigitallyEncryptSecureChannelDataWhenPossible<br>- DomainMember_DisableMachineAccountPasswordChanges<br>- SystemObjects_RequireCaseInsensitivityForNonWindowsSubsystems<br>|
-
-### August 2020
-|New or updated topic | Description|
-|--- | ---|
-|[Policy CSP - System](policy-csp-system.md)|Removed the following policy settings:<br> - System/AllowDesktopAnalyticsProcessing <br>- System/AllowMicrosoftManagedDesktopProcessing <br> - System/AllowUpdateComplianceProcessing<br> - System/AllowWUfBCloudProcessing <br>|
-
-### July 2020
-|New or updated topic | Description|
-|--- | ---|
-|[Policy CSP - System](policy-csp-system.md)|Added the following new policy settings:<br>  - System/AllowDesktopAnalyticsProcessing <br>- System/AllowMicrosoftManagedDesktopProcessing <br> - System/AllowUpdateComplianceProcessing<br> - System/AllowWUfBCloudProcessing <br> <br><br>Updated the following policy setting:<br>-  <a href="./policy-csp-system.md#system-allowcommercialdatapipeline" id="system-allowcommercialdatapipeline">System/AllowCommercialDataPipeline</a> <br>|
-
-### June 2020
-|New or updated topic | Description|
-|--- | ---|
-|[BitLocker CSP](bitlocker-csp.md)|Added SKU support table for **AllowStandardUserEncryption**.|
-|[Policy CSP - NetworkIsolation](policy-csp-networkisolation.md)|Updated the description from Boolean to Integer for the following policy settings:<br>EnterpriseIPRangesAreAuthoritative, EnterpriseProxyServersAreAuthoritative.|
-
-### May 2020
-|New or updated topic | Description|
-|--- | ---|
-|[BitLocker CSP](bitlocker-csp.md)|Added the bitmask table for the Status/DeviceEncryptionStatus node.|
-|[Policy CSP - RestrictedGroups](policy-csp-restrictedgroups.md)| Updated the topic with additional details. Added policy timeline table. 
-
-
-### February 2020
-|New or updated topic | Description|
-|--- | ---|
-|[CertificateStore CSP](certificatestore-csp.md)<br>[ClientCertificateInstall CSP](clientcertificateinstall-csp.md)|Added details about SubjectName value.|
-
-### January 2020
-|New or updated topic | Description|
-|--- | ---|
-|[Policy CSP - Defender](policy-csp-defender.md)|Added descriptions for supported actions for Defender/ThreatSeverityDefaultAction.|
-
-
-### November 2019
-
-|New or updated topic | Description|
-|--- | ---|
-|[Policy CSP - DeliveryOptimization](policy-csp-deliveryoptimization.md)|Added option 5 in the supported values list for DeliveryOptimization/DOGroupIdSource.|
-|[DiagnosticLog CSP](diagnosticlog-csp.md)|Added substantial updates to this CSP doc.|
-
-### October 2019
-
-|New or updated topic | Description|
-|--- | ---|
-|[BitLocker CSP](bitlocker-csp.md)|Added the following new nodes:<br>ConfigureRecoveryPasswordRotation, RotateRecoveryPasswords, RotateRecoveryPasswordsStatus, RotateRecoveryPasswordsRequestID.|
-|[Defender CSP](defender-csp.md)|Added the following new nodes:<br>Health/TamperProtectionEnabled, Health/IsVirtualMachine, Configuration, Configuration/TamperProtection, Configuration/EnableFileHashComputation.|
-
-### September 2019
-
-|New or updated topic | Description|
-|--- | ---|
-|[EnterpriseModernAppManagement CSP](enterprisemodernappmanagement-csp.md)|Added the following new node:<br>IsStub.|
-|[Policy CSP - Defender](policy-csp-defender.md)|Updated the supported value list for Defender/ScheduleScanDay policy.|
-|[Policy CSP - DeviceInstallation](policy-csp-deviceinstallation.md)|Added the following new policies: <br>DeviceInstallation/AllowInstallationOfMatchingDeviceInstanceIDs, DeviceInstallation/PreventInstallationOfMatchingDeviceInstanceIDs.|
-
-### August 2019
-
-|New or updated topic | Description|
-|--- | ---|
-|[DiagnosticLog CSP](diagnosticlog-csp.md)<br>[DiagnosticLog DDF](diagnosticlog-ddf.md)|Added version 1.4 of the CSP in Windows 10, version 1903. Added the new 1.4 version of the DDF. Added the following new nodes:<br>Policy, Policy/Channels, Policy/Channels/ChannelName, Policy/Channels/ChannelName/MaximumFileSize, Policy/Channels/ChannelName/SDDL, Policy/Channels/ChannelName/ActionWhenFull, Policy/Channels/ChannelName/Enabled, DiagnosticArchive, DiagnosticArchive/ArchiveDefinition, DiagnosticArchive/ArchiveResults.|
-|[Enroll a Windows 10 device automatically using Group Policy](enroll-a-windows-10-device-automatically-using-group-policy.md)|Enhanced the article to include additional reference links and the following two topics:<br>Verify auto-enrollment requirements and settings, Troubleshoot auto-enrollment of devices.|
-
-### July 2019
-
-|New or updated topic | Description|
-|--- | ---|
-|[Policy CSP](policy-configuration-service-provider.md)|Added the following list:<br>Policies supported by HoloLens 2|
-|[ApplicationControl CSP](applicationcontrol-csp.md)|Added new CSP in Windows 10, version 1903.|
-|[PassportForWork CSP](passportforwork-csp.md)|Added the following new nodes in Windows 10, version 1903:<br>SecurityKey, SecurityKey/UseSecurityKeyForSignin|
-|[Policy CSP - Privacy](policy-csp-privacy.md)|Added the following new policies:<br>LetAppsActivateWithVoice, LetAppsActivateWithVoiceAboveLock|
-|Create a custom configuration service provider|Deleted the following documents from the CSP reference because extensibility via CSPs is not currently supported:<br>Create a custom configuration service provider<br>Design a custom configuration service provider<br>IConfigServiceProvider2<br>IConfigServiceProvider2::ConfigManagerNotification<br>IConfigServiceProvider2::GetNode<br>ICSPNode<br>ICSPNode::Add<br>ICSPNode::Clear<br>ICSPNode::Copy<br>ICSPNode::DeleteChild<br>ICSPNode::DeleteProperty<br>ICSPNode::Execute<br>ICSPNode::GetChildNodeNames<br>ICSPNode::GetProperty<br>ICSPNode::GetPropertyIdentifiers<br>ICSPNode::GetValue<br>ICSPNode::Move<br>ICSPNode::SetProperty<br>ICSPNode::SetValue<br>ICSPNodeTransactioning<br>ICSPValidate<br>Samples for writing a custom configuration service provider.|
-
-
-### June 2019
-
-|New or updated topic | Description|
-|--- | ---|
-|[Policy CSP - DeviceHealthMonitoring](policy-csp-devicehealthmonitoring.md)|Added the following new policies:<br>AllowDeviceHealthMonitoring, ConfigDeviceHealthMonitoringScope, ConfigDeviceHealthMonitoringUploadDestination.|
-|[Policy CSP - TimeLanguageSettings](policy-csp-timelanguagesettings.md)|Added the following new policy:<br>ConfigureTimeZone.|
-
-
-### May 2019
-
-|New or updated topic | Description|
-|--- | ---|
-|[DeviceStatus CSP](devicestatus-csp.md)|Updated description of the following nodes:<br>DeviceStatus/Antivirus/SignatureStatus, DeviceStatus/Antispyware/SignatureStatus.|
-|[EnrollmentStatusTracking CSP](enrollmentstatustracking-csp.md)|Added new CSP in Windows 10, version 1903.|
-|[Policy CSP - DeliveryOptimization](policy-csp-deliveryoptimization.md)|Added the following new policies:<br> DODelayCacheServerFallbackBackground, DODelayCacheServerFallbackForeground.<br><br>Updated description of the following policies:<br>DOMinRAMAllowedToPeer, DOMinFileSizeToCache, DOMinDiskSizeAllowedToPeer.|
-|[Policy CSP - Experience](policy-csp-experience.md)|Added the following new policy:<br>ShowLockOnUserTile.|
-|[Policy CSP - InternetExplorer](policy-csp-internetexplorer.md)|Added the following new policies:<br>AllowEnhancedSuggestionsInAddressBar, DisableActiveXVersionListAutoDownload, DisableCompatView, DisableFeedsBackgroundSync, DisableGeolocation, DisableWebAddressAutoComplete, NewTabDefaultPage.|
-|[Policy CSP - Power](policy-csp-power.md)|Added the following new policies:<br>EnergySaverBatteryThresholdOnBattery, EnergySaverBatteryThresholdPluggedIn, SelectLidCloseActionOnBattery, SelectLidCloseActionPluggedIn, SelectPowerButtonActionOnBattery, SelectPowerButtonActionPluggedIn, SelectSleepButtonActionOnBattery, SelectSleepButtonActionPluggedIn, TurnOffHybridSleepOnBattery, TurnOffHybridSleepPluggedIn, UnattendedSleepTimeoutOnBattery, UnattendedSleepTimeoutPluggedIn.|
-|[Policy CSP - Search](policy-csp-search.md)|Added the following new policy:<br>AllowFindMyFiles.|
-|[Policy CSP - ServiceControlManager](policy-csp-servicecontrolmanager.md)|Added the following new policy:<br>SvchostProcessMitigation.|
-|[Policy CSP - System](policy-csp-system.md)|Added the following new policies:<br>AllowCommercialDataPipeline, TurnOffFileHistory.|
-|[Policy CSP - Troubleshooting](policy-csp-troubleshooting.md)|Added the following new policy:<br>AllowRecommendations.|
-|[Policy CSP - Update](policy-csp-update.md)|Added the following new policies:<br>AutomaticMaintenanceWakeUp, ConfigureDeadlineForFeatureUpdates, ConfigureDeadlineForQualityUpdates, ConfigureDeadlineGracePeriod, ConfigureDeadlineNoAutoReboot.|
-|[Policy CSP - WindowsLogon](policy-csp-windowslogon.md)|Added the following new policies:<br>AllowAutomaticRestartSignOn, ConfigAutomaticRestartSignOn, EnableFirstLogonAnimation.<br><br>Removed the following policy:<br>SignInLastInteractiveUserAutomaticallyAfterASystemInitiatedRestart. This policy is replaced by AllowAutomaticRestartSignOn.|
-
-### April 2019
-
-|                                         New or updated topic                                          |                                                                                                                                                                                                          Description                                                                                                                                                                                                          |
-|-------------------------------------------------------------------------------------------------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
-| [Win32 and Desktop Bridge app policy configuration](win32-and-centennial-app-policy-configuration.md) | Added the following warning at the end of the Overview section:<br>Some operating system components have built in functionality to check devices for domain membership. MDM enforces the configured policy values only if the devices are domain joined, otherwise it does not. However, you can still import ADMX files and set ADMX-backed policies regardless of whether the device is domain joined or non-domain joined. |
-|                          [Policy CSP - UserRights](policy-csp-userrights.md)                          |                                                                                                                                  Added a note stating if you use Intune custom profiles to assign UserRights policies, you must use the CDATA tag (<![CDATA[...]]>) to wrap the data fields.                                                                                                                                  |
-
-### March 2019
-
-|New or updated topic | Description|
-|--- | ---|
-|[Policy CSP - Storage](policy-csp-storage.md)|Updated ADMX Info of the following policies:<br>AllowStorageSenseGlobal, AllowStorageSenseTemporaryFilesCleanup, ConfigStorageSenseCloudContentDehydrationThreshold, ConfigStorageSenseDownloadsCleanupThreshold, ConfigStorageSenseGlobalCadence, ConfigStorageSenseRecycleBinCleanupThreshold. <br><br>Updated description of ConfigStorageSenseDownloadsCleanupThreshold.|
-
-
-### February 2019
-
-|New or updated topic | Description|
-|--- | ---|
-|[Policy CSP](policy-configuration-service-provider.md)|Updated supported policies for Holographic.|
-
-### January 2019
-
-|New or updated topic | Description|
-|--- | ---|
-|[Policy CSP - Storage](policy-csp-storage.md)|Added the following new policies: AllowStorageSenseGlobal, ConfigStorageSenseGlobalCadence, AllowStorageSenseTemporaryFilesCleanup, ConfigStorageSenseRecycleBinCleanupThreshold, ConfigStorageSenseDownloadsCleanupThreshold, and ConfigStorageSenseCloudContentCleanupThreshold.|
-|[SharedPC CSP](sharedpc-csp.md)|Updated values and supported operations.|
-|[Mobile device management](index.md)|Updated information about MDM Security Baseline.|
-
-### December 2018
-
-|New or updated topic | Description|
-|--- | ---|
-|[BitLocker CSP](bitlocker-csp.md)|Updated AllowWarningForOtherDiskEncryption policy description to describe silent and non-silent encryption scenarios, as well as where and how the recovery key is backed up for each scenario.|
-
-### September 2018
-
-|New or updated topic | Description|
-|--- | ---|
-|[Mobile device management](index.md#mmat) | Added information about the MDM Migration Analysis Tool (MMAT).|
-|[Policy CSP - DeviceGuard](policy-csp-deviceguard.md) | Updated ConfigureSystemGuardLaunch policy and replaced EnableSystemGuard with it.|
-
-### August 2018
-
-<table class="mx-tdBreakAll">
-<colgroup>
-<col width="25%" />
-<col width="75%" />
-</colgroup>
-<thead>
-<tr class="header">
-<th>New or updated topic</th>
-<th>Description</th>
-</tr>
-</thead>
-<tbody>
-<tr>
-<td style="vertical-align:top"><a href="bitlocker-csp.md" data-raw-source="[BitLocker CSP](bitlocker-csp.md)">BitLocker CSP</a></td>
-<td style="vertical-align:top"><p>Added support for Windows 10 Pro starting in the version 1809.</p>
-</td></tr>
-<tr>
-<td style="vertical-align:top"><a href="office-csp.md" data-raw-source="[Office CSP](office-csp.md)">Office CSP</a></td>
-<td style="vertical-align:top"><p>Added FinalStatus setting in Windows 10, version 1809.</p>
-</td></tr>
-<tr>
-<td style="vertical-align:top"><a href="remotewipe-csp.md" data-raw-source="[RemoteWipe CSP](remotewipe-csp.md)">RemoteWipe CSP</a></td>
-<td style="vertical-align:top"><p>Added new settings in Windows 10, version 1809.</p>
-</td></tr>
-<tr>
-<td style="vertical-align:top"><a href="\tenantlockdown-csp.md" data-raw-source="[TenantLockdown CSP](\tenantlockdown-csp.md)">TenantLockdown CSP</a></td>
-<td style="vertical-align:top"><p>Added new CSP in Windows 10, version 1809.</p>
-</td></tr>
-<tr>
-<td style="vertical-align:top"><a href="windowsdefenderapplicationguard-csp.md" data-raw-source="[WindowsDefenderApplicationGuard CSP](windowsdefenderapplicationguard-csp.md)">WindowsDefenderApplicationGuard CSP</a></td>
-<td style="vertical-align:top"><p>Added new settings in Windows 10, version 1809.</p>
-</td></tr>
-<tr>
-<td style="vertical-align:top"><a href="policy-ddf-file.md" data-raw-source="[Policy DDF file](policy-ddf-file.md)">Policy DDF file</a></td>
-<td style="vertical-align:top"><p>Posted an updated version of the Policy DDF for Windows 10, version 1809.</p>
-</td></tr>
-<tr>
-<td style="vertical-align:top"><a href="policy-configuration-service-provider.md" data-raw-source="[Policy CSP](policy-configuration-service-provider.md)">Policy CSP</a></td>
-<td style="vertical-align:top"><p>Added the following new policies in Windows 10, version 1809:</p>
-<ul>
-<li>Browser/AllowFullScreenMode</li>
-<li>Browser/AllowPrelaunch</li>
-<li>Browser/AllowPrinting</li>
-<li>Browser/AllowSavingHistory</li>
-<li>Browser/AllowSideloadingOfExtensions</li>
-<li>Browser/AllowTabPreloading</li>
-<li>Browser/AllowWebContentOnNewTabPage</li>
-<li>Browser/ConfigureFavoritesBar</li>
-<li>Browser/ConfigureHomeButton</li>
-<li>Browser/ConfigureKioskMode</li>
-<li>Browser/ConfigureKioskResetAfterIdleTimeout</li>
-<li>Browser/ConfigureOpenMicrosoftEdgeWith</li>
-<li>Browser/ConfigureTelemetryForMicrosoft365Analytics</li>
-<li>Browser/PreventCertErrorOverrides</li>
-<li>Browser/SetHomeButtonURL</li>
-<li>Browser/SetNewTabPageURL</li>
-<li>Browser/UnlockHomeButton</li>
-<li>Experience/DoNotSyncBrowserSettings</li>
-<li>Experience/PreventUsersFromTurningOnBrowserSyncing</li>
-<li>Kerberos/UPNNameHints</li>
-<li>Privacy/AllowCrossDeviceClipboard</li>
-<li>Privacy/DisablePrivacyExperience</li>
-<li>Privacy/UploadUserActivities</li>
-<li>System/AllowDeviceNameInDiagnosticData</li>
-<li>System/ConfigureMicrosoft365UploadEndpoint</li>
-<li>System/DisableDeviceDelete</li>
-<li>System/DisableDiagnosticDataViewer</li>
-<li>Storage/RemovableDiskDenyWriteAccess</li>
-<li>Update/UpdateNotificationLevel</li>
-</ul>
-<p>Start/DisableContextMenus - added in Windows 10, version 1803.</p>
-<p>RestrictedGroups/ConfigureGroupMembership - added new schema to apply and retrieve the policy.</p>
-</td></tr>
-</tbody>
-</table>
-
-### July 2018
-
-<table class="mx-tdBreakAll">
-<colgroup>
-<col width="25%" />
-<col width="75%" />
-</colgroup>
-<thead>
-<tr class="header">
-<th>New or updated topic</th>
-<th>Description</th>
-</tr>
-</thead>
-<tbody>
-<tr>
-<td style="vertical-align:top"><a href="assignedaccess-csp.md" data-raw-source="[AssignedAccess CSP](assignedaccess-csp.md)">AssignedAccess CSP</a></td>
-<td style="vertical-align:top"><p>Added the following note:</p>
-<ul>
-<li>You can only assign one single app kiosk profile to an individual user account on a device. The single app profile does not support domain groups.</li>
-</ul>
-</td></tr>
-<tr>
-<td style="vertical-align:top"><a href="passportforwork-csp.md" data-raw-source="[PassportForWork  CSP](passportforwork-csp.md)">PassportForWork  CSP</a></td>
-<td style="vertical-align:top"><p>Added new settings in Windows 10, version 1809.</p>
-</td></tr>
-<tr>
-<td style="vertical-align:top"><a href="enterprisemodernappmanagement-csp.md" data-raw-source="[EnterpriseModernAppManagement  CSP](enterprisemodernappmanagement-csp.md)">EnterpriseModernAppManagement  CSP</a></td>
-<td style="vertical-align:top"><p>Added NonRemovable setting under AppManagement node in Windows 10, version 1809.</p>
-</td></tr>
-<tr>
-<td style="vertical-align:top"><a href="win32compatibilityappraiser-csp.md" data-raw-source="[Win32CompatibilityAppraiser  CSP](win32compatibilityappraiser-csp.md)">Win32CompatibilityAppraiser  CSP</a></td>
-<td style="vertical-align:top"><p>Added new configuration service provider in Windows 10, version 1809.</p>
-</td></tr>
-<tr>
-<td style="vertical-align:top"><a href="windowslicensing-csp.md" data-raw-source="[WindowsLicensing  CSP](windowslicensing-csp.md)">WindowsLicensing  CSP</a></td>
-<td style="vertical-align:top"><p>Added S mode settings and SyncML examples in Windows 10, version 1809.</p>
-</td></tr>
-<tr>
-<td style="vertical-align:top"><a href="supl-csp.md" data-raw-source="[SUPL CSP](supl-csp.md)">SUPL CSP</a></td>
-<td style="vertical-align:top"><p>Added 3 new certificate nodes in Windows 10, version 1809.</p>
-</td></tr>
-<tr>
-<td style="vertical-align:top"><a href="defender-csp.md" data-raw-source="[Defender CSP](defender-csp.md)">Defender CSP</a></td>
-<td style="vertical-align:top"><p>Added a new node Health/ProductStatus in Windows 10, version 1809.</p>
-</td></tr>
-<tr>
-<td style="vertical-align:top"><a href="bitlocker-csp.md" data-raw-source="[BitLocker CSP](bitlocker-csp.md)">BitLocker CSP</a></td>
-<td style="vertical-align:top"><p>Added a new node AllowStandardUserEncryption in Windows 10, version 1809.</p>
-</td></tr>
-<tr>
-<td style="vertical-align:top"><a href="devdetail-csp.md" data-raw-source="[DevDetail CSP](devdetail-csp.md)">DevDetail CSP</a></td>
-<td style="vertical-align:top"><p>Added a new node SMBIOSSerialNumber in Windows 10, version 1809.</p>
-</td></tr>
-<tr>
-<td style="vertical-align:top"><a href="policy-configuration-service-provider.md" data-raw-source="[Policy CSP](policy-configuration-service-provider.md)">Policy CSP</a></td>
-<td style="vertical-align:top"><p>Added the following new policies in Windows 10, version 1809:</p>
-<ul>
-<li>ApplicationManagement/LaunchAppAfterLogOn</li>
-<li>ApplicationManagement/ScheduleForceRestartForUpdateFailures </li>
-<li>Authentication/EnableFastFirstSignIn (Preview mode only)</li>
-<li>Authentication/EnableWebSignIn (Preview mode only)</li>
-<li>Authentication/PreferredAadTenantDomainName</li>
-<li>Defender/CheckForSignaturesBeforeRunningScan</li>
-<li>Defender/DisableCatchupFullScan </li>
-<li>Defender/DisableCatchupQuickScan </li>
-<li>Defender/EnableLowCPUPriority</li>
-<li>Defender/SignatureUpdateFallbackOrder</li>
-<li>Defender/SignatureUpdateFileSharesSources</li>
-<li>DeviceGuard/ConfigureSystemGuardLaunch</li>
-<li>DeviceInstallation/AllowInstallationOfMatchingDeviceIDs</li>
-<li>DeviceInstallation/AllowInstallationOfMatchingDeviceSetupClasses</li>
-<li>DeviceInstallation/PreventDeviceMetadataFromNetwork</li>
-<li>DeviceInstallation/PreventInstallationOfDevicesNotDescribedByOtherPolicySettings</li>
-<li>DmaGuard/DeviceEnumerationPolicy</li>
-<li>Experience/AllowClipboardHistory</li>
-<li>Security/RecoveryEnvironmentAuthentication</li>
-<li>TaskManager/AllowEndTask</li>
-<li>WindowsDefenderSecurityCenter/DisableClearTpmButton</li>
-<li>WindowsDefenderSecurityCenter/DisableTpmFirmwareUpdateWarning</li>
-<li>WindowsDefenderSecurityCenter/HideWindowsSecurityNotificationAreaControl</li>
-<li>WindowsLogon/DontDisplayNetworkSelectionUI</li>
-</ul>
-<p>Recent changes:</p>
-<ul>
-<li>DataUsage/SetCost3G - deprecated in Windows 10, version 1809.</li>
-</ul>
-</td></tr>
-</tbody>
-</table>
-
-### June 2018
-
-<table class="mx-tdBreakAll">
-<colgroup>
-<col width="25%" />
-<col width="75%" />
-</colgroup>
-<thead>
-<tr class="header">
-<th>New or updated topic</th>
-<th>Description</th>
-</tr>
-</thead>
-<tbody>
-<tr>
-<td style="vertical-align:top"><a href="wifi-csp.md" data-raw-source="[Wifi CSP](wifi-csp.md)">Wifi CSP</a></td>
-<td style="vertical-align:top"><p>Added a new node WifiCost in Windows 10, version 1809.</p>
-</td></tr>
-<tr>
-<td style="vertical-align:top"><a href="diagnose-mdm-failures-in-windows-10.md" data-raw-source="[Diagnose MDM failures in Windows 10](diagnose-mdm-failures-in-windows-10.md)">Diagnose MDM failures in Windows 10</a></td>
-<td style="vertical-align:top"><p>Recent changes:</p>
-<ul>
-<li>Added procedure for collecting logs remotely from Windows 10 Holographic.</li>
-<li>Added procedure for downloading the MDM Diagnostic Information log.</li>
-</ul>
-</td></tr>
-<tr>
-<td style="vertical-align:top"><a href="bitlocker-csp.md" data-raw-source="[Bitlocker CSP](bitlocker-csp.md)">Bitlocker CSP</a></td>
-<td style="vertical-align:top"><p>Added new node AllowStandardUserEncryption in Windows 10, version 1809.</p>
-</td></tr>
-<tr>
-<td style="vertical-align:top"><a href="policy-configuration-service-provider.md" data-raw-source="[Policy CSP](policy-configuration-service-provider.md)">Policy CSP</a></td>
-<td style="vertical-align:top"><p>Recent changes:</p>
-<ul>
-<li>AccountPoliciesAccountLockoutPolicy/AccountLockoutDuration - removed from docs. Not supported.</li>
-<li>AccountPoliciesAccountLockoutPolicy/AccountLockoutThreshold - removed from docs. Not supported.</li>
-<li>AccountPoliciesAccountLockoutPolicy/ResetAccountLockoutCounterAfter - removed from docs. Not supported.</li>
-<li>LocalPoliciesSecurityOptions/NetworkAccess_LetEveryonePermissionsApplyToAnonymousUsers - removed from docs. Not supported.</li>
-<li>System/AllowFontProviders is not supported in HoloLens (1st gen) Commercial Suite.</li>
-<li>Security/RequireDeviceEncryption is supported in the Home SKU.</li>
-<li>Start/StartLayout - added a table of SKU support information.</li>
-<li>Start/ImportEdgeAssets - added a table of SKU support information.</li>
-</ul>
-<p>Added the following new policies in Windows 10, version 1809:</p>
-<ul>
-<li>Update/EngagedRestartDeadlineForFeatureUpdates</li>
-<li>Update/EngagedRestartSnoozeScheduleForFeatureUpdates</li>
-<li>Update/EngagedRestartTransitionScheduleForFeatureUpdates</li>
-<li>Update/SetDisablePauseUXAccess</li>
-<li>Update/SetDisableUXWUAccess</li>
-</ul>
-</td></tr>
-<tr>
-<td style="vertical-align:top"><a href="wirednetwork-csp.md" data-raw-source="[WiredNetwork CSP](wirednetwork-csp.md)">WiredNetwork CSP</a></td>
-<td style="vertical-align:top">New CSP added in Windows 10, version 1809.
-</td></tr>
-</tbody>
-</table>
-
-
-### May 2018
-
-<table class="mx-tdBreakAll">
-<colgroup>
-<col width="25%" />
-<col width="75%" />
-</colgroup>
-<thead>
-<tr class="header">
-<th>New or updated topic</th>
-<th>Description</th>
-</tr>
-</thead>
-<tbody>
-<tr>
-<td style="vertical-align:top"><a href="policy-ddf-file.md" data-raw-source="[Policy DDF file](policy-ddf-file.md)">Policy DDF file</a></td>
-<td style="vertical-align:top"><p>Updated the DDF files in the Windows 10 version 1703 and 1709.</p>
-<ul>
-<li><a href="https://download.microsoft.com/download/8/C/4/8C43C116-62CB-470B-9B69-76A3E2BC32A8/PolicyDDF_all.xml" data-raw-source="[Download the Policy DDF file for Windows 10, version 1709](https://download.microsoft.com/download/8/C/4/8C43C116-62CB-470B-9B69-76A3E2BC32A8/PolicyDDF_all.xml)">Download the Policy DDF file for Windows 10, version 1709</a></li>
-<li><a href="https://download.microsoft.com/download/7/2/C/72C36C37-20F9-41BF-8E23-721F6FFC253E/PolicyDDF_all.xml" data-raw-source="[Download the Policy DDF file for Windows 10, version 1703](https://download.microsoft.com/download/7/2/C/72C36C37-20F9-41BF-8E23-721F6FFC253E/PolicyDDF_all.xml)">Download the Policy DDF file for Windows 10, version 1703</a></li>
-</ul>
-</td></tr>
-</tbody>
-</table>
-
-### April 2018
-
-<table class="mx-tdBreakAll">
-<colgroup>
-<col width="25%" />
-<col width="75%" />
-</colgroup>
-<thead>
-<tr class="header">
-<th>New or updated topic</th>
-<th>Description</th>
-</tr>
-</thead>
-<tbody>
-<tr>
-<td style="vertical-align:top"><a href="windowsdefenderapplicationguard-csp.md" data-raw-source="[WindowsDefenderApplicationGuard CSP](windowsdefenderapplicationguard-csp.md)">WindowsDefenderApplicationGuard CSP</a></td>
-<td style="vertical-align:top"><p>Added the following node in Windows 10, version 1803:</p>
-<ul>
-<li>Settings/AllowVirtualGPU</li>
-<li>Settings/SaveFilesToHost</li>
-</ul>
-</td></tr>
-<tr>
-<td style="vertical-align:top"><a href="\networkproxy--csp.md" data-raw-source="[NetworkProxy CSP](\networkproxy--csp.md)">NetworkProxy CSP</a></td>
-<td style="vertical-align:top"><p>Added the following node in Windows 10, version 1803:</p>
-<ul>
-<li>ProxySettingsPerUser</li>
-</ul>
-</td></tr>
-<tr>
-<td style="vertical-align:top"><a href="accounts-csp.md" data-raw-source="[Accounts CSP](accounts-csp.md)">Accounts CSP</a></td>
-<td style="vertical-align:top"><p>Added a new CSP in Windows 10, version 1803.</p>
-</td></tr>
-<tr>
-<td style="vertical-align:top"><a href="https://aka.ms/mmat" data-raw-source="[MDM Migration Analysis Too (MMAT)](https://aka.ms/mmat)">MDM Migration Analysis Too (MMAT)</a></td>
-<td style="vertical-align:top"><p>Updated version available. MMAT is a tool you can use to determine which Group Policies are set on a target user/computer and cross-reference them against the list of supported MDM policies.</p>
-</td></tr>
-<tr>
-<td style="vertical-align:top"><a href="configuration-service-provider-reference.md#csp-ddf-files-download" data-raw-source="[CSP DDF files download](configuration-service-provider-reference.md#csp-ddf-files-download)">CSP DDF files download</a></td>
-<td style="vertical-align:top"><p>Added the DDF download of Windows 10, version 1803 configuration service providers.</p>
-</td></tr>
-<tr>
-<td style="vertical-align:top"><a href="policy-configuration-service-provider.md" data-raw-source="[Policy CSP](policy-configuration-service-provider.md)">Policy CSP</a></td>
-<td style="vertical-align:top"><p>Added the following new policies for Windows 10, version 1803:</p>
-<ul>
-<li>Bluetooth/AllowPromptedProximalConnections</li>
-<li>KioskBrowser/EnableEndSessionButton</li>
-<li>LocalPoliciesSecurityOptions/NetworkSecurity_RestrictNTLM_AddRemoteServerExceptionsForNTLMAuthentication</li>
-<li>LocalPoliciesSecurityOptions/NetworkSecurity_RestrictNTLM_AuditIncomingNTLMTraffic</li>
-<li>LocalPoliciesSecurityOptions/NetworkSecurity_RestrictNTLM_IncomingNTLMTraffic</li>
-<li>LocalPoliciesSecurityOptions/NetworkSecurity_RestrictNTLM_OutgoingNTLMTrafficToRemoteServers</li>
-</ul>
-</td></tr>
-</tbody>
-</table>
-
-### March 2018
-
-<table class="mx-tdBreakAll">
-<colgroup>
-<col width="25%" />
-<col width="75%" />
-</colgroup>
-<thead>
-<tr class="header">
-<th>New or updated topic</th>
-<th>Description</th>
-</tr>
-</thead>
-<tbody>
-<tr>
-<td style="vertical-align:top"><a href="euiccs-csp.md" data-raw-source="[eUICCs CSP](euiccs-csp.md)">eUICCs CSP</a></td>
-<td style="vertical-align:top"><p>Added the following node in Windows 10, version 1803:</p>
-<ul>
-<li>IsEnabled</li>
-</ul>
-</td></tr>
-<tr>
-<td style="vertical-align:top"><a href="devicestatus-csp.md" data-raw-source="[DeviceStatus CSP](devicestatus-csp.md)">DeviceStatus CSP</a></td>
-<td style="vertical-align:top"><p>Added the following node in Windows 10, version 1803:</p>
-<ul>
-<li>OS/Mode</li>
-</ul>
-</td></tr>
-<tr>
-<td style="vertical-align:top"><a href="understanding-admx-backed-policies.md" data-raw-source="[Understanding ADMX-backed policies](understanding-admx-backed-policies.md)">Understanding ADMX-backed policies</a></td>
-<td style="vertical-align:top"><p>Added the following videos:</p>
-<ul>
-<li><a href="https://www.microsoft.com/showcase/video.aspx?uuid=bdc9b54b-11b0-4bdb-a022-c339d16e7121" data-raw-source="[How to create a custom xml to enable an ADMX-backed policy and deploy the XML in Intune](https://www.microsoft.com/showcase/video.aspx?uuid=bdc9b54b-11b0-4bdb-a022-c339d16e7121)">How to create a custom xml to enable an ADMX-backed policy and deploy the XML in Intune</a></li>
-<li><a href="https://www.microsoft.com/showcase/video.aspx?uuid=a59888b1-429f-4a49-8570-c39a143d9a73" data-raw-source="[How to import a custom ADMX file to a device using Intune](https://www.microsoft.com/showcase/video.aspx?uuid=a59888b1-429f-4a49-8570-c39a143d9a73)">How to import a custom ADMX file to a device using Intune</a></li>
-</ul>
-</td></tr>
-<tr>
-<td style="vertical-align:top"><a href="accountmanagement-csp.md" data-raw-source="[AccountManagement CSP](accountmanagement-csp.md)">AccountManagement CSP</a></td>
-<td style="vertical-align:top"><p>Added a new CSP in Windows 10, version 1803.</p>
-</td></tr>
-<tr>
-<td style="vertical-align:top"><a href="rootcacertificates-csp.md" data-raw-source="[RootCATrustedCertificates CSP](rootcacertificates-csp.md)">RootCATrustedCertificates CSP</a></td>
-<td style="vertical-align:top"><p>Added the following node in Windows 10, version 1803:</p>
-<ul>
-<li>UntrustedCertificates</li>
-</ul>
-</td></tr>
-<tr>
-<td style="vertical-align:top"><a href="policy-configuration-service-provider.md" data-raw-source="[Policy CSP](policy-configuration-service-provider.md)">Policy CSP</a></td>
-<td style="vertical-align:top"><p>Added the following new policies for Windows 10, version 1803:</p>
-<ul>
-<li>ApplicationDefaults/EnableAppUriHandlers</li>
-<li>ApplicationManagement/MSIAllowUserControlOverInstall</li>
-<li>ApplicationManagement/MSIAlwaysInstallWithElevatedPrivileges</li>
-<li>Connectivity/AllowPhonePCLinking</li>
-<li>Notifications/DisallowCloudNotification</li>
-<li>Notifications/DisallowTileNotification</li>
-<li>RestrictedGroups/ConfigureGroupMembership</li>
-</ul>
-<p>The following existing policies were updated:</p>
-<ul>
-<li>Browser/AllowCookies - updated the supported values. There are 3 values - 0, 1, 2.</li>
-<li>InternetExplorer/AllowSiteToZoneAssignmentList - updated the description and added an example SyncML</li>
-<li>TextInput/AllowIMENetworkAccess - introduced new suggestion services in Japanese IME in addition to cloud suggestion.</li>
-</ul>
-<p>Added a new section:</p>
-<ul>
-<li><a href="policy-csps-supported-by-group-policy.md" data-raw-source="[[Policy CSPs supported by Group Policy](policy-csps-supported-by-group-policy.md)">[Policy CSPs supported by Group Policy</a> - list of policies in Policy CSP that has corresponding Group Policy. The policy description contains the GP information, such as GP policy name and variable name.</li>
-</ul>
-</td></tr>
-<tr>
-<td style="vertical-align:top"><a href="policy-csp-bluetooth.md" data-raw-source="[Policy CSP - Bluetooth](policy-csp-bluetooth.md)">Policy CSP - Bluetooth</a></td>
-<td style="vertical-align:top"><p>Added new section <a href="policy-csp-bluetooth.md#servicesallowedlist-usage-guide" data-raw-source="[ServicesAllowedList usage guide](policy-csp-bluetooth.md#servicesallowedlist-usage-guide)">ServicesAllowedList usage guide</a>.</p>
-</td></tr>
-<tr>
-<td style="vertical-align:top"><a href="multisim-csp.md" data-raw-source="[MultiSIM CSP](multisim-csp.md)">MultiSIM CSP</a></td>
-<td style="vertical-align:top"><p>Added SyncML examples and updated the settings descriptions.</p>
-</td></tr>
-<tr class="odd">
-<td style="vertical-align:top"><a href="remotewipe-csp.md" data-raw-source="[RemoteWipe CSP](remotewipe-csp.md)">RemoteWipe CSP</a></td>
-<td style="vertical-align:top"><p>Reverted back to Windows 10, version 1709. Removed previous draft documentation for version 1803.</p>
-</td></tr>
-</tbody>
-</table>
-
-### February 2018
-
-<table class="mx-tdBreakAll">
-<colgroup>
-<col width="25%" />
-<col width="75%" />
-</colgroup>
-<thead>
-<tr class="header">
-<th>New or updated topic</th>
-<th>Description</th>
-</tr>
-</thead>
-<tbody>
-<tr>
-<td style="vertical-align:top"><a href="policy-configuration-service-provider.md" data-raw-source="[Policy CSP](policy-configuration-service-provider.md)">Policy CSP</a></td>
-<td style="vertical-align:top"><p>Added the following new policies for Windows 10, version 1803:</p>
-<ul>
-<li>Display/DisablePerProcessDpiForApps</li>
-<li>Display/EnablePerProcessDpi</li>
-<li>Display/EnablePerProcessDpiForApps</li>
-<li>Experience/AllowWindowsSpotlightOnSettings</li>
-<li>TextInput/ForceTouchKeyboardDockedState</li>
-<li>TextInput/TouchKeyboardDictationButtonAvailability</li>
-<li>TextInput/TouchKeyboardEmojiButtonAvailability</li>
-<li>TextInput/TouchKeyboardFullModeAvailability</li>
-<li>TextInput/TouchKeyboardHandwritingModeAvailability</li>
-<li>TextInput/TouchKeyboardNarrowModeAvailability</li>
-<li>TextInput/TouchKeyboardSplitModeAvailability</li>
-<li>TextInput/TouchKeyboardWideModeAvailability</li>
-<ul>
-</td></tr>
-<tr class="odd">
-<td style="vertical-align:top"><a href="vpnv2-profile-xsd.md" data-raw-source="[VPNv2 ProfileXML XSD](vpnv2-profile-xsd.md)">VPNv2 ProfileXML XSD</a></td>
-<td style="vertical-align:top"><p>Updated the XSD and Plug-in profile example for VPNv2 CSP.</p>
-</td></tr>
-<tr class="odd">
-<td style="vertical-align:top"><a href="assignedaccess-csp.md" data-raw-source="[AssignedAccess CSP](assignedaccess-csp.md)">AssignedAccess CSP</a></td>
-<td style="vertical-align:top"><p>Added the following nodes in Windows 10, version 1803:</p>
-<ul>
-<li>Status</li>
-<li>ShellLauncher</li>
-<li>StatusConfiguration</li>
-</ul>
-<p>Updated the AssigneAccessConfiguration schema. Starting in Windows 10, version 1803 AssignedAccess CSP is supported in HoloLens (1st gen) Commercial Suite. Added example for HoloLens (1st gen) Commercial Suite.</p>
-</td></tr>
-<tr class="odd">
-<td style="vertical-align:top"><a href="multisim-csp.md" data-raw-source="[MultiSIM CSP](multisim-csp.md)">MultiSIM CSP</a></td>
-<td style="vertical-align:top"><p>Added a new CSP in Windows 10, version 1803.</p>
-</td></tr>
-<tr class="odd">
-<td style="vertical-align:top"><a href="enterprisemodernappmanagement-csp.md" data-raw-source="[EnterpriseModernAppManagement CSP](enterprisemodernappmanagement-csp.md)">EnterpriseModernAppManagement CSP</a></td>
-<td style="vertical-align:top"><p>Added the following node in Windows 10, version 1803:</p>
-<ul>
-<li>MaintainProcessorArchitectureOnUpdate</li>
-</ul>
-</td></tr>
-</tbody>
-</table>
-
-### January 2018
-
-<table class="mx-tdBreakAll">
-<colgroup>
-<col width="25%" />
-<col width="75%" />
-</colgroup>
-<thead>
-<tr class="header">
-<th>New or updated topic</th>
-<th>Description</th>
-</tr>
-</thead>
-<tbody>
-<tr>
-<td style="vertical-align:top"><a href="policy-configuration-service-provider.md" data-raw-source="[Policy CSP](policy-configuration-service-provider.md)">Policy CSP</a></td>
-<td style="vertical-align:top"><p>Added the following new policies for Windows 10, version 1803:</p>
-<ul>
-<li>Browser/AllowConfigurationUpdateForBooksLibrary</li>
-<li>Browser/AlwaysEnableBooksLibrary</li>
-<li>Browser/EnableExtendedBooksTelemetry</li>
-<li>Browser/UseSharedFolderForBooks</li>
-<li>DeliveryOptimization/DODelayBackgroundDownloadFromHttp</li>
-<li>DeliveryOptimization/DODelayForegroundDownloadFromHttp</li>
-<li>DeliveryOptimization/DOGroupIdSource</li>
-<li>DeliveryOptimization/DOPercentageMaxBackDownloadBandwidth</li>
-<li>DeliveryOptimization/DOPercentageMaxForeDownloadBandwidth</li>
-<li>DeliveryOptimization/DORestrictPeerSelectionBy</li>
-<li>DeliveryOptimization/DOSetHoursToLimitBackgroundDownloadBandwidth</li>
-<li>DeliveryOptimization/DOSetHoursToLimitForegroundDownloadBandwidth</li>
-<li>KioskBrowser/BlockedUrlExceptions</li>
-<li>KioskBrowser/BlockedUrls</li>
-<li>KioskBrowser/DefaultURL</li>
-<li>KioskBrowser/EnableHomeButton</li>
-<li>KioskBrowser/EnableNavigationButtons</li>
-<li>KioskBrowser/RestartOnIdleTime</li>
-<li>LocalPoliciesSecurityOptions/Devices_AllowUndockWithoutHavingToLogon</li>
-<li>LocalPoliciesSecurityOptions/Devices_AllowedToFormatAndEjectRemovableMedia</li>
-<li>LocalPoliciesSecurityOptions/Devices_PreventUsersFromInstallingPrinterDriversWhenConnectingToSharedPrinters</li>
-<li>LocalPoliciesSecurityOptions/Devices_RestrictCDROMAccessToLocallyLoggedOnUserOnly</li>
-<li>LocalPoliciesSecurityOptions/InteractiveLogon_SmartCardRemovalBehavior</li>
-<li>LocalPoliciesSecurityOptions/MicrosoftNetworkClient_DigitallySignCommunicationsIfServerAgrees</li>
-<li>LocalPoliciesSecurityOptions/MicrosoftNetworkClient_SendUnencryptedPasswordToThirdPartySMBServers</li>
-<li>LocalPoliciesSecurityOptions/MicrosoftNetworkServer_DigitallySignCommunicationsAlways</li>
-<li>LocalPoliciesSecurityOptions/MicrosoftNetworkServer_DigitallySignCommunicationsIfClientAgrees</li>
-<li>LocalPoliciesSecurityOptions/NetworkAccess_DoNotAllowAnonymousEnumerationOfSAMAccounts</li>
-<li>LocalPoliciesSecurityOptions/NetworkAccess_DoNotAllowAnonymousEnumerationOfSamAccountsAndShares</li>
-<li>LocalPoliciesSecurityOptions/NetworkAccess_RestrictAnonymousAccessToNamedPipesAndShares</li>
-<li>LocalPoliciesSecurityOptions/NetworkAccess_RestrictClientsAllowedToMakeRemoteCallsToSAM</li>
-<li>LocalPoliciesSecurityOptions/NetworkSecurity_DoNotStoreLANManagerHashValueOnNextPasswordChange</li>
-<li>LocalPoliciesSecurityOptions/NetworkSecurity_LANManagerAuthenticationLevel</li>
-<li>LocalPoliciesSecurityOptions/NetworkSecurity_MinimumSessionSecurityForNTLMSSPBasedClients</li>
-<li>LocalPoliciesSecurityOptions/NetworkSecurity_MinimumSessionSecurityForNTLMSSPBasedServers</li>
-<li>LocalPoliciesSecurityOptions/Shutdown_ClearVirtualMemoryPageFile</li>
-<li>LocalPoliciesSecurityOptions/UserAccountControl_DetectApplicationInstallationsAndPromptForElevation</li>
-<li>LocalPoliciesSecurityOptions/UserAccountControl_UseAdminApprovalMode</li>
-<li>RestrictedGroups/ConfigureGroupMembership</li>
-<li>Search/AllowCortanaInAAD</li>
-<li>Search/DoNotUseWebResults</li>
-<li>Security/ConfigureWindowsPasswords</li>
-<li>System/FeedbackHubAlwaysSaveDiagnosticsLocally</li>
-<li>SystemServices/ConfigureHomeGroupListenerServiceStartupMode</li>
-<li>SystemServices/ConfigureHomeGroupProviderServiceStartupMode</li>
-<li>SystemServices/ConfigureXboxAccessoryManagementServiceStartupMode</li>
-<li>SystemServices/ConfigureXboxLiveAuthManagerServiceStartupMode</li>
-<li>SystemServices/ConfigureXboxLiveGameSaveServiceStartupMode</li>
-<li>SystemServices/ConfigureXboxLiveNetworkingServiceStartupMode</li>
-<li>TaskScheduler/EnableXboxGameSaveTask</li>
-<li>TextInput/EnableTouchKeyboardAutoInvokeInDesktopMode</li>
-<li>Update/ConfigureFeatureUpdateUninstallPeriod</li>
-<li>UserRights/AccessCredentialManagerAsTrustedCaller</li>
-<li>UserRights/AccessFromNetwork</li>
-<li>UserRights/ActAsPartOfTheOperatingSystem</li>
-<li>UserRights/AllowLocalLogOn</li>
-<li>UserRights/BackupFilesAndDirectories</li>
-<li>UserRights/ChangeSystemTime</li>
-<li>UserRights/CreateGlobalObjects</li>
-<li>UserRights/CreatePageFile</li>
-<li>UserRights/CreatePermanentSharedObjects</li>
-<li>UserRights/CreateSymbolicLinks</li>
-<li>UserRights/CreateToken</li>
-<li>UserRights/DebugPrograms</li>
-<li>UserRights/DenyAccessFromNetwork</li>
-<li>UserRights/DenyLocalLogOn</li>
-<li>UserRights/DenyRemoteDesktopServicesLogOn</li>
-<li>UserRights/EnableDelegation</li>
-<li>UserRights/GenerateSecurityAudits</li>
-<li>UserRights/ImpersonateClient</li>
-<li>UserRights/IncreaseSchedulingPriority</li>
-<li>UserRights/LoadUnloadDeviceDrivers</li>
-<li>UserRights/LockMemory</li>
-<li>UserRights/ManageAuditingAndSecurityLog</li>
-<li>UserRights/ManageVolume</li>
-<li>UserRights/ModifyFirmwareEnvironment</li>
-<li>UserRights/ModifyObjectLabel</li>
-<li>UserRights/ProfileSingleProcess</li>
-<li>UserRights/RemoteShutdown</li>
-<li>UserRights/RestoreFilesAndDirectories</li>
-<li>UserRights/TakeOwnership</li>
-<li>WindowsDefenderSecurityCenter/DisableAccountProtectionUI</li>
-<li>WindowsDefenderSecurityCenter/DisableDeviceSecurityUI</li>
-<li>WindowsDefenderSecurityCenter/HideRansomwareDataRecovery</li>
-<li>WindowsDefenderSecurityCenter/HideSecureBoot</li>
-<li>WindowsDefenderSecurityCenter/HideTPMTroubleshooting</li>
-</ul>
-<p>Added the following policies the were added in Windows 10, version 1709</p>
-<ul>
-<li>DeviceLock/MinimumPasswordAge</li>
-<li>Settings/AllowOnlineTips</li>
-<li>System/DisableEnterpriseAuthProxy </li>
-</ul>
-<p>Security/RequireDeviceEncryption - updated to show it is supported in desktop.</p>
-</tr>
-<tr class="odd">
-<td style="vertical-align:top"><a href="bitlocker-csp.md" data-raw-source="[BitLocker CSP](bitlocker-csp.md)">BitLocker CSP</a></td>
-<td style="vertical-align:top"><p>Updated the description for AllowWarningForOtherDiskEncryption to describe changes added in Windows 10, version 1803.</p>
-</td></tr>
-<tr class="odd">
-<td style="vertical-align:top"><a href="enterprisemodernappmanagement-csp.md" data-raw-source="[EnterpriseModernAppManagement CSP](enterprisemodernappmanagement-csp.md)">EnterpriseModernAppManagement CSP</a></td>
-<td style="vertical-align:top"><p>Added new node MaintainProcessorArchitectureOnUpdate in Windows 10, next major update.</p>
-</td></tr>
-<tr class="odd">
-<td style="vertical-align:top"><a href="dmclient-csp.md" data-raw-source="[DMClient CSP](dmclient-csp.md)">DMClient CSP</a></td>
-<td style="vertical-align:top"><p>Added ./User/Vendor/MSFT/DMClient/Provider/[ProviderID]/FirstSyncStatus node. Also added the following nodes in Windows 10, version 1803:</p>
-<ul>
-<li>AADSendDeviceToken</li>
-<li>BlockInStatusPage</li>
-<li>AllowCollectLogsButton</li>
-<li>CustomErrorText</li>
-<li>SkipDeviceStatusPage</li>
-<li>SkipUserStatusPage</li>
-</ul>
-</td></tr>
-<tr class="odd">
-<td style="vertical-align:top"><a href="defender-csp.md" data-raw-source="[Defender CSP](defender-csp.md)">Defender CSP</a></td>
-<td style="vertical-align:top"><p>Added new node (OfflineScan) in Windows 10, version 1803.</p>
-</td></tr>
-<tr class="odd">
-<td style="vertical-align:top"><a href="uefi-csp.md" data-raw-source="[UEFI CSP](uefi-csp.md)">UEFI CSP</a></td>
-<td style="vertical-align:top"><p>Added a new CSP in Windows 10, version 1803.</p>
-</td></tr>
-<tr class="odd">
-<td style="vertical-align:top"><a href="update-csp.md" data-raw-source="[Update CSP](update-csp.md)">Update CSP</a></td>
-<td style="vertical-align:top"><p>Added the following nodes in Windows 10, version 1803:</p>
-<ul>
-<li>Rollback</li>
-<li>Rollback/FeatureUpdate</li>
-<li>Rollback/QualityUpdateStatus</li>
-<li>Rollback/FeatureUpdateStatus</li>
-</ul>
-</td></tr>
-</tbody>
-</table>
-
-### December 2017
-
-<table class="mx-tdBreakAll">
-<colgroup>
-<col width="25%" />
-<col width="75%" />
-</colgroup>
-<thead>
-<tr class="header">
-<th>New or updated topic</th>
-<th>Description</th>
-</tr>
-</thead>
-<tbody>
-<tr class="odd">
-<td style="vertical-align:top"><a href="configuration-service-provider-reference.md" data-raw-source="[Configuration service provider reference](configuration-service-provider-reference.md)">Configuration service provider reference</a></td>
-<td style="vertical-align:top"><p>Added new section <a href="configuration-service-provider-reference.md#csp-ddf-files-download" data-raw-source="[CSP DDF files download](configuration-service-provider-reference.md#csp-ddf-files-download)">CSP DDF files download</a></p>
-</td></tr>
-</tbody>
-</table>
-
-### November 2017
-
-<table class="mx-tdBreakAll">
-<colgroup>
-<col width="25%" />
-<col width="75%" />
-</colgroup>
-<thead>
-<tr class="header">
-<th>New or updated topic</th>
-<th>Description</th>
-</tr>
-</thead>
-<tbody>
-<tr class="odd">
-<td style="vertical-align:top"><a href="policy-configuration-service-provider.md" data-raw-source="[Policy CSP](policy-configuration-service-provider.md)">Policy CSP</a></td>
-<td style="vertical-align:top"><p>Added the following policies for Windows 10, version 1709:</p>
-<ul>
-<li>Authentication/AllowFidoDeviceSignon</li>
-<li>Cellular/LetAppsAccessCellularData</li>
-<li>Cellular/LetAppsAccessCellularData_ForceAllowTheseApps</li>
-<li>Cellular/LetAppsAccessCellularData_ForceDenyTheseApps</li>
-<li>Cellular/LetAppsAccessCellularData_UserInControlOfTheseApps</li>
-<li>Start/HidePeopleBar</li>
-<li>Storage/EnhancedStorageDevices</li>
-<li>Update/ManagePreviewBuilds</li>
-<li>WirelessDisplay/AllowMdnsAdvertisement</li>
-<li>WirelessDisplay/AllowMdnsDiscovery</li>
-</ul>
-<p>Added missing policies from previous releases:</p>
-<ul>
-<li>Connectivity/DisallowNetworkConnectivityActiveTest</li>
-<li>Search/AllowWindowsIndexer</li>
-</ul>
-</td></tr>
-</tbody>
-</table>
-
-### October 2017
-
-<table class="mx-tdBreakAll">
-<colgroup>
-<col width="25%" />
-<col width="75%" />
-</colgroup>
-<thead>
-<tr class="header">
-<th>New or updated topic</th>
-<th>Description</th>
-</tr>
-</thead>
-<tbody>
-<tr class="odd">
-<td style="vertical-align:top"><a href="policy-ddf-file.md" data-raw-source="[Policy DDF file](policy-ddf-file.md)">Policy DDF file</a></td>
-<td style="vertical-align:top"><p>Updated the DDF content for Windows 10 version 1709. Added a link to the download of Policy DDF for Windows 10, version 1709.</p>
-</td></tr>
-<tr class="odd">
-<td style="vertical-align:top"><a href="policy-configuration-service-provider.md" data-raw-source="[Policy CSP](policy-configuration-service-provider.md)">Policy CSP</a></td>
-<td style="vertical-align:top"><p>Updated the following policies:</p>
-<ul>
-<li>Defender/ControlledFolderAccessAllowedApplications - string separator is |.</li>
-<li>Defender/ControlledFolderAccessProtectedFolders - string separator is |.</li>
-</ul>
-</td></tr>
-<tr class="even">
-<td style="vertical-align:top"><a href="euiccs-csp.md" data-raw-source="[eUICCs CSP](euiccs-csp.md)">eUICCs CSP</a></td>
-<td style="vertical-align:top"><p>Added new CSP in Windows 10, version 1709.</p>
-</td></tr>
-<tr class="odd">
-<td style="vertical-align:top"><a href="assignedaccess-csp.md" data-raw-source="[AssignedAccess CSP](assignedaccess-csp.md)">AssignedAccess CSP</a></td>
-<td style="vertical-align:top"><p>Added SyncML examples for the new Configuration node.</p>
-</td></tr>
-<tr class="odd">
-<td style="vertical-align:top"><a href="dmclient-csp.md" data-raw-source="[DMClient CSP](dmclient-csp.md)">DMClient CSP</a></td>
-<td style="vertical-align:top"><p>Added new nodes to the DMClient CSP in Windows 10, version 1709. Updated the CSP and DDF topics.</p>
-</td></tr>
-</tbody>
-</table>
-
-
-### September 2017
-
-<table class="mx-tdBreakAll">
-<colgroup>
-<col width="25%" />
-<col width="75%" />
-</colgroup>
-<thead>
-<tr class="header">
-<th>New or updated topic</th>
-<th>Description</th>
-</tr>
-</thead>
-<tbody>
-<tr class="odd">
-<td style="vertical-align:top"><a href="policy-configuration-service-provider.md" data-raw-source="[Policy CSP](policy-configuration-service-provider.md)">Policy CSP</a></td>
-<td style="vertical-align:top"><p>Added the following new policies for Windows 10, version 1709:</p>
-<ul>
-<li>Authentication/AllowAadPasswordReset</li>
-<li>Handwriting/PanelDefaultModeDocked</li>
-<li>Search/AllowCloudSearch</li>
-<li>System/LimitEnhancedDiagnosticDataWindowsAnalytics</li>
-</ul>
-<p>Added new settings to Update/BranchReadinessLevel policy in Windows 10 version 1709.</p>
-</td></tr>
-<tr class="even">
-<td style="vertical-align:top"><a href="assignedaccess-csp.md" data-raw-source="[AssignedAccess CSP](assignedaccess-csp.md)">AssignedAccess CSP</a></td>
-<td style="vertical-align:top"><p>Starting in Windows 10, version 1709, AssignedAccess CSP is also supported in Windows 10 Pro.</p>
-</td></tr>
-<tr class="odd">
-<td style="vertical-align:top">Microsoft Store for Business and Microsoft Store</td>
-<td style="vertical-align:top"><p>Windows Store for Business name changed to Microsoft Store for Business. Windows Store name changed to Microsoft Store.</p>
-</td></tr>
-<tr class="even">
-<td style="vertical-align:top">The <a href="https://msdn.microsoft.com/library/mt221945.aspx" data-raw-source="[\[MS-MDE2\]: Mobile Device Enrollment Protocol Version 2](https://msdn.microsoft.com/library/mt221945.aspx)">[MS-MDE2]: Mobile Device Enrollment Protocol Version 2</a></td>
-<td style="vertical-align:top"><p>The Windows 10 enrollment protocol was updated. The following elements were added to the RequestSecurityToken message:</p>
-<ul>
-<li>UXInitiated - boolean value that indicates whether the enrollment is user initiated from the Settings page. </li>
-<li>ExternalMgmtAgentHint - a string the agent uses to give hints the enrollment server may need.</li>
-<li>DomainName - fully qualified domain name if the device is domain-joined.</li>
-</ul>
-<p>For examples, see section 4.3.1 RequestSecurityToken of the MS-MDE2 protocol documentation.</p>
-</td></tr>
-<tr class="odd">
-<td style="vertical-align:top"><a href="enterpriseapn-csp.md" data-raw-source="[EnterpriseAPN CSP](enterpriseapn-csp.md)">EnterpriseAPN CSP</a></td>
-<td style="vertical-align:top"><p>Added a SyncML example.</p>
-</td></tr>
-<tr class="odd">
-<td style="vertical-align:top"><a href="vpnv2-csp.md" data-raw-source="[VPNv2 CSP](vpnv2-csp.md)">VPNv2 CSP</a></td>
-<td style="vertical-align:top"><p>Added RegisterDNS setting in Windows 10, version 1709.</p>
-</td></tr>
-<tr class="odd">
-<td style="vertical-align:top"><a href="enroll-a-windows-10-device-automatically-using-group-policy.md" data-raw-source="[Enroll a Windows 10 device automatically using Group Policy](enroll-a-windows-10-device-automatically-using-group-policy.md)">Enroll a Windows 10 device automatically using Group Policy</a></td>
-<td style="vertical-align:top"><p>Added new topic to introduce a new Group Policy for automatic MDM enrollment.</p>
-</td></tr>
-<tr class="odd">
-<td style="vertical-align:top"><a href="mdm-enrollment-of-windows-devices.md" data-raw-source="[MDM enrollment of Windows-based devices](mdm-enrollment-of-windows-devices.md)">MDM enrollment of Windows-based devices</a></td>
-<td style="vertical-align:top"><p>New features in the Settings app:</p>
-<ul>
-<li>User sees installation progress of critical policies during MDM enrollment.</li>
-<li>User knows what policies, profiles, apps MDM has configured</li>
-<li>IT helpdesk can get detailed MDM diagnostic information using client tools</li>
-</ul>
-<p>For details, see <a href="mdm-enrollment-of-windows-devices.md#manage-connections" data-raw-source="[Manage connections](mdm-enrollment-of-windows-devices.md#manage-connections)">Managing connections</a> and <a href="mdm-enrollment-of-windows-devices.md#collecting-diagnostic-logs" data-raw-source="[Collecting diagnostic logs](mdm-enrollment-of-windows-devices.md#collecting-diagnostic-logs)">Collecting diagnostic logs</a></p>
-</td></tr>
-</tbody>
-</table>
-
-### August 2017
-
-<table class="mx-tdBreakAll">
-<colgroup>
-<col width="25%" />
-<col width="75%" />
-</colgroup>
-<thead>
-<tr class="header">
-<th>New or updated topic</th>
-<th>Description</th>
-</tr>
-</thead>
-<tbody>
-<tr class="odd">
-<td style="vertical-align:top"><a href="enable-admx-backed-policies-in-mdm.md" data-raw-source="[Enable ADMX-backed policies in MDM](enable-admx-backed-policies-in-mdm.md)">Enable ADMX-backed policies in MDM</a></td>
-<td style="vertical-align:top"><p>Added new step-by-step guide to enable ADMX-backed policies.</p>
-</td></tr>
-<tr class="odd">
-<td style="vertical-align:top"><a href="mobile-device-enrollment.md" data-raw-source="[Mobile device enrollment](mobile-device-enrollment.md)">Mobile device enrollment</a></td>
-<td style="vertical-align:top"><p>Added the following statement:</p>
-<ul>
-<li>Devices that are joined to an on-premises Active Directory can enroll into MDM via the Work access page in <strong>Settings</strong>. However, the enrollment can only target the user enrolled with user-specific policies. Device targeted policies will continue to impact all users of the device.</li>
-</ul>
-</td></tr>
-<tr class="odd">
-<td style="vertical-align:top"><a href="cm-cellularentries-csp.md" data-raw-source="[CM\_CellularEntries CSP](cm-cellularentries-csp.md)">CM_CellularEntries CSP</a></td>
-<td style="vertical-align:top"><p>Updated the description of the PuposeGroups node to add the GUID for applications. This node is required instead of optional.</p>
-</td></tr>
-<tr class="odd">
-<td style="vertical-align:top"><a href="enterprisedataprotection-csp.md" data-raw-source="[EnterpriseDataProtection CSP](enterprisedataprotection-csp.md)">EnterpriseDataProtection CSP</a></td>
-<td style="vertical-align:top"><p>Updated the Settings/EDPEnforcementLevel values to the following:</p>
-<ul>
-<li> 0 (default) – Off / No protection (decrypts previously protected data).</li>
-<li>  1 – Silent mode (encrypt and audit only).</li>
-<li>  2 – Allow override mode (encrypt, prompt and allow overrides, and audit).</li>
-<li>  3 – Hides overrides (encrypt, prompt but hide overrides, and audit).</li>
-</ul>
-</td></tr>
-<tr class="odd">
-<td style="vertical-align:top"><a href="applocker-csp.md" data-raw-source="[AppLocker CSP](applocker-csp.md)">AppLocker CSP</a></td>
-<td style="vertical-align:top"><p>Added two new SyncML examples (to disable the calendar app and to block usage of the map app) in <a href="applocker-csp.md#allow-list-examples" data-raw-source="[Allowlist examples](applocker-csp.md#allow-list-examples)">Allow list examples</a>.</p>
-</td></tr>
-<tr class="odd">
-<td style="vertical-align:top"><a href="devicemanageability-csp.md" data-raw-source="[DeviceManageability CSP](devicemanageability-csp.md)">DeviceManageability CSP</a></td>
-<td style="vertical-align:top"><p>Added the following settings in Windows 10, version 1709:</p>
-<ul>
-<li>Provider/<em>ProviderID</em>/ConfigInfo</li>
-<li> Provider/<em>ProviderID</em>/EnrollmentInfo</li>
-</ul>
-</td></tr>
-<tr class="odd">
-<td style="vertical-align:top"><a href="office-csp.md" data-raw-source="[Office CSP](office-csp.md)">Office CSP</a></td>
-<td style="vertical-align:top"><p>Added the following setting in Windows 10, version 1709:</p>
-<ul>
-<li>Installation/CurrentStatus</li>
-</ul>
-</td></tr>
-<tr class="odd">
-<td style="vertical-align:top"><a href="bitlocker-csp.md" data-raw-source="[BitLocker CSP](bitlocker-csp.md)">BitLocker CSP</a></td>
-<td style="vertical-align:top">Added information to the ADMX-backed policies. Changed the minimum personal identification number (PIN) length to 4 digits in SystemDrivesRequireStartupAuthentication and SystemDrivesMinimumPINLength in Windows 10, version 1709.
-</td></tr>
-<tr class="odd">
-<td style="vertical-align:top"><a href="firewall-csp.md" data-raw-source="[Firewall CSP](firewall-csp.md)">Firewall CSP</a></td>
-<td style="vertical-align:top">Updated the CSP and DDF topics. Here are the changes:
-<ul>
-<li>Removed the two settings - FirewallRules/FirewallRuleName/FriendlyName and FirewallRules/FirewallRuleName/IcmpTypesAndCodes.</li>
-<li>Changed some data types from integer to bool.</li>
-<li>Updated the list of supported operations for some settings.</li>
-<li>Added default values.</li>
-</ul>
-</td></tr>
-<tr class="odd">
-<td style="vertical-align:top"><a href="policy-ddf-file.md" data-raw-source="[Policy DDF file](policy-ddf-file.md)">Policy DDF file</a></td>
-<td style="vertical-align:top">Added another Policy DDF file <a href="https://download.microsoft.com/download/6/1/C/61C022FD-6F5D-4F73-9047-17F630899DC4/PolicyDDF_all_version1607_8C.xml" data-raw-source="[download](https://download.microsoft.com/download/6/1/C/61C022FD-6F5D-4F73-9047-17F630899DC4/PolicyDDF_all_version1607_8C.xml)">download</a> for the 8C release of Windows 10, version 1607, which added the following policies:
-<ul>
-<li>Browser/AllowMicrosoftCompatibilityList</li>
-<li>Update/DisableDualScan</li>
-<li>Update/FillEmptyContentUrls</li>
-</ul>
-</td></tr>
-<tr class="even">
-<td style="vertical-align:top"><a href="policy-configuration-service-provider.md" data-raw-source="[Policy CSP](policy-configuration-service-provider.md)">Policy CSP</a></td>
-<td style="vertical-align:top"><p>Added the following new policies for Windows 10, version 1709:</p>
-<ul>
-<li>Browser/ProvisionFavorites</li>
-<li>Browser/LockdownFavorites</li>
-<li>ExploitGuard/ExploitProtectionSettings</li>
-<li>Games/AllowAdvancedGamingServices</li>
-<li>LocalPoliciesSecurityOptions/Accounts_BlockMicrosoftAccounts</li>
-<li>LocalPoliciesSecurityOptions/Accounts_LimitLocalAccountUseOfBlankPasswordsToConsoleLogonOnly</li>
-<li>LocalPoliciesSecurityOptions/Accounts_RenameAdministratorAccount</li>
-<li>LocalPoliciesSecurityOptions/Accounts_RenameGuestAccount</li>
-<li>LocalPoliciesSecurityOptions/InteractiveLogon_DisplayUserInformationWhenTheSessionIsLocked</li>
-<li>LocalPoliciesSecurityOptions/Interactivelogon_DoNotDisplayLastSignedIn</li>
-<li>LocalPoliciesSecurityOptions/Interactivelogon_DoNotDisplayUsernameAtSignIn</li>
-<li>LocalPoliciesSecurityOptions/Interactivelogon_DoNotRequireCTRLALTDEL</li>
-<li>LocalPoliciesSecurityOptions/InteractiveLogon_MachineInactivityLimit</li>
-<li>LocalPoliciesSecurityOptions/InteractiveLogon_MessageTextForUsersAttemptingToLogOn</li>
-<li>LocalPoliciesSecurityOptions/InteractiveLogon_MessageTitleForUsersAttemptingToLogOn</li>
-<li>LocalPoliciesSecurityOptions/NetworkSecurity_AllowPKU2UAuthenticationRequests</li>
-<li>LocalPoliciesSecurityOptions/Shutdown_AllowSystemToBeShutDownWithoutHavingToLogOn</li>
-<li>LocalPoliciesSecurityOptions/UserAccountControl_AllowUIAccessApplicationsToPromptForElevation</li>
-<li>LocalPoliciesSecurityOptions/UserAccountControl_BehaviorOfTheElevationPromptForAdministrators</li>
-<li>LocalPoliciesSecurityOptions/UserAccountControl_BehaviorOfTheElevationPromptForStandardUsers</li>
-<li>LocalPoliciesSecurityOptions/UserAccountControl_OnlyElevateExecutableFilesThatAreSignedAndValidated</li>
-<li>LocalPoliciesSecurityOptions/UserAccountControl_OnlyElevateUIAccessApplicationsThatAreInstalledInSecureLocations</li>
-<li>LocalPoliciesSecurityOptions/UserAccountControl_RunAllAdministratorsInAdminApprovalMode</li>
-<li>LocalPoliciesSecurityOptions/UserAccountControl_SwitchToTheSecureDesktopWhenPromptingForElevation</li>
-<li>LocalPoliciesSecurityOptions/UserAccountControl_VirtualizeFileAndRegistryWriteFailuresToPerUserLocations</li>
-<li>Privacy/EnableActivityFeed</li>
-<li>Privacy/PublishUserActivities</li>
-<li>Update/DisableDualScan</li>
-<li>Update/AllowAutoWindowsUpdateDownloadOverMeteredNetwork</li>
-</ul>
-<p>Changed the name of new policy to CredentialProviders/DisableAutomaticReDeploymentCredentials from CredentialProviders/EnableWindowsAutopilotResetCredentials.</p>
-<p>Changed the names of the following policies:</p>
-<ul>
-<li>Defender/GuardedFoldersAllowedApplications to Defender/ControlledFolderAccessAllowedApplications</li>
-<li>Defender/GuardedFoldersList to Defender/ControlledFolderAccessProtectedFolders</li>
-<li>Defender/EnableGuardMyFolders to Defender/EnableControlledFolderAccess</li>
-</ul>
-<p>Added links to the additional <a href="policy-csp-bitlocker.md" data-raw-source="[ADMX-backed BitLocker policies](policy-csp-bitlocker.md)">ADMX-backed BitLocker policies</a>.</p>
-<p>There were issues reported with the previous release of the following policies. These issues were fixed in Window 10, version 1709:</p>
-<ul>
-<li>Privacy/AllowAutoAcceptPairingAndPrivacyConsentPrompts</li>
-<li>Start/HideAppList</li>
-</ul>
-</td></tr>
-</tbody>
-</table>
+To know what's changed in MDM documentation, see [Change history for MDM documentation](change-history-for-mdm-documentation.md).
diff --git a/windows/client-management/mdm/policy-csps-admx-backed.md b/windows/client-management/mdm/policies-in-policy-csp-admx-backed.md
similarity index 73%
rename from windows/client-management/mdm/policy-csps-admx-backed.md
rename to windows/client-management/mdm/policies-in-policy-csp-admx-backed.md
index a580f4a524..a26052c419 100644
--- a/windows/client-management/mdm/policy-csps-admx-backed.md
+++ b/windows/client-management/mdm/policies-in-policy-csp-admx-backed.md
@@ -1,6 +1,6 @@
 ---
-title: ADMX-backed policy CSPs
-description: ADMX-backed policy CSPs
+title: ADMX-backed policies in Policy CSP
+description: ADMX-backed policies in Policy CSP
 ms.reviewer: 
 manager: dansimp
 ms.author: dansimp
@@ -9,15 +9,15 @@ ms.prod: w10
 ms.technology: windows
 author: manikadhiman
 ms.localizationpriority: medium
-ms.date: 08/18/2020
+ms.date: 10/08/2020
 ---
 
-# ADMX-backed policy CSPs
+# ADMX-backed policies in Policy CSP
 
 > [!div class="op_single_selector"]
 >
-> - [Policy CSPs supported by Group Policy](policy-csps-supported-by-group-policy.md)
-> - [ADMX-backed policy-CSPs](policy-csps-admx-backed.md)
+> - [Policies in Policy CSP supported by Group Policy](policy-csps-supported-by-group-policy.md)
+> - [ADMX-backed policies in Policy CSP](policy-csps-admx-backed.md)
 >
 
 - [ActiveXControls/ApprovedInstallationSites](./policy-csp-activexcontrols.md#activexcontrols-approvedinstallationsites)
@@ -259,6 +259,212 @@ ms.date: 08/18/2020
 - [ADMX_ShellCommandPromptRegEditTools/DisableRegedit](./policy-csp-admx-shellcommandpromptregedittools.md#admx-shellcommandpromptregedittools-disableregedit)
 - [ADMX_ShellCommandPromptRegEditTools/DisallowApps](./policy-csp-admx-shellcommandpromptregedittools.md#admx-shellcommandpromptregedittools-disallowapps)
 - [ADMX_ShellCommandPromptRegEditTools/RestrictApps](./policy-csp-admx-shellcommandpromptregedittools.md#admx-shellcommandpromptregedittools-disablecmd)
+- [ADMX_Smartcard/AllowCertificatesWithNoEKU](./policy-csp-admx-smartcard.md#admx-smartcard-allowcertificateswithnoeku)
+- [ADMX_Smartcard/AllowIntegratedUnblock](./policy-csp-admx-smartcard.md#admx-smartcard-allowintegratedunblock)
+- [ADMX_Smartcard/AllowSignatureOnlyKeys](./policy-csp-admx-smartcard.md#admx-smartcard-allowsignatureonlykeys)
+- [ADMX_Smartcard/AllowTimeInvalidCertificates](./policy-csp-admx-smartcard.md#admx-smartcard-allowtimeinvalidcertificates)
+- [ADMX_Smartcard/CertPropEnabledString](./policy-csp-admx-smartcard.md#admx-smartcard-certpropenabledstring)
+- [ADMX_Smartcard/CertPropRootCleanupString](./policy-csp-admx-smartcard.md#admx-smartcard-certproprootcleanupstring)
+- [ADMX_Smartcard/CertPropRootEnabledString](./policy-csp-admx-smartcard.md#admx-smartcard-certproprootenabledstring)
+- [ADMX_Smartcard/DisallowPlaintextPin](./policy-csp-admx-smartcard.md#admx-smartcard-disallowplaintextpin)
+- [ADMX_Smartcard/EnumerateECCCerts](./policy-csp-admx-smartcard.md#admx-smartcard-enumerateecccerts)
+- [ADMX_Smartcard/FilterDuplicateCerts](./policy-csp-admx-smartcard.md#admx-smartcard-filterduplicatecerts)
+- [ADMX_Smartcard/ForceReadingAllCertificates](./policy-csp-admx-smartcard.md#admx-smartcard-forcereadingallcertificates)
+- [ADMX_Smartcard/IntegratedUnblockPromptString](./policy-csp-admx-smartcard.md#admx-smartcard-integratedunblockpromptstring)
+- [ADMX_Smartcard/ReverseSubject](./policy-csp-admx-smartcard.md#admx-smartcard-reversesubject)
+- [ADMX_Smartcard/SCPnPEnabled](./policy-csp-admx-smartcard.md#admx-smartcard-scpnpenabled)
+- [ADMX_Smartcard/SCPnPNotification](./policy-csp-admx-smartcard.md#admx-smartcard-scpnpnotification)
+- [ADMX_Smartcard/X509HintsNeeded](./policy-csp-admx-smartcard.md#admx-smartcard-x509hintsneeded)
+- [ADMX_Snmp/SNMP_Communities](./policy-csp-admx-snmp.md#admx-snmp-snmp-communities)
+- [ADMX_Snmp/SNMP_PermittedManagers](./policy-csp-admx-snmp.md#admx-snmp-snmp-permittedmanagers)
+- [ADMX_Snmp/SNMP_Traps_Public](./policy-csp-admx-snmp.md#admx-snmp-snmp-traps-public)
+- [ADMX_tcpip/6to4_Router_Name](./policy-csp-admx-tcpip.md#admx-tcpip-6to4-router-name)
+- [ADMX_tcpip/6to4_Router_Name_Resolution_Interval](./policy-csp-admx-tcpip.md#admx-tcpip-6to4-router-name-resolution-interval)
+- [ADMX_tcpip/6to4_State](./policy-csp-admx-tcpip.md#admx-tcpip-6to4-state)
+- [ADMX_tcpip/IPHTTPS_ClientState](./policy-csp-admx-tcpip.md#admx-tcpip-iphttps-clientstate)
+- [ADMX_tcpip/IP_Stateless_Autoconfiguration_Limits_State](./policy-csp-admx-tcpip.md#admx-tcpip-ip-stateless-autoconfiguration-limits-state)
+- [ADMX_tcpip/ISATAP_Router_Name](./policy-csp-admx-tcpip.md#admx-tcpip-isatap-router-name)
+- [ADMX_tcpip/ISATAP_State](./policy-csp-admx-tcpip.md#admx-tcpip-isatap-state)
+- [ADMX_tcpip/Teredo_Client_Port](./policy-csp-admx-tcpip.md#admx-tcpip-teredo-client-port)
+- [ADMX_tcpip/Teredo_Default_Qualified](./policy-csp-admx-tcpip.md#admx-tcpip-teredo-default-qualified)
+- [ADMX_tcpip/Teredo_Refresh_Rate](./policy-csp-admx-tcpip.md#admx-tcpip-teredo-refresh-rate)
+- [ADMX_tcpip/Teredo_Server_Name](./policy-csp-admx-tcpip.md#admx-tcpip-teredo-server-name)
+- [ADMX_tcpip/Teredo_State](./policy-csp-admx-tcpip.md#admx-tcpip-teredo-state)
+- [ADMX_tcpip/Windows_Scaling_Heuristics_State](./policy-csp-admx-tcpip.md#admx-tcpip-windows-scaling-heuristics-state)
+- [ADMX_Thumbnails/DisableThumbnails](./policy-csp-admx-thumbnails.md#admx-thumbnails-disablethumbnails)
+- [ADMX_Thumbnails/DisableThumbnailsOnNetworkFolders](./policy-csp-admx-thumbnails.md#admx-thumbnails-disablethumbnailsonnetworkfolders)
+- [ADMX_Thumbnails/DisableThumbsDBOnNetworkFolders](./policy-csp-admx-thumbnails.md#admx-thumbnails-disablethumbsdbonnetworkfolders)
+- [ADMX_TPM/BlockedCommandsList_Name](./policy-csp-admx-tpm.md#admx-tpm-blockedcommandslist-name)
+- [ADMX_TPM/ClearTPMIfNotReady_Name](./policy-csp-admx-tpm.md#admx-tpm-cleartpmifnotready-name)
+- [ADMX_TPM/IgnoreDefaultList_Name](./policy-csp-admx-tpm.md#admx-tpm-ignoredefaultlist-name)
+- [ADMX_TPM/IgnoreLocalList_Name](./policy-csp-admx-tpm.md#admx-tpm-ignorelocallist-name)
+- [ADMX_TPM/OSManagedAuth_Name](./policy-csp-admx-tpm.md#admx-tpm-osmanagedauth-name)
+- [ADMX_TPM/OptIntoDSHA_Name](./policy-csp-admx-tpm.md#admx-tpm-optintodsha-name)
+- [ADMX_TPM/StandardUserAuthorizationFailureDuration_Name](./policy-csp-admx-tpm.md#admx-tpm-standarduserauthorizationfailureduration-name)
+- [ADMX_TPM/StandardUserAuthorizationFailureIndividualThreshold_Name](./policy-csp-admx-tpm.md#admx-tpm-standarduserauthorizationfailureindividualthreshold-name)
+- [ADMX_TPM/StandardUserAuthorizationFailureTotalThreshold_Name](./policy-csp-admx-tpm.md#admx-tpm-standarduserauthorizationfailuretotalthreshold-name)
+- [ADMX_TPM/UseLegacyDAP_Name](./policy-csp-admx-tpm.md#admx-tpm-uselegacydap-name)
+- [ADMX_UserExperienceVirtualization/Calculator](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-calculator)
+- [ADMX_UserExperienceVirtualization/ConfigureSyncMethod](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-configuresyncmethod)
+- [ADMX_UserExperienceVirtualization/ConfigureVdi](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-configurevdi)
+- [ADMX_UserExperienceVirtualization/ContactITDescription](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-contactitdescription)
+- [ADMX_UserExperienceVirtualization/ContactITUrl](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-contactiturl)
+- [ADMX_UserExperienceVirtualization/DisableWin8Sync](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-disablewin8sync)
+- [ADMX_UserExperienceVirtualization/DisableWindowsOSSettings](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-disablewindowsossettings)
+- [ADMX_UserExperienceVirtualization/EnableUEV](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-enableuev)
+- [ADMX_UserExperienceVirtualization/Finance](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-finance)
+- [ADMX_UserExperienceVirtualization/FirstUseNotificationEnabled](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-firstusenotificationenabled)
+- [ADMX_UserExperienceVirtualization/Games](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-games)
+- [ADMX_UserExperienceVirtualization/InternetExplorer8](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-internetexplorer8)
+- [ADMX_UserExperienceVirtualization/InternetExplorer9](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-internetexplorer9)
+- [ADMX_UserExperienceVirtualization/InternetExplorer10](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-internetexplorer10)
+- [ADMX_UserExperienceVirtualization/InternetExplorer11](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-internetexplorer11)
+- [ADMX_UserExperienceVirtualization/InternetExplorerCommon](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-internetexplorercommon)
+- [ADMX_UserExperienceVirtualization/Maps](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-maps)
+- [ADMX_UserExperienceVirtualization/MaxPackageSizeInBytes](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-maxpackagesizeinbytes)
+- [ADMX_UserExperienceVirtualization/MicrosoftOffice2010Access](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2010access)
+- [ADMX_UserExperienceVirtualization/MicrosoftOffice2010Common](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2010common)
+- [ADMX_UserExperienceVirtualization/MicrosoftOffice2010Excel](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2010excel)
+- [ADMX_UserExperienceVirtualization/MicrosoftOffice2010InfoPath](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2010infopath)
+- [ADMX_UserExperienceVirtualization/MicrosoftOffice2010Lync](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2010lync)
+- [ADMX_UserExperienceVirtualization/MicrosoftOffice2010OneNote](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2010onenote)
+- [ADMX_UserExperienceVirtualization/MicrosoftOffice2010Outlook](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2010outlook)
+- [ADMX_UserExperienceVirtualization/MicrosoftOffice2010PowerPoint](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2010powerpoint)
+- [ADMX_UserExperienceVirtualization/MicrosoftOffice2010Project](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2010project)
+- [ADMX_UserExperienceVirtualization/MicrosoftOffice2010Publisher](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2010publisher)
+- [ADMX_UserExperienceVirtualization/MicrosoftOffice2010SharePointDesigner](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2010sharepointdesigner)
+- [ADMX_UserExperienceVirtualization/MicrosoftOffice2010SharePointWorkspace](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2010sharepointworkspace)
+- [ADMX_UserExperienceVirtualization/MicrosoftOffice2010Visio](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2010visio)
+- [ADMX_UserExperienceVirtualization/MicrosoftOffice2010Word](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2010word)
+- [ADMX_UserExperienceVirtualization/MicrosoftOffice2013Access](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2013access)
+- [ADMX_UserExperienceVirtualization/MicrosoftOffice2013AccessBackup](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2013accessbackup)
+- [ADMX_UserExperienceVirtualization/MicrosoftOffice2013Common](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2013common)
+- [ADMX_UserExperienceVirtualization/MicrosoftOffice2013CommonBackup](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2013commonbackup)
+- [ADMX_UserExperienceVirtualization/MicrosoftOffice2013Excel](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2013excel)
+- [ADMX_UserExperienceVirtualization/MicrosoftOffice2013ExcelBackup](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2013excelbackup)
+- [ADMX_UserExperienceVirtualization/MicrosoftOffice2013InfoPath](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2013infopath)
+- [ADMX_UserExperienceVirtualization/MicrosoftOffice2013InfoPathBackup](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2013infopathbackup)
+- [ADMX_UserExperienceVirtualization/MicrosoftOffice2013Lync](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2013lync)
+- [ADMX_UserExperienceVirtualization/MicrosoftOffice2013LyncBackup](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2013lyncbackup)
+- [ADMX_UserExperienceVirtualization/MicrosoftOffice2013OneDriveForBusiness](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2013onedriveforbusiness)
+- [ADMX_UserExperienceVirtualization/MicrosoftOffice2013OneNote](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2013onenote)
+- [ADMX_UserExperienceVirtualization/MicrosoftOffice2013OneNoteBackup](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2013onenotebackup)
+- [ADMX_UserExperienceVirtualization/MicrosoftOffice2013Outlook](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2013outlook)
+- [ADMX_UserExperienceVirtualization/MicrosoftOffice2013OutlookBackup](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2013outlookbackup)
+- [ADMX_UserExperienceVirtualization/MicrosoftOffice2013PowerPoint](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2013powerpoint)
+- [ADMX_UserExperienceVirtualization/MicrosoftOffice2013PowerPointBackup](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2013powerpointbackup)
+- [ADMX_UserExperienceVirtualization/MicrosoftOffice2013Project](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2013project)
+- [ADMX_UserExperienceVirtualization/MicrosoftOffice2013ProjectBackup](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2013projectbackup)
+- [ADMX_UserExperienceVirtualization/MicrosoftOffice2013Publisher](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2013publisher)
+- [ADMX_UserExperienceVirtualization/MicrosoftOffice2013PublisherBackup](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2013publisherbackup)
+- [ADMX_UserExperienceVirtualization/MicrosoftOffice2013SharePointDesigner](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2013sharepointdesigner)
+- [ADMX_UserExperienceVirtualization/MicrosoftOffice2013SharePointDesignerBackup](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2013sharepointdesignerbackup)
+- [ADMX_UserExperienceVirtualization/MicrosoftOffice2013UploadCenter](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2013uploadcenter)
+- [ADMX_UserExperienceVirtualization/MicrosoftOffice2013Visio](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2013visio)
+- [ADMX_UserExperienceVirtualization/MicrosoftOffice2013VisioBackup](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2013visiobackup)
+- [ADMX_UserExperienceVirtualization/MicrosoftOffice2013Word](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2013word)
+- [ADMX_UserExperienceVirtualization/MicrosoftOffice2013WordBackup](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2013wordbackup)
+- [ADMX_UserExperienceVirtualization/MicrosoftOffice2016Access](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2016access)
+- [ADMX_UserExperienceVirtualization/MicrosoftOffice2016AccessBackup](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2016accessbackup)
+- [ADMX_UserExperienceVirtualization/MicrosoftOffice2016Common](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2016common)
+- [ADMX_UserExperienceVirtualization/MicrosoftOffice2016CommonBackup](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2016commonbackup)
+- [ADMX_UserExperienceVirtualization/MicrosoftOffice2016Excel](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2016excel)
+- [ADMX_UserExperienceVirtualization/MicrosoftOffice2016ExcelBackup](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2016excelbackup)
+- [ADMX_UserExperienceVirtualization/MicrosoftOffice2016Lync](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2016lync)
+- [ADMX_UserExperienceVirtualization/MicrosoftOffice2016LyncBackup](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2016lyncbackup)
+- [ADMX_UserExperienceVirtualization/MicrosoftOffice2016OneDriveForBusiness](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2016onedriveforbusiness)
+- [ADMX_UserExperienceVirtualization/MicrosoftOffice2016OneNote](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2016onenote)
+- [ADMX_UserExperienceVirtualization/MicrosoftOffice2016OneNoteBackup](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2016onenotebackup)
+- [ADMX_UserExperienceVirtualization/MicrosoftOffice2016Outlook](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2016outlook)
+- [ADMX_UserExperienceVirtualization/MicrosoftOffice2016OutlookBackup](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2016outlookbackup)
+- [ADMX_UserExperienceVirtualization/MicrosoftOffice2016PowerPoint](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2016powerpoint)
+- [ADMX_UserExperienceVirtualization/MicrosoftOffice2016PowerPointBackup](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2016powerpointbackup)
+- [ADMX_UserExperienceVirtualization/MicrosoftOffice2016Project](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2016project)
+- [ADMX_UserExperienceVirtualization/MicrosoftOffice2016ProjectBackup](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2016projectbackup)
+- [ADMX_UserExperienceVirtualization/MicrosoftOffice2016Publisher](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2016publisher)
+- [ADMX_UserExperienceVirtualization/MicrosoftOffice2016PublisherBackup](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2016publisherbackup)
+- [ADMX_UserExperienceVirtualization/MicrosoftOffice2016UploadCenter](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2016uploadcenter)
+- [ADMX_UserExperienceVirtualization/MicrosoftOffice2016Visio](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2016visio)
+- [ADMX_UserExperienceVirtualization/MicrosoftOffice2016VisioBackup](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2016visiobackup)
+- [ADMX_UserExperienceVirtualization/MicrosoftOffice2016Word](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2016word)
+- [ADMX_UserExperienceVirtualization/MicrosoftOffice2016WordBackup](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2016wordbackup)
+- [ADMX_UserExperienceVirtualization/MicrosoftOffice365Access2013](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice365access2013)
+- [ADMX_UserExperienceVirtualization/MicrosoftOffice365Access2016](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice365access2016)
+- [ADMX_UserExperienceVirtualization/MicrosoftOffice365Common2013](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice365common2013)
+- [ADMX_UserExperienceVirtualization/MicrosoftOffice365Common2016](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice365common2016)
+- [ADMX_UserExperienceVirtualization/MicrosoftOffice365Excel2013](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice365excel2013)
+- [ADMX_UserExperienceVirtualization/MicrosoftOffice365Excel2016](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice365excel2016)
+- [ADMX_UserExperienceVirtualization/MicrosoftOffice365InfoPath2013](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice365infopath2013)
+- [ADMX_UserExperienceVirtualization/MicrosoftOffice365Lync2013](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice365lync2013)
+- [ADMX_UserExperienceVirtualization/MicrosoftOffice365Lync2016](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice365lync2016)
+- [ADMX_UserExperienceVirtualization/MicrosoftOffice365OneNote2013](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice365onenote2013)
+- [ADMX_UserExperienceVirtualization/MicrosoftOffice365OneNote2016](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice365onenote2016)
+- [ADMX_UserExperienceVirtualization/MicrosoftOffice365Outlook2013](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice365outlook2013)
+- [ADMX_UserExperienceVirtualization/MicrosoftOffice365Outlook2016](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice365outlook2016)
+- [ADMX_UserExperienceVirtualization/MicrosoftOffice365PowerPoint2013](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice365powerpoint2013)
+- [ADMX_UserExperienceVirtualization/MicrosoftOffice365PowerPoint2016](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice365powerpoint2016)
+- [ADMX_UserExperienceVirtualization/MicrosoftOffice365Project2013](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice365project2013)
+- [ADMX_UserExperienceVirtualization/MicrosoftOffice365Project2016](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice365project2016)
+- [ADMX_UserExperienceVirtualization/MicrosoftOffice365Publisher2013](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice365publisher2013)
+- [ADMX_UserExperienceVirtualization/MicrosoftOffice365Publisher2016](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice365publisher2016)
+- [ADMX_UserExperienceVirtualization/MicrosoftOffice365SharePointDesigner2013](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice365sharepointdesigner2013)
+- [ADMX_UserExperienceVirtualization/MicrosoftOffice365Visio2013](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice365visio2013)
+- [ADMX_UserExperienceVirtualization/MicrosoftOffice365Visio2016](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice365visio2016)
+- [ADMX_UserExperienceVirtualization/MicrosoftOffice365Word2013](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice365word2013)
+- [ADMX_UserExperienceVirtualization/MicrosoftOffice365Word2016](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice365word2016)
+- [ADMX_UserExperienceVirtualization/Music](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-music)
+- [ADMX_UserExperienceVirtualization/News](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-news)
+- [ADMX_UserExperienceVirtualization/Notepad](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-notepad)
+- [ADMX_UserExperienceVirtualization/Reader](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-reader)
+- [ADMX_UserExperienceVirtualization/RepositoryTimeout](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-repositorytimeout)
+- [ADMX_UserExperienceVirtualization/SettingsStoragePath](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-settingsstoragepath)
+- [ADMX_UserExperienceVirtualization/SettingsTemplateCatalogPath](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-settingstemplatecatalogpath)
+- [ADMX_UserExperienceVirtualization/Sports](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-sports)
+- [ADMX_UserExperienceVirtualization/SyncEnabled](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-syncenabled)
+- [ADMX_UserExperienceVirtualization/SyncOverMeteredNetwork](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-syncovermeterednetwork)
+- [ADMX_UserExperienceVirtualization/SyncOverMeteredNetworkWhenRoaming](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-syncovermeterednetworkwhenroaming)
+- [ADMX_UserExperienceVirtualization/SyncProviderPingEnabled](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-syncproviderpingenabled)
+- [ADMX_UserExperienceVirtualization/SyncUnlistedWindows8Apps](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-syncunlistedwindows8apps)
+- [ADMX_UserExperienceVirtualization/Travel](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-travel)
+- [ADMX_UserExperienceVirtualization/TrayIconEnabled](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-trayiconenabled)
+- [ADMX_UserExperienceVirtualization/Video](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-video)
+- [ADMX_UserExperienceVirtualization/Weather](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-weather)
+- [ADMX_UserExperienceVirtualization/Wordpad](./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-wordpad)
+- [ADMX_W32Time/W32TIME_POLICY_CONFIG](./policy-csp-admx-w32time.md#admx-w32time-policy-config)
+- [ADMX_W32Time/W32TIME_POLICY_CONFIGURE_NTPCLIENT](./policy-csp-admx-w32time.md#admx-w32time-policy-configure-ntpclient)
+- [ADMX_W32Time/W32TIME_POLICY_ENABLE_NTPCLIENT](./policy-csp-admx-w32time.md#admx-w32time-policy-enable-ntpclient)
+- [ADMX_W32Time/W32TIME_POLICY_ENABLE_NTPSERVER](./policy-csp-admx-w32time.md#admx-w32time-policy-enable-ntpserver)
+- [ADMX_WinCal/TurnOffWinCal_1](./policy-csp-admx-wincal.md#admx-wincal-turnoffwincal-1)
+- [ADMX_WinCal/TurnOffWinCal_2](./policy-csp-admx-wincal.md#admx-wincal-turnoffwincal-2)
+- [ADMX_WindowsAnytimeUpgrade/Disabled](./policy-csp-admx-windowsanytimeupgrade.md#admx-windowsanytimeupgrade-disabled)
+- [ADMX_WindowsConnectNow/WCN_DisableWcnUi_1](./policy-csp-admx-windowsconnectnow.md#admx-windowsconnectnow-wcn-disablewcnui-1)
+- [ADMX_WindowsConnectNow/WCN_DisableWcnUi_2](./policy-csp-admx-windowsconnectnow.md#admx-windowsconnectnow-wcn-disablewcnui-2)
+- [ADMX_WindowsConnectNow/WCN_EnableRegistrar](./policy-csp-admx-windowsconnectnow.md#admx-windowsconnectnow-wcn-enableregistrar)
+- [ADMX_WindowsMediaDRM/DisableOnline](./policy-csp-admx-windowsmediadrm.md#admx-windowsmediadrm-disableonline)
+- [ADMX_WindowsMediaPlayer/ConfigureHTTPProxySettings](./policy-csp-admx-windowsmediaplayer.md#admx-windowsmediaplayer-configurehttpproxysettings)
+- [ADMX_WindowsMediaPlayer/ConfigureMMSProxySettings](./policy-csp-admx-windowsmediaplayer.md#admx-windowsmediaplayer-configuremmsproxysettings)
+- [ADMX_WindowsMediaPlayer/ConfigureRTSPProxySettings](./policy-csp-admx-windowsmediaplayer.md#admx-windowsmediaplayer-configurertspproxysettings)
+- [ADMX_WindowsMediaPlayer/DisableAutoUpdate](./policy-csp-admx-windowsmediaplayer.md#admx-windowsmediaplayer-disableautoupdate)
+- [ADMX_WindowsMediaPlayer/DisableNetworkSettings](./policy-csp-admx-windowsmediaplayer.md#admx-windowsmediaplayer-disablenetworksettings)
+- [ADMX_WindowsMediaPlayer/DisableSetupFirstUseConfiguration](./policy-csp-admx-windowsmediaplayer.md#admx-windowsmediaplayer-disablesetupfirstuseconfiguration)
+- [ADMX_WindowsMediaPlayer/DoNotShowAnchor](./policy-csp-admx-windowsmediaplayer.md#admx-windowsmediaplayer-donotshowanchor)
+- [ADMX_WindowsMediaPlayer/DontUseFrameInterpolation](./policy-csp-admx-windowsmediaplayer.md#admx-windowsmediaplayer-dontuseframeinterpolation)
+- [ADMX_WindowsMediaPlayer/EnableScreenSaver](./policy-csp-admx-windowsmediaplayer.md#admx-windowsmediaplayer-enablescreensaver)
+- [ADMX_WindowsMediaPlayer/HidePrivacyTab](./policy-csp-admx-windowsmediaplayer.md#admx-windowsmediaplayer-hideprivacytab)
+- [ADMX_WindowsMediaPlayer/HideSecurityTab](./policy-csp-admx-windowsmediaplayer.md#admx-windowsmediaplayer-hidesecuritytab)
+- [ADMX_WindowsMediaPlayer/NetworkBuffering](./policy-csp-admx-windowsmediaplayer.md#admx-windowsmediaplayer-networkbuffering)
+- [ADMX_WindowsMediaPlayer/PolicyCodecUpdate](./policy-csp-admx-windowsmediaplayer.md#admx-windowsmediaplayer-policycodecupdate)
+- [ADMX_WindowsMediaPlayer/PreventCDDVDMetadataRetrieval](./policy-csp-admx-windowsmediaplayer.md#admx-windowsmediaplayer-preventcddvdmetadataretrieval)
+- [ADMX_WindowsMediaPlayer/PreventLibrarySharing](./policy-csp-admx-windowsmediaplayer.md#admx-windowsmediaplayer-preventlibrarysharing)
+- [ADMX_WindowsMediaPlayer/PreventMusicFileMetadataRetrieval](./policy-csp-admx-windowsmediaplayer.md#admx-windowsmediaplayer-preventmusicfilemetadataretrieval)
+- [ADMX_WindowsMediaPlayer/PreventQuickLaunchShortcut](./policy-csp-admx-windowsmediaplayer.md#admx-windowsmediaplayer-preventquicklaunchshortcut)
+- [ADMX_WindowsMediaPlayer/PreventRadioPresetsRetrieval](./policy-csp-admx-windowsmediaplayer.md#admx-windowsmediaplayer-preventradiopresetsretrieval)
+- [ADMX_WindowsMediaPlayer/PreventWMPDeskTopShortcut](./policy-csp-admx-windowsmediaplayer.md#admx-windowsmediaplayer-preventwmpdesktopshortcut)
+- [ADMX_WindowsMediaPlayer/SkinLockDown](./policy-csp-admx-windowsmediaplayer.md#admx-windowsmediaplayer-skinlockdown)
+- [ADMX_WindowsMediaPlayer/WindowsStreamingMediaProtocols](./policy-csp-admx-windowsmediaplayer.md#admx-windowsmediaplayer-windowsstreamingmediaprotocols)
+- [ADMX_WinInit/DisableNamedPipeShutdownPolicyDescription](./policy-csp-admx-wininit.md#admx-wininit-disablenamedpipeshutdownpolicydescription)
+- [ADMX_WinInit/Hiberboot](./policy-csp-admx-wininit.md#admx-wininit-hiberboot)
+- [ADMX_WinInit/ShutdownTimeoutHungSessionsDescription](./policy-csp-admx-wininit.md#admx-wininit-shutdowntimeouthungsessionsdescription)
 - [AppRuntime/AllowMicrosoftAccountsToBeOptional](./policy-csp-appruntime.md#appruntime-allowmicrosoftaccountstobeoptional)
 - [AppVirtualization/AllowAppVClient](./policy-csp-appvirtualization.md#appvirtualization-allowappvclient)
 - [AppVirtualization/AllowDynamicVirtualization](./policy-csp-appvirtualization.md#appvirtualization-allowdynamicvirtualization)
diff --git a/windows/client-management/mdm/policy-csps-supported-by-group-policy.md b/windows/client-management/mdm/policies-in-policy-csp-supported-by-group-policy.md
similarity index 99%
rename from windows/client-management/mdm/policy-csps-supported-by-group-policy.md
rename to windows/client-management/mdm/policies-in-policy-csp-supported-by-group-policy.md
index 651f088e72..09c680512c 100644
--- a/windows/client-management/mdm/policy-csps-supported-by-group-policy.md
+++ b/windows/client-management/mdm/policies-in-policy-csp-supported-by-group-policy.md
@@ -1,6 +1,6 @@
 ---
-title: Policy CSPs supported by Group Policy
-description: Policy CSPs supported by Group Policy
+title: Policies in Policy CSP supported by Group Policy
+description: Policies in Policy CSP supported by Group Policy
 ms.reviewer: 
 manager: dansimp
 ms.author: dansimp
@@ -12,12 +12,12 @@ ms.localizationpriority: medium
 ms.date: 07/18/2019
 ---
 
-# Policy CSPs supported by Group Policy
+# Policies in Policy CSP supported by Group Policy
 
 > [!div class="op_single_selector"]
 > 
-> - [Policy CSPs supported by Group Policy](policy-csps-supported-by-group-policy.md)
-> - [ADMX-backed policy CSPs](policy-csps-admx-backed.md)
+> - [Policies in Policy CSP supported by Group Policy](policy-csps-supported-by-group-policy.md)
+> - [ADMX-backed policies in Policy CSP](policy-csps-admx-backed.md)
 >
 
 - [AboveLock/AllowCortanaAboveLock](./policy-csp-abovelock.md#abovelock-allowcortanaabovelock)
diff --git a/windows/client-management/mdm/policy-csps-supported-by-hololens-1st-gen-commercial-suite.md b/windows/client-management/mdm/policies-in-policy-csp-supported-by-hololens-1st-gen-commercial-suite.md
similarity index 95%
rename from windows/client-management/mdm/policy-csps-supported-by-hololens-1st-gen-commercial-suite.md
rename to windows/client-management/mdm/policies-in-policy-csp-supported-by-hololens-1st-gen-commercial-suite.md
index f77d3c1308..0a8beec733 100644
--- a/windows/client-management/mdm/policy-csps-supported-by-hololens-1st-gen-commercial-suite.md
+++ b/windows/client-management/mdm/policies-in-policy-csp-supported-by-hololens-1st-gen-commercial-suite.md
@@ -1,6 +1,6 @@
 ---
-title: Policy CSPs supported by HoloLens (1st gen) Commercial Suite
-description: Policy CSPs supported by HoloLens (1st gen) Commercial Suite
+title: Policies in Policy CSP supported by HoloLens (1st gen) Commercial Suite
+description: Policies in Policy CSP supported by HoloLens (1st gen) Commercial Suite
 ms.reviewer: 
 manager: dansimp
 ms.author: dansimp
@@ -12,7 +12,7 @@ ms.localizationpriority: medium
 ms.date: 09/17/2019
 ---
 
-# Policy CSPs supported by HoloLens (1st gen) Commercial Suite
+# Policies in Policy CSP supported by HoloLens (1st gen) Commercial Suite
 
 > [!div class="op_single_selector"]
 >
diff --git a/windows/client-management/mdm/policy-csps-supported-by-hololens-1st-gen-development-edition.md b/windows/client-management/mdm/policies-in-policy-csp-supported-by-hololens-1st-gen-development-edition.md
similarity index 95%
rename from windows/client-management/mdm/policy-csps-supported-by-hololens-1st-gen-development-edition.md
rename to windows/client-management/mdm/policies-in-policy-csp-supported-by-hololens-1st-gen-development-edition.md
index 2dec2fdb8b..256ddb3528 100644
--- a/windows/client-management/mdm/policy-csps-supported-by-hololens-1st-gen-development-edition.md
+++ b/windows/client-management/mdm/policies-in-policy-csp-supported-by-hololens-1st-gen-development-edition.md
@@ -1,6 +1,6 @@
 ---
-title: Policy CSPs supported by HoloLens (1st gen) Development Edition
-description: Policy CSPs supported by HoloLens (1st gen) Development Edition
+title: Policies in Policy CSP supported by HoloLens (1st gen) Development Edition
+description: Policies in Policy CSP supported by HoloLens (1st gen) Development Edition
 ms.reviewer: 
 manager: dansimp
 ms.author: dansimp
@@ -12,7 +12,7 @@ ms.localizationpriority: medium
 ms.date: 07/18/2019
 ---
 
-# Policy CSPs supported by HoloLens (1st gen) Development Edition
+# Policies in Policy CSP supported by HoloLens (1st gen) Development Edition
 
 > [!div class="op_single_selector"]
 >
diff --git a/windows/client-management/mdm/policy-csps-supported-by-hololens2.md b/windows/client-management/mdm/policies-in-policy-csp-supported-by-hololens2.md
similarity index 81%
rename from windows/client-management/mdm/policy-csps-supported-by-hololens2.md
rename to windows/client-management/mdm/policies-in-policy-csp-supported-by-hololens2.md
index e5cdb0f0ca..20d7139bc6 100644
--- a/windows/client-management/mdm/policy-csps-supported-by-hololens2.md
+++ b/windows/client-management/mdm/policies-in-policy-csp-supported-by-hololens2.md
@@ -1,6 +1,6 @@
 ---
-title: Policy CSPs supported by HoloLens 2
-description: Policy CSPs supported by HoloLens 2
+title: Policies in Policy CSP supported by HoloLens 2
+description: Policies in Policy CSP supported by HoloLens 2
 ms.reviewer: 
 manager: dansimp
 ms.author: dansimp
@@ -9,10 +9,10 @@ ms.prod: w10
 ms.technology: windows
 author: manikadhiman
 ms.localizationpriority: medium
-ms.date: 05/11/2020
+ms.date: 10/08/2020
 ---
 
-# Policy CSPs supported by HoloLens 2
+# Policies in Policy CSP supported by HoloLens 2
 
 > [!div class="op_single_selector"]
 >
@@ -50,6 +50,17 @@ ms.date: 05/11/2020
 - [DeviceLock/MinDevicePasswordLength](policy-csp-devicelock.md#devicelock-mindevicepasswordlength)
 - [Experience/AllowCortana](policy-csp-experience.md#experience-allowcortana)
 - [Experience/AllowManualMDMUnenrollment](policy-csp-experience.md#experience-allowmanualmdmunenrollment)
+- [MixedReality/AADGroupMembershipCacheValidityInDays](./policy-csp-mixedreality.md#mixedreality-aadgroupmembershipcachevalidityindays)
+- [MixedReality/BrightnessButtonDisabled](./policy-csp-mixedreality.md#mixedreality-brightnessbuttondisabled)
+- [MixedReality/FallbackDiagnostics](./policy-csp-mixedreality.md#mixedreality-fallbackdiagnostics)
+- [MixedReality/MicrophoneDisabled](./policy-csp-mixedreality.md#mixedreality-microphonedisabled)
+- [MixedReality/VolumeButtonDisabled](./policy-csp-mixedreality.md#mixedreality-volumebuttondisabled)
+- [Power/DisplayOffTimeoutOnBattery](./policy-csp-power.md#power-displayofftimeoutonbattery)
+- [Power/DisplayOffTimeoutPluggedIn](./policy-csp-power.md#power-displayofftimeoutpluggedin)
+- [Power/EnergySaverBatteryThresholdOnBattery](./policy-csp-power.md#power-energysaverbatterythresholdonbattery)
+- [Power/EnergySaverBatteryThresholdPluggedIn](./policy-csp-power.md#power-energysaverbatterythresholdpluggedin)
+- [Power/StandbyTimeoutOnBattery](./policy-csp-power.md#power-standbytimeoutonbattery)
+- [Power/StandbyTimeoutPluggedIn](./policy-csp-power.md#power-standbytimeoutpluggedin)
 - [Privacy/AllowInputPersonalization](policy-csp-privacy.md#privacy-allowinputpersonalization)
 - [Privacy/LetAppsAccessAccountInfo](policy-csp-privacy.md#privacy-letappsaccessaccountinfo)
 - [Privacy/LetAppsAccessAccountInfo_ForceAllowTheseApps](policy-csp-privacy.md#privacy-letappsaccessaccountinfo-forceallowtheseapps)
@@ -73,6 +84,8 @@ ms.date: 05/11/2020
 - [Privacy/LetAppsAccessMicrophone_ForceDenyTheseApps](policy-csp-privacy.md#privacy-letappsaccessmicrophone-forcedenytheseapps) <sup>8</sup>
 - [Privacy/LetAppsAccessMicrophone_UserInControlOfTheseApps](policy-csp-privacy.md#privacy-letappsaccessmicrophone-userincontroloftheseapps) <sup>8</sup>
 - [Search/AllowSearchToUseLocation](policy-csp-search.md#search-allowsearchtouselocation)
+- [Security/AllowAddProvisioningPackage](policy-csp-security.md#security-allowaddprovisioningpackage)
+- [Security/AllowRemoveProvisioningPackage](policy-csp-security.md#security-allowremoveprovisioningpackage)
 - [Security/RequireDeviceEncryption](policy-csp-security.md#security-requiredeviceencryption)
 - [Settings/AllowDateTime](policy-csp-settings.md#settings-allowdatetime)
 - [Settings/AllowVPN](policy-csp-settings.md#settings-allowvpn)
@@ -81,6 +94,10 @@ ms.date: 05/11/2020
 - [System/AllowLocation](policy-csp-system.md#system-allowlocation)
 - [System/AllowStorageCard](policy-csp-system.md#system-allowstoragecard)
 - [System/AllowTelemetry](policy-csp-system.md#system-allowtelemetry)
+- [TimeLanguageSettings/ConfigureTimeZone](./policy-csp-timelanguagesettings.md#timelanguagesettings-configuretimezone)
+- [Update/ActiveHoursEnd](./policy-csp-update.md#update-activehoursend)
+- [Update/ActiveHoursMaxRange](./policy-csp-update.md#update-activehoursmaxrange)
+- [Update/ActiveHoursStart](./policy-csp-update.md#update-activehoursstart)
 - [Update/AllowAutoUpdate](policy-csp-update.md#update-allowautoupdate)
 - [Update/AllowUpdateService](policy-csp-update.md#update-allowupdateservice)
 - [Update/BranchReadinessLevel](policy-csp-update.md#update-branchreadinesslevel)
@@ -91,6 +108,7 @@ ms.date: 05/11/2020
 - [Update/PauseQualityUpdates](policy-csp-update.md#update-pausequalityupdates)
 - [Update/ScheduledInstallDay](policy-csp-update.md#update-scheduledinstallday)
 - [Update/ScheduledInstallTime](policy-csp-update.md#update-scheduledinstalltime)
+- [Update/SetDisablePauseUXAccess](policy-csp-update.md#update-setdisablepauseuxaccess)
 - [Update/UpdateServiceUrl](policy-csp-update.md#update-updateserviceurl)
 - [Wifi/AllowManualWiFiConfiguration](policy-csp-wifi.md#wifi-allowmanualwificonfiguration)
 - [Wifi/AllowWiFi](policy-csp-wifi.md#wifi-allowwifi) <sup>8</sup>
diff --git a/windows/client-management/mdm/policy-csps-supported-by-iot-core.md b/windows/client-management/mdm/policies-in-policy-csp-supported-by-iot-core.md
similarity index 97%
rename from windows/client-management/mdm/policy-csps-supported-by-iot-core.md
rename to windows/client-management/mdm/policies-in-policy-csp-supported-by-iot-core.md
index c43363b357..f3143ed222 100644
--- a/windows/client-management/mdm/policy-csps-supported-by-iot-core.md
+++ b/windows/client-management/mdm/policies-in-policy-csp-supported-by-iot-core.md
@@ -1,6 +1,6 @@
 ---
-title: Policy CSPs supported by Windows 10 IoT Core
-description: Policy CSPs supported by Windows 10 IoT Core
+title: Policies in Policy CSP supported by Windows 10 IoT Core
+description: Policies in Policy CSP supported by Windows 10 IoT Core
 ms.reviewer: 
 manager: dansimp
 ms.author: dansimp
@@ -12,7 +12,7 @@ ms.localizationpriority: medium
 ms.date: 09/16/2019
 ---
 
-# Policy CSPs supported by Windows 10 IoT Core
+# Policies in Policy CSP supported by Windows 10 IoT Core
 
 > [!div class="op_single_selector"]
 >
diff --git a/windows/client-management/mdm/policy-csps-supported-by-iot-enterprise.md b/windows/client-management/mdm/policies-in-policy-csp-supported-by-iot-enterprise.md
similarity index 96%
rename from windows/client-management/mdm/policy-csps-supported-by-iot-enterprise.md
rename to windows/client-management/mdm/policies-in-policy-csp-supported-by-iot-enterprise.md
index 8e70dd707e..afb79c5bfe 100644
--- a/windows/client-management/mdm/policy-csps-supported-by-iot-enterprise.md
+++ b/windows/client-management/mdm/policies-in-policy-csp-supported-by-iot-enterprise.md
@@ -1,6 +1,6 @@
 ---
-title: Policy CSPs supported by Windows 10 IoT Enterprise
-description: Policy CSPs supported by Windows 10 IoT Enterprise
+title: Policies in Policy CSP supported by Windows 10 IoT Enterprise
+description: Policies in Policy CSP supported by Windows 10 IoT Enterprise
 ms.reviewer: 
 manager: dansimp
 ms.author: dansimp
@@ -12,7 +12,7 @@ ms.localizationpriority: medium
 ms.date: 07/18/2019
 ---
 
-# Policy CSPs supported by Windows 10 IoT Enterprise
+# Policies in Policy CSP supported by Windows 10 IoT Enterprise
 
 > [!div class="op_single_selector"]
 >
diff --git a/windows/client-management/mdm/policy-csps-supported-by-surface-hub.md b/windows/client-management/mdm/policies-in-policy-csp-supported-by-surface-hub.md
similarity index 97%
rename from windows/client-management/mdm/policy-csps-supported-by-surface-hub.md
rename to windows/client-management/mdm/policies-in-policy-csp-supported-by-surface-hub.md
index 1d89eb88de..e39b0aef27 100644
--- a/windows/client-management/mdm/policy-csps-supported-by-surface-hub.md
+++ b/windows/client-management/mdm/policies-in-policy-csp-supported-by-surface-hub.md
@@ -1,6 +1,6 @@
 ---
-title: Policy CSPs supported by Microsoft Surface Hub
-description: Policy CSPs supported by Microsoft Surface Hub
+title: Policies in Policy CSP supported by Microsoft Surface Hub
+description: Policies in Policy CSP supported by Microsoft Surface Hub
 ms.reviewer: 
 manager: dansimp
 ms.author: dansimp
@@ -12,7 +12,7 @@ ms.localizationpriority: medium
 ms.date: 07/22/2020
 ---
 
-# Policy CSPs supported by Microsoft Surface Hub
+# Policies in Policy CSP supported by Microsoft Surface Hub
 
 
 - [ApplicationManagement/AllowAppStoreAutoUpdate](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-applicationmanagement#applicationmanagement-allowappstoreautoupdate)
diff --git a/windows/client-management/mdm/policy-csps-that-can-be-set-using-eas.md b/windows/client-management/mdm/policies-in-policy-csp-that-can-be-set-using-eas.md
similarity index 90%
rename from windows/client-management/mdm/policy-csps-that-can-be-set-using-eas.md
rename to windows/client-management/mdm/policies-in-policy-csp-that-can-be-set-using-eas.md
index 171652aa2b..4fa3380c87 100644
--- a/windows/client-management/mdm/policy-csps-that-can-be-set-using-eas.md
+++ b/windows/client-management/mdm/policies-in-policy-csp-that-can-be-set-using-eas.md
@@ -1,6 +1,6 @@
 ---
-title: Policy CSPs that can be set using Exchange Active Sync (EAS)
-description: Policy CSPs that can be set using Exchange Active Sync (EAS)
+title: Policies in Policy CSP that can be set using Exchange Active Sync (EAS)
+description: Policies in Policy CSP that can be set using Exchange Active Sync (EAS)
 ms.reviewer: 
 manager: dansimp
 ms.author: dansimp
@@ -12,7 +12,7 @@ ms.localizationpriority: medium
 ms.date: 07/18/2019
 ---
 
-# Policy CSPs that can be set using Exchange Active Sync (EAS)
+# Policies in Policy CSP that can be set using Exchange Active Sync (EAS)
 
 - [Camera/AllowCamera](policy-csp-camera.md#camera-allowcamera)  
 - [Cellular/ShowAppCellularAccessUI](policy-csp-cellular.md#cellular-showappcellularaccessui)  
diff --git a/windows/client-management/mdm/policy-configuration-service-provider.md b/windows/client-management/mdm/policy-configuration-service-provider.md
index 0349f6cde6..9ff8a03ab1 100644
--- a/windows/client-management/mdm/policy-configuration-service-provider.md
+++ b/windows/client-management/mdm/policy-configuration-service-provider.md
@@ -933,7 +933,7 @@ The following diagram shows the Policy configuration service provider in tree fo
 
 <dl>
   <dd>
-    <a href="./policy-csp-admx-scripts.md#admx-scripts-allow-logon-script-netbiosdisabled" id"admx-scripts-allow-logon-script-netbiosdisabled">ADMX_Scripts/Allow_Logon_Script_NetbiosDisabled</a>
+    <a href="./policy-csp-admx-scripts.md#admx-scripts-allow-logon-script-netbiosdisabled" id="admx-scripts-allow-logon-script-netbiosdisabled">ADMX_Scripts/Allow_Logon_Script_NetbiosDisabled</a>
   </dd>
   <dd>
     <a href="./policy-csp-admx-scripts.md#admx-scripts-maxgposcriptwaitpolicy" id="admx-scripts-maxgposcriptwaitpolicy">ADMX_Scripts/MaxGPOScriptWaitPolicy</a>
@@ -1036,6 +1036,689 @@ The following diagram shows the Policy configuration service provider in tree fo
   </dd>
 </dl>
 
+### ADMX_Smartcard policies
+
+<dl>
+  <dd>
+    <a href="./policy-csp-admx-smartcard.md#admx-smartcard-allowcertificateswithnoeku" id="admx-smartcard-allowcertificateswithnoeku">ADMX_Smartcard/AllowCertificatesWithNoEKU</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-smartcard.md#admx-smartcard-allowintegratedunblock" id="admx-smartcard-allowintegratedunblock">ADMX_Smartcard/AllowIntegratedUnblock</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-smartcard.md#admx-smartcard-allowsignatureonlykeys" id="admx-smartcard-allowsignatureonlykeys">ADMX_Smartcard/AllowSignatureOnlyKeys</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-smartcard.md#admx-smartcard-allowtimeinvalidcertificates" id="admx-smartcard-allowtimeinvalidcertificates">ADMX_Smartcard/AllowTimeInvalidCertificates</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-smartcard.md#admx-smartcard-certpropenabledstring" id="admx-smartcard-certpropenabledstring">ADMX_Smartcard/CertPropEnabledString</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-smartcard.md#admx-smartcard-certproprootcleanupstring" id="admx-smartcard-certproprootcleanupstring">ADMX_Smartcard/CertPropRootCleanupString</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-smartcard.md#admx-smartcard-certproprootenabledstring" id="admx-smartcard-certproprootenabledstring">ADMX_Smartcard/CertPropRootEnabledString</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-smartcard.md#admx-smartcard-disallowplaintextpin" id="admx-smartcard-disallowplaintextpin">ADMX_Smartcard/DisallowPlaintextPin</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-smartcard.md#admx-smartcard-enumerateecccerts" id="admx-smartcard-enumerateecccerts">ADMX_Smartcard/EnumerateECCCerts</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-smartcard.md#admx-smartcard-filterduplicatecerts" id="admx-smartcard-filterduplicatecerts">ADMX_Smartcard/FilterDuplicateCerts</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-smartcard.md#admx-smartcard-forcereadingallcertificates" id="admx-smartcard-forcereadingallcertificates">ADMX_Smartcard/ForceReadingAllCertificates</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-smartcard.md#admx-smartcard-integratedunblockpromptstring" id="admx-smartcard-integratedunblockpromptstring">ADMX_Smartcard/IntegratedUnblockPromptString</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-smartcard.md#admx-smartcard-reversesubject" id="admx-smartcard-reversesubject">ADMX_Smartcard/ReverseSubject</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-smartcard.md#admx-smartcard-scpnpenabled" id="admx-smartcard-scpnpenabled">ADMX_Smartcard/SCPnPEnabled</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-smartcard.md#admx-smartcard-scpnpnotification" id="admx-smartcard-scpnpnotification">ADMX_Smartcard/SCPnPNotification</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-smartcard.md#admx-smartcard-x509hintsneeded" id="admx-smartcard-x509hintsneeded">ADMX_Smartcard/X509HintsNeeded</a>
+  </dd>
+</dl>
+
+## ADMX_Snmp policies  
+
+<dl>
+  <dd>
+    <a href="./policy-csp-admx-snmp.md#admx-snmp-snmp-communities" id="admx-snmp-snmp-communities">ADMX_Snmp/SNMP_Communities</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-snmp.md#admx-snmp-snmp-permittedmanagers" id="admx-snmp-snmp-permittedmanagers">ADMX_Snmp/SNMP_PermittedManagers</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-snmp.md#admx-snmp-snmp-traps-public" id="admx-snmp-snmp-traps-public">ADMX_Snmp/SNMP_Traps_Public</a>
+  </dd>
+</dl>
+
+## ADMX_tcpip policies  
+
+<dl>
+  <dd>
+    <a href="./policy-csp-admx-tcpip.md#admx-tcpip-6to4-router-name" id="admx-tcpip-6to4-router-name">ADMX_tcpip/6to4_Router_Name</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-tcpip.md#admx-tcpip-6to4-router-name-resolution-interval" id="admx-tcpip-6to4-router-name-resolution-interval">ADMX_tcpip/6to4_Router_Name_Resolution_Interval</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-tcpip.md#admx-tcpip-6to4-state" id="admx-tcpip-6to4-state">ADMX_tcpip/6to4_State</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-tcpip.md#admx-tcpip-iphttps-clientstate" id="admx-tcpip-iphttps-clientstate">ADMX_tcpip/IPHTTPS_ClientState</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-tcpip.md#admx-tcpip-ip-stateless-autoconfiguration-limits-state" id="admx-tcpip-ip-stateless-autoconfiguration-limits-state">ADMX_tcpip/IP_Stateless_Autoconfiguration_Limits_State</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-tcpip.md#admx-tcpip-isatap-router-name" id="admx-tcpip-isatap-router-name">ADMX_tcpip/ISATAP_Router_Name</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-tcpip.md#admx-tcpip-isatap-state" id="admx-tcpip-isatap-state">ADMX_tcpip/ISATAP_State</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-tcpip.md#admx-tcpip-teredo-client-port" id="admx-tcpip-teredo-client-port">ADMX_tcpip/Teredo_Client_Port</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-tcpip.md#admx-tcpip-teredo-default-qualified" id="admx-tcpip-teredo-default-qualified">ADMX_tcpip/Teredo_Default_Qualified</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-tcpip.md#admx-tcpip-teredo-refresh-rate" id="admx-tcpip-teredo-refresh-rate">ADMX_tcpip/Teredo_Refresh_Rate</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-tcpip.md#admx-tcpip-teredo-server-name" id="admx-tcpip-teredo-server-name">ADMX_tcpip/Teredo_Server_Name</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-tcpip.md#admx-tcpip-teredo-state" id="admx-tcpip-teredo-state">ADMX_tcpip/Teredo_State</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-tcpip.md#admx-tcpip-windows-scaling-heuristics-state" id="admx-tcpip-windows-scaling-heuristics-state">ADMX_tcpip/Windows_Scaling_Heuristics_State</a>
+  </dd>
+</dl>
+
+## ADMX_Thumbnails policies  
+
+<dl>
+  <dd>
+    <a href="./policy-csp-admx-thumbnails.md#admx-thumbnails-disablethumbnails" id="admx-thumbnails-disablethumbnails">ADMX_Thumbnails/DisableThumbnails</a>
+  </dd>  
+  <dd>
+    <a href="./policy-csp-admx-thumbnails.md#admx-thumbnails-disablethumbnailsonnetworkfolders" id="admx-thumbnails-disablethumbnailsonnetworkfolders">ADMX_Thumbnails/DisableThumbnailsOnNetworkFolders</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-thumbnails.md#admx-thumbnails-disablethumbsdbonnetworkfolders" id="admx-thumbnails-disablethumbsdbonnetworkfolders">ADMX_Thumbnails/DisableThumbsDBOnNetworkFolders</a>
+  </dd>
+</dl>
+
+### ADMX_TPM policies  
+
+<dl>
+  <dd>
+    <a href="./policy-csp-admx-tpm.md#admx-tpm-blockedcommandslist-name" id="admx-tpm-blockedcommandslist-name">ADMX_TPM/BlockedCommandsList_Name</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-tpm.md#admx-tpm-cleartpmifnotready-name" id="admx-tpm-cleartpmifnotready-name">ADMX_TPM/ClearTPMIfNotReady_Name</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-tpm.md#admx-tpm-ignoredefaultlist-name" id="admx-tpm-ignoredefaultlist-name">ADMX_TPM/IgnoreDefaultList_Name</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-tpm.md#admx-tpm-ignorelocallist-name" id="admx-tpm-ignorelocallist-name">ADMX_TPM/IgnoreLocalList_Name</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-tpm.md#admx-tpm-osmanagedauth-name" id="admx-tpm-osmanagedauth-name">ADMX_TPM/OSManagedAuth_Name</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-tpm.md#admx-tpm-optintodsha-name" id="admx-tpm-optintodsha-name">ADMX_TPM/OptIntoDSHA_Name</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-tpm.md#admx-tpm-standarduserauthorizationfailureduration-name" id="admx-tpm-standarduserauthorizationfailureduration-name">ADMX_TPM/StandardUserAuthorizationFailureDuration_Name</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-tpm.md#admx-tpm-standarduserauthorizationfailureindividualthreshold-name" id="admx-tpm-standarduserauthorizationfailureindividualthreshold-name">ADMX_TPM/StandardUserAuthorizationFailureIndividualThreshold_Name</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-tpm.md#admx-tpm-standarduserauthorizationfailuretotalthreshold-name" id="admx-tpm-standarduserauthorizationfailuretotalthreshold-name">ADMX_TPM/StandardUserAuthorizationFailureTotalThreshold_Name</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-tpm.md#admx-tpm-uselegacydap-name" id="admx-tpm-uselegacydap-name">ADMX_TPM/UseLegacyDAP_Name</a>
+  </dd>
+</dl>
+
+### ADMX_UserExperienceVirtualization policies  
+
+<dl>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-calculator" id="admx-userexperiencevirtualization-calculator">ADMX_UserExperienceVirtualization/Calculator</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-configuresyncmethod" id="admx-userexperiencevirtualization-configuresyncmethod">ADMX_UserExperienceVirtualization/ConfigureSyncMethod</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-configurevdi" id="admx-userexperiencevirtualization-configurevdi">ADMX_UserExperienceVirtualization/ConfigureVdi</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-contactitdescription" id="admx-userexperiencevirtualization-contactitdescription">ADMX_UserExperienceVirtualization/ContactITDescription</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-contactiturl" id="admx-userexperiencevirtualization-contactiturl">ADMX_UserExperienceVirtualization/ContactITUrl</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-disablewin8sync" id="admx-userexperiencevirtualization-disablewin8sync">ADMX_UserExperienceVirtualization/DisableWin8Sync</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-disablewindowsossettings" id="admx-userexperiencevirtualization-disablewindowsossettings">ADMX_UserExperienceVirtualization/DisableWindowsOSSettings</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-enableuev" id="admx-userexperiencevirtualization-enableuev">ADMX_UserExperienceVirtualization/EnableUEV</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-finance" id="admx-userexperiencevirtualization-finance">ADMX_UserExperienceVirtualization/Finance</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-firstusenotificationenabled" id="admx-userexperiencevirtualization-firstusenotificationenabled">ADMX_UserExperienceVirtualization/FirstUseNotificationEnabled</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-games" id="admx-userexperiencevirtualization-games">ADMX_UserExperienceVirtualization/Games</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-internetexplorer8" id="admx-userexperiencevirtualization-internetexplorer8">ADMX_UserExperienceVirtualization/InternetExplorer8</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-internetexplorer9" id="admx-userexperiencevirtualization-internetexplorer9">ADMX_UserExperienceVirtualization/InternetExplorer9</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-internetexplorer10" id="admx-userexperiencevirtualization-internetexplorer10">ADMX_UserExperienceVirtualization/InternetExplorer10</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-internetexplorer11" id="admx-userexperiencevirtualization-internetexplorer11">ADMX_UserExperienceVirtualization/InternetExplorer11</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-internetexplorercommon" id="admx-userexperiencevirtualization-internetexplorercommon">ADMX_UserExperienceVirtualization/InternetExplorerCommon</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-maps" id="admx-userexperiencevirtualization-maps">ADMX_UserExperienceVirtualization/Maps</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-maxpackagesizeinbytes" id="admx-userexperiencevirtualization-maxpackagesizeinbytes">ADMX_UserExperienceVirtualization/MaxPackageSizeInBytes</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2010access" id="admx-userexperiencevirtualization-microsoftoffice2010access">ADMX_UserExperienceVirtualization/MicrosoftOffice2010Access</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2010common" id="admx-userexperiencevirtualization-microsoftoffice2010common">ADMX_UserExperienceVirtualization/MicrosoftOffice2010Common</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2010excel" id="admx-userexperiencevirtualization-microsoftoffice2010excel">ADMX_UserExperienceVirtualization/MicrosoftOffice2010Excel</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2010infopath" id="admx-userexperiencevirtualization-microsoftoffice2010infopath">ADMX_UserExperienceVirtualization/MicrosoftOffice2010InfoPath</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2010lync" id="admx-userexperiencevirtualization-microsoftoffice2010lync">ADMX_UserExperienceVirtualization/MicrosoftOffice2010Lync</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2010onenote" id="admx-userexperiencevirtualization-microsoftoffice2010onenote">ADMX_UserExperienceVirtualization/MicrosoftOffice2010OneNote</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2010outlook" id="admx-userexperiencevirtualization-microsoftoffice2010outlook">ADMX_UserExperienceVirtualization/MicrosoftOffice2010Outlook</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2010powerpoint" id="admx-userexperiencevirtualization-microsoftoffice2010powerpoint">ADMX_UserExperienceVirtualization/MicrosoftOffice2010PowerPoint</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2010project" id="admx-userexperiencevirtualization-microsoftoffice2010project">ADMX_UserExperienceVirtualization/MicrosoftOffice2010Project</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2010publisher" id="admx-userexperiencevirtualization-microsoftoffice2010publisher">ADMX_UserExperienceVirtualization/MicrosoftOffice2010Publisher</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2010sharepointdesigner" id="admx-userexperiencevirtualization-microsoftoffice2010sharepointdesigner">ADMX_UserExperienceVirtualization/MicrosoftOffice2010SharePointDesigner</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2010sharepointworkspace" id="admx-userexperiencevirtualization-microsoftoffice2010sharepointworkspace">ADMX_UserExperienceVirtualization/MicrosoftOffice2010SharePointWorkspace</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2010visio" id="admx-userexperiencevirtualization-microsoftoffice2010visio">ADMX_UserExperienceVirtualization/MicrosoftOffice2010Visio</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2010word" id="admx-userexperiencevirtualization-microsoftoffice2010word">ADMX_UserExperienceVirtualization/MicrosoftOffice2010Word</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2013access" id="admx-userexperiencevirtualization-microsoftoffice2013access">ADMX_UserExperienceVirtualization/MicrosoftOffice2013Access</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2013accessbackup" id="admx-userexperiencevirtualization-microsoftoffice2013accessbackup">ADMX_UserExperienceVirtualization/MicrosoftOffice2013AccessBackup</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2013common" id="admx-userexperiencevirtualization-microsoftoffice2013common">ADMX_UserExperienceVirtualization/MicrosoftOffice2013Common</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2013commonbackup" id="admx-userexperiencevirtualization-microsoftoffice2013commonbackup">ADMX_UserExperienceVirtualization/MicrosoftOffice2013CommonBackup</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2013excel" id="admx-userexperiencevirtualization-microsoftoffice2013excel">ADMX_UserExperienceVirtualization/MicrosoftOffice2013Excel</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2013excelbackup" id="admx-userexperiencevirtualization-microsoftoffice2013excelbackup">ADMX_UserExperienceVirtualization/MicrosoftOffice2013ExcelBackup</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2013infopath" id="admx-userexperiencevirtualization-microsoftoffice2013infopath">ADMX_UserExperienceVirtualization/MicrosoftOffice2013InfoPath</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2013infopathbackup" id="admx-userexperiencevirtualization-microsoftoffice2013infopathbackup">ADMX_UserExperienceVirtualization/MicrosoftOffice2013InfoPathBackup</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2013lync" id="admx-userexperiencevirtualization-microsoftoffice2013lync">ADMX_UserExperienceVirtualization/MicrosoftOffice2013Lync</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2013lyncbackup" id="admx-userexperiencevirtualization-microsoftoffice2013lyncbackup">ADMX_UserExperienceVirtualization/MicrosoftOffice2013LyncBackup</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2013onedriveforbusiness" id="admx-userexperiencevirtualization-microsoftoffice2013onedriveforbusiness">ADMX_UserExperienceVirtualization/MicrosoftOffice2013OneDriveForBusiness</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2013onenote" id="admx-userexperiencevirtualization-microsoftoffice2013onenote">ADMX_UserExperienceVirtualization/MicrosoftOffice2013OneNote</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2013onenotebackup" id="admx-userexperiencevirtualization-microsoftoffice2013onenotebackup">ADMX_UserExperienceVirtualization/MicrosoftOffice2013OneNoteBackup</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2013outlook" id="admx-userexperiencevirtualization-microsoftoffice2013outlook">ADMX_UserExperienceVirtualization/MicrosoftOffice2013Outlook</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2013outlookbackup" id="admx-userexperiencevirtualization-microsoftoffice2013outlookbackup">ADMX_UserExperienceVirtualization/MicrosoftOffice2013OutlookBackup</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2013powerpoint" id="admx-userexperiencevirtualization-microsoftoffice2013powerpoint">ADMX_UserExperienceVirtualization/MicrosoftOffice2013PowerPoint</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2013powerpointbackup" id="admx-userexperiencevirtualization-microsoftoffice2013powerpointbackup">ADMX_UserExperienceVirtualization/MicrosoftOffice2013PowerPointBackup</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2013project" id="admx-userexperiencevirtualization-microsoftoffice2013project">ADMX_UserExperienceVirtualization/MicrosoftOffice2013Project</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2013projectbackup" id="admx-userexperiencevirtualization-microsoftoffice2013projectbackup">ADMX_UserExperienceVirtualization/MicrosoftOffice2013ProjectBackup</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2013publisher" id="admx-userexperiencevirtualization-microsoftoffice2013publisher">ADMX_UserExperienceVirtualization/MicrosoftOffice2013Publisher</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2013publisherbackup" id="admx-userexperiencevirtualization-microsoftoffice2013publisherbackup">ADMX_UserExperienceVirtualization/MicrosoftOffice2013PublisherBackup</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2013sharepointdesigner" id="admx-userexperiencevirtualization-microsoftoffice2013sharepointdesigner">ADMX_UserExperienceVirtualization/MicrosoftOffice2013SharePointDesigner</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2013sharepointdesignerbackup" id="admx-userexperiencevirtualization-microsoftoffice2013sharepointdesignerbackup">ADMX_UserExperienceVirtualization/MicrosoftOffice2013SharePointDesignerBackup</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2013uploadcenter" id="admx-userexperiencevirtualization-microsoftoffice2013uploadcenter">ADMX_UserExperienceVirtualization/MicrosoftOffice2013UploadCenter</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2013visio" id="admx-userexperiencevirtualization-microsoftoffice2013visio">ADMX_UserExperienceVirtualization/MicrosoftOffice2013Visio</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2013visiobackup" id="admx-userexperiencevirtualization-microsoftoffice2013visiobackup">ADMX_UserExperienceVirtualization/MicrosoftOffice2013VisioBackup</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2013word" id="admx-userexperiencevirtualization-microsoftoffice2013word">ADMX_UserExperienceVirtualization/MicrosoftOffice2013Word</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2013wordbackup" id="admx-userexperiencevirtualization-microsoftoffice2013wordbackup">ADMX_UserExperienceVirtualization/MicrosoftOffice2013WordBackup</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2016access" id="admx-userexperiencevirtualization-microsoftoffice2016access">ADMX_UserExperienceVirtualization/MicrosoftOffice2016Access</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2016accessbackup" id="admx-userexperiencevirtualization-microsoftoffice2016accessbackup">ADMX_UserExperienceVirtualization/MicrosoftOffice2016AccessBackup</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2016common" id="admx-userexperiencevirtualization-microsoftoffice2016common">ADMX_UserExperienceVirtualization/MicrosoftOffice2016Common</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2016commonbackup" id="admx-userexperiencevirtualization-microsoftoffice2016commonbackup">ADMX_UserExperienceVirtualization/MicrosoftOffice2016CommonBackup</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2016excel" id="admx-userexperiencevirtualization-microsoftoffice2016excel">ADMX_UserExperienceVirtualization/MicrosoftOffice2016Excel</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2016excelbackup" id="admx-userexperiencevirtualization-microsoftoffice2016excelbackup">ADMX_UserExperienceVirtualization/MicrosoftOffice2016ExcelBackup</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2016lync" id="admx-userexperiencevirtualization-microsoftoffice2016lync">ADMX_UserExperienceVirtualization/MicrosoftOffice2016Lync</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2016lyncbackup" id="admx-userexperiencevirtualization-microsoftoffice2016lyncbackup">ADMX_UserExperienceVirtualization/MicrosoftOffice2016LyncBackup</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2016onedriveforbusiness" id="admx-userexperiencevirtualization-microsoftoffice2016onedriveforbusiness">ADMX_UserExperienceVirtualization/MicrosoftOffice2016OneDriveForBusiness</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2016onenote" id="admx-userexperiencevirtualization-microsoftoffice2016onenote">ADMX_UserExperienceVirtualization/MicrosoftOffice2016OneNote</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2016onenotebackup" id="admx-userexperiencevirtualization-microsoftoffice2016onenotebackup">ADMX_UserExperienceVirtualization/MicrosoftOffice2016OneNoteBackup</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2016outlook" id="admx-userexperiencevirtualization-microsoftoffice2016outlook">ADMX_UserExperienceVirtualization/MicrosoftOffice2016Outlook</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2016outlookbackup" id="admx-userexperiencevirtualization-microsoftoffice2016outlookbackup">ADMX_UserExperienceVirtualization/MicrosoftOffice2016OutlookBackup</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2016powerpoint" id="admx-userexperiencevirtualization-microsoftoffice2016powerpoint">ADMX_UserExperienceVirtualization/MicrosoftOffice2016PowerPoint</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2016powerpointbackup" id="admx-userexperiencevirtualization-microsoftoffice2016powerpointbackup">ADMX_UserExperienceVirtualization/MicrosoftOffice2016PowerPointBackup</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2016project" id="admx-userexperiencevirtualization-microsoftoffice2016project">ADMX_UserExperienceVirtualization/MicrosoftOffice2016Project</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2016projectbackup" id="admx-userexperiencevirtualization-microsoftoffice2016projectbackup">ADMX_UserExperienceVirtualization/MicrosoftOffice2016ProjectBackup</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2016publisher" id="admx-userexperiencevirtualization-microsoftoffice2016publisher">ADMX_UserExperienceVirtualization/MicrosoftOffice2016Publisher</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2016publisherbackup" id="admx-userexperiencevirtualization-microsoftoffice2016publisherbackup">ADMX_UserExperienceVirtualization/MicrosoftOffice2016PublisherBackup</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2016uploadcenter" id="admx-userexperiencevirtualization-microsoftoffice2016uploadcenter">ADMX_UserExperienceVirtualization/MicrosoftOffice2016UploadCenter</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2016visio" id="admx-userexperiencevirtualization-microsoftoffice2016visio">ADMX_UserExperienceVirtualization/MicrosoftOffice2016Visio</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2016visiobackup" id="admx-userexperiencevirtualization-microsoftoffice2016visiobackup">ADMX_UserExperienceVirtualization/MicrosoftOffice2016VisioBackup</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2016word" id="admx-userexperiencevirtualization-microsoftoffice2016word">ADMX_UserExperienceVirtualization/MicrosoftOffice2016Word</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice2016wordbackup" id="admx-userexperiencevirtualization-microsoftoffice2016wordbackup">ADMX_UserExperienceVirtualization/MicrosoftOffice2016WordBackup</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice365access2013" id="admx-userexperiencevirtualization-microsoftoffice365access2013">ADMX_UserExperienceVirtualization/MicrosoftOffice365Access2013</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice365access2016" id="admx-userexperiencevirtualization-microsoftoffice365access2016">ADMX_UserExperienceVirtualization/MicrosoftOffice365Access2016</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice365common2013" id="admx-userexperiencevirtualization-microsoftoffice365common2013">ADMX_UserExperienceVirtualization/MicrosoftOffice365Common2013</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice365common2016" id="admx-userexperiencevirtualization-microsoftoffice365common2016">ADMX_UserExperienceVirtualization/MicrosoftOffice365Common2016</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice365excel2013" id="admx-userexperiencevirtualization-microsoftoffice365excel2013">ADMX_UserExperienceVirtualization/MicrosoftOffice365Excel2013</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice365excel2016" id="admx-userexperiencevirtualization-microsoftoffice365excel2016">ADMX_UserExperienceVirtualization/MicrosoftOffice365Excel2016</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice365infopath2013" id="admx-userexperiencevirtualization-microsoftoffice365infopath2013">ADMX_UserExperienceVirtualization/MicrosoftOffice365InfoPath2013</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice365lync2013" id="admx-userexperiencevirtualization-microsoftoffice365lync2013">ADMX_UserExperienceVirtualization/MicrosoftOffice365Lync2013</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice365lync2016" id="admx-userexperiencevirtualization-microsoftoffice365lync2016">ADMX_UserExperienceVirtualization/MicrosoftOffice365Lync2016</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice365onenote2013" id="admx-userexperiencevirtualization-microsoftoffice365onenote2013">ADMX_UserExperienceVirtualization/MicrosoftOffice365OneNote2013</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice365onenote2016" id="admx-userexperiencevirtualization-microsoftoffice365onenote2016">ADMX_UserExperienceVirtualization/MicrosoftOffice365OneNote2016</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice365outlook2013" id="admx-userexperiencevirtualization-microsoftoffice365outlook2013">ADMX_UserExperienceVirtualization/MicrosoftOffice365Outlook2013</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice365outlook2016" id="admx-userexperiencevirtualization-microsoftoffice365outlook2016">ADMX_UserExperienceVirtualization/MicrosoftOffice365Outlook2016</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice365powerpoint2013" id="admx-userexperiencevirtualization-microsoftoffice365powerpoint2013">ADMX_UserExperienceVirtualization/MicrosoftOffice365PowerPoint2013</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice365powerpoint2016" id="admx-userexperiencevirtualization-microsoftoffice365powerpoint2016">ADMX_UserExperienceVirtualization/MicrosoftOffice365PowerPoint2016</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice365project2013" id="admx-userexperiencevirtualization-microsoftoffice365project2013">ADMX_UserExperienceVirtualization/MicrosoftOffice365Project2013</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice365project2016" id="admx-userexperiencevirtualization-microsoftoffice365project2016">ADMX_UserExperienceVirtualization/MicrosoftOffice365Project2016</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice365publisher2013" id="admx-userexperiencevirtualization-microsoftoffice365publisher2013">ADMX_UserExperienceVirtualization/MicrosoftOffice365Publisher2013</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice365publisher2016" id="admx-userexperiencevirtualization-microsoftoffice365publisher2016">ADMX_UserExperienceVirtualization/MicrosoftOffice365Publisher2016</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice365sharepointdesigner2013" id="admx-userexperiencevirtualization-microsoftoffice365sharepointdesigner2013">ADMX_UserExperienceVirtualization/MicrosoftOffice365SharePointDesigner2013</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice365visio2013" id="admx-userexperiencevirtualization-microsoftoffice365visio2013">ADMX_UserExperienceVirtualization/MicrosoftOffice365Visio2013</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice365visio2016" id="admx-userexperiencevirtualization-microsoftoffice365visio2016">ADMX_UserExperienceVirtualization/MicrosoftOffice365Visio2016</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice365word2013" id="admx-userexperiencevirtualization-microsoftoffice365word2013">ADMX_UserExperienceVirtualization/MicrosoftOffice365Word2013</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-microsoftoffice365word2016" id="admx-userexperiencevirtualization-microsoftoffice365word2016">ADMX_UserExperienceVirtualization/MicrosoftOffice365Word2016</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-music" id="admx-userexperiencevirtualization-music">ADMX_UserExperienceVirtualization/Music</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-news" id="admx-userexperiencevirtualization-news">ADMX_UserExperienceVirtualization/News</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-notepad" id="admx-userexperiencevirtualization-notepad">ADMX_UserExperienceVirtualization/Notepad</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-reader" id="admx-userexperiencevirtualization-reader">ADMX_UserExperienceVirtualization/Reader</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-repositorytimeout" id="admx-userexperiencevirtualization-repositorytimeout">ADMX_UserExperienceVirtualization/RepositoryTimeout</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-settingsstoragepath" id="admx-userexperiencevirtualization-settingsstoragepath">ADMX_UserExperienceVirtualization/SettingsStoragePath</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-settingstemplatecatalogpath" id="admx-userexperiencevirtualization-settingstemplatecatalogpath">ADMX_UserExperienceVirtualization/SettingsTemplateCatalogPath</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-sports" id="admx-userexperiencevirtualization-sports">ADMX_UserExperienceVirtualization/Sports</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-syncenabled" id="admx-userexperiencevirtualization-syncenabled">ADMX_UserExperienceVirtualization/SyncEnabled</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-syncovermeterednetwork" id="admx-userexperiencevirtualization-syncovermeterednetwork">ADMX_UserExperienceVirtualization/SyncOverMeteredNetwork</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-syncovermeterednetworkwhenroaming" id="admx-userexperiencevirtualization-syncovermeterednetworkwhenroaming">ADMX_UserExperienceVirtualization/SyncOverMeteredNetworkWhenRoaming</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-syncproviderpingenabled" id="admx-userexperiencevirtualization-syncproviderpingenabled">ADMX_UserExperienceVirtualization/SyncProviderPingEnabled</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-syncunlistedwindows8apps" id="admx-userexperiencevirtualization-syncunlistedwindows8apps">ADMX_UserExperienceVirtualization/SyncUnlistedWindows8Apps</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-travel" id="admx-userexperiencevirtualization-travel">ADMX_UserExperienceVirtualization/Travel</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-trayiconenabled" id="admx-userexperiencevirtualization-trayiconenabled">ADMX_UserExperienceVirtualization/TrayIconEnabled</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-video" id="admx-userexperiencevirtualization-video">ADMX_UserExperienceVirtualization/Video</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-weather" id="admx-userexperiencevirtualization-weather">ADMX_UserExperienceVirtualization/Weather</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-userexperiencevirtualization.md#admx-userexperiencevirtualization-wordpad" id="admx-userexperiencevirtualization-wordpad">ADMX_UserExperienceVirtualization/Wordpad</a>
+  </dd>
+</dl>
+
+### ADMX_W32Time policies  
+
+<dl>
+  <dd>
+    <a href="./policy-csp-admx-w32time.md#admx-w32time-policy-config" id="admx-w32time-policy-config">ADMX_W32Time/W32TIME_POLICY_CONFIG</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-w32time.md#admx-w32time-policy-configure-ntpclient" id="admx-w32time-policy-configure-ntpclient">ADMX_W32Time/W32TIME_POLICY_CONFIGURE_NTPCLIENT</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-w32time.md#admx-w32time-policy-enable-ntpclient" id="admx-w32time-policy-enable-ntpclient">ADMX_W32Time/W32TIME_POLICY_ENABLE_NTPCLIENT</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-w32time.md#admx-w32time-policy-enable-ntpserver" id="admx-w32time-policy-enable-ntpserver">ADMX_W32Time/W32TIME_POLICY_ENABLE_NTPSERVER</a>
+  </dd>
+</dl>
+
+### ADMX_WinCal policies  
+
+<dl>
+  <dd>
+    <a href="./policy-csp-admx-wincal.md#admx-wincal-turnoffwincal-1" id="admx-wincal-turnoffwincal-1">ADMX_WinCal/TurnOffWinCal_1</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-wincal.md#admx-wincal-turnoffwincal-2" id="admx-wincal-turnoffwincal-2">ADMX_WinCal/TurnOffWinCal_2</a>
+  </dd>
+</dl>
+
+### ADMX_WindowsAnytimeUpgrade policies  
+
+<dl>
+  <dd>
+    <a href="./policy-csp-admx-windowsanytimeupgrade.md#admx-windowsanytimeupgrade-disabled" id="admx-windowsanytimeupgrade-disabled">ADMX_WindowsAnytimeUpgrade/Disabled</a>
+  </dd>
+</dl>
+
+## ADMX_WindowsConnectNow policies  
+
+<dl>
+  <dd>
+    <a href="./policy-csp-admx-windowsconnectnow.md#admx-windowsconnectnow-wcn-disablewcnui-1" id="admx-windowsconnectnow-wcn-disablewcnui-1">ADMX_WindowsConnectNow/WCN_DisableWcnUi_1</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-windowsconnectnow.md#admx-windowsconnectnow-wcn-disablewcnui-2" id="admx-windowsconnectnow-wcn-disablewcnui-2">ADMX_WindowsConnectNow/WCN_DisableWcnUi_2</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-windowsconnectnow.md#admx-windowsconnectnow-wcn-enableregistrar" id="admx-windowsconnectnow-wcn-enableregistrar">ADMX_WindowsConnectNow/WCN_EnableRegistrar</a>
+  </dd>
+</dl>
+
+### ADMX_WindowsMediaDRM policies  
+
+<dl>
+  <dd>
+    <a href="./policy-csp-admx-windowsmediadrm.md#admx-windowsmediadrm-disableonline" id="admx-windowsmediadrm-disableonline">ADMX_WindowsMediaDRM/DisableOnline</a>
+  </dd>
+</dl>
+
+### ADMX_WindowsMediaPlayer policies  
+
+<dl>
+  <dd>
+    <a href="./policy-csp-admx-windowsmediaplayer.md#admx-windowsmediaplayer-configurehttpproxysettings" id="admx-windowsmediaplayer-configurehttpproxysettings">ADMX_WindowsMediaPlayer/ConfigureHTTPProxySettings</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-windowsmediaplayer.md#admx-windowsmediaplayer-configuremmsproxysettings" id="admx-windowsmediaplayer-configuremmsproxysettings">ADMX_WindowsMediaPlayer/ConfigureMMSProxySettings</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-windowsmediaplayer.md#admx-windowsmediaplayer-configurertspproxysettings" id="admx-windowsmediaplayer-configurertspproxysettings">ADMX_WindowsMediaPlayer/ConfigureRTSPProxySettings</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-windowsmediaplayer.md#admx-windowsmediaplayer-disableautoupdate" id="admx-windowsmediaplayer-disableautoupdate">ADMX_WindowsMediaPlayer/DisableAutoUpdate</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-windowsmediaplayer.md#admx-windowsmediaplayer-disablenetworksettings" id="admx-windowsmediaplayer-disablenetworksettings">ADMX_WindowsMediaPlayer/DisableNetworkSettings</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-windowsmediaplayer.md#admx-windowsmediaplayer-disablesetupfirstuseconfiguration" id="admx-windowsmediaplayer-disablesetupfirstuseconfiguration">ADMX_WindowsMediaPlayer/DisableSetupFirstUseConfiguration</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-windowsmediaplayer.md#admx-windowsmediaplayer-donotshowanchor" id="admx-windowsmediaplayer-donotshowanchor">ADMX_WindowsMediaPlayer/DoNotShowAnchor</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-windowsmediaplayer.md#admx-windowsmediaplayer-dontuseframeinterpolation" id="admx-windowsmediaplayer-dontuseframeinterpolation">ADMX_WindowsMediaPlayer/DontUseFrameInterpolation</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-windowsmediaplayer.md#admx-windowsmediaplayer-enablescreensaver" id="admx-windowsmediaplayer-enablescreensaver">ADMX_WindowsMediaPlayer/EnableScreenSaver</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-windowsmediaplayer.md#admx-windowsmediaplayer-hideprivacytab" id="admx-windowsmediaplayer-hideprivacytab">ADMX_WindowsMediaPlayer/HidePrivacyTab</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-windowsmediaplayer.md#admx-windowsmediaplayer-hidesecuritytab" id="admx-windowsmediaplayer-hidesecuritytab">ADMX_WindowsMediaPlayer/HideSecurityTab</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-windowsmediaplayer.md#admx-windowsmediaplayer-networkbuffering" id="admx-windowsmediaplayer-networkbuffering">ADMX_WindowsMediaPlayer/NetworkBuffering</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-windowsmediaplayer.md#admx-windowsmediaplayer-policycodecupdate" id="admx-windowsmediaplayer-policycodecupdate">ADMX_WindowsMediaPlayer/PolicyCodecUpdate</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-windowsmediaplayer.md#admx-windowsmediaplayer-preventcddvdmetadataretrieval" id="admx-windowsmediaplayer-preventcddvdmetadataretrieval">ADMX_WindowsMediaPlayer/PreventCDDVDMetadataRetrieval</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-windowsmediaplayer.md#admx-windowsmediaplayer-preventlibrarysharing" id="admx-windowsmediaplayer-preventlibrarysharing">ADMX_WindowsMediaPlayer/PreventLibrarySharing</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-windowsmediaplayer.md#admx-windowsmediaplayer-preventmusicfilemetadataretrieval" id="admx-windowsmediaplayer-preventmusicfilemetadataretrieval">ADMX_WindowsMediaPlayer/PreventMusicFileMetadataRetrieval</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-windowsmediaplayer.md#admx-windowsmediaplayer-preventquicklaunchshortcut" id="admx-windowsmediaplayer-preventquicklaunchshortcut">ADMX_WindowsMediaPlayer/PreventQuickLaunchShortcut</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-windowsmediaplayer.md#admx-windowsmediaplayer-preventradiopresetsretrieval" id="admx-windowsmediaplayer-preventradiopresetsretrieval">ADMX_WindowsMediaPlayer/PreventRadioPresetsRetrieval</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-windowsmediaplayer.md#admx-windowsmediaplayer-preventwmpdesktopshortcut" id="admx-windowsmediaplayer-preventwmpdesktopshortcut">ADMX_WindowsMediaPlayer/PreventWMPDeskTopShortcut</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-windowsmediaplayer.md#admx-windowsmediaplayer-skinlockdown" id="admx-windowsmediaplayer-skinlockdown">ADMX_WindowsMediaPlayer/SkinLockDown</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-windowsmediaplayer.md#admx-windowsmediaplayer-windowsstreamingmediaprotocols" id="admx-windowsmediaplayer-windowsstreamingmediaprotocols">ADMX_WindowsMediaPlayer/WindowsStreamingMediaProtocols</a>
+  </dd>
+</dl>
+
+### ADMX_WinInit policies  
+
+<dl>
+  <dd>
+    <a href="./policy-csp-admx-wininit.md#admx-wininit-disablenamedpipeshutdownpolicydescription" id="admx-wininit-disablenamedpipeshutdownpolicydescription">ADMX_WinInit/DisableNamedPipeShutdownPolicyDescription</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-wininit.md#admx-wininit-hiberboot" id="admx-wininit-hiberboot">ADMX_WinInit/Hiberboot</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-wininit.md#admx-wininit-shutdowntimeouthungsessionsdescription" id="admx-wininit-shutdowntimeouthungsessionsdescription">ADMX_WinInit/ShutdownTimeoutHungSessionsDescription</a>
+  </dd>
+</dl>
+
 ### ApplicationDefaults policies
 
 <dl>
@@ -3323,7 +4006,13 @@ The following diagram shows the Policy configuration service provider in tree fo
   </dd>
 </dl>
 
+### LocalUsersAndGroups policies
 
+<dl>
+  <dd>
+    <a href="./policy-csp-localusersandgroups.md#localusersandgroups-configure" id="localusersandgroups-configure">LocalUsersAndGroups/Configure</a>
+  </dd>
+</dl>
 
 ### LockDown policies
 
@@ -3352,6 +4041,26 @@ The following diagram shows the Policy configuration service provider in tree fo
   </dd>
 </dl>
 
+### MixedReality policies  
+
+<dl>
+  <dd>
+    <a href="./policy-csp-mixedreality.md#mixedreality-aadgroupmembershipcachevalidityindays" id="mixedreality-aadgroupmembershipcachevalidityindays">MixedReality/AADGroupMembershipCacheValidityInDays</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-mixedreality.md#mixedreality-brightnessbuttondisabled" id="mixedreality-brightnessbuttondisabled">MixedReality/BrightnessButtonDisabled</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-mixedreality.md#mixedreality-fallbackdiagnostics" id="mixedreality-fallbackdiagnostics">MixedReality/FallbackDiagnostics</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-mixedreality.md#mixedreality-microphonedisabled" id="mixedreality-microphonedisabled">MixedReality/MicrophoneDisabled</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-mixedreality.md#mixedreality-volumebuttondisabled" id="mixedreality-volumebuttondisabled">MixedReality/VolumeButtonDisabled</a>
+  </dd>
+</dl>
+
 ### MSSecurityGuide policies
 
 <dl>
@@ -4516,6 +5225,9 @@ The following diagram shows the Policy configuration service provider in tree fo
   <dd>
     <a href="./policy-csp-update.md#update-disabledualscan" id="update-disabledualscan">Update/DisableDualScan</a>
   </dd>
+  <dd>
+    <a href="./policy-csp-update.md#update-disablewufbsafeguards" id="update-disablewufbsafeguards">Update/DisableWUfBSafeguards</a>
+  </dd>
   <dd>
     <a href="./policy-csp-update.md#update-engagedrestartdeadline" id="update-engagedrestartdeadline">Update/EngagedRestartDeadline</a>
   </dd>
@@ -4872,6 +5584,29 @@ The following diagram shows the Policy configuration service provider in tree fo
   </dd>
 </dl>
 
+### WindowsSandbox policies  
+
+<dl>
+  <dd>
+    <a href="./policy-csp-windowssandbox.md#windowssandbox-allowaudioinput" id="windowssandbox-allowaudioinput">WindowsSandbox/AllowAudioInput</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-windowssandbox.md#windowssandbox-allowclipboardredirection" id="windowssandbox-allowclipboardredirection">WindowsSandbox/AllowClipboardRedirection</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-windowssandbox.md#windowssandbox-allownetworking" id="windowssandbox-allownetworking">WindowsSandbox/AllowNetworking</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-windowssandbox.md#windowssandbox-allowprinterredirection" id="windowssandbox-allowprinterredirection">WindowsSandbox/AllowPrinterRedirection</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-windowssandbox.md#windowssandbox-allowvgpu" id="windowssandbox-allowvgpu">WindowsSandbox/AllowVGPU</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-windowssandbox.md#windowssandbox-allowvideoinput" id="windowssandbox-allowvideoinput">WindowsSandbox/AllowVideoInput</a>
+  </dd>
+</dl>
+
 ### WirelessDisplay policies
 
 <dl>
@@ -4901,27 +5636,27 @@ The following diagram shows the Policy configuration service provider in tree fo
   </dd>
 </dl>
 
-## Policy CSPs supported by Group Policy and ADMX-backed policy CSPs
-- [Policy CSPs supported by Group Policy](policy-csps-supported-by-group-policy.md)
-- [ADMX-backed policy CSPs](policy-csps-admx-backed.md)
+## Policies in Policy CSP supported by Group Policy and ADMX-backed policies in Policy CSP
+- [Policies in Policy CSP supported by Group Policy](policy-csps-supported-by-group-policy.md)
+- [ADMX-backed policies in Policy CSP](policy-csps-admx-backed.md)
 
 > [!NOTE]
-> Not all Policy CSPs supported by Group Policy are ADMX-backed. For more details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> Not all Policies in Policy CSP supported by Group Policy are ADMX-backed. For more details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
 
-## Policy CSPs supported by HoloLens devices
-- [Policy CSPs supported by HoloLens 2](policy-csps-supported-by-hololens2.md)  
-- [Policy CSPs supported by HoloLens (1st gen) Commercial Suite](policy-csps-supported-by-hololens-1st-gen-commercial-suite.md)  
-- [Policy CSPs supported by HoloLens (1st gen) Development Edition](policy-csps-supported-by-hololens-1st-gen-development-edition.md)
+## Policies in Policy CSP supported by HoloLens devices
+- [Policies in Policy CSP supported by HoloLens 2](policy-csps-supported-by-hololens2.md)  
+- [Policies in Policy CSP supported by HoloLens (1st gen) Commercial Suite](policy-csps-supported-by-hololens-1st-gen-commercial-suite.md)  
+- [Policies in Policy CSP supported by HoloLens (1st gen) Development Edition](policy-csps-supported-by-hololens-1st-gen-development-edition.md)
 
-## Policy CSPs supported by Windows 10 IoT
-- [Policy CSPs supported by Windows 10 IoT Enterprise](policy-csps-supported-by-iot-enterprise.md)
-- [Policy CSPs supported by Windows 10 IoT Core](policy-csps-supported-by-iot-core.md)
+## Policies in Policy CSP supported by Windows 10 IoT
+- [Policies in Policy CSP supported by Windows 10 IoT Enterprise](policy-csps-supported-by-iot-enterprise.md)
+- [Policies in Policy CSP supported by Windows 10 IoT Core](policy-csps-supported-by-iot-core.md)
 
-## Policy CSPs supported by Microsoft Surface Hub
-- [Policy CSPs supported by Microsoft Surface Hub](policy-csps-supported-by-surface-hub.md)
+## Policies in Policy CSP supported by Microsoft Surface Hub
+- [Policies in Policy CSP supported by Microsoft Surface Hub](policy-csps-supported-by-surface-hub.md)
 
-## Policy CSPs that can be set using Exchange ActiveSync (EAS)
-- [Policy CSPs that can be set using Exchange ActiveSync (EAS)](policy-csps-that-can-be-set-using-eas.md)
+## Policies in Policy CSP that can be set using Exchange ActiveSync (EAS)
+- [Policies in Policy CSP that can be set using Exchange ActiveSync (EAS)](policy-csps-that-can-be-set-using-eas.md)
 
 ## Related topics
 
diff --git a/windows/client-management/mdm/policy-csp-admx-ciphersuiteorder.md b/windows/client-management/mdm/policy-csp-admx-ciphersuiteorder.md
index 627b8ea61c..649079a937 100644
--- a/windows/client-management/mdm/policy-csp-admx-ciphersuiteorder.md
+++ b/windows/client-management/mdm/policy-csp-admx-ciphersuiteorder.md
@@ -97,7 +97,7 @@ For information about supported cipher suites, see [Cipher Suites in TLS/SSL (Sc
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *SSL Cipher Suite Order*
--   GP name: *Functions*
+-   GP name: *SSLCipherSuiteOrder*
 -   GP path: *Network/SSL Configuration Settings*
 -   GP ADMX file name: *CipherSuiteOrder.admx*
 
@@ -180,7 +180,7 @@ CertUtil.exe -DisplayEccCurve
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *ECC Curve Order*
--   GP name: *EccCurves*
+-   GP name: *SSLCurveOrder*
 -   GP path: *Network/SSL Configuration Settings*
 -   GP ADMX file name: *CipherSuiteOrder.admx*
 
diff --git a/windows/client-management/mdm/policy-csp-admx-com.md b/windows/client-management/mdm/policy-csp-admx-com.md
index d7be4635d6..1da39a32a3 100644
--- a/windows/client-management/mdm/policy-csp-admx-com.md
+++ b/windows/client-management/mdm/policy-csp-admx-com.md
@@ -99,7 +99,7 @@ This setting appears in the Computer Configuration and User Configuration folder
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Download missing COM components*
--   GP name: *COMClassStore*
+-   GP name: *AppMgmt_COM_SearchForCLSID_1*
 -   GP path: *System*
 -   GP ADMX file name: *COM.admx*
 
@@ -174,7 +174,7 @@ This setting appears in the Computer Configuration and User Configuration folder
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Download missing COM components*
--   GP name: *COMClassStore*
+-   GP name: *AppMgmt_COM_SearchForCLSID_2*
 -   GP path: *System*
 -   GP ADMX file name: *COM.admx*
 
diff --git a/windows/client-management/mdm/policy-csp-admx-digitallocker.md b/windows/client-management/mdm/policy-csp-admx-digitallocker.md
index 2d12ffdcdd..43d6152747 100644
--- a/windows/client-management/mdm/policy-csp-admx-digitallocker.md
+++ b/windows/client-management/mdm/policy-csp-admx-digitallocker.md
@@ -96,7 +96,7 @@ If you disable or do not configure this setting, Digital Locker can be run.
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Do not allow Digital Locker to run*
--   GP name: *DoNotRunDigitalLocker*
+-   GP name: *Digitalx_DiableApplication_TitleText_1*
 -   GP path: *Windows Components/Digital Locker*
 -   GP ADMX file name: *DigitalLocker.admx*
 
@@ -167,7 +167,7 @@ If you disable or do not configure this setting, Digital Locker can be run.
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Do not allow Digital Locker to run*
--   GP name: *DoNotRunDigitalLocker*
+-   GP name: *Digitalx_DiableApplication_TitleText_2*
 -   GP path: *Windows Components/Digital Locker*
 -   GP ADMX file name: *DigitalLocker.admx*
 
diff --git a/windows/client-management/mdm/policy-csp-admx-dwm.md b/windows/client-management/mdm/policy-csp-admx-dwm.md
index 037491c5a5..ff5b9de5cc 100644
--- a/windows/client-management/mdm/policy-csp-admx-dwm.md
+++ b/windows/client-management/mdm/policy-csp-admx-dwm.md
@@ -109,7 +109,7 @@ If you disable or do not configure this policy setting, the default internal col
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Specify a default color*
--   GP name: *DefaultColorizationColorState*
+-   GP name: *DwmDefaultColorizationColor_1*
 -   GP path: *Windows Components/Desktop Window Manager/Window Frame Coloring*
 -   GP ADMX file name: *DWM.admx*
 
@@ -182,7 +182,7 @@ If you disable or do not configure this policy setting, the default internal col
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Specify a default color*
--   GP name: *DefaultColorizationColorState*
+-   GP name: *DwmDefaultColorizationColor_2*
 -   GP path: *Windows Components/Desktop Window Manager/Window Frame Coloring*
 -   GP ADMX file name: *DWM.admx*
 
@@ -253,7 +253,7 @@ Changing this policy setting requires a logoff for it to be applied.
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Do not allow window animations*
--   GP name: *DisallowAnimations*
+-   GP name: *DwmDisallowAnimations_1*
 -   GP path: *Windows Components/Desktop Window Manager*
 -   GP ADMX file name: *DWM.admx*
 
@@ -324,7 +324,7 @@ Changing this policy setting requires a logoff for it to be applied.
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Do not allow window animations*
--   GP name: *DisallowAnimations*
+-   GP name: *DwmDisallowAnimations_2*
 -   GP path: *Windows Components/Desktop Window Manager*
 -   GP ADMX file name: *DWM.admx*
 
@@ -396,7 +396,7 @@ If you disable or do not configure this policy setting, you allow users to chang
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Do not allow color changes*
--   GP name: *DisallowColorizationColorChanges*
+-   GP name: *DwmDisallowColorizationColorChanges_1*
 -   GP path: *Windows Components/Desktop Window Manager/Window Frame Coloring*
 -   GP ADMX file name: *DWM.admx*
 
@@ -468,7 +468,7 @@ If you disable or do not configure this policy setting, you allow users to chang
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Do not allow color changes*
--   GP name: *DisallowColorizationColorChanges*
+-   GP name: *DwmDisallowColorizationColorChanges_2*
 -   GP path: *Windows Components/Desktop Window Manager/Window Frame Coloring*
 -   GP ADMX file name: *DWM.admx*
 
diff --git a/windows/client-management/mdm/policy-csp-admx-eventforwarding.md b/windows/client-management/mdm/policy-csp-admx-eventforwarding.md
index ba0dcbb61d..e47d548237 100644
--- a/windows/client-management/mdm/policy-csp-admx-eventforwarding.md
+++ b/windows/client-management/mdm/policy-csp-admx-eventforwarding.md
@@ -97,7 +97,7 @@ This setting applies across all subscriptions for the forwarder (source computer
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Configure forwarder resource usage*
--   GP name: *MaxForwardingRate*
+-   GP name: *ForwarderResourceUsage*
 -   GP path: *Windows Components/Event Forwarding*
 -   GP ADMX file name: *EventForwarding.admx*
 
diff --git a/windows/client-management/mdm/policy-csp-admx-fileservervssprovider.md b/windows/client-management/mdm/policy-csp-admx-fileservervssprovider.md
index 78ba8174f4..37b6b9a826 100644
--- a/windows/client-management/mdm/policy-csp-admx-fileservervssprovider.md
+++ b/windows/client-management/mdm/policy-csp-admx-fileservervssprovider.md
@@ -94,7 +94,7 @@ By default, the RPC protocol message between File Server VSS provider and File S
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Allow or Disallow use of encryption to protect the RPC protocol messages between File Share Shadow Copy Provider running on application server and File Share Shadow Copy Agent running on the file servers.*
--   GP name: *EncryptProtocol*
+-   GP name: *Pol_EncryptProtocol*
 -   GP path: *System/File Share Shadow Copy Provider*
 -   GP ADMX file name: *FileServerVSSProvider.admx*
 
diff --git a/windows/client-management/mdm/policy-csp-admx-filesys.md b/windows/client-management/mdm/policy-csp-admx-filesys.md
index c669f3279e..fbdc148b37 100644
--- a/windows/client-management/mdm/policy-csp-admx-filesys.md
+++ b/windows/client-management/mdm/policy-csp-admx-filesys.md
@@ -106,7 +106,7 @@ Available in Windows 10 Insider Preview Build 20185. Compression can add to the
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Do not allow compression on all NTFS volumes*
--   GP name: *NtfsDisableCompression*
+-   GP name: *DisableCompression*
 -   GP path: *System/Filesystem/NTFS*
 -   GP ADMX file name: *FileSys.admx*
 
@@ -237,7 +237,7 @@ Available in Windows 10 Insider Preview Build 20185. Encryption can add to the p
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Do not allow encryption on all NTFS volumes*
--   GP name: *NtfsDisableEncryption*
+-   GP name: *DisableEncryption*
 -   GP path: *System/Filesystem/NTFS*
 -   GP ADMX file name: *FileSys.admx*
 
@@ -300,7 +300,7 @@ Available in Windows 10 Insider Preview Build 20185. Encrypting the page file pr
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Enable NTFS pagefile encryption*
--   GP name: *NtfsEncryptPagingFile*
+-   GP name: *EnablePagefileEncryption*
 -   GP path: *System/Filesystem/NTFS*
 -   GP ADMX file name: *FileSys.admx*
 
@@ -428,7 +428,7 @@ If you enable short names on all volumes then short names will always be generat
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Short name creation options*
--   GP name: *NtfsDisable8dot3NameCreation*
+-   GP name: *ShortNameCreationSettings*
 -   GP path: *System/Filesystem/NTFS*
 -   GP ADMX file name: *FileSys.admx*
 
@@ -502,7 +502,7 @@ For more information, refer to the Windows Help section.
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Selectively allow the evaluation of a symbolic link*
--   GP name: *SymlinkLocalToLocalEvaluation*
+-   GP name: *SymlinkEvaluation*
 -   GP path: *System/Filesystem*
 -   GP ADMX file name: *FileSys.admx*
 
@@ -565,7 +565,7 @@ Available in Windows 10 Insider Preview Build 20185. TXF deprecated features inc
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Enable / disable TXF deprecated features*
--   GP name: *NtfsEnableTxfDeprecatedFunctionality*
+-   GP name: *TxfDeprecatedFunctionality*
 -   GP path: *System/Filesystem/NTFS*
 -   GP ADMX file name: *FileSys.admx*
 
diff --git a/windows/client-management/mdm/policy-csp-admx-folderredirection.md b/windows/client-management/mdm/policy-csp-admx-folderredirection.md
index 268a4738fe..845c514983 100644
--- a/windows/client-management/mdm/policy-csp-admx-folderredirection.md
+++ b/windows/client-management/mdm/policy-csp-admx-folderredirection.md
@@ -329,7 +329,7 @@ If you disable or not configure this policy setting, Windows Vista, Windows 7, W
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Use localized subfolder names when redirecting Start Menu and My Documents*
--   GP name: *LocalizeXPRelativePaths*
+-   GP name: *LocalizeXPRelativePaths_1*
 -   GP path: *System/Folder Redirection*
 -   GP ADMX file name: *FolderRedirection.admx*
 
@@ -401,7 +401,7 @@ If you disable or not configure this policy setting, Windows Vista, Windows 7, W
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Use localized subfolder names when redirecting Start Menu and My Documents*
--   GP name: *LocalizeXPRelativePaths*
+-   GP name: *LocalizeXPRelativePaths_2*
 -   GP path: *System/Folder Redirection*
 -   GP ADMX file name: *FolderRedirection.admx*
 
@@ -474,7 +474,7 @@ If you disable or do not configure this policy setting and the user has redirect
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Redirect folders on primary computers only*
--   GP name: *PrimaryComputerEnabledFR*
+-   GP name: *PrimaryComputer_FR_1*
 -   GP path: *System/Folder Redirection*
 -   GP ADMX file name: *FolderRedirection.admx*
 
@@ -547,7 +547,7 @@ If you disable or do not configure this policy setting and the user has redirect
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Redirect folders on primary computers only*
--   GP name: *PrimaryComputerEnabledFR*
+-   GP name: *PrimaryComputer_FR_2*
 -   GP path: *System/Folder Redirection*
 -   GP ADMX file name: *FolderRedirection.admx*
 
diff --git a/windows/client-management/mdm/policy-csp-admx-help.md b/windows/client-management/mdm/policy-csp-admx-help.md
index 6e38d6f3fa..d705d091a0 100644
--- a/windows/client-management/mdm/policy-csp-admx-help.md
+++ b/windows/client-management/mdm/policy-csp-admx-help.md
@@ -185,7 +185,7 @@ For additional options, see the "Restrict these programs from being launched fro
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Restrict potentially unsafe HTML Help functions to specified folders*
--   GP name: *HelpQualifiedRootDir*
+-   GP name: *HelpQualifiedRootDir_Comp*
 -   GP path: *System*
 -   GP ADMX file name: *Help.admx*
 
@@ -259,7 +259,7 @@ If you disable or do not configure this policy setting, users can run all applic
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Restrict these programs from being launched from Help*
--   GP name: *DisableInHelp*
+-   GP name: *RestrictRunFromHelp*
 -   GP path: *System*
 -   GP ADMX file name: *Help.admx*
 
@@ -332,7 +332,7 @@ If you disable or do not configure this policy setting, users can run all applic
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Restrict these programs from being launched from Help*
--   GP name: *DisableInHelp*
+-   GP name: *RestrictRunFromHelp_Comp*
 -   GP path: *System*
 -   GP ADMX file name: *Help.admx*
 
diff --git a/windows/client-management/mdm/policy-csp-admx-helpandsupport.md b/windows/client-management/mdm/policy-csp-admx-helpandsupport.md
index c076fcbc0b..10d08651fc 100644
--- a/windows/client-management/mdm/policy-csp-admx-helpandsupport.md
+++ b/windows/client-management/mdm/policy-csp-admx-helpandsupport.md
@@ -100,7 +100,7 @@ If you disable or do not configure this policy setting, the default behavior app
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Turn off Active Help*
--   GP name: *NoActiveHelp*
+-   GP name: *ActiveHelp*
 -   GP path: *Windows Components/Online Assistance*
 -   GP ADMX file name: *HelpAndSupport.admx*
 
@@ -171,7 +171,7 @@ Users can use the control to provide feedback on the quality and usefulness of t
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Turn off Help Ratings*
--   GP name: *NoExplicitFeedback*
+-   GP name: *HPExplicitFeedback*
 -   GP path: *System/Internet Communication Management/Internet Communication settings*
 -   GP ADMX file name: *HelpAndSupport.admx*
 
@@ -239,7 +239,7 @@ If you disable or do not configure this policy setting, users can turn on the He
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Turn off Help Experience Improvement Program*
--   GP name: *NoImplicitFeedback*
+-   GP name: *HPImplicitFeedback*
 -   GP path: *System/Internet Communication Management/Internet Communication settings*
 -   GP ADMX file name: *HelpAndSupport.admx*
 
@@ -308,7 +308,7 @@ If you disable or do not configure this policy setting, users can access online
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Turn off Windows Online*
--   GP name: *NoOnlineAssist*
+-   GP name: *HPOnlineAssistance*
 -   GP path: *System/Internet Communication Management/Internet Communication settings*
 -   GP ADMX file name: *HelpAndSupport.admx*
 
diff --git a/windows/client-management/mdm/policy-csp-admx-kdc.md b/windows/client-management/mdm/policy-csp-admx-kdc.md
index eeaae0037a..4a63715208 100644
--- a/windows/client-management/mdm/policy-csp-admx-kdc.md
+++ b/windows/client-management/mdm/policy-csp-admx-kdc.md
@@ -133,7 +133,7 @@ Impact on domain controller performance when this policy setting is enabled:
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *KDC support for claims, compound authentication and Kerberos armoring*
--   GP name: *EnableCbacAndArmor*
+-   GP name: *CbacAndArmor*
 -   GP path: *System/KDC*
 -   GP ADMX file name: *kdc.admx*
 
@@ -204,7 +204,7 @@ To ensure consistent behavior, this policy setting must be supported and set ide
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Use forest search order*
--   GP name: *UseForestSearch*
+-   GP name: *ForestSearch*
 -   GP path: *System/KDC*
 -   GP ADMX file name: *kdc.admx*
 
@@ -420,7 +420,7 @@ If you disable or do not configure this policy setting, the threshold value defa
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Warning for large Kerberos tickets*
--   GP name: *EnableTicketSizeThreshold*
+-   GP name: *TicketSizeThreshold*
 -   GP path: *System/KDC*
 -   GP ADMX file name: *kdc.admx*
 
@@ -494,7 +494,7 @@ If you disable or do not configure this policy setting, the domain controller do
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Provide information about previous logons to client computers*
--   GP name: *EmitLILI*
+-   GP name: *emitlili*
 -   GP path: *System/KDC*
 -   GP ADMX file name: *kdc.admx*
 
diff --git a/windows/client-management/mdm/policy-csp-admx-lanmanserver.md b/windows/client-management/mdm/policy-csp-admx-lanmanserver.md
index 0e85c41572..ddaddd01f1 100644
--- a/windows/client-management/mdm/policy-csp-admx-lanmanserver.md
+++ b/windows/client-management/mdm/policy-csp-admx-lanmanserver.md
@@ -116,7 +116,7 @@ Arrange the desired cipher suites in the edit box, one cipher suite per line, in
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Cipher suite order*
--   GP name: *CipherSuiteOrder*
+-   GP name: *Pol_CipherSuiteOrder*
 -   GP path: *Network/Lanman Server*
 -   GP ADMX file name: *LanmanServer.admx*
 
@@ -199,7 +199,7 @@ In circumstances where this policy setting is enabled, you can also select the f
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Hash Publication for BranchCache*
--   GP name: *HashPublicationForPeerCaching*
+-   GP name: *Pol_HashPublication*
 -   GP path: *Network/Lanman Server*
 -   GP ADMX file name: *LanmanServer.admx*
 
@@ -286,7 +286,7 @@ Hash version supported:
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Hash Version support for BranchCache*
--   GP name: *HashSupportVersion*
+-   GP name: *Pol_HashSupportVersion*
 -   GP path: *Network/Lanman Server*
 -   GP ADMX file name: *LanmanServer.admx*
 
@@ -358,7 +358,7 @@ If you disable or do not configure this policy setting, the SMB server will sele
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Honor cipher suite order*
--   GP name: *HonorCipherSuiteOrder*
+-   GP name: *Pol_HonorCipherSuiteOrder*
 -   GP path: *Network/Lanman Server*
 -   GP ADMX file name: *LanmanServer.admx*
 
diff --git a/windows/client-management/mdm/policy-csp-admx-linklayertopologydiscovery.md b/windows/client-management/mdm/policy-csp-admx-linklayertopologydiscovery.md
index 8b7e93c9b9..d4f25831ab 100644
--- a/windows/client-management/mdm/policy-csp-admx-linklayertopologydiscovery.md
+++ b/windows/client-management/mdm/policy-csp-admx-linklayertopologydiscovery.md
@@ -96,7 +96,7 @@ If you disable or do not configure this policy setting, the default behavior of
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Turn on Mapper I/O (LLTDIO) driver*
--   GP name: *EnableLLTDIO*
+-   GP name: *LLTD_EnableLLTDIO*
 -   GP path: *Network/Link-Layer Topology Discovery*
 -   GP ADMX file name: *LinkLayerTopologyDiscovery.admx*
 
@@ -167,7 +167,7 @@ If you disable or do not configure this policy setting, the default behavior for
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Turn on Responder (RSPNDR) driver*
--   GP name: *EnableRspndr*
+-   GP name: *LLTD_EnableRspndr*
 -   GP path: *Network/Link-Layer Topology Discovery*
 -   GP ADMX file name: *LinkLayerTopologyDiscovery.admx*
 
diff --git a/windows/client-management/mdm/policy-csp-admx-mmc.md b/windows/client-management/mdm/policy-csp-admx-mmc.md
index 0766bd3fa0..a86907a534 100644
--- a/windows/client-management/mdm/policy-csp-admx-mmc.md
+++ b/windows/client-management/mdm/policy-csp-admx-mmc.md
@@ -113,7 +113,7 @@ When a snap-in is prohibited, it does not appear in the Add/Remove Snap-in windo
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *ActiveX Control*
--   GP name: *Restrict_Run*
+-   GP name: *MMC_ActiveXControl*
 -   GP path: *Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins*
 -   GP ADMX file name: *MMC.admx*
 
@@ -192,7 +192,7 @@ When a snap-in is prohibited, it does not appear in the Add/Remove Snap-in windo
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Extended View (Web View)*
--   GP name: *Restrict_Run*
+-   GP name: *MMC_ExtendView*
 -   GP path: *Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Extension snap-ins*
 -   GP ADMX file name: *MMC.admx*
 
@@ -271,7 +271,7 @@ When a snap-in is prohibited, it does not appear in the Add/Remove Snap-in windo
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Link to Web Address*
--   GP name: *Restrict_Run*
+-   GP name: *MMC_LinkToWeb*
 -   GP path: *Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins*
 -   GP ADMX file name: *MMC.admx*
 
@@ -344,7 +344,7 @@ If you disable this setting or do not configure it, users can enter author mode
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Restrict the user from entering author mode*
--   GP name: *RestrictAuthorMode*
+-   GP name: *MMC_Restrict_Author*
 -   GP path: *Windows Components\Microsoft Management Console*
 -   GP ADMX file name: *MMC.admx*
 
@@ -422,7 +422,7 @@ When a snap-in is prohibited, it does not appear in the Add/Remove Snap-in windo
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Restrict users to the explicitly permitted list of snap-ins*
--   GP name: *RestrictToPermittedSnapins*
+-   GP name: *MMC_Restrict_To_Permitted_Snapins*
 -   GP path: *Windows Components\Microsoft Management Console*
 -   GP ADMX file name: *MMC.admx*
 
diff --git a/windows/client-management/mdm/policy-csp-admx-mmcsnapins.md b/windows/client-management/mdm/policy-csp-admx-mmcsnapins.md
index 6b0df4c223..cdd93c1d97 100644
--- a/windows/client-management/mdm/policy-csp-admx-mmcsnapins.md
+++ b/windows/client-management/mdm/policy-csp-admx-mmcsnapins.md
@@ -408,7 +408,7 @@ When a snap-in is prohibited, it does not appear in the Add/Remove Snap-in windo
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Administrative Templates (Computers)*
--   GP name: *Restrict_Run*
+-   GP name: *MMC_ADMComputers_1*
 -   GP path: *Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Group Policy\Group Policy snap-in extensions*
 -   GP ADMX file name: *MMCSnapins.admx*
 
@@ -485,7 +485,7 @@ When a snap-in is prohibited, it does not appear in the Add/Remove Snap-in windo
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Administrative Templates (Computers)*
--   GP name: *Restrict_Run*
+-   GP name: *MMC_ADMComputers_2*
 -   GP path: *Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Group Policy\Resultant Set of Policy snap-in extensions*
 -   GP ADMX file name: *MMCSnapins.admx*
 
@@ -563,7 +563,7 @@ When a snap-in is prohibited, it does not appear in the Add/Remove Snap-in windo
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Administrative Templates (Users)*
--   GP name: *Restrict_Run*
+-   GP name: *MMC_ADMUsers_1*
 -   GP path: *Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Group Policy\Group Policy snap-in extensions*
 -   GP ADMX file name: *MMCSnapins.admx*
 
@@ -641,7 +641,7 @@ When a snap-in is prohibited, it does not appear in the Add/Remove Snap-in windo
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Administrative Templates (Users)*
--   GP name: *Restrict_Run*
+-   GP name: *MMC_ADMUsers_2*
 -   GP path: *Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Group Policy\Resultant Set of Policy snap-in extensions*
 -   GP ADMX file name: *MMCSnapins.admx*
 
@@ -719,7 +719,7 @@ When a snap-in is prohibited, it does not appear in the Add/Remove Snap-in windo
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *ADSI Edit*
--   GP name: *Restrict_Run*
+-   GP name: *MMC_ADSI*
 -   GP path: *Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins*
 -   GP ADMX file name: *MMCSnapins.admx*
 
@@ -797,7 +797,7 @@ When a snap-in is prohibited, it does not appear in the Add/Remove Snap-in windo
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Active Directory Domains and Trusts*
--   GP name: *Restrict_Run*
+-   GP name: *MMC_ActiveDirDomTrusts*
 -   GP path: *Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins*
 -   GP ADMX file name: *MMCSnapins.admx*
 
@@ -875,7 +875,7 @@ When a snap-in is prohibited, it does not appear in the Add/Remove Snap-in windo
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Active Directory Sites and Services*
--   GP name: *Restrict_Run*
+-   GP name: *MMC_ActiveDirSitesServices*
 -   GP path: *Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins*
 -   GP ADMX file name: *MMCSnapins.admx*
 
@@ -953,7 +953,7 @@ When a snap-in is prohibited, it does not appear in the Add/Remove Snap-in windo
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Active Directory Users and Computers*
--   GP name: *Restrict_Run*
+-   GP name: *MMC_ActiveDirUsersComp*
 -   GP path: *Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins*
 -   GP ADMX file name: *MMCSnapins.admx*
 
@@ -1031,7 +1031,7 @@ When a snap-in is prohibited, it does not appear in the Add/Remove Snap-in windo
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *AppleTalk Routing*
--   GP name: *Restrict_Run*
+-   GP name: *MMC_AppleTalkRouting*
 -   GP path: *Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Extension snap-ins*
 -   GP ADMX file name: *MMCSnapins.admx*
 
@@ -1109,7 +1109,7 @@ When a snap-in is prohibited, it does not appear in the Add/Remove Snap-in windo
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Authorization Manager*
--   GP name: *Restrict_Run*
+-   GP name: *MMC_AuthMan*
 -   GP path: *Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Extension snap-ins*
 -   GP ADMX file name: *MMCSnapins.admx*
 
@@ -1187,7 +1187,7 @@ When a snap-in is prohibited, it does not appear in the Add/Remove Snap-in windo
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Certification Authority*
--   GP name: *Restrict_Run*
+-   GP name: *MMC_CertAuth*
 -   GP path: *Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins*
 -   GP ADMX file name: *MMCSnapins.admx*
 
@@ -1264,7 +1264,7 @@ When a snap-in is prohibited, it does not appear in the Add/Remove Snap-in windo
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Certification Authority Policy Settings*
--   GP name: *Restrict_Run*
+-   GP name: *MMC_CertAuthPolSet*
 -   GP path: *Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Extension snap-ins*
 -   GP ADMX file name: *MMCSnapins.admx*
 
@@ -1341,7 +1341,7 @@ When a snap-in is prohibited, it does not appear in the Add/Remove Snap-in windo
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Certificates*
--   GP name: *Restrict_Run*
+-   GP name: *MMC_Certs*
 -   GP path: *Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins*
 -   GP ADMX file name: *MMCSnapins.admx*
 
@@ -1418,7 +1418,7 @@ When a snap-in is prohibited, it does not appear in the Add/Remove Snap-in windo
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Certificate Templates*
--   GP name: *Restrict_Run*
+-   GP name: *MMC_CertsTemplate*
 -   GP path: *Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins*
 -   GP ADMX file name: *MMCSnapins.admx*
 
@@ -1495,7 +1495,7 @@ When a snap-in is prohibited, it does not appear in the Add/Remove Snap-in windo
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Component Services*
--   GP name: *Restrict_Run*
+-   GP name: *MMC_ComponentServices*
 -   GP path: *Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins*
 -   GP ADMX file name: *MMCSnapins.admx*
 
@@ -1572,7 +1572,7 @@ When a snap-in is prohibited, it does not appear in the Add/Remove Snap-in windo
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Computer Management*
--   GP name: *Restrict_Run*
+-   GP name: *MMC_ComputerManagement*
 -   GP path: *Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins*
 -   GP ADMX file name: *MMCSnapins.admx*
 
@@ -1649,7 +1649,7 @@ When a snap-in is prohibited, it does not appear in the Add/Remove Snap-in windo
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Connection Sharing (NAT)*
--   GP name: *Restrict_Run*
+-   GP name: *MMC_ConnectionSharingNAT*
 -   GP path: *Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Extension snap-ins*
 -   GP ADMX file name: *MMCSnapins.admx*
 
@@ -1726,7 +1726,7 @@ When a snap-in is prohibited, it does not appear in the Add/Remove Snap-in windo
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *DCOM Configuration Extension*
--   GP name: *Restrict_Run*
+-   GP name: *MMC_DCOMCFG*
 -   GP path: *Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Extension snap-ins*
 -   GP ADMX file name: *MMCSnapins.admx*
 
@@ -1803,7 +1803,7 @@ When a snap-in is prohibited, it does not appear in the Add/Remove Snap-in windo
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Distributed File System*
--   GP name: *Restrict_Run*
+-   GP name: *MMC_DFS*
 -   GP path: *Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins*
 -   GP ADMX file name: *MMCSnapins.admx*
 
@@ -1880,7 +1880,7 @@ When a snap-in is prohibited, it does not appear in the Add/Remove Snap-in windo
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *DHCP Relay Management*
--   GP name: *Restrict_Run*
+-   GP name: *MMC_DHCPRelayMgmt*
 -   GP path: *Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Extension snap-ins*
 -   GP ADMX file name: *MMCSnapins.admx*
 
@@ -1957,7 +1957,7 @@ When a snap-in is prohibited, it does not appear in the Add/Remove Snap-in windo
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Device Manager*
--   GP name: *Restrict_Run*
+-   GP name: *MMC_DeviceManager_1*
 -   GP path: *Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Extension snap-ins*
 -   GP ADMX file name: *MMCSnapins.admx*
 
@@ -2034,7 +2034,7 @@ When a snap-in is prohibited, it does not appear in the Add/Remove Snap-in windo
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Device Manager*
--   GP name: *Restrict_Run*
+-   GP name: *MMC_DeviceManager_2*
 -   GP path: *Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins*
 -   GP ADMX file name: *MMCSnapins.admx*
 
@@ -2111,7 +2111,7 @@ When a snap-in is prohibited, it does not appear in the Add/Remove Snap-in windo
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Disk Defragmenter*
--   GP name: *Restrict_Run*
+-   GP name: *MMC_DiskDefrag*
 -   GP path: *Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins*
 -   GP ADMX file name: *MMCSnapins.admx*
 
@@ -2188,7 +2188,7 @@ When a snap-in is prohibited, it does not appear in the Add/Remove Snap-in windo
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Disk Management*
--   GP name: *Restrict_Run*
+-   GP name: *MMC_DiskMgmt*
 -   GP path: *Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins*
 -   GP ADMX file name: *MMCSnapins.admx*
 
@@ -2265,7 +2265,7 @@ When a snap-in is prohibited, it does not appear in the Add/Remove Snap-in windo
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Enterprise PKI*
--   GP name: *Restrict_Run*
+-   GP name: *MMC_EnterprisePKI*
 -   GP path: *Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins*
 -   GP ADMX file name: *MMCSnapins.admx*
 
@@ -2342,7 +2342,7 @@ When a snap-in is prohibited, it does not appear in the Add/Remove Snap-in windo
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Event Viewer*
--   GP name: *Restrict_Run*
+-   GP name: *MMC_EventViewer_1*
 -   GP path: *Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Extension snap-ins*
 -   GP ADMX file name: *MMCSnapins.admx*
 
@@ -2419,7 +2419,7 @@ When a snap-in is prohibited, it does not appear in the Add/Remove Snap-in windo
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Event Viewer (Windows Vista)*
--   GP name: *Restrict_Run*
+-   GP name: *MMC_EventViewer_2*
 -   GP path: *Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Extension snap-ins*
 -   GP ADMX file name: *MMCSnapins.admx*
 
@@ -2496,7 +2496,7 @@ When a snap-in is prohibited, it does not appear in the Add/Remove Snap-in windo
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Event Viewer*
--   GP name: *Restrict_Run*
+-   GP name: *MMC_EventViewer_3*
 -   GP path: *Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins*
 -   GP ADMX file name: *MMCSnapins.admx*
 
@@ -2573,7 +2573,7 @@ When a snap-in is prohibited, it does not appear in the Add/Remove Snap-in windo
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Event Viewer (Windows Vista)*
--   GP name: *Restrict_Run*
+-   GP name: *MMC_EventViewer_4*
 -   GP path: *Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins*
 -   GP ADMX file name: *MMCSnapins.admx*
 
@@ -2651,7 +2651,7 @@ When a snap-in is prohibited, it does not appear in the Add/Remove Snap-in windo
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Event Viewer (Windows Vista)*
--   GP name: *Restrict_Run*
+-   GP name: *MMC_EventViewer_2*
 -   GP path: *Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins*
 -   GP ADMX file name: *MMCSnapins.admx*
 
@@ -2728,7 +2728,7 @@ When a snap-in is prohibited, it does not appear in the Add/Remove Snap-in windo
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *FAX Service*
--   GP name: *Restrict_Run*
+-   GP name: *MMC_FAXService*
 -   GP path: *Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins*
 -   GP ADMX file name: *MMCSnapins.admx*
 
@@ -2805,7 +2805,7 @@ When a snap-in is prohibited, it does not appear in the Add/Remove Snap-in windo
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Failover Clusters Manager*
--   GP name: *Restrict_Run*
+-   GP name: *MMC_FailoverClusters*
 -   GP path: *Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins*
 -   GP ADMX file name: *MMCSnapins.admx*
 
@@ -2882,7 +2882,7 @@ When a snap-in is prohibited, it does not appear in the Add/Remove Snap-in windo
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Folder Redirection*
--   GP name: *Restrict_Run*
+-   GP name: *MMC_FolderRedirection_1*
 -   GP path: *Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Group Policy\Group Policy snap-in extensions*
 -   GP ADMX file name: *MMCSnapins.admx*
 
@@ -2959,7 +2959,7 @@ When a snap-in is prohibited, it does not appear in the Add/Remove Snap-in windo
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Folder Redirection*
--   GP name: *Restrict_Run*
+-   GP name: *MMC_FolderRedirection_2*
 -   GP path: *Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Group Policy\Resultant Set of Policy snap-in extensions*
 -   GP ADMX file name: *MMCSnapins.admx*
 
@@ -3036,7 +3036,7 @@ When a snap-in is prohibited, it does not appear in the Add/Remove Snap-in windo
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *FrontPage Server Extensions*
--   GP name: *Restrict_Run*
+-   GP name: *MMC_FrontPageExt*
 -   GP path: *Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins*
 -   GP ADMX file name: *MMCSnapins.admx*
 
@@ -3113,7 +3113,7 @@ When a snap-in is prohibited, it does not appear in the Add/Remove Snap-in windo
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Group Policy Management*
--   GP name: *Restrict_Run*
+-   GP name: *MMC_GroupPolicyManagementSnapIn*
 -   GP path: *Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Group Policy*
 -   GP ADMX file name: *MMCSnapins.admx*
 
@@ -3190,7 +3190,7 @@ When a snap-in is prohibited, it does not appear in the Add/Remove Snap-in windo
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Group Policy Object Editor*
--   GP name: *Restrict_Run*
+-   GP name: *MMC_GroupPolicySnapIn*
 -   GP path: *Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Group Policy*
 -   GP ADMX file name: *MMCSnapins.admx*
 
@@ -3269,7 +3269,7 @@ When the Group Policy tab is inaccessible, it does not appear in the site, domai
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Group Policy tab for Active Directory Tools*
--   GP name: *Restrict_Run*
+-   GP name: *MMC_GroupPolicyTab*
 -   GP path: *Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Group Policy*
 -   GP ADMX file name: *MMCSnapins.admx*
 
@@ -3346,7 +3346,7 @@ When a snap-in is prohibited, it does not appear in the Add/Remove Snap-in windo
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Health Registration Authority (HRA)*
--   GP name: *Restrict_Run*
+-   GP name: *MMC_HRA*
 -   GP path: *Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins*
 -   GP ADMX file name: *MMCSnapins.admx*
 
@@ -3423,7 +3423,7 @@ When a snap-in is prohibited, it does not appear in the Add/Remove Snap-in windo
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Internet Authentication Service (IAS)*
--   GP name: *Restrict_Run*
+-   GP name: *MMC_IAS*
 -   GP path: *Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins*
 -   GP ADMX file name: *MMCSnapins.admx*
 
@@ -3500,7 +3500,7 @@ When a snap-in is prohibited, it does not appear in the Add/Remove Snap-in windo
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *IAS Logging*
--   GP name: *Restrict_Run*
+-   GP name: *MMC_IASLogging*
 -   GP path: *Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Extension snap-ins*
 -   GP ADMX file name: *MMCSnapins.admx*
 
@@ -3577,7 +3577,7 @@ When a snap-in is prohibited, it does not appear in the Add/Remove Snap-in windo
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Internet Explorer Maintenance*
--   GP name: *Restrict_Run*
+-   GP name: *MMC_IEMaintenance_1*
 -   GP path: *Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Group Policy\Group Policy snap-in extensions*
 -   GP ADMX file name: *MMCSnapins.admx*
 
@@ -3654,7 +3654,7 @@ When a snap-in is prohibited, it does not appear in the Add/Remove Snap-in windo
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Internet Explorer Maintenance*
--   GP name: *Restrict_Run*
+-   GP name: *MMC_IEMaintenance_2*
 -   GP path: *Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Group Policy\Resultant Set of Policy snap-in extensions*
 -   GP ADMX file name: *MMCSnapins.admx*
 
@@ -3731,7 +3731,7 @@ When a snap-in is prohibited, it does not appear in the Add/Remove Snap-in windo
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *IGMP Routing*
--   GP name: *Restrict_Run*
+-   GP name: *MMC_IGMPRouting*
 -   GP path: *Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Extension snap-ins*
 -   GP ADMX file name: *MMCSnapins.admx*
 
@@ -3808,7 +3808,7 @@ When a snap-in is prohibited, it does not appear in the Add/Remove Snap-in windo
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Internet Information Services*
--   GP name: *Restrict_Run*
+-   GP name: *MMC_IIS*
 -   GP path: *Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins*
 -   GP ADMX file name: *MMCSnapins.admx*
 
@@ -3885,7 +3885,7 @@ When a snap-in is prohibited, it does not appear in the Add/Remove Snap-in windo
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *IP Routing*
--   GP name: *Restrict_Run*
+-   GP name: *MMC_IPRouting*
 -   GP path: *Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Extension snap-ins*
 -   GP ADMX file name: *MMCSnapins.admx*
 
@@ -3962,7 +3962,7 @@ When a snap-in is prohibited, it does not appear in the Add/Remove Snap-in windo
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *IP Security Policy Management*
--   GP name: *Restrict_Run*
+-   GP name: *MMC_IPSecManage_GP*
 -   GP path: *Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Group Policy\Group Policy snap-in extensions*
 -   GP ADMX file name: *MMCSnapins.admx*
 
@@ -4039,7 +4039,7 @@ When a snap-in is prohibited, it does not appear in the Add/Remove Snap-in windo
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *IPX RIP Routing*
--   GP name: *Restrict_Run*
+-   GP name: *MMC_IPXRIPRouting*
 -   GP path: *Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Extension snap-ins*
 -   GP ADMX file name: *MMCSnapins.admx*
 
@@ -4116,7 +4116,7 @@ When a snap-in is prohibited, it does not appear in the Add/Remove Snap-in windo
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *IPX Routing*
--   GP name: *Restrict_Run*
+-   GP name: *MMC_IPXRouting*
 -   GP path: *Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Extension snap-ins*
 -   GP ADMX file name: *MMCSnapins.admx*
 
@@ -4193,7 +4193,7 @@ When a snap-in is prohibited, it does not appear in the Add/Remove Snap-in windo
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *IPX SAP Routing*
--   GP name: *Restrict_Run*
+-   GP name: *MMC_IPXSAPRouting*
 -   GP path: *Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Extension snap-ins*
 -   GP ADMX file name: *MMCSnapins.admx*
 
@@ -4270,7 +4270,7 @@ When a snap-in is prohibited, it does not appear in the Add/Remove Snap-in windo
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Indexing Service*
--   GP name: *Restrict_Run*
+-   GP name: *MMC_IndexingService*
 -   GP path: *Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins*
 -   GP ADMX file name: *MMCSnapins.admx*
 
@@ -4347,7 +4347,7 @@ When a snap-in is prohibited, it does not appear in the Add/Remove Snap-in windo
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *IP Security Policy Management*
--   GP name: *Restrict_Run*
+-   GP name: *MMC_IpSecManage*
 -   GP path: *Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins*
 -   GP ADMX file name: *MMCSnapins.admx*
 
@@ -4424,7 +4424,7 @@ When a snap-in is prohibited, it does not appear in the Add/Remove Snap-in windo
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *IP Security Monitor*
--   GP name: *Restrict_Run*
+-   GP name: *MMC_IpSecMonitor*
 -   GP path: *Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins*
 -   GP ADMX file name: *MMCSnapins.admx*
 
@@ -4501,7 +4501,7 @@ When a snap-in is prohibited, it does not appear in the Add/Remove Snap-in windo
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Local Users and Groups*
--   GP name: *Restrict_Run*
+-   GP name: *MMC_LocalUsersGroups*
 -   GP path: *Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins*
 -   GP ADMX file name: *MMCSnapins.admx*
 
@@ -4578,7 +4578,7 @@ When a snap-in is prohibited, it does not appear in the Add/Remove Snap-in windo
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Logical and Mapped Drives*
--   GP name: *Restrict_Run*
+-   GP name: *MMC_LogicalMappedDrives*
 -   GP path: *Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Extension snap-ins*
 -   GP ADMX file name: *MMCSnapins.admx*
 
@@ -4655,7 +4655,7 @@ When a snap-in is prohibited, it does not appear in the Add/Remove Snap-in windo
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Network Policy Server (NPS)*
--   GP name: *Restrict_Run*
+-   GP name: *MMC_NPSUI*
 -   GP path: *Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins*
 -   GP ADMX file name: *MMCSnapins.admx*
 
@@ -4732,7 +4732,7 @@ When a snap-in is prohibited, it does not appear in the Add/Remove Snap-in windo
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *NAP Client Configuration*
--   GP name: *Restrict_Run*
+-   GP name: *MMC_NapSnap*
 -   GP path: *Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins*
 -   GP ADMX file name: *MMCSnapins.admx*
 
@@ -4809,7 +4809,7 @@ When a snap-in is prohibited, it does not appear in the Add/Remove Snap-in windo
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *NAP Client Configuration*
--   GP name: *Restrict_Run*
+-   GP name: *MMC_NapSnap_GP*
 -   GP path: *Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Group Policy\Group Policy snap-in extensions*
 -   GP ADMX file name: *MMCSnapins.admx*
 
@@ -4886,7 +4886,7 @@ When a snap-in is prohibited, it does not appear in the Add/Remove Snap-in windo
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *.Net Framework Configuration*
--   GP name: *Restrict_Run*
+-   GP name: *MMC_Net_Framework*
 -   GP path: *Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins*
 -   GP ADMX file name: *MMCSnapins.admx*
 
@@ -4963,7 +4963,7 @@ When a snap-in is prohibited, it does not appear in the Add/Remove Snap-in windo
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Online Responder*
--   GP name: *Restrict_Run*
+-   GP name: *MMC_OCSP*
 -   GP path: *Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins*
 -   GP ADMX file name: *MMCSnapins.admx*
 
@@ -5040,7 +5040,7 @@ When a snap-in is prohibited, it does not appear in the Add/Remove Snap-in windo
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *OSPF Routing*
--   GP name: *Restrict_Run*
+-   GP name: *MMC_OSPFRouting*
 -   GP path: *Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Extension snap-ins*
 -   GP ADMX file name: *MMCSnapins.admx*
 
@@ -5117,7 +5117,7 @@ When a snap-in is prohibited, it does not appear in the Add/Remove Snap-in windo
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Performance Logs and Alerts*
--   GP name: *Restrict_Run*
+-   GP name: *MMC_PerfLogsAlerts*
 -   GP path: *Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins*
 -   GP ADMX file name: *MMCSnapins.admx*
 
@@ -5194,7 +5194,7 @@ When a snap-in is prohibited, it does not appear in the Add/Remove Snap-in windo
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Public Key Policies*
--   GP name: *Restrict_Run*
+-   GP name: *MMC_PublicKey*
 -   GP path: *Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Extension snap-ins*
 -   GP ADMX file name: *MMCSnapins.admx*
 
@@ -5271,7 +5271,7 @@ When a snap-in is prohibited, it does not appear in the Add/Remove Snap-in windo
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *QoS Admission Control*
--   GP name: *Restrict_Run*
+-   GP name: *MMC_QoSAdmission*
 -   GP path: *Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins*
 -   GP ADMX file name: *MMCSnapins.admx*
 
@@ -5348,7 +5348,7 @@ When a snap-in is prohibited, it does not appear in the Add/Remove Snap-in windo
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *RAS Dialin - User Node*
--   GP name: *Restrict_Run*
+-   GP name: *MMC_RAS_DialinUser*
 -   GP path: *Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Extension snap-ins*
 -   GP ADMX file name: *MMCSnapins.admx*
 
@@ -5425,7 +5425,7 @@ When a snap-in is prohibited, it does not appear in the Add/Remove Snap-in windo
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *RIP Routing*
--   GP name: *Restrict_Run*
+-   GP name: *MMC_RIPRouting*
 -   GP path: *Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Extension snap-ins*
 -   GP ADMX file name: *MMCSnapins.admx*
 
@@ -5502,7 +5502,7 @@ When a snap-in is prohibited, it does not appear in the Add/Remove Snap-in windo
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Remote Installation Services*
--   GP name: *Restrict_Run*
+-   GP name: *MMC_RIS*
 -   GP path: *Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Group Policy\Group Policy snap-in extensions*
 -   GP ADMX file name: *MMCSnapins.admx*
 
@@ -5579,7 +5579,7 @@ When a snap-in is prohibited, it does not appear in the Add/Remove Snap-in windo
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Routing and Remote Access*
--   GP name: *Restrict_Run*
+-   GP name: *MMC_RRA*
 -   GP path: *Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins*
 -   GP ADMX file name: *MMCSnapins.admx*
 
@@ -5656,7 +5656,7 @@ When a snap-in is prohibited, it does not appear in the Add/Remove Snap-in windo
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Removable Storage Management*
--   GP name: *Restrict_Run*
+-   GP name: *MMC_RSM*
 -   GP path: *Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins*
 -   GP ADMX file name: *MMCSnapins.admx*
 
@@ -5733,7 +5733,7 @@ When a snap-in is prohibited, it does not appear in the Add/Remove Snap-in windo
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Removable Storage*
--   GP name: *Restrict_Run*
+-   GP name: *MMC_RemStore*
 -   GP path: *Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Extension snap-ins*
 -   GP ADMX file name: *MMCSnapins.admx*
 
@@ -5810,7 +5810,7 @@ When a snap-in is prohibited, it does not appear in the Add/Remove Snap-in windo
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Remote Access*
--   GP name: *Restrict_Run*
+-   GP name: *MMC_RemoteAccess*
 -   GP path: *Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Extension snap-ins*
 -   GP ADMX file name: *MMCSnapins.admx*
 
@@ -5887,7 +5887,7 @@ When a snap-in is prohibited, it does not appear in the Add/Remove Snap-in windo
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Remote Desktops*
--   GP name: *Restrict_Run*
+-   GP name: *MMC_RemoteDesktop*
 -   GP path: *Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins*
 -   GP ADMX file name: *MMCSnapins.admx*
 
@@ -5964,7 +5964,7 @@ When a snap-in is prohibited, it does not appear in the Add/Remove Snap-in windo
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Resultant Set of Policy snap-in*
--   GP name: *Restrict_Run*
+-   GP name: *MMC_ResultantSetOfPolicySnapIn*
 -   GP path: *Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Group Policy*
 -   GP ADMX file name: *MMCSnapins.admx*
 
@@ -6041,7 +6041,7 @@ When a snap-in is prohibited, it does not appear in the Add/Remove Snap-in windo
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Routing*
--   GP name: *Restrict_Run*
+-   GP name: *MMC_Routing*
 -   GP path: *Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Extension snap-ins*
 -   GP ADMX file name: *MMCSnapins.admx*
 
@@ -6118,7 +6118,7 @@ When a snap-in is prohibited, it does not appear in the Add/Remove Snap-in windo
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Security Configuration and Analysis*
--   GP name: *Restrict_Run*
+-   GP name: *MMC_SCA*
 -   GP path: *Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins*
 -   GP ADMX file name: *MMCSnapins.admx*
 
@@ -6195,7 +6195,7 @@ When a snap-in is prohibited, it does not appear in the Add/Remove Snap-in windo
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *SMTP Protocol*
--   GP name: *Restrict_Run*
+-   GP name: *MMC_SMTPProtocol*
 -   GP path: *Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Extension snap-ins*
 -   GP ADMX file name: *MMCSnapins.admx*
 
@@ -6272,7 +6272,7 @@ When a snap-in is prohibited, it does not appear in the Add/Remove Snap-in windo
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *SNMP*
--   GP name: *Restrict_Run*
+-   GP name: *MMC_SNMP*
 -   GP path: *Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Extension snap-ins*
 -   GP ADMX file name: *MMCSnapins.admx*
 
@@ -6349,7 +6349,7 @@ When a snap-in is prohibited, it does not appear in the Add/Remove Snap-in windo
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Scripts (Startup/Shutdown)*
--   GP name: *Restrict_Run*
+-   GP name: *MMC_ScriptsMachine_1*
 -   GP path: *Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Group Policy\Group Policy snap-in extensions*
 -   GP ADMX file name: *MMCSnapins.admx*
 
@@ -6426,7 +6426,7 @@ When a snap-in is prohibited, it does not appear in the Add/Remove Snap-in windo
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Scripts (Startup/Shutdown)*
--   GP name: *Restrict_Run*
+-   GP name: *MMC_ScriptsMachine_2*
 -   GP path: *Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Group Policy\Resultant Set of Policy snap-in extensions*
 -   GP ADMX file name: *MMCSnapins.admx*
 
@@ -6503,7 +6503,7 @@ When a snap-in is prohibited, it does not appear in the Add/Remove Snap-in windo
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Scripts (Logon/Logoff)*
--   GP name: *Restrict_Run*
+-   GP name: *MMC_ScriptsUser_1*
 -   GP path: *Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Group Policy\Group Policy snap-in extensions*
 -   GP ADMX file name: *MMCSnapins.admx*
 
@@ -6580,7 +6580,7 @@ When a snap-in is prohibited, it does not appear in the Add/Remove Snap-in windo
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Scripts (Logon/Logoff)*
--   GP name: *Restrict_Run*
+-   GP name: *MMC_ScriptsUser_2*
 -   GP path: *Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Group Policy\Resultant Set of Policy snap-in extensions*
 -   GP ADMX file name: *MMCSnapins.admx*
 
@@ -6657,7 +6657,7 @@ When a snap-in is prohibited, it does not appear in the Add/Remove Snap-in windo
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Security Settings*
--   GP name: *Restrict_Run*
+-   GP name: *MMC_SecuritySettings_1*
 -   GP path: *Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Group Policy\Group Policy snap-in extensions*
 -   GP ADMX file name: *MMCSnapins.admx*
 
@@ -6734,7 +6734,7 @@ When a snap-in is prohibited, it does not appear in the Add/Remove Snap-in windo
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Security Settings*
--   GP name: *Restrict_Run*
+-   GP name: *MMC_SecuritySettings_2*
 -   GP path: *Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Group Policy\Resultant Set of Policy snap-in extensions*
 -   GP ADMX file name: *MMCSnapins.admx*
 
@@ -6811,7 +6811,7 @@ When a snap-in is prohibited, it does not appear in the Add/Remove Snap-in windo
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Security Templates*
--   GP name: *Restrict_Run*
+-   GP name: *MMC_SecurityTemplates*
 -   GP path: *Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins*
 -   GP ADMX file name: *MMCSnapins.admx*
 
@@ -6888,7 +6888,7 @@ When a snap-in is prohibited, it does not appear in the Add/Remove Snap-in windo
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Send Console Message*
--   GP name: *Restrict_Run*
+-   GP name: *MMC_SendConsoleMessage*
 -   GP path: *Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Extension snap-ins*
 -   GP ADMX file name: *MMCSnapins.admx*
 
@@ -6965,7 +6965,7 @@ When a snap-in is prohibited, it does not appear in the Add/Remove Snap-in windo
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Server Manager*
--   GP name: *Restrict_Run*
+-   GP name: *MMC_ServerManager*
 -   GP path: *Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins*
 -   GP ADMX file name: *MMCSnapins.admx*
 
@@ -7042,7 +7042,7 @@ When a snap-in is prohibited, it does not appear in the Add/Remove Snap-in windo
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Service Dependencies*
--   GP name: *Restrict_Run*
+-   GP name: *MMC_ServiceDependencies*
 -   GP path: *Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Extension snap-ins*
 -   GP ADMX file name: *MMCSnapins.admx*
 
@@ -7119,7 +7119,7 @@ When a snap-in is prohibited, it does not appear in the Add/Remove Snap-in windo
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Services*
--   GP name: *Restrict_Run*
+-   GP name: *MMC_Services*
 -   GP path: *Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins*
 -   GP ADMX file name: *MMCSnapins.admx*
 
@@ -7196,7 +7196,7 @@ When a snap-in is prohibited, it does not appear in the Add/Remove Snap-in windo
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Shared Folders*
--   GP name: *Restrict_Run*
+-   GP name: *MMC_SharedFolders*
 -   GP path: *Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins*
 -   GP ADMX file name: *MMCSnapins.admx*
 
@@ -7273,7 +7273,7 @@ When a snap-in is prohibited, it does not appear in the Add/Remove Snap-in windo
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Shared Folders Ext*
--   GP name: *Restrict_Run*
+-   GP name: *MMC_SharedFolders_Ext*
 -   GP path: *Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Extension snap-ins*
 -   GP ADMX file name: *MMCSnapins.admx*
 
@@ -7350,7 +7350,7 @@ When a snap-in is prohibited, it does not appear in the Add/Remove Snap-in windo
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Software Installation (Computers)*
--   GP name: *Restrict_Run*
+-   GP name: *MMC_SoftwareInstalationComputers_1*
 -   GP path: *Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Group Policy\Group Policy snap-in extensions*
 -   GP ADMX file name: *MMCSnapins.admx*
 
@@ -7427,7 +7427,7 @@ When a snap-in is prohibited, it does not appear in the Add/Remove Snap-in windo
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Software Installation (Computers)*
--   GP name: *Restrict_Run*
+-   GP name: *MMC_SoftwareInstalationComputers_2*
 -   GP path: *Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Group Policy\Resultant Set of Policy snap-in extensions*
 -   GP ADMX file name: *MMCSnapins.admx*
 
@@ -7504,7 +7504,7 @@ When a snap-in is prohibited, it does not appear in the Add/Remove Snap-in windo
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Software Installation (Users)*
--   GP name: *Restrict_Run*
+-   GP name: *MMC_SoftwareInstallationUsers_1*
 -   GP path: *Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Group Policy\Group Policy snap-in extensions*
 -   GP ADMX file name: *MMCSnapins.admx*
 
@@ -7581,7 +7581,7 @@ When a snap-in is prohibited, it does not appear in the Add/Remove Snap-in windo
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Software Installation (Users)*
--   GP name: *Restrict_Run*
+-   GP name: *MMC_SoftwareInstallationUsers_2*
 -   GP path: *Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Group Policy\Resultant Set of Policy snap-in extensions*
 -   GP ADMX file name: *MMCSnapins.admx*
 
@@ -7658,7 +7658,7 @@ When a snap-in is prohibited, it does not appear in the Add/Remove Snap-in windo
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *System Information*
--   GP name: *Restrict_Run*
+-   GP name: *MMC_SysInfo*
 -   GP path: *Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins*
 -   GP ADMX file name: *MMCSnapins.admx*
 
@@ -7735,7 +7735,7 @@ When a snap-in is prohibited, it does not appear in the Add/Remove Snap-in windo
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *System Properties*
--   GP name: *Restrict_Run*
+-   GP name: *MMC_SysProp*
 -   GP path: *Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Extension snap-ins*
 -   GP ADMX file name: *MMCSnapins.admx*
 
@@ -7812,7 +7812,7 @@ When a snap-in is prohibited, it does not appear in the Add/Remove Snap-in windo
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *TPM Management*
--   GP name: *Restrict_Run*
+-   GP name: *MMC_TPMManagement*
 -   GP path: *Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins*
 -   GP ADMX file name: *MMCSnapins.admx*
 
@@ -7889,7 +7889,7 @@ When a snap-in is prohibited, it does not appear in the Add/Remove Snap-in windo
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Telephony*
--   GP name: *Restrict_Run*
+-   GP name: *MMC_Telephony*
 -   GP path: *Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins*
 -   GP ADMX file name: *MMCSnapins.admx*
 
@@ -7966,7 +7966,7 @@ When a snap-in is prohibited, it does not appear in the Add/Remove Snap-in windo
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Remote Desktop Services Configuration*
--   GP name: *Restrict_Run*
+-   GP name: *MMC_TerminalServices*
 -   GP path: *Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins*
 -   GP ADMX file name: *MMCSnapins.admx*
 
@@ -8043,7 +8043,7 @@ When a snap-in is prohibited, it does not appear in the Add/Remove Snap-in windo
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *WMI Control*
--   GP name: *Restrict_Run*
+-   GP name: *MMC_WMI*
 -   GP path: *Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins*
 -   GP ADMX file name: *MMCSnapins.admx*
 
@@ -8120,7 +8120,7 @@ When a snap-in is prohibited, it does not appear in the Add/Remove Snap-in windo
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Windows Firewall with Advanced Security*
--   GP name: *Restrict_Run*
+-   GP name: *MMC_WindowsFirewall*
 -   GP path: *Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins*
 -   GP ADMX file name: *MMCSnapins.admx*
 
@@ -8197,7 +8197,7 @@ When a snap-in is prohibited, it does not appear in the Add/Remove Snap-in windo
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Windows Firewall with Advanced Security*
--   GP name: *Restrict_Run*
+-   GP name: *MMC_WindowsFirewall_GP*
 -   GP path: *Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Group Policy\Group Policy snap-in extensions*
 -   GP ADMX file name: *MMCSnapins.admx*
 
@@ -8274,7 +8274,7 @@ When a snap-in is prohibited, it does not appear in the Add/Remove Snap-in windo
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Wired Network (IEEE 802.3) Policies*
--   GP name: *Restrict_Run*
+-   GP name: *MMC_WiredNetworkPolicy*
 -   GP path: *Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Group Policy\Group Policy snap-in extensions*
 -   GP ADMX file name: *MMCSnapins.admx*
 
@@ -8351,7 +8351,7 @@ When a snap-in is prohibited, it does not appear in the Add/Remove Snap-in windo
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Wireless Monitor*
--   GP name: *Restrict_Run*
+-   GP name: *MMC_WirelessMon*
 -   GP path: *Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins*
 -   GP ADMX file name: *MMCSnapins.admx*
 
@@ -8428,7 +8428,7 @@ When a snap-in is prohibited, it does not appear in the Add/Remove Snap-in windo
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Wireless Network (IEEE 802.11) Policies*
--   GP name: *Restrict_Run*
+-   GP name: *MMC_WirelessNetworkPolicy*
 -   GP path: *Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Group Policy\Group Policy snap-in extensions*
 -   GP ADMX file name: *MMCSnapins.admx*
 
diff --git a/windows/client-management/mdm/policy-csp-admx-msapolicy.md b/windows/client-management/mdm/policy-csp-admx-msapolicy.md
index fb3a2c7585..e8c35ac22e 100644
--- a/windows/client-management/mdm/policy-csp-admx-msapolicy.md
+++ b/windows/client-management/mdm/policy-csp-admx-msapolicy.md
@@ -93,7 +93,7 @@ By default, this setting is Disabled. This setting does not affect whether users
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Block all consumer Microsoft account user authentication*
--   GP name: *DisableUserAuth*
+-   GP name: *MicrosoftAccount_DisableUserAuth*
 -   GP path: *Windows Components\Microsoft account*
 -   GP ADMX file name: *MSAPolicy.admx*
 
diff --git a/windows/client-management/mdm/policy-csp-admx-nca.md b/windows/client-management/mdm/policy-csp-admx-nca.md
index 9417e592bc..840af17067 100644
--- a/windows/client-management/mdm/policy-csp-admx-nca.md
+++ b/windows/client-management/mdm/policy-csp-admx-nca.md
@@ -122,7 +122,7 @@ You must configure this setting to have complete NCA functionality.
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Corporate Resources*
--   GP name: *Probe*
+-   GP name: *CorporateResources*
 -   GP path: *Network\DirectAccess Client Experience Settings*
 -   GP ADMX file name: *nca.admx*
 
@@ -187,7 +187,7 @@ Available in Windows 10 Insider Preview Build 20185. This policy setting specifi
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Custom Commands*
--   GP name: *CustomCommand*
+-   GP name: *CustomCommands*
 -   GP path: *Network\DirectAccess Client Experience Settings*
 -   GP ADMX file name: *nca.admx*
 
@@ -258,7 +258,7 @@ You must configure this setting to have complete NCA functionality.
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *IPsec Tunnel Endpoints*
--   GP name: *DTE*
+-   GP name: *DTEs*
 -   GP path: *Network\DirectAccess Client Experience Settings*
 -   GP ADMX file name: *nca.admx*
 
@@ -401,7 +401,7 @@ If this setting is not configured, users do not have Connect or Disconnect optio
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Prefer Local Names Allowed*
--   GP name: *NamePreferenceAllowed*
+-   GP name: *LocalNamesOn*
 -   GP path: *Network\DirectAccess Client Experience Settings*
 -   GP ADMX file name: *nca.admx*
 
diff --git a/windows/client-management/mdm/policy-csp-admx-ncsi.md b/windows/client-management/mdm/policy-csp-admx-ncsi.md
index bd18a2f3bd..3e575f3fdf 100644
--- a/windows/client-management/mdm/policy-csp-admx-ncsi.md
+++ b/windows/client-management/mdm/policy-csp-admx-ncsi.md
@@ -105,7 +105,7 @@ Available in Windows 10 Insider Preview Build 20185. This policy setting  enable
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Specify corporate DNS probe host address*
--   GP name: *DnsProbeContent*
+-   GP name: *NCSI_CorpDnsProbeContent*
 -   GP path: *Network\Network Connectivity Status Indicator*
 -   GP ADMX file name: *NCSI.admx*
 
@@ -170,7 +170,7 @@ Available in Windows 10 Insider Preview Build 20185. This policy setting enables
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Specify corporate DNS probe host name*
--   GP name: *DnsProbeHost*
+-   GP name: *NCSI_CorpDnsProbeHost*
 -   GP path: *Network\Network Connectivity Status Indicator*
 -   GP ADMX file name: *NCSI.admx*
 
@@ -235,7 +235,7 @@ Available in Windows 10 Insider Preview Build 20185. This policy setting enables
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Specify corporate site prefix list*
--   GP name: *SitePrefixes*
+-   GP name: *NCSI_CorpSitePrefixes*
 -   GP path: *Network\Network Connectivity Status Indicator*
 -   GP ADMX file name: *NCSI.admx*
 
@@ -300,7 +300,7 @@ Available in Windows 10 Insider Preview Build 20185. This policy setting enables
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Specify corporate Website probe URL*
--   GP name: *WebProbeUrl*
+-   GP name: *NCSI_CorpWebProbeUrl*
 -   GP path: *Network\Network Connectivity Status Indicator*
 -   GP ADMX file name: *NCSI.admx*
 
@@ -368,7 +368,7 @@ Available in Windows 10 Insider Preview Build 20185. This policy setting enables
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Specify domain location determination URL*
--   GP name: *DomainLocationDeterminationUrl*
+-   GP name: *NCSI_DomainLocationDeterminationUrl*
 -   GP path: *Network\Network Connectivity Status Indicator*
 -   GP ADMX file name: *NCSI.admx*
 
@@ -433,7 +433,7 @@ Available in Windows 10 Insider Preview Build 20185. This policy setting enables
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Specify global DNS*
--   GP name: *UseGlobalDns*
+-   GP name: *NCSI_GlobalDns*
 -   GP path: *Network\Network Connectivity Status Indicator*
 -   GP ADMX file name: *NCSI.admx*
 
@@ -498,7 +498,7 @@ Available in Windows 10 Insider Preview Build 20185. This Policy setting enables
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Specify passive polling*
--   GP name: *DisablePassivePolling*
+-   GP name: *NCSI_PassivePolling*
 -   GP path: *Network\Network Connectivity Status Indicator*
 -   GP ADMX file name: *NCSI.admx*
 
diff --git a/windows/client-management/mdm/policy-csp-admx-netlogon.md b/windows/client-management/mdm/policy-csp-admx-netlogon.md
index 51a9c850b2..782b57ba8c 100644
--- a/windows/client-management/mdm/policy-csp-admx-netlogon.md
+++ b/windows/client-management/mdm/policy-csp-admx-netlogon.md
@@ -201,7 +201,7 @@ If you do not configure this policy setting, it is not applied to any DCs, and D
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Specify address lookup behavior for DC locator ping*
--   GP name: *AddressLookupOnPingBehavior*
+-   GP name: *Netlogon_AddressLookupOnPingBehavior*
 -   GP path: *System\Net Logon\DC Locator DNS Records*
 -   GP ADMX file name: *Netlogon.admx*
 
@@ -274,7 +274,7 @@ If you do not configure this policy setting, DC Locator APIs can return IPv4/IPv
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Return domain controller address type*
--   GP name: *AddressTypeReturned*
+-   GP name: *Netlogon_AddressTypeReturned*
 -   GP path: *System\Net Logon\DC Locator DNS Records*
 -   GP ADMX file name: *Netlogon.admx*
 
@@ -347,7 +347,7 @@ If you disable this policy setting, when the AllowSingleLabelDnsDomain policy is
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Use DNS name resolution when a single-label domain name is used, by appending different registered DNS suffixes, if the AllowSingleLabelDnsDomain setting is not enabled.*
--   GP name: *AllowDnsSuffixSearch*
+-   GP name: *Netlogon_AllowDnsSuffixSearch*
 -   GP path: *System\Net Logon\DC Locator DNS Records*
 -   GP ADMX file name: *Netlogon.admx*
 
@@ -422,7 +422,7 @@ If you do not configure this policy setting, Net Logon will not allow the negoti
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Allow cryptography algorithms compatible with Windows NT 4.0*
--   GP name: *AllowNT4Crypto*
+-   GP name: *Netlogon_AllowNT4Crypto*
 -   GP path: *System\Net Logon*
 -   GP ADMX file name: *Netlogon.admx*
 
@@ -497,7 +497,7 @@ If you do not configure this policy setting, it is not applied to any computers,
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Use DNS name resolution with a single-label domain name instead of NetBIOS name resolution to locate the DC*
--   GP name: *AllowSingleLabelDnsDomain*
+-   GP name: *Netlogon_AllowSingleLabelDnsDomain*
 -   GP path: *System\Net Logon\DC Locator DNS Records*
 -   GP ADMX file name: *Netlogon.admx*
 
@@ -570,7 +570,7 @@ If you do not configure this policy setting, it is not applied to any DCs, and D
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Use automated site coverage by the DC Locator DNS SRV Records*
--   GP name: *AutoSiteCoverage*
+-   GP name: *Netlogon_AutoSiteCoverage*
 -   GP path: *System\Net Logon\DC Locator DNS Records*
 -   GP ADMX file name: *Netlogon.admx*
 
@@ -646,7 +646,7 @@ If you disable this policy setting, the DC location algorithm can use NetBIOS-ba
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Do not use NetBIOS-based discovery for domain controller location when DNS-based discovery fails*
--   GP name: *AvoidFallbackNetbiosDiscovery*
+-   GP name: *Netlogon_AvoidFallbackNetbiosDiscovery*
 -   GP path: *System\Net Logon\DC Locator DNS Records*
 -   GP ADMX file name: *Netlogon.admx*
 
@@ -721,7 +721,7 @@ If you do not configure this policy setting, it is not applied to any DCs.
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Contact PDC on logon failure*
--   GP name: *AvoidPdcOnWan*
+-   GP name: *Netlogon_AvoidPdcOnWan*
 -   GP path: *System\Net Logon*
 -   GP ADMX file name: *Netlogon.admx*
 
@@ -799,7 +799,7 @@ If the value of this setting is less than the value specified in the NegativeCac
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Use initial DC discovery retry setting for background callers*
--   GP name: *BackgroundRetryInitialPeriod*
+-   GP name: *Netlogon_BackgroundRetryInitialPeriod*
 -   GP path: *System\Net Logon*
 -   GP ADMX file name: *Netlogon.admx*
 
@@ -879,7 +879,7 @@ If the value for this setting is too small and the DC is not available, the freq
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Use maximum DC discovery retry interval setting for background callers*
--   GP name: *BackgroundRetryMaximumPeriod*
+-   GP name: *Netlogon_BackgroundRetryMaximumPeriod*
 -   GP path: *System\Net Logon*
 -   GP ADMX file name: *Netlogon.admx*
 
@@ -951,7 +951,7 @@ The default value for this setting is to not quit retrying (0). The maximum valu
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Use final DC discovery retry setting for background callers*
--   GP name: *BackgroundRetryQuitTime*
+-   GP name: *Netlogon_BackgroundRetryQuitTime*
 -   GP path: *System\Net Logon*
 -   GP ADMX file name: *Netlogon.admx*
 
@@ -1018,7 +1018,7 @@ Available in Windows 10 Insider Preview Build 20185. This policy setting determi
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Use positive periodic DC cache refresh for background callers*
--   GP name: *BackgroundSuccessfulRefreshPeriod*
+-   GP name: *Netlogon_BackgroundSuccessfulRefreshPeriod*
 -   GP path: *System\Net Logon*
 -   GP ADMX file name: *Netlogon.admx*
 
@@ -1093,7 +1093,7 @@ If you disable this policy setting or do not configure it, the default behavior
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Specify log file debug output level*
--   GP name: *dbFlag*
+-   GP name: *Netlogon_DebugFlag*
 -   GP path: *System\Net Logon*
 -   GP ADMX file name: *Netlogon.admx*
 
@@ -1192,7 +1192,7 @@ If you do not configure this policy setting, DCs use their local configuration.
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Specify DC Locator DNS records not registered by the DCs*
--   GP name: *DnsAvoidRegisterRecords*
+-   GP name: *Netlogon_DnsAvoidRegisterRecords*
 -   GP path: *System\Net Logon\DC Locator DNS Records*
 -   GP ADMX file name: *Netlogon.admx*
 
@@ -1268,7 +1268,7 @@ If you do not configure this policy setting, it is not applied to any DCs, and D
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Specify Refresh Interval of the DC Locator DNS records*
--   GP name: *DnsRefreshInterval*
+-   GP name: *Netlogon_DnsRefreshInterval*
 -   GP path: *System\Net Logon\DC Locator DNS Records*
 -   GP ADMX file name: *Netlogon.admx*
 
@@ -1344,7 +1344,7 @@ A reboot is not required for changes to this setting to take effect.
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Use lowercase DNS host names when registering domain controller SRV records*
--   GP name: *DnsSrvRecordUseLowerCaseHostNames*
+-   GP name: *Netlogon_DnsSrvRecordUseLowerCaseHostNames*
 -   GP path: *System\Net Logon\DC Locator DNS Records*
 -   GP ADMX file name: *Netlogon.admx*
 
@@ -1414,7 +1414,7 @@ If you do not configure this policy setting, it is not applied to any DCs, and D
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Set TTL in the DC Locator DNS Records*
--   GP name: *DnsTtl*
+-   GP name: *Netlogon_DnsTtl*
 -   GP path: *System\Net Logon\DC Locator DNS Records*
 -   GP ADMX file name: *Netlogon.admx*
 
@@ -1485,7 +1485,7 @@ If you do not configure this policy setting, it is not applied to any computers,
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Specify expected dial-up delay on logon*
--   GP name: *ExpectedDialupDelay*
+-   GP name: *Netlogon_ExpectedDialupDelay*
 -   GP path: *System\Net Logon*
 -   GP ADMX file name: *Netlogon.admx*
 
@@ -1560,7 +1560,7 @@ If you do not configure this policy setting, Force Rediscovery will be used by d
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Force Rediscovery Interval*
--   GP name: *ForceRediscoveryInterval*
+-   GP name: *Netlogon_ForceRediscoveryInterval*
 -   GP path: *System\Net Logon\DC Locator DNS Records*
 -   GP ADMX file name: *Netlogon.admx*
 
@@ -1633,7 +1633,7 @@ If you do not configure this policy setting, it is not applied to any GCs, and G
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Specify sites covered by the GC Locator DNS SRV Records*
--   GP name: *GcSiteCoverage*
+-   GP name: *Netlogon_GcSiteCoverage*
 -   GP path: *System\Net Logon\DC Locator DNS Records*
 -   GP ADMX file name: *Netlogon.admx*
 
@@ -1709,7 +1709,7 @@ If you disable or do not configure this policy setting, this DC processes incomi
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Do not process incoming mailslot messages used for domain controller location based on NetBIOS domain names*
--   GP name: *IgnoreIncomingMailslotMessages*
+-   GP name: *Netlogon_IgnoreIncomingMailslotMessages*
 -   GP path: *System\Net Logon\DC Locator DNS Records*
 -   GP ADMX file name: *Netlogon.admx*
 
@@ -1782,7 +1782,7 @@ If you do not configure this policy setting, it is not applied to any DCs, and D
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Set Priority in the DC Locator DNS SRV records*
--   GP name: *LdapSrvPriority*
+-   GP name: *Netlogon_LdapSrvPriority*
 -   GP path: *System\Net Logon\DC Locator DNS Records*
 -   GP ADMX file name: *Netlogon.admx*
 
@@ -1855,7 +1855,7 @@ If you do not configure this policy setting, it is not applied to any DCs, and D
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Set Weight in the DC Locator DNS SRV records*
--   GP name: *LdapSrvWeight*
+-   GP name: *Netlogon_LdapSrvWeight*
 -   GP path: *System\Net Logon\DC Locator DNS Records*
 -   GP ADMX file name: *Netlogon.admx*
 
@@ -1926,7 +1926,7 @@ If you disable or do not configure this policy setting, the default behavior occ
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Specify maximum log file size*
--   GP name: *MaximumLogFileSize*
+-   GP name: *Netlogon_MaximumLogFileSize*
 -   GP path: *System\Net Logon*
 -   GP ADMX file name: *Netlogon.admx*
 
@@ -1999,7 +1999,7 @@ If you do not configure this policy setting, it is not applied to any DCs, and D
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Specify sites covered by the application directory partition DC Locator DNS SRV records*
--   GP name: *NdncSiteCoverage*
+-   GP name: *Netlogon_NdncSiteCoverage*
 -   GP path: *System\Net Logon\DC Locator DNS Records*
 -   GP ADMX file name: *Netlogon.admx*
 
@@ -2071,7 +2071,7 @@ The default value for this setting is 45 seconds. The maximum value for this set
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Specify negative DC Discovery cache setting*
--   GP name: *NegativeCachePeriod*
+-   GP name: *Netlogon_NegativeCachePeriod*
 -   GP path: *System\Net Logon*
 -   GP ADMX file name: *Netlogon.admx*
 
@@ -2149,7 +2149,7 @@ If you enable this policy setting, domain administrators should ensure that the
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Set Netlogon share compatibility*
--   GP name: *AllowExclusiveScriptsShareAccess*
+-   GP name: *Netlogon_NetlogonShareCompatibilityMode*
 -   GP path: *System\Net Logon*
 -   GP ADMX file name: *Netlogon.admx*
 
@@ -2218,7 +2218,7 @@ The default value for this setting is 30 minutes (1800). The maximum value for t
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Specify positive periodic DC Cache refresh for non-background callers*
--   GP name: *NonBackgroundSuccessfulRefreshPeriod*
+-   GP name: *Netlogon_NonBackgroundSuccessfulRefreshPeriod*
 -   GP path: *System\Net Logon*
 -   GP ADMX file name: *Netlogon.admx*
 
@@ -2296,7 +2296,7 @@ If you do not configure this policy setting, it is not applied to any computers,
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Use urgent mode when pinging domain controllers*
--   GP name: *PingUrgencyMode*
+-   GP name: *Netlogon_PingUrgencyMode*
 -   GP path: *System\Net Logon*
 -   GP ADMX file name: *Netlogon.admx*
 
@@ -2373,7 +2373,7 @@ To enable the setting, click Enabled, and then specify the interval in seconds.
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Set scavenge interval*
--   GP name: *ScavengeInterval*
+-   GP name: *Netlogon_ScavengeInterval*
 -   GP path: *System\Net Logon*
 -   GP ADMX file name: *Netlogon.admx*
 
@@ -2446,7 +2446,7 @@ If you do not configure this policy setting, it is not applied to any DCs, and D
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Specify sites covered by the DC Locator DNS SRV records*
--   GP name: *SiteCoverage*
+-   GP name: *Netlogon_SiteCoverage*
 -   GP path: *System\Net Logon\DC Locator DNS Records*
 -   GP ADMX file name: *Netlogon.admx*
 
@@ -2519,7 +2519,7 @@ If you do not configure this policy setting, it is not applied to any computers,
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Specify site name*
--   GP name: *SiteName*
+-   GP name: *Netlogon_SiteName*
 -   GP path: *System\Net Logon*
 -   GP ADMX file name: *Netlogon.admx*
 
@@ -2597,7 +2597,7 @@ If you enable this policy setting, domain administrators should ensure that the
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Set SYSVOL share compatibility*
--   GP name: *AllowExclusiveSysvolShareAccess*
+-   GP name: *Netlogon_SysvolShareCompatibilityMode*
 -   GP path: *System\Net Logon*
 -   GP ADMX file name: *Netlogon.admx*
 
@@ -2672,7 +2672,7 @@ If you do not configure this policy setting, Try Next Closest Site DC Location w
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Try Next Closest Site*
--   GP name: *TryNextClosestSite*
+-   GP name: *Netlogon_TryNextClosestSite*
 -   GP path: *System\Net Logon\DC Locator DNS Records*
 -   GP ADMX file name: *Netlogon.admx*
 
@@ -2745,7 +2745,7 @@ If you do not configure this policy setting, it is not applied to any DCs, and D
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Specify dynamic registration of the DC Locator DNS Records*
--   GP name: *UseDynamicDns*
+-   GP name: *Netlogon_UseDynamicDns*
 -   GP path: *System\Net Logon\DC Locator DNS Records*
 -   GP ADMX file name: *Netlogon.admx*
 
diff --git a/windows/client-management/mdm/policy-csp-admx-offlinefiles.md b/windows/client-management/mdm/policy-csp-admx-offlinefiles.md
index 4fcbf3566f..abd5e758fc 100644
--- a/windows/client-management/mdm/policy-csp-admx-offlinefiles.md
+++ b/windows/client-management/mdm/policy-csp-admx-offlinefiles.md
@@ -228,7 +228,7 @@ If you disable this setting or do not configure it, the system asks users whethe
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Subfolders always available offline*
--   GP name: *AlwaysPinSubFolders*
+-   GP name: *Pol_AlwaysPinSubFolders*
 -   GP path: *Network\Offline Files*
 -   GP ADMX file name: *OfflineFiles.admx*
 
@@ -302,7 +302,7 @@ If you do not configure this policy setting, no files or folders are made availa
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Specify administratively assigned Offline Files*
--   GP name: *AssignedOfflineFolders*
+-   GP name: *Pol_AssignedOfflineFiles_1*
 -   GP path: *Network\Offline Files*
 -   GP ADMX file name: *OfflineFiles.admx*
 
@@ -376,7 +376,7 @@ If you do not configure this policy setting, no files or folders are made availa
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Specify administratively assigned Offline Files*
--   GP name: *AssignedOfflineFolders*
+-   GP name: *Pol_AssignedOfflineFiles_2*
 -   GP path: *Network\Offline Files*
 -   GP ADMX file name: *OfflineFiles.admx*
 
@@ -447,7 +447,7 @@ If you disable or do not configure this policy setting, Windows performs a backg
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Configure Background Sync*
--   GP name: *BackgroundSyncEnabled*
+-   GP name: *Pol_BackgroundSyncSettings*
 -   GP path: *Network\Offline Files*
 -   GP ADMX file name: *OfflineFiles.admx*
 
@@ -528,7 +528,7 @@ This setting replaces the Default Cache Size setting used by pre-Windows Vista s
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Limit disk space used by Offline Files*
--   GP name: *CacheQuotaLimitUnpinned*
+-   GP name: *Pol_CacheSize*
 -   GP path: *Network\Offline Files*
 -   GP ADMX file name: *OfflineFiles.admx*
 
@@ -612,7 +612,7 @@ Also, see the "Non-default server disconnect actions" setting.
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Action on server disconnect*
--   GP name: *GoOfflineAction*
+-   GP name: *Pol_CustomGoOfflineActions_1*
 -   GP path: *Network\Offline Files*
 -   GP ADMX file name: *OfflineFiles.admx*
 
@@ -696,7 +696,7 @@ Also, see the "Non-default server disconnect actions" setting.
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Action on server disconnect*
--   GP name: *GoOfflineAction*
+-   GP name: *Pol_CustomGoOfflineActions_2*
 -   GP path: *Network\Offline Files*
 -   GP ADMX file name: *OfflineFiles.admx*
 
@@ -776,7 +776,7 @@ If you do not configure this setting, disk space for automatically cached files
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Default cache size*
--   GP name: *DefCacheSize*
+-   GP name: *Pol_DefCacheSize*
 -   GP path: *Network\Offline Files*
 -   GP ADMX file name: *OfflineFiles.admx*
 
@@ -850,7 +850,7 @@ If you do not configure this policy setting, Offline Files is enabled on Windows
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Allow or Disallow use of the Offline Files feature*
--   GP name: *Enabled*
+-   GP name: *Pol_Enabled*
 -   GP path: *Network\Offline Files*
 -   GP ADMX file name: *OfflineFiles.admx*
 
@@ -927,7 +927,7 @@ This setting is applied at user logon. If this setting is changed after user log
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Encrypt the Offline Files cache*
--   GP name: *EncryptCache*
+-   GP name: *Pol_EncryptOfflineFiles*
 -   GP path: *Network\Offline Files*
 -   GP ADMX file name: *OfflineFiles.admx*
 
@@ -1007,7 +1007,7 @@ To use this setting, in the "Enter" box, select the number corresponding to the
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Event logging level*
--   GP name: *EventLoggingLevel*
+-   GP name: *Pol_EventLoggingLevel_1*
 -   GP path: *Network\Offline Files*
 -   GP ADMX file name: *OfflineFiles.admx*
 
@@ -1087,7 +1087,7 @@ To use this setting, in the "Enter" box, select the number corresponding to the
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Event logging level*
--   GP name: *EventLoggingLevel*
+-   GP name: *Pol_EventLoggingLevel_2*
 -   GP path: *Network\Offline Files*
 -   GP ADMX file name: *OfflineFiles.admx*
 
@@ -1156,7 +1156,7 @@ If you disable or do not configure this policy setting, a user can create a file
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Enable file screens*
--   GP name: *ExcludedFileTypes*
+-   GP name: *Pol_ExclusionListSettings*
 -   GP path: *Network\Offline Files*
 -   GP ADMX file name: *OfflineFiles.admx*
 
@@ -1230,7 +1230,7 @@ To use this setting, type the file name extension in the "Extensions" box. To ty
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Files not cached*
--   GP name: *ExcludeExtensions*
+-   GP name: *Pol_ExtExclusionList*
 -   GP path: *Network\Offline Files*
 -   GP ADMX file name: *OfflineFiles.admx*
 
@@ -1314,7 +1314,7 @@ Also, see the "Non-default server disconnect actions" setting.
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Action on server disconnect*
--   GP name: *GoOfflineAction*
+-   GP name: *Pol_GoOfflineAction_1*
 -   GP path: *Network\Offline Files*
 -   GP ADMX file name: *OfflineFiles.admx*
 
@@ -1398,7 +1398,7 @@ Also, see the "Non-default server disconnect actions" setting.
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Action on server disconnect*
--   GP name: *GoOfflineAction*
+-   GP name: *Pol_GoOfflineAction_2*
 -   GP path: *Network\Offline Files*
 -   GP ADMX file name: *OfflineFiles.admx*
 
@@ -1472,7 +1472,7 @@ This setting appears in the Computer Configuration and User Configuration folder
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Prevent use of Offline Files folder*
--   GP name: *NoCacheViewer*
+-   GP name: *Pol_NoCacheViewer_1*
 -   GP path: *Network\Offline Files*
 -   GP ADMX file name: *OfflineFiles.admx*
 
@@ -1546,7 +1546,7 @@ This setting appears in the Computer Configuration and User Configuration folder
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Prevent use of Offline Files folder*
--   GP name: *NoCacheViewer*
+-   GP name: *Pol_NoCacheViewer_2*
 -   GP path: *Network\Offline Files*
 -   GP ADMX file name: *OfflineFiles.admx*
 
@@ -1620,7 +1620,7 @@ This setting appears in the Computer Configuration and User Configuration folder
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Prohibit user configuration of Offline Files*
--   GP name: *NoConfigCache*
+-   GP name: *Pol_NoConfigCache_1*
 -   GP path: *Network\Offline Files*
 -   GP ADMX file name: *OfflineFiles.admx*
 
@@ -1694,7 +1694,7 @@ This setting appears in the Computer Configuration and User Configuration folder
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Prohibit user configuration of Offline Files*
--   GP name: *NoConfigCache*
+-   GP name: *Pol_NoConfigCache_2*
 -   GP path: *Network\Offline Files*
 -   GP ADMX file name: *OfflineFiles.admx*
 
@@ -1767,7 +1767,7 @@ If you disable or do not configure this policy setting, users can manually speci
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Remove "Make Available Offline" command*
--   GP name: *NoMakeAvailableOffline*
+-   GP name: *Pol_NoMakeAvailableOffline_1*
 -   GP path: *Network\Offline Files*
 -   GP ADMX file name: *OfflineFiles.admx*
 
@@ -1840,7 +1840,7 @@ If you disable or do not configure this policy setting, users can manually speci
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Remove "Make Available Offline" command*
--   GP name: *NoMakeAvailableOffline*
+-   GP name: *Pol_NoMakeAvailableOffline_2*
 -   GP path: *Network\Offline Files*
 -   GP ADMX file name: *OfflineFiles.admx*
 
@@ -1917,7 +1917,7 @@ If you do not configure this policy setting, the "Make Available Offline" comman
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Remove "Make Available Offline" for these files and folders*
--   GP name: *NoMakeAvailableOfflineList*
+-   GP name: *Pol_NoPinFiles_1*
 -   GP path: *Network\Offline Files*
 -   GP ADMX file name: *OfflineFiles.admx*
 
@@ -1994,7 +1994,7 @@ If you do not configure this policy setting, the "Make Available Offline" comman
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Remove "Make Available Offline" for these files and folders*
--   GP name: *NoMakeAvailableOfflineList*
+-   GP name: *Pol_NoPinFiles_2*
 -   GP path: *Network\Offline Files*
 -   GP ADMX file name: *OfflineFiles.admx*
 
@@ -2074,7 +2074,7 @@ This setting appears in the Computer Configuration and User Configuration folder
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Turn off reminder balloons*
--   GP name: *NoReminders*
+-   GP name: *Pol_NoReminders_1*
 -   GP path: *Network\Offline Files*
 -   GP ADMX file name: *OfflineFiles.admx*
 
@@ -2154,7 +2154,7 @@ This setting appears in the Computer Configuration and User Configuration folder
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Turn off reminder balloons*
--   GP name: *NoReminders*
+-   GP name: *Pol_NoReminders_2*
 -   GP path: *Network\Offline Files*
 -   GP ADMX file name: *OfflineFiles.admx*
 
@@ -2227,7 +2227,7 @@ If you disable or do not configure this policy setting, remote files will be not
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Enable Transparent Caching*
--   GP name: *OnlineCachingLatencyThreshold*
+-   GP name: *Pol_OnlineCachingSettings*
 -   GP path: *Network\Offline Files*
 -   GP ADMX file name: *OfflineFiles.admx*
 
@@ -2298,7 +2298,7 @@ If you disable this setting or do not configure it, the system asks users whethe
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Subfolders always available offline*
--   GP name: *AlwaysPinSubFolders*
+-   GP name: *Pol_AlwaysPinSubFolders*
 -   GP path: *Network\Offline Files*
 -   GP ADMX file name: *OfflineFiles.admx*
 
@@ -2370,7 +2370,7 @@ If you disable this setting or do not configure it, automatically and manually c
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *At logoff, delete local copy of user’s offline files*
--   GP name: *PurgeOnlyAutoCacheAtLogoff*
+-   GP name: *Pol_PurgeAtLogoff*
 -   GP path: *Network\Offline Files*
 -   GP ADMX file name: *OfflineFiles.admx*
 
@@ -2439,7 +2439,7 @@ If you disable this policy setting, all administratively assigned folders are sy
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Turn on economical application of administratively assigned Offline Files*
--   GP name: *EconomicalAdminPinning*
+-   GP name: *Pol_QuickAdimPin*
 -   GP path: *Network\Offline Files*
 -   GP ADMX file name: *OfflineFiles.admx*
 
@@ -2513,7 +2513,7 @@ This setting appears in the Computer Configuration and User Configuration folder
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Reminder balloon frequency*
--   GP name: *ReminderFreqMinutes*
+-   GP name: *Pol_ReminderFreq_1*
 -   GP path: *Network\Offline Files*
 -   GP ADMX file name: *OfflineFiles.admx*
 
@@ -2587,7 +2587,7 @@ This setting appears in the Computer Configuration and User Configuration folder
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Reminder balloon frequency*
--   GP name: *ReminderFreqMinutes*
+-   GP name: *Pol_ReminderFreq_2*
 -   GP path: *Network\Offline Files*
 -   GP ADMX file name: *OfflineFiles.admx*
 
@@ -2656,7 +2656,7 @@ This setting appears in the Computer Configuration and User Configuration folder
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Initial reminder balloon lifetime*
--   GP name: *InitialBalloonTimeoutSeconds*
+-   GP name: *Pol_ReminderInitTimeout_1*
 -   GP path: *Network\Offline Files*
 -   GP ADMX file name: *OfflineFiles.admx*
 
@@ -2725,7 +2725,7 @@ This setting appears in the Computer Configuration and User Configuration folder
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Initial reminder balloon lifetime*
--   GP name: *InitialBalloonTimeoutSeconds*
+-   GP name: *Pol_ReminderInitTimeout_2*
 -   GP path: *Network\Offline Files*
 -   GP ADMX file name: *OfflineFiles.admx*
 
@@ -2794,7 +2794,7 @@ This setting appears in the Computer Configuration and User Configuration folder
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Reminder balloon lifetime*
--   GP name: *ReminderBalloonTimeoutSeconds*
+-   GP name: *Pol_ReminderTimeout_1*
 -   GP path: *Network\Offline Files*
 -   GP ADMX file name: *OfflineFiles.admx*
 
@@ -2863,7 +2863,7 @@ This setting appears in the Computer Configuration and User Configuration folder
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Reminder balloon lifetime*
--   GP name: *ReminderBalloonTimeoutSeconds*
+-   GP name: *Pol_ReminderTimeout_2*
 -   GP path: *Network\Offline Files*
 -   GP ADMX file name: *OfflineFiles.admx*
 
@@ -2942,7 +2942,7 @@ If you disable this policy setting, computers will not use the slow-link mode.
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Configure slow-link mode*
--   GP name: *SlowLinkEnabled*
+-   GP name: *Pol_SlowLinkSettings*
 -   GP path: *Network\Offline Files*
 -   GP ADMX file name: *OfflineFiles.admx*
 
@@ -3016,7 +3016,7 @@ If this setting is disabled or not configured, the default threshold value of 64
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Configure Slow link speed*
--   GP name: *SlowLinkSpeed*
+-   GP name: *Pol_SlowLinkSpeed*
 -   GP path: *Network\Offline Files*
 -   GP ADMX file name: *OfflineFiles.admx*
 
@@ -3094,7 +3094,7 @@ This setting appears in the Computer Configuration and User Configuration folder
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Synchronize all offline files before logging off*
--   GP name: *SyncAtLogoff*
+-   GP name: *Pol_SyncAtLogoff_1*
 -   GP path: *Network\Offline Files*
 -   GP ADMX file name: *OfflineFiles.admx*
 
@@ -3172,7 +3172,7 @@ This setting appears in the Computer Configuration and User Configuration folder
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Synchronize all offline files before logging off*
--   GP name: *SyncAtLogoff*
+-   GP name: *Pol_SyncAtLogoff_2*
 -   GP path: *Network\Offline Files*
 -   GP ADMX file name: *OfflineFiles.admx*
 
@@ -3250,7 +3250,7 @@ This setting appears in the Computer Configuration and User Configuration folder
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Synchronize all offline files when logging on*
--   GP name: *SyncAtLogon*
+-   GP name: *Pol_SyncAtLogon_1*
 -   GP path: *Network\Offline Files*
 -   GP ADMX file name: *OfflineFiles.admx*
 
@@ -3330,7 +3330,7 @@ This setting appears in the Computer Configuration and User Configuration folder
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Synchronize all offline files when logging on*
--   GP name: *SyncAtLogon*
+-   GP name: *Pol_SyncAtLogon_2*
 -   GP path: *Network\Offline Files*
 -   GP ADMX file name: *OfflineFiles.admx*
 
@@ -3402,7 +3402,7 @@ If you disable or do not configuring this setting, files are not synchronized wh
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Synchronize offline files before suspend*
--   GP name: *SyncAtSuspend*
+-   GP name: *Pol_SyncAtSuspend_1*
 -   GP path: *Network\Offline Files*
 -   GP ADMX file name: *OfflineFiles.admx*
 
@@ -3474,7 +3474,7 @@ If you disable or do not configuring this setting, files are not synchronized wh
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Synchronize offline files before suspend*
--   GP name: *SyncAtSuspend*
+-   GP name: *Pol_SyncAtSuspend_2*
 -   GP path: *Network\Offline Files*
 -   GP ADMX file name: *OfflineFiles.admx*
 
@@ -3543,7 +3543,7 @@ If this setting is disabled or not configured, synchronization will not run in t
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Enable file synchronization on costed networks*
--   GP name: *SyncEnabledForCostedNetwork*
+-   GP name: *Pol_SyncOnCostedNetwork*
 -   GP path: *Network\Offline Files*
 -   GP ADMX file name: *OfflineFiles.admx*
 
@@ -3612,7 +3612,7 @@ If you disable or do not configure this policy setting, the "Work offline" comma
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Remove "Work offline" command*
--   GP name: *WorkOfflineDisabled*
+-   GP name: *Pol_WorkOfflineDisabled_1*
 -   GP path: *Network\Offline Files*
 -   GP ADMX file name: *OfflineFiles.admx*
 
@@ -3681,7 +3681,7 @@ If you disable or do not configure this policy setting, the "Work offline" comma
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Remove "Work offline" command*
--   GP name: *WorkOfflineDisabled*
+-   GP name: *Pol_WorkOfflineDisabled_2*
 -   GP path: *Network\Offline Files*
 -   GP ADMX file name: *OfflineFiles.admx*
 
diff --git a/windows/client-management/mdm/policy-csp-admx-peertopeercaching.md b/windows/client-management/mdm/policy-csp-admx-peertopeercaching.md
index 2dba3479b2..426fcbe069 100644
--- a/windows/client-management/mdm/policy-csp-admx-peertopeercaching.md
+++ b/windows/client-management/mdm/policy-csp-admx-peertopeercaching.md
@@ -125,7 +125,7 @@ Select one of the following:
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Turn on BranchCache*
--   GP name: *Enable*
+-   GP name: *EnableWindowsBranchCache*
 -   GP path: *Network\BranchCache*
 -   GP ADMX file name: *PeerToPeerCaching.admx*
 
@@ -203,7 +203,7 @@ Select one of the following:
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Set BranchCache Distributed Cache mode*
--   GP name: *Enable*
+-   GP name: *EnableWindowsBranchCache_Distributed*
 -   GP path: *Network\BranchCache*
 -   GP ADMX file name: *PeerToPeerCaching.admx*
 
@@ -287,7 +287,7 @@ Hosted cache clients must trust the server certificate that is issued to the hos
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Set BranchCache Hosted Cache mode*
--   GP name: *Location*
+-   GP name: *EnableWindowsBranchCache_Hosted*
 -   GP path: *Network\BranchCache*
 -   GP ADMX file name: *PeerToPeerCaching.admx*
 
@@ -374,7 +374,7 @@ Select one of the following:
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Enable Automatic Hosted Cache Discovery by Service Connection Point*
--   GP name: *SCPDiscoveryEnabled*
+-   GP name: *EnableWindowsBranchCache_HostedCacheDiscovery*
 -   GP path: *Network\BranchCache*
 -   GP ADMX file name: *PeerToPeerCaching.admx*
 
@@ -457,7 +457,7 @@ In circumstances where this setting is enabled, you can also select and configur
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Configure Hosted Cache Servers*
--   GP name: *MultipleServers*
+-   GP name: *EnableWindowsBranchCache_HostedMultipleServers*
 -   GP path: *Network\BranchCache*
 -   GP ADMX file name: *PeerToPeerCaching.admx*
 
@@ -534,7 +534,7 @@ In circumstances where this policy setting is enabled, you can also select and c
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Configure BranchCache for network files*
--   GP name: *PeerCachingLatencyThreshold*
+-   GP name: *EnableWindowsBranchCache_SMB*
 -   GP path: *Network\BranchCache*
 -   GP ADMX file name: *PeerToPeerCaching.admx*
 
@@ -618,7 +618,7 @@ In circumstances where this setting is enabled, you can also select and configur
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Set percentage of disk space used for client computer cache*
--   GP name: *SizePercent*
+-   GP name: *SetCachePercent*
 -   GP path: *Network\BranchCache*
 -   GP ADMX file name: *PeerToPeerCaching.admx*
 
@@ -699,7 +699,7 @@ In circumstances where this setting is enabled, you can also select and configur
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Set age for segments in the data cache*
--   GP name: *SegmentTTL*
+-   GP name: *SetDataCacheEntryMaxAge*
 -   GP path: *Network\BranchCache*
 -   GP ADMX file name: *PeerToPeerCaching.admx*
 
@@ -783,7 +783,7 @@ Select from the following versions
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Configure Client BranchCache Version Support*
--   GP name: *PreferredContentInformationVersion*
+-   GP name: *SetDowngrading*
 -   GP path: *Network\BranchCache*
 -   GP ADMX file name: *PeerToPeerCaching.admx*
 
diff --git a/windows/client-management/mdm/policy-csp-admx-performancediagnostics.md b/windows/client-management/mdm/policy-csp-admx-performancediagnostics.md
index 7db02bd2e1..f02fb046cc 100644
--- a/windows/client-management/mdm/policy-csp-admx-performancediagnostics.md
+++ b/windows/client-management/mdm/policy-csp-admx-performancediagnostics.md
@@ -108,7 +108,7 @@ This policy setting will only take effect when the Diagnostic Policy Service is
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Configure Scenario Execution Level*
--   GP name: *ScenarioExecutionEnabled*
+-   GP name: *WdiScenarioExecutionPolicy_1*
 -   GP path: *System\Troubleshooting and Diagnostics\Windows Boot Performance Diagnostics*
 -   GP ADMX file name: *PerformanceDiagnostics.admx*
 
@@ -185,7 +185,7 @@ This policy setting will only take effect when the Diagnostic Policy Service is
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Configure Scenario Execution Level*
--   GP name: *ScenarioExecutionEnabled*
+-   GP name: *WdiScenarioExecutionPolicy_2*
 -   GP path: *System\Troubleshooting and Diagnostics\Windows System Responsiveness Performance Diagnostics*
 -   GP ADMX file name: *PerformanceDiagnostics.admx*
 
@@ -262,7 +262,7 @@ This policy setting will only take effect when the Diagnostic Policy Service is
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Configure Scenario Execution Level*
--   GP name: *ScenarioExecutionEnabled*
+-   GP name: *WdiScenarioExecutionPolicy_3*
 -   GP path: *System\Troubleshooting and Diagnostics\Windows Shutdown Performance Diagnostics*
 -   GP ADMX file name: *PerformanceDiagnostics.admx*
 
@@ -339,7 +339,7 @@ This policy setting will only take effect when the Diagnostic Policy Service is
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Configure Scenario Execution Level*
--   GP name: *ScenarioExecutionEnabled*
+-   GP name: *WdiScenarioExecutionPolicy_4*
 -   GP path: *System\Troubleshooting and Diagnostics\Windows Standby/Resume Performance Diagnostics*
 -   GP ADMX file name: *PerformanceDiagnostics.admx*
 
diff --git a/windows/client-management/mdm/policy-csp-admx-reliability.md b/windows/client-management/mdm/policy-csp-admx-reliability.md
index 135c581f83..e466f85f86 100644
--- a/windows/client-management/mdm/policy-csp-admx-reliability.md
+++ b/windows/client-management/mdm/policy-csp-admx-reliability.md
@@ -105,7 +105,7 @@ If you do not configure this policy setting, the Persistent System Timestamp is
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Enable Persistent Time Stamp*
--   GP name: *TimeStampEnabled*
+-   GP name: *EE_EnablePersistentTimeStamp*
 -   GP path: *System*
 -   GP ADMX file name: *Reliability.admx*
 
@@ -180,7 +180,7 @@ Also see the "Configure Error Reporting" policy setting.
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Report unplanned shutdown events*
--   GP name: *IncludeShutdownErrs*
+-   GP name: *PCH_ReportShutdownEvents*
 -   GP path: *Windows Components\Windows Error Reporting\Advanced Error Reporting Settings*
 -   GP ADMX file name: *Reliability.admx*
 
@@ -258,7 +258,7 @@ If you do not configure this policy setting, the default behavior for the System
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Activate Shutdown Event Tracker System State Data feature*
--   GP name: *SnapShot*
+-   GP name: *ShutdownEventTrackerStateFile*
 -   GP path: *System*
 -   GP ADMX file name: *Reliability.admx*
 
@@ -338,7 +338,7 @@ If you do not configure this policy setting, the default behavior for the Shutdo
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Display Shutdown Event Tracker*
--   GP name: *ShutdownReasonOn*
+-   GP name: *ShutdownReason*
 -   GP path: *System*
 -   GP ADMX file name: *Reliability.admx*
 
diff --git a/windows/client-management/mdm/policy-csp-admx-scripts.md b/windows/client-management/mdm/policy-csp-admx-scripts.md
index 3f1912da84..7f655514ef 100644
--- a/windows/client-management/mdm/policy-csp-admx-scripts.md
+++ b/windows/client-management/mdm/policy-csp-admx-scripts.md
@@ -124,7 +124,7 @@ If you disable or do not configure this policy setting, user account cross-fores
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Allow logon scripts when NetBIOS or WINS is disabled*
--   GP name: *Allow-LogonScript-NetbiosDisabled*
+-   GP name: *Allow_Logon_Script_NetbiosDisabled*
 -   GP path: *System\Scripts*
 -   GP ADMX file name: *Scripts.admx*
 
@@ -199,7 +199,7 @@ If you disable or do not configure this setting the system lets the combined set
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Specify maximum wait time for Group Policy scripts*
--   GP name: *MaxGPOScriptWait*
+-   GP name: *MaxGPOScriptWaitPolicy*
 -   GP path: *System\Scripts*
 -   GP ADMX file name: *Scripts.admx*
 
@@ -291,7 +291,7 @@ Within GPO C: C.cmd, C.ps1
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Run Windows PowerShell scripts first at computer startup, shutdown*
--   GP name: *RunComputerPSScriptsFirst*
+-   GP name: *Run_Computer_PS_Scripts_First*
 -   GP path: *System\Scripts*
 -   GP ADMX file name: *Scripts.admx*
 
@@ -364,7 +364,7 @@ Also, see the "Run Logon Scripts Visible" setting.
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Run legacy logon scripts hidden*
--   GP name: *HideLegacyLogonScripts*
+-   GP name: *Run_Legacy_Logon_Script_Hidden*
 -   GP path: *System\Scripts*
 -   GP ADMX file name: *Scripts.admx*
 
@@ -435,7 +435,7 @@ If you disable or do not configure this policy setting, the instructions are sup
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Display instructions in logoff scripts as they run*
--   GP name: *HideLogoffScripts*
+-   GP name: *Run_Logoff_Script_Visible*
 -   GP path: *System\Scripts*
 -   GP ADMX file name: *Scripts.admx*
 
@@ -506,7 +506,7 @@ This policy setting appears in the Computer Configuration and User Configuration
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Run logon scripts synchronously*
--   GP name: *RunLogonScriptSync*
+-   GP name: *Run_Logon_Script_Sync_1*
 -   GP path: *System\Scripts*
 -   GP ADMX file name: *Scripts.admx*
 
@@ -577,7 +577,7 @@ This policy setting appears in the Computer Configuration and User Configuration
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Run logon scripts synchronously*
--   GP name: *RunLogonScriptSync*
+-   GP name: *Run_Logon_Script_Sync_2*
 -   GP path: *System\Scripts*
 -   GP ADMX file name: *Scripts.admx*
 
@@ -648,7 +648,7 @@ If you disable or do not configure this policy setting, the instructions are sup
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Display instructions in logon scripts as they run*
--   GP name: *HideLogonScripts*
+-   GP name: *Run_Logon_Script_Visible*
 -   GP path: *System\Scripts*
 -   GP ADMX file name: *Scripts.admx*
 
@@ -719,7 +719,7 @@ If you disable or do not configure this policy setting, the instructions are sup
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Display instructions in shutdown scripts as they run*
--   GP name: *HideShutdownScripts*
+-   GP name: *Run_Shutdown_Script_Visible*
 -   GP path: *System\Scripts*
 -   GP ADMX file name: *Scripts.admx*
 
@@ -793,7 +793,7 @@ If you disable or do not configure this policy setting, a startup cannot run unt
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Run startup scripts asynchronously*
--   GP name: *RunStartupScriptSync*
+-   GP name: *Run_Startup_Script_Sync*
 -   GP path: *System\Scripts*
 -   GP ADMX file name: *Scripts.admx*
 
@@ -867,7 +867,7 @@ If you disable or do not configure this policy setting, the instructions are sup
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Display instructions in startup scripts as they run*
--   GP name: *HideStartupScripts*
+-   GP name: *Run_Startup_Script_Visible*
 -   GP path: *System\Scripts*
 -   GP ADMX file name: *Scripts.admx*
 
@@ -962,7 +962,7 @@ This policy setting appears in the Computer Configuration and User Configuration
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Run Windows PowerShell scripts first at user logon, logoff*
--   GP name: *RunUserPSScriptsFirst*
+-   GP name: *Run_User_PS_Scripts_First*
 -   GP path: *System\Scripts*
 -   GP ADMX file name: *Scripts.admx*
 
diff --git a/windows/client-management/mdm/policy-csp-admx-sdiageng.md b/windows/client-management/mdm/policy-csp-admx-sdiageng.md
index b462873456..ce4096ecc5 100644
--- a/windows/client-management/mdm/policy-csp-admx-sdiageng.md
+++ b/windows/client-management/mdm/policy-csp-admx-sdiageng.md
@@ -97,7 +97,7 @@ If you disable this policy setting, users can only access and search troubleshoo
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Troubleshooting: Allow users to access online troubleshooting content on Microsoft servers from the Troubleshooting Control Panel (via the Windows Online Troubleshooting Service - WOTS)*
--   GP name: *EnableQueryRemoteServer*
+-   GP name: *BetterWhenConnected*
 -   GP path: *System\Troubleshooting and Diagnostics\Scripted Diagnostics*
 -   GP ADMX file name: *sdiageng.admx*
 
@@ -168,7 +168,7 @@ Note that this setting also controls a user's ability to launch standalone troub
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Troubleshooting: Allow users to access and run Troubleshooting Wizards*
--   GP name: *EnableDiagnostics*
+-   GP name: *ScriptedDiagnosticsExecutionPolicy*
 -   GP path: *System\Troubleshooting and Diagnostics\Scripted Diagnostics*
 -   GP ADMX file name: *sdiageng.admx*
 
@@ -237,7 +237,7 @@ If you disable or do not configure this policy setting, the scripted diagnostics
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Configure Security Policy for Scripted Diagnostics*
--   GP name: *ValidateTrust*
+-   GP name: *ScriptedDiagnosticsSecurityPolicy*
 -   GP path: *System\Troubleshooting and Diagnostics\Scripted Diagnostics*
 -   GP ADMX file name: *sdiageng.admx*
 
diff --git a/windows/client-management/mdm/policy-csp-admx-securitycenter.md b/windows/client-management/mdm/policy-csp-admx-securitycenter.md
index 482389c9e4..3f963a77cb 100644
--- a/windows/client-management/mdm/policy-csp-admx-securitycenter.md
+++ b/windows/client-management/mdm/policy-csp-admx-securitycenter.md
@@ -103,7 +103,7 @@ In Windows Vista, this policy setting monitors essential security settings to in
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Turn on Security Center (Domain PCs only)*
--   GP name: *SecurityCenterInDomain*
+-   GP name: *SecurityCenter_SecurityCenterInDomain*
 -   GP path: *Windows Components\Security Center*
 -   GP ADMX file name: *Securitycenter.admx*
 
diff --git a/windows/client-management/mdm/policy-csp-admx-servicing.md b/windows/client-management/mdm/policy-csp-admx-servicing.md
index 5fddfc68cc..c18852e5ea 100644
--- a/windows/client-management/mdm/policy-csp-admx-servicing.md
+++ b/windows/client-management/mdm/policy-csp-admx-servicing.md
@@ -93,7 +93,7 @@ If you disable or do not configure this policy setting, or if the required files
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Specify settings for optional component installation and component repair*
--   GP name: *RepairContentServerSource*
+-   GP name: *Servicing*
 -   GP path: *System*
 -   GP ADMX file name: *Servicing.admx*
 
diff --git a/windows/client-management/mdm/policy-csp-admx-shellcommandpromptregedittools.md b/windows/client-management/mdm/policy-csp-admx-shellcommandpromptregedittools.md
index bf58db7cf4..e8df85ad6d 100644
--- a/windows/client-management/mdm/policy-csp-admx-shellcommandpromptregedittools.md
+++ b/windows/client-management/mdm/policy-csp-admx-shellcommandpromptregedittools.md
@@ -174,7 +174,7 @@ To prevent users from using other administrative tools, use the "Run only specif
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Prevent access to registry editing tools*
--   GP name: *DisableRegistryTools*
+-   GP name: *DisableRegedit*
 -   GP path: *System*
 -   GP ADMX file name: *Shell-CommandPrompt-RegEditTools.admx*
 
@@ -250,7 +250,7 @@ This policy setting only prevents users from running programs that are started b
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Don't run specified Windows applications*
--   GP name: *DisallowRun*
+-   GP name: *DisallowApps*
 -   GP path: *System*
 -   GP ADMX file name: *Shell-CommandPrompt-RegEditTools.admx*
 
@@ -325,7 +325,7 @@ This policy setting only prevents users from running programs that are started b
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Run only specified Windows applications*
--   GP name: *RestrictRun*
+-   GP name: *RestrictApps*
 -   GP path: *System*
 -   GP ADMX file name: *Shell-CommandPrompt-RegEditTools.admx*
 
diff --git a/windows/client-management/mdm/policy-csp-admx-smartcard.md b/windows/client-management/mdm/policy-csp-admx-smartcard.md
new file mode 100644
index 0000000000..76452c2119
--- /dev/null
+++ b/windows/client-management/mdm/policy-csp-admx-smartcard.md
@@ -0,0 +1,1229 @@
+---
+title: Policy CSP - ADMX_Smartcard
+description: Policy CSP - ADMX_Smartcard
+ms.author: dansimp
+ms.localizationpriority: medium
+ms.topic: article
+ms.prod: w10
+ms.technology: windows
+author: manikadhiman
+ms.date: 09/23/2020
+ms.reviewer: 
+manager: dansimp
+---
+
+# Policy CSP - ADMX_Smartcard
+> [!WARNING]
+> Some information relates to prereleased products, which may be substantially modified before it's commercially released. Microsoft makes no warranties, expressed or implied, concerning the information provided here.
+
+<hr/>
+
+<!--Policies-->
+## ADMX_Smartcard policies  
+
+<dl>
+  <dd>
+    <a href="#admx-smartcard-allowcertificateswithnoeku">ADMX_Smartcard/AllowCertificatesWithNoEKU</a>
+  </dd>
+  <dd>
+    <a href="#admx-smartcard-allowintegratedunblock">ADMX_Smartcard/AllowIntegratedUnblock</a>
+  </dd>
+  <dd>
+    <a href="#admx-smartcard-allowsignatureonlykeys">ADMX_Smartcard/AllowSignatureOnlyKeys</a>
+  </dd>
+  <dd>
+    <a href="#admx-smartcard-allowtimeinvalidcertificates">ADMX_Smartcard/AllowTimeInvalidCertificates</a>
+  </dd>
+  <dd>
+    <a href="#admx-smartcard-certpropenabledstring">ADMX_Smartcard/CertPropEnabledString</a>
+  </dd>
+  <dd>
+    <a href="#admx-smartcard-certproprootcleanupstring">ADMX_Smartcard/CertPropRootCleanupString</a>
+  </dd>
+  <dd>
+    <a href="#admx-smartcard-certproprootenabledstring">ADMX_Smartcard/CertPropRootEnabledString</a>
+  </dd>
+  <dd>
+    <a href="#admx-smartcard-disallowplaintextpin">ADMX_Smartcard/DisallowPlaintextPin</a>
+  </dd>
+  <dd>
+    <a href="#admx-smartcard-enumerateecccerts">ADMX_Smartcard/EnumerateECCCerts</a>
+  </dd>
+  <dd>
+    <a href="#admx-smartcard-filterduplicatecerts">ADMX_Smartcard/FilterDuplicateCerts</a>
+  </dd>
+  <dd>
+    <a href="#admx-smartcard-forcereadingallcertificates">ADMX_Smartcard/ForceReadingAllCertificates</a>
+  </dd>
+  <dd>
+    <a href="#admx-smartcard-integratedunblockpromptstring">ADMX_Smartcard/IntegratedUnblockPromptString</a>
+  </dd>
+  <dd>
+    <a href="#admx-smartcard-reversesubject">ADMX_Smartcard/ReverseSubject</a>
+  </dd>
+  <dd>
+    <a href="#admx-smartcard-scpnpenabled">ADMX_Smartcard/SCPnPEnabled</a>
+  </dd>
+  <dd>
+    <a href="#admx-smartcard-scpnpnotification">ADMX_Smartcard/SCPnPNotification</a>
+  </dd>
+  <dd>
+    <a href="#admx-smartcard-x509hintsneeded">ADMX_Smartcard/X509HintsNeeded</a>
+  </dd>
+</dl>
+
+
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-smartcard-allowcertificateswithnoeku"></a>**ADMX_Smartcard/AllowCertificatesWithNoEKU**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting lets you allow certificates without an Extended Key Usage (EKU) set to be used for logon.
+
+In versions of Windows prior to Windows Vista, smart card certificates that are used for logon require an enhanced key usage (EKU) extension with a smart card logon object identifier. This policy setting can be used to modify that restriction.
+
+If you enable this policy setting, certificates with the following attributes can also be used to log on with a smart card:
+
+- Certificates with no EKU
+- Certificates with an All Purpose EKU
+- Certificates with a Client Authentication EKU
+
+If you disable or do not configure this policy setting, only certificates that contain the smart card logon object identifier can be used to log on with a smart card.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Allow certificates with no extended key usage certificate attribute*
+-   GP name: *AllowCertificatesWithNoEKU*
+-   GP path: *Windows Components\Smart Card*
+-   GP ADMX file name: *Smartcard.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-smartcard-allowintegratedunblock"></a>**ADMX_Smartcard/AllowIntegratedUnblock**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting lets you determine whether the integrated unblock feature will be available in the logon User Interface (UI).
+
+In order to use the integrated unblock feature your smart card must support this feature.  Please check with your hardware manufacturer to see if your smart card supports this feature.
+
+If you enable this policy setting, the integrated unblock feature will be available.
+
+If you disable or do not configure this policy setting then the integrated unblock feature will not be available.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Allow Integrated Unblock screen to be displayed at the time of logon*
+-   GP name: *AllowIntegratedUnblock*
+-   GP path: *Windows Components\Smart Card*
+-   GP ADMX file name: *Smartcard.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-smartcard-allowsignatureonlykeys"></a>**ADMX_Smartcard/AllowSignatureOnlyKeys**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting lets you allow signature key-based certificates to be enumerated and available for logon.
+
+If you enable this policy setting then any certificates available on the smart card with a signature only key will be listed on the logon screen.
+
+If you disable or do not configure this policy setting, any available smart card signature key-based certificates will not be listed on the logon screen.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Allow signature keys valid for Logon*
+-   GP name: *AllowSignatureOnlyKeys*
+-   GP path: *Windows Components\Smart Card*
+-   GP ADMX file name: *Smartcard.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-smartcard-allowtimeinvalidcertificates"></a>**ADMX_Smartcard/AllowTimeInvalidCertificates**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting permits those certificates to be displayed for logon that are either expired or not yet valid.
+
+Under previous versions of Microsoft Windows, certificates were required to contain a valid time and not be expired. The certificate must still be accepted by the domain controller in order to be used. This setting only controls the displaying of the certificate on the client machine. 
+
+If you enable this policy setting certificates will be listed on the logon screen regardless of whether they have an invalid time or their time validity has expired.
+
+If you disable or do not configure this policy setting, certificates which are expired or not yet valid will not be listed on the logon screen.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Allow time invalid certificates*
+-   GP name: *AllowTimeInvalidCertificates*
+-   GP path: *Windows Components\Smart Card*
+-   GP ADMX file name: *Smartcard.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-smartcard-certpropenabledstring"></a>**ADMX_Smartcard/CertPropEnabledString**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting allows you to manage the certificate propagation that occurs when a smart card is inserted.
+
+If you enable or do not configure this policy setting then certificate propagation will occur when you insert your smart card.
+
+If you disable this policy setting, certificate propagation will not occur and the certificates will not be made available to applications such as Outlook.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Turn on certificate propagation from smart card*
+-   GP name: *CertPropEnabledString*
+-   GP path: *Windows Components\Smart Card*
+-   GP ADMX file name: *Smartcard.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-smartcard-certproprootcleanupstring"></a>**ADMX_Smartcard/CertPropRootCleanupString**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting allows you to manage the cleanup behavior of root certificates.  If you enable this policy setting then root certificate cleanup will occur according to the option selected. If you disable or do not configure this setting then root certificate cleanup will occur on logoff.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Configure root certificate clean up*
+-   GP name: *CertPropRootCleanupString*
+-   GP path: *Windows Components\Smart Card*
+-   GP ADMX file name: *Smartcard.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-smartcard-certproprootenabledstring"></a>**ADMX_Smartcard/CertPropRootEnabledString**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting allows you to manage the root certificate propagation that occurs when a smart card is inserted.
+
+If you enable or do not configure this policy setting then root certificate propagation will occur when you insert your smart card.
+
+> [!NOTE]
+> For this policy setting to work the following policy setting must also be enabled: Turn on certificate propagation from smart card.
+
+If you disable this policy setting then root certificates will not be propagated from the smart card.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Turn on root certificate propagation from smart card*
+-   GP name: *CertPropRootEnabledString*
+-   GP path: *Windows Components\Smart Card*
+-   GP ADMX file name: *Smartcard.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-smartcard-disallowplaintextpin"></a>**ADMX_Smartcard/DisallowPlaintextPin**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting prevents plaintext PINs from being returned by Credential Manager. 
+
+If you enable this policy setting, Credential Manager does not return a plaintext PIN. 
+
+If you disable or do not configure this policy setting, plaintext PINs can be returned by Credential Manager.
+
+> [!NOTE]
+> Enabling this policy setting could prevent certain smart cards from working on Windows. Please consult your smart card manufacturer to find out whether you will be affected by this policy setting.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Prevent plaintext PINs from being returned by Credential Manager*
+-   GP name: *DisallowPlaintextPin*
+-   GP path: *Windows Components\Smart Card*
+-   GP ADMX file name: *Smartcard.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-smartcard-enumerateecccerts"></a>**ADMX_Smartcard/EnumerateECCCerts**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting allows you to control whether elliptic curve cryptography (ECC) certificates on a smart card can be used to log on to a domain.
+
+If you enable this policy setting, ECC certificates on a smart card can be used to log on to a domain.
+
+If you disable or do not configure this policy setting, ECC certificates on a smart card cannot be used to log on to a domain. 
+
+> [!NOTE]
+> This policy setting only affects a user's ability to log on to a domain. ECC certificates on a smart card that are used for other applications, such as document signing, are not affected by this policy setting. 
+> If you use an ECDSA key to log on, you must also have an associated ECDH key to permit logons when you are not connected to the network.
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Allow ECC certificates to be used for logon and authentication*
+-   GP name: *EnumerateECCCerts*
+-   GP path: *Windows Components\Smart Card*
+-   GP ADMX file name: *Smartcard.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-smartcard-filterduplicatecerts"></a>**ADMX_Smartcard/FilterDuplicateCerts**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting lets you configure if all your valid logon certificates are displayed.
+
+During the certificate renewal period, a user can have multiple valid logon certificates issued from the same certificate template.  This can cause confusion as to which certificate to select for logon. The common case for this behavior is when a certificate is renewed and the old one has not yet expired. Two certificates are determined to be the same if they are issued from the same template with the same major version and they are for the same user (determined by their UPN).
+
+If there are two or more of the "same" certificate on a smart card and this policy is enabled then the certificate that is used for logon on Windows 2000, Windows XP, and Windows 2003 Server will be shown, otherwise the certificate with the expiration time furthest in the future will be shown.  
+
+> [!NOTE]
+> This setting will be applied after the following policy: "Allow time invalid certificates"
+
+If you enable or do not configure this policy setting, filtering will take place.
+
+If you disable this policy setting, no filtering will take place.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Filter duplicate logon certificates*
+-   GP name: *FilterDuplicateCerts*
+-   GP path: *Windows Components\Smart Card*
+-   GP ADMX file name: *Smartcard.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-smartcard-forcereadingallcertificates"></a>**ADMX_Smartcard/ForceReadingAllCertificates**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting allows you to manage the reading of all certificates from the smart card for logon.
+
+During logon Windows will by default only read the default certificate from the smart card unless it supports retrieval of all certificates in a single call. This setting forces Windows to read all the certificates from the card. This can introduce a significant performance decrease in certain situations. Please contact your smart card vendor to determine if your smart card and associated CSP supports the required behavior.
+
+If you enable this setting, then Windows will attempt to read all certificates from the smart card regardless of the feature set of the CSP.
+
+If you disable or do not configure this setting, Windows will only attempt to read the default certificate from those cards that do not support retrieval of all certificates in a single call.  Certificates other than the default will not be available for logon.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Force the reading of all certificates from the smart card*
+-   GP name: *ForceReadingAllCertificates*
+-   GP path: *Windows Components\Smart Card*
+-   GP ADMX file name: *Smartcard.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-smartcard-integratedunblockpromptstring"></a>**ADMX_Smartcard/IntegratedUnblockPromptString**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting allows you to manage the displayed message when a smart card is blocked.
+
+If you enable this policy setting, the specified message will be displayed to the user when the smart card is blocked. 
+
+> [!NOTE]
+> The following policy setting must be enabled: Allow Integrated Unblock screen to be displayed at the time of logon.
+
+If you disable or do not configure this policy setting, the default message will be displayed to the user when the smart card is blocked, if the integrated unblock feature is enabled.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Display string when smart card is blocked*
+-   GP name: *IntegratedUnblockPromptString*
+-   GP path: *Windows Components\Smart Card*
+-   GP ADMX file name: *Smartcard.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-smartcard-reversesubject"></a>**ADMX_Smartcard/ReverseSubject**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting lets you reverse the subject name from how it is stored in the certificate when displaying it during logon.  
+
+By default the user principal name (UPN) is displayed in addition to the common name to help users distinguish one certificate from another. For example, if the certificate subject was CN=User1, OU=Users, DN=example, DN=com and had an UPN of user1@example.com then "User1" will be displayed along with "user1@example.com." If the UPN is not present then the entire subject name will be displayed. This setting controls the appearance of that subject name and might need to be adjusted per organization.
+
+If you enable this policy setting or do not configure this setting, then the subject name will be reversed.  
+
+If you disable, the subject name will be displayed as it appears in the certificate.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Reverse the subject name stored in a certificate when displaying*
+-   GP name: *ReverseSubject*
+-   GP path: *Windows Components\Smart Card*
+-   GP ADMX file name: *Smartcard.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-smartcard-scpnpenabled"></a>**ADMX_Smartcard/SCPnPEnabled**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting allows you to control whether Smart Card Plug and Play is enabled.
+
+If you enable or do not configure this policy setting, Smart Card Plug and Play will be enabled and the system will attempt to install a Smart Card device driver when a card is inserted in a Smart Card Reader for the first time.
+
+If you disable this policy setting, Smart Card Plug and Play will be disabled and a device driver will not be installed when a card is inserted in a Smart Card Reader.
+
+> [!NOTE]
+> This policy setting is applied only for smart cards that have passed the Windows Hardware Quality Labs (WHQL) testing process.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Turn on Smart Card Plug and Play service*
+-   GP name: *SCPnPEnabled*
+-   GP path: *Windows Components\Smart Card*
+-   GP ADMX file name: *Smartcard.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-smartcard-scpnpnotification"></a>**ADMX_Smartcard/SCPnPNotification**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting allows you to control whether a confirmation message is displayed when a smart card device driver is installed.
+
+If you enable or do not configure this policy setting, a confirmation message will be displayed when a smart card device driver is installed.
+
+If you disable this policy setting, a confirmation message will not be displayed when a smart card device driver is installed.
+
+> [!NOTE]
+> This policy setting is applied only for smart cards that have passed the Windows Hardware Quality Labs (WHQL) testing process.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Notify user of successful smart card driver installation*
+-   GP name: *SCPnPNotification*
+-   GP path: *Windows Components\Smart Card*
+-   GP ADMX file name: *Smartcard.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-smartcard-x509hintsneeded"></a>**ADMX_Smartcard/X509HintsNeeded**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting lets you determine whether an optional field will be displayed during logon and elevation that allows a user to enter his or her user name or user name and domain, thereby associating a certificate with that user.
+
+If you enable this policy setting then an optional field that allows a user to enter their user name or user name and domain will be displayed.
+
+If you disable or do not configure this policy setting, an optional field that allows users to enter their user name or user name and domain will not be displayed.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Allow user name hint*
+-   GP name: *X509HintsNeeded*
+-   GP path: *Windows Components\Smart Card*
+-   GP ADMX file name: *Smartcard.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+Footnotes:
+
+- 1 - Available in Windows 10, version 1607.
+- 2 - Available in Windows 10, version 1703.
+- 3 - Available in Windows 10, version 1709.
+- 4 - Available in Windows 10, version 1803.
+- 5 - Available in Windows 10, version 1809.
+- 6 - Available in Windows 10, version 1903.
+- 7 - Available in Windows 10, version 1909.
+- 8 - Available in Windows 10, version 2004.
+
+<!--/Policies-->
+
diff --git a/windows/client-management/mdm/policy-csp-admx-snmp.md b/windows/client-management/mdm/policy-csp-admx-snmp.md
new file mode 100644
index 0000000000..2a83f8346c
--- /dev/null
+++ b/windows/client-management/mdm/policy-csp-admx-snmp.md
@@ -0,0 +1,290 @@
+---
+title: Policy CSP - ADMX_Snmp
+description: Policy CSP - ADMX_Snmp
+ms.author: dansimp
+ms.localizationpriority: medium
+ms.topic: article
+ms.prod: w10
+ms.technology: windows
+author: manikadhiman
+ms.date: 09/24/2020
+ms.reviewer: 
+manager: dansimp
+---
+
+# Policy CSP - ADMX_Snmp
+> [!WARNING]
+> Some information relates to prereleased products, which may be substantially modified before it's commercially released. Microsoft makes no warranties, expressed or implied, concerning the information provided here.
+
+<hr/>
+
+<!--Policies-->
+## ADMX_Snmp policies  
+
+<dl>
+  <dd>
+    <a href="#admx-snmp-snmp-communities">ADMX_Snmp/SNMP_Communities</a>
+  </dd>
+  <dd>
+    <a href="#admx-snmp-snmp-permittedmanagers">ADMX_Snmp/SNMP_PermittedManagers</a>
+  </dd>
+  <dd>
+    <a href="#admx-snmp-snmp-traps-public">ADMX_Snmp/SNMP_Traps_Public</a>
+  </dd>
+</dl>
+
+
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-snmp-snmp-communities"></a>**ADMX_Snmp/SNMP_Communities**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting configures a list of the communities defined to the Simple Network Management Protocol (SNMP) service.
+
+SNMP is a protocol designed to give a user the capability to remotely manage a computer network, by polling and setting terminal values and monitoring network events.
+
+A valid community is a community recognized by the SNMP service, while a community is a group of hosts (servers, workstations, hubs, and routers) that are administered together by SNMP. The SNMP service is a managed network node that receives SNMP packets from the network.
+
+If you enable this policy setting, the SNMP agent only accepts requests from management systems within the communities it recognizes, and only SNMP Read operation is allowed for the community.
+
+If you disable or do not configure this policy setting, the SNMP service takes the Valid Communities configured on the local computer instead.
+
+Best practice: For security purposes, it is recommended to restrict the HKLM\SOFTWARE\Policies\SNMP\Parameters\ValidCommunities key to allow only the local admin group full control.
+
+> [!NOTE]
+> - It is good practice to use a cryptic community name.
+> - This policy setting has no effect if the SNMP agent is not installed on the client computer.
+
+Also, see the other two SNMP settings: "Specify permitted managers" and "Specify trap configuration".
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable.  For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Specify communities*
+-   GP name: *SNMP_Communities*
+-   GP path: *Network\SNMP*
+-   GP ADMX file name: *Snmp.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-snmp-snmp-permittedmanagers"></a>**ADMX_Snmp/SNMP_PermittedManagers**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting determines the permitted list of hosts that can submit a query to the Simple Network Management (SNMP) agent running on the client computer.
+
+Simple Network Management Protocol is a protocol designed to give a user the capability to remotely manage a computer network by polling and setting terminal values and monitoring network events.
+
+The manager is located on the host computer on the network. The manager's role is to poll the agents for certain requested information.
+
+If you enable this policy setting, the SNMP agent only accepts requests from the list of permitted managers that you configure using this setting.
+
+If you disable or do not configure this policy setting, SNMP service takes the permitted managers configured on the local computer instead.
+
+Best practice: For security purposes, it is recommended to restrict the HKLM\SOFTWARE\Policies\SNMP\Parameters\PermittedManagers key to allow only the local admin group full control.
+
+> [!NOTE]
+> This policy setting has no effect if the SNMP agent is not installed on the client computer.
+
+Also, see the other two SNMP policy settings: "Specify trap configuration" and "Specify Community Name".
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable.  For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Specify permitted managers*
+-   GP name: *SNMP_PermittedManagers*
+-   GP path: *Network\SNMP*
+-   GP ADMX file name: *Snmp.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-snmp-snmp-traps-public"></a>**ADMX_Snmp/SNMP_Traps_Public**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting allows trap configuration for the Simple Network Management Protocol (SNMP) agent.
+
+Simple Network Management Protocol is a protocol designed to give a user the capability to remotely manage a computer network by polling and setting terminal values and monitoring network events.
+
+This policy setting allows you to configure the name of the hosts that receive trap messages for the community sent by the SNMP service. A trap message is an alert or significant event that allows the SNMP agent to notify management systems asynchronously.
+
+If you enable this policy setting, the SNMP service sends trap messages to the hosts within the "public" community.
+
+If you disable or do not configure this policy setting, the SNMP service takes the trap configuration configured on the local computer instead.
+
+> [!NOTE]
+> This setting has no effect if the SNMP agent is not installed on the client computer.
+
+Also, see the other two SNMP settings: "Specify permitted managers" and "Specify Community Name".
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable.  For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Specify traps for public community*
+-   GP name: *SNMP_Traps_Public*
+-   GP path: *Network\SNMP*
+-   GP ADMX file name: *Snmp.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+Footnotes:
+
+- 1 - Available in Windows 10, version 1607.
+- 2 - Available in Windows 10, version 1703.
+- 3 - Available in Windows 10, version 1709.
+- 4 - Available in Windows 10, version 1803.
+- 5 - Available in Windows 10, version 1809.
+- 6 - Available in Windows 10, version 1903.
+- 7 - Available in Windows 10, version 1909.
+- 8 - Available in Windows 10, version 2004.
+
+<!--/Policies-->
+
diff --git a/windows/client-management/mdm/policy-csp-admx-tcpip.md b/windows/client-management/mdm/policy-csp-admx-tcpip.md
new file mode 100644
index 0000000000..b43d4d2011
--- /dev/null
+++ b/windows/client-management/mdm/policy-csp-admx-tcpip.md
@@ -0,0 +1,1011 @@
+---
+title: Policy CSP - ADMX_tcpip
+description: Policy CSP - ADMX_tcpip
+ms.author: dansimp
+ms.localizationpriority: medium
+ms.topic: article
+ms.prod: w10
+ms.technology: windows
+author: manikadhiman
+ms.date: 09/23/2020
+ms.reviewer: 
+manager: dansimp
+---
+
+# Policy CSP - ADMX_tcpip
+> [!WARNING]
+> Some information relates to prereleased products, which may be substantially modified before it's commercially released. Microsoft makes no warranties, expressed or implied, concerning the information provided here.
+
+<hr/>
+
+<!--Policies-->
+## ADMX_tcpip policies  
+
+<dl>
+  <dd>
+    <a href="#admx-tcpip-6to4-router-name">ADMX_tcpip/6to4_Router_Name</a>
+  </dd>
+  <dd>
+    <a href="#admx-tcpip-6to4-router-name-resolution-interval">ADMX_tcpip/6to4_Router_Name_Resolution_Interval</a>
+  </dd>
+  <dd>
+    <a href="#admx-tcpip-6to4-state">ADMX_tcpip/6to4_State</a>
+  </dd>
+  <dd>
+    <a href="#admx-tcpip-iphttps-clientstate">ADMX_tcpip/IPHTTPS_ClientState</a>
+  </dd>
+  <dd>
+    <a href="#admx-tcpip-ip-stateless-autoconfiguration-limits-state">ADMX_tcpip/IP_Stateless_Autoconfiguration_Limits_State</a>
+  </dd>
+  <dd>
+    <a href="#admx-tcpip-isatap-router-name">ADMX_tcpip/ISATAP_Router_Name</a>
+  </dd>
+  <dd>
+    <a href="#admx-tcpip-isatap-state">ADMX_tcpip/ISATAP_State</a>
+  </dd>
+  <dd>
+    <a href="#admx-tcpip-teredo-client-port">ADMX_tcpip/Teredo_Client_Port</a>
+  </dd>
+  <dd>
+    <a href="#admx-tcpip-teredo-default-qualified">ADMX_tcpip/Teredo_Default_Qualified</a>
+  </dd>
+  <dd>
+    <a href="#admx-tcpip-teredo-refresh-rate">ADMX_tcpip/Teredo_Refresh_Rate</a>
+  </dd>
+  <dd>
+    <a href="#admx-tcpip-teredo-server-name">ADMX_tcpip/Teredo_Server_Name</a>
+  </dd>
+  <dd>
+    <a href="#admx-tcpip-teredo-state">ADMX_tcpip/Teredo_State</a>
+  </dd>
+  <dd>
+    <a href="#admx-tcpip-windows-scaling-heuristics-state">ADMX_tcpip/Windows_Scaling_Heuristics_State</a>
+  </dd>
+</dl>
+
+
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-tcpip-6to4-router-name"></a>**ADMX_tcpip/6to4_Router_Name**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting allows you to specify a 6to4 relay name for a 6to4 host. A 6to4 relay is used as a default gateway for IPv6 network traffic sent by the 6to4 host. The 6to4 relay name setting has no effect if 6to4 connectivity is not available on the host.
+
+If you enable this policy setting, you can specify a relay name for a 6to4 host.
+
+If you disable or do not configure this policy setting, the local host setting is used, and you cannot specify a relay name for a 6to4 host.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable.  For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Set 6to4 Relay Name*
+-   GP name: *6to4_Router_Name*
+-   GP path: *Network\TCPIP Settings\IPv6 Transition Technologies*
+-   GP ADMX file name: *tcpip.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-tcpip-6to4-router-name-resolution-interval"></a>**ADMX_tcpip/6to4_Router_Name_Resolution_Interval**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting allows you to specify the interval at which the relay name is resolved. The 6to4 relay name resolution interval setting has no effect if 6to4 connectivity is not available on the host.
+
+If you enable this policy setting, you can specify the value for the duration at which the relay name is resolved periodically.
+
+If you disable or do not configure this policy setting, the local host setting is used.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable.  For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Set 6to4 Relay Name Resolution Interval*
+-   GP name: *6to4_Router_Name_Resolution_Interval*
+-   GP path: *Network\TCPIP Settings\IPv6 Transition Technologies*
+-   GP ADMX file name: *tcpip.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-tcpip-6to4-state"></a>**ADMX_tcpip/6to4_State**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting allows you to configure 6to4, an address assignment and router-to-router automatic tunneling technology that is used to provide unicast IPv6 connectivity between IPv6 sites and hosts across the IPv4 Internet. 6to4 uses the global address prefix: 2002:WWXX:YYZZ::/48 in which the letters are a hexadecimal representation of the global IPv4 address (w.x.y.z) assigned to a site.
+
+If you disable or do not configure this policy setting, the local host setting is used.
+
+If you enable this policy setting, you can configure 6to4 with one of the following settings:
+
+Policy Default State: 6to4 is turned off and connectivity with 6to4 will not be available.
+
+Policy Enabled State: If a global IPv4 address is present, the host will have a 6to4 interface. If no global IPv4 address is present, the host will not have a 6to4 interface.
+
+Policy Disabled State: 6to4 is turned off and connectivity with 6to4 will not be available.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable.  For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Set 6to4 State*
+-   GP name: *6to4_State*
+-   GP path: *Network\TCPIP Settings\IPv6 Transition Technologies*
+-   GP ADMX file name: *tcpip.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-tcpip-iphttps-clientstate"></a>**ADMX_tcpip/IPHTTPS_ClientState**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting allows you to configure IP-HTTPS, a tunneling technology that uses the HTTPS protocol to provide IP connectivity to a remote network.
+
+If you disable or do not configure this policy setting, the local host settings are used.
+
+If you enable this policy setting, you can specify an IP-HTTPS server URL. You will be able to configure IP-HTTPS with one of the following settings:
+
+Policy Default State: The IP-HTTPS interface is used when there are no other connectivity options.
+
+Policy Enabled State: The IP-HTTPS interface is always present, even if the host has other connectivity options.
+
+Policy Disabled State: No IP-HTTPS interfaces are present on the host.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable.  For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Set IP-HTTPS State*
+-   GP name: *IPHTTPS_ClientState*
+-   GP path: *Network\TCPIP Settings\IPv6 Transition Technologies*
+-   GP ADMX file name: *tcpip.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-tcpip-ip-stateless-autoconfiguration-limits-state"></a>**ADMX_tcpip/IP_Stateless_Autoconfiguration_Limits_State**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting allows you to configure IP Stateless Autoconfiguration Limits.
+
+If you enable or do not configure this policy setting, IP Stateless Autoconfiguration Limits will be enabled and system will limit the number of autoconfigured addresses and routes.
+
+If you disable this policy setting, IP Stateless Autoconfiguration Limits will be disabled and system will not limit the number of autoconfigured addresses and routes.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable.  For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Set IP Stateless Autoconfiguration Limits State*
+-   GP name: *IP_Stateless_Autoconfiguration_Limits_State*
+-   GP path: *Network\TCPIP Settings\Parameters*
+-   GP ADMX file name: *tcpip.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-tcpip-isatap-router-name"></a>**ADMX_tcpip/ISATAP_Router_Name**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting allows you to specify a router name or Internet Protocol version 4 (IPv4) address for an ISATAP router.
+
+If you enable this policy setting, you can specify a router name or IPv4 address for an ISATAP router. If you enter an IPv4 address of the ISATAP router in the text box, DNS services are not required.
+
+If you disable or do not configure this policy setting, the local host setting is used.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable.  For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Set ISATAP Router Name*
+-   GP name: *ISATAP_Router_Name*
+-   GP path: *Network\TCPIP Settings\IPv6 Transition Technologies*
+-   GP ADMX file name: *tcpip.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-tcpip-isatap-state"></a>**ADMX_tcpip/ISATAP_State**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting allows you to configure Intra-Site Automatic Tunnel Addressing Protocol (ISATAP), an address-to-router and host-to-host, host-to-router and router-to-host automatic tunneling technology that is used to provide unicast IPv6 connectivity between IPv6 hosts across an IPv4 intranet.
+
+If you disable or do not configure this policy setting, the local host setting is used.
+
+If you enable this policy setting, you can configure ISATAP with one of the following settings:
+
+Policy Default State: No ISATAP interfaces are present on the host.
+
+Policy Enabled State: If the ISATAP name is resolved successfully, the host will have ISATAP configured with a link-local address and an address for each prefix received from the ISATAP router through stateless address auto-configuration. If the ISATAP name is not resolved successfully, the host will have an ISATAP interface configured with a link-local address.
+
+Policy Disabled State: No ISATAP interfaces are present on the host.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable.  For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Set ISATAP State*
+-   GP name: *ISATAP_State*
+-   GP path: *Network\TCPIP Settings\IPv6 Transition Technologies*
+-   GP ADMX file name: *tcpip.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-tcpip-teredo-client-port"></a>**ADMX_tcpip/Teredo_Client_Port**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting allows you to select the UDP port the Teredo client will use to send packets. If you leave the default of 0, the operating system will select a port (recommended). If you select a UDP port that is already in use by a system, the Teredo client will fail to initialize.
+
+If you enable this policy setting, you can customize a UDP port for the Teredo client.
+
+If you disable or do not configure this policy setting, the local host setting is used.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable.  For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Set Teredo Client Port*
+-   GP name: *Teredo_Client_Port*
+-   GP path: *Network\TCPIP Settings\IPv6 Transition Technologies*
+-   GP ADMX file name: *tcpip.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-tcpip-teredo-default-qualified"></a>**ADMX_tcpip/Teredo_Default_Qualified**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting allows you to set Teredo to be ready to communicate, a process referred to as qualification. By default, Teredo enters a dormant state when not in use. The qualification process brings it out of a dormant state.
+
+If you disable or do not configure this policy setting, the local host setting is used.
+
+This policy setting contains only one state:
+
+Policy Enabled State: If Default Qualified is enabled, Teredo will attempt qualification immediately and remain qualified if the qualification process succeeds.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable.  For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Set Teredo Default Qualified*
+-   GP name: *Teredo_Default_Qualified*
+-   GP path: *Network\TCPIP Settings\IPv6 Transition Technologies*
+-   GP ADMX file name: *tcpip.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-tcpip-teredo-refresh-rate"></a>**ADMX_tcpip/Teredo_Refresh_Rate**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting allows you to configure the Teredo refresh rate.
+
+> [!NOTE]
+> On a periodic basis (by default, every 30 seconds), Teredo clients send a single Router Solicitation packet to the Teredo server. The Teredo server sends a Router Advertisement Packet in response. This periodic packet refreshes the IP address and UDP port mapping in the translation table of the Teredo client's NAT device.
+
+If you enable this policy setting, you can specify the refresh rate.  If you choose a refresh rate longer than the port mapping in the Teredo client's NAT device, Teredo might stop working or connectivity might be intermittent.
+
+If you disable or do not configure this policy setting, the refresh rate is configured using the local settings on the computer. The default refresh rate is 30 seconds.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable.  For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Set Teredo Refresh Rate*
+-   GP name: *Teredo_Refresh_Rate*
+-   GP path: *Network\TCPIP Settings\IPv6 Transition Technologies*
+-   GP ADMX file name: *tcpip.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-tcpip-teredo-server-name"></a>**ADMX_tcpip/Teredo_Server_Name**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting allows you to specify the name of the Teredo server. This server name will be used on the Teredo client computer where this policy setting is applied.
+
+If you enable this policy setting, you can specify a Teredo server name that applies to a Teredo client.
+
+If you disable or do not configure this policy setting, the local settings on the computer are used to determine the Teredo server name.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable.  For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Set Teredo Server Name*
+-   GP name: *Teredo_Server_Name*
+-   GP path: *Network\TCPIP Settings\IPv6 Transition Technologies*
+-   GP ADMX file name: *tcpip.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-tcpip-teredo-state"></a>**ADMX_tcpip/Teredo_State**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting allows you to configure Teredo, an address assignment and automatic tunneling technology that provides unicast IPv6 connectivity across the IPv4 Internet.
+
+If you disable or do not configure this policy setting, the local host settings are used.
+
+If you enable this policy setting, you can configure Teredo with one of the following settings:
+
+Default: The default state is "Client."
+
+Disabled: No Teredo interfaces are present on the host.
+
+Client: The Teredo interface is present only when the host is not on a network that includes a domain controller.
+
+Enterprise Client: The Teredo interface is always present, even if the host is on a network that includes a domain controller.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable.  For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Set Teredo State*
+-   GP name: *Teredo_State*
+-   GP path: *Network\TCPIP Settings\IPv6 Transition Technologies*
+-   GP ADMX file name: *tcpip.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-tcpip-windows-scaling-heuristics-state"></a>**ADMX_tcpip/Windows_Scaling_Heuristics_State**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting allows you to configure Window Scaling Heuristics. Window Scaling Heuristics is an algorithm to identify connectivity and throughput problems caused by many Firewalls and other middle boxes that don't interpret Window Scaling option correctly.
+
+If you do not configure this policy setting, the local host settings are used.
+
+If you enable this policy setting, Window Scaling Heuristics will be enabled and system will try to identify connectivity and throughput problems and take appropriate measures.
+
+If you disable this policy setting, Window Scaling Heuristics will be disabled and system will not try to identify connectivity and throughput problems caused by Firewalls or other middle boxes.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable.  For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Set Window Scaling Heuristics State*
+-   GP name: *Windows_Scaling_Heuristics_State*
+-   GP path: *Network\TCPIP Settings\Parameters*
+-   GP ADMX file name: *tcpip.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+Footnotes:
+
+- 1 - Available in Windows 10, version 1607.
+- 2 - Available in Windows 10, version 1703.
+- 3 - Available in Windows 10, version 1709.
+- 4 - Available in Windows 10, version 1803.
+- 5 - Available in Windows 10, version 1809.
+- 6 - Available in Windows 10, version 1903.
+- 7 - Available in Windows 10, version 1909.
+- 8 - Available in Windows 10, version 2004.
+
+<!--/Policies-->
+
diff --git a/windows/client-management/mdm/policy-csp-admx-thumbnails.md b/windows/client-management/mdm/policy-csp-admx-thumbnails.md
new file mode 100644
index 0000000000..69fd52c66e
--- /dev/null
+++ b/windows/client-management/mdm/policy-csp-admx-thumbnails.md
@@ -0,0 +1,264 @@
+---
+title: Policy CSP - ADMX_Thumbnails
+description: Policy CSP - ADMX_Thumbnails
+ms.author: dansimp
+ms.localizationpriority: medium
+ms.topic: article
+ms.prod: w10
+ms.technology: windows
+author: manikadhiman
+ms.date: 09/25/2020
+ms.reviewer: 
+manager: dansimp
+---
+
+# Policy CSP - ADMX_Thumbnails
+> [!WARNING]
+> Some information relates to prereleased products, which may be substantially modified before it's commercially released. Microsoft makes no warranties, expressed or implied, concerning the information provided here.
+
+<hr/>
+
+<!--Policies-->
+## ADMX_Thumbnails policies  
+
+<dl>
+  <dd>
+    <a href="#admx-thumbnails-disablethumbnails">ADMX_Thumbnails/DisableThumbnails</a>
+  </dd>  
+  <dd>
+    <a href="#admx-thumbnails-disablethumbnailsonnetworkfolders">ADMX_Thumbnails/DisableThumbnailsOnNetworkFolders</a>
+  </dd>
+  <dd>
+    <a href="#admx-thumbnails-disablethumbsdbonnetworkfolders">ADMX_Thumbnails/DisableThumbsDBOnNetworkFolders</a>
+  </dd>
+</dl>
+
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-thumbnails-disablethumbnails"></a>**ADMX_Thumbnails/DisableThumbnails**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting allows you to configure how File Explorer displays thumbnail images or icons on the local computer.
+
+File Explorer displays thumbnail images by default. 
+
+If you enable this policy setting, File Explorer displays only icons and never displays thumbnail images.
+
+If you disable or do not configure this policy setting, File Explorer displays only thumbnail images.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Turn off the display of thumbnails and only display icons.*
+-   GP name: *DisableThumbnails*
+-   GP path: *Windows Components\File Explorer*
+-   GP ADMX file name: *Thumbnails.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-thumbnails-disablethumbnailsonnetworkfolders"></a>**ADMX_Thumbnails/DisableThumbnailsOnNetworkFolders**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting allows you to configure how File Explorer displays thumbnail images or icons on network folders.
+
+File Explorer displays thumbnail images on network folders by default.
+
+If you enable this policy setting, File Explorer displays only icons and never displays thumbnail images on network folders.
+
+If you disable or do not configure this policy setting, File Explorer displays only thumbnail images on network folders.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Turn off the display of thumbnails and only display icons on network folders*
+-   GP name: *DisableThumbnailsOnNetworkFolders*
+-   GP path: *Windows Components\File Explorer*
+-   GP ADMX file name: *Thumbnails.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-thumbnails-disablethumbsdbonnetworkfolders"></a>**ADMX_Thumbnails/DisableThumbsDBOnNetworkFolders**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. Turns off the caching of thumbnails in hidden thumbs.db files.
+
+This policy setting allows you to configure File Explorer to cache thumbnails of items residing in network folders in hidden thumbs.db files.
+
+If you enable this policy setting, File Explorer does not create, read from, or write to thumbs.db files.
+
+If you disable or do not configure this policy setting, File Explorer creates, reads from, and writes to thumbs.db files.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Turn off the caching of thumbnails in hidden thumbs.db files*
+-   GP name: *DisableThumbsDBOnNetworkFolders*
+-   GP path: *Windows Components\File Explorer*
+-   GP ADMX file name: *Thumbnails.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+
+Footnotes:
+
+- 1 - Available in Windows 10, version 1607.
+- 2 - Available in Windows 10, version 1703.
+- 3 - Available in Windows 10, version 1709.
+- 4 - Available in Windows 10, version 1803.
+- 5 - Available in Windows 10, version 1809.
+- 6 - Available in Windows 10, version 1903.
+- 7 - Available in Windows 10, version 1909.
+- 8 - Available in Windows 10, version 2004.
+
+<!--/Policies-->
+
diff --git a/windows/client-management/mdm/policy-csp-admx-tpm.md b/windows/client-management/mdm/policy-csp-admx-tpm.md
new file mode 100644
index 0000000000..aeec40aa7f
--- /dev/null
+++ b/windows/client-management/mdm/policy-csp-admx-tpm.md
@@ -0,0 +1,803 @@
+---
+title: Policy CSP - ADMX_TPM
+description: Policy CSP - ADMX_TPM
+ms.author: dansimp
+ms.localizationpriority: medium
+ms.topic: article
+ms.prod: w10
+ms.technology: windows
+author: manikadhiman
+ms.date: 09/25/2020
+ms.reviewer: 
+manager: dansimp
+---
+
+# Policy CSP - ADMX_TPM
+> [!WARNING]
+> Some information relates to prereleased products, which may be substantially modified before it's commercially released. Microsoft makes no warranties, expressed or implied, concerning the information provided here.
+
+<hr/>
+
+<!--Policies-->
+## ADMX_TPM policies  
+
+<dl>
+  <dd>
+    <a href="#admx-tpm-blockedcommandslist-name">ADMX_TPM/BlockedCommandsList_Name</a>
+  </dd>
+  <dd>
+    <a href="#admx-tpm-cleartpmifnotready-name">ADMX_TPM/ClearTPMIfNotReady_Name</a>
+  </dd>
+  <dd>
+    <a href="#admx-tpm-ignoredefaultlist-name">ADMX_TPM/IgnoreDefaultList_Name</a>
+  </dd>
+  <dd>
+    <a href="#admx-tpm-ignorelocallist-name">ADMX_TPM/IgnoreLocalList_Name</a>
+  </dd>
+  <dd>
+    <a href="#admx-tpm-osmanagedauth-name">ADMX_TPM/OSManagedAuth_Name</a>
+  </dd>
+  <dd>
+    <a href="#admx-tpm-optintodsha-name">ADMX_TPM/OptIntoDSHA_Name</a>
+  </dd>
+  <dd>
+    <a href="#admx-tpm-standarduserauthorizationfailureduration-name">ADMX_TPM/StandardUserAuthorizationFailureDuration_Name</a>
+  </dd>
+  <dd>
+    <a href="#admx-tpm-standarduserauthorizationfailureindividualthreshold-name">ADMX_TPM/StandardUserAuthorizationFailureIndividualThreshold_Name</a>
+  </dd>
+  <dd>
+    <a href="#admx-tpm-standarduserauthorizationfailuretotalthreshold-name">ADMX_TPM/StandardUserAuthorizationFailureTotalThreshold_Name</a>
+  </dd>
+  <dd>
+    <a href="#admx-tpm-uselegacydap-name">ADMX_TPM/UseLegacyDAP_Name</a>
+  </dd>
+</dl>
+
+
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-tpm-blockedcommandslist-name"></a>**ADMX_TPM/BlockedCommandsList_Name**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting allows you to manage the Group Policy list of Trusted Platform Module (TPM) commands blocked by Windows.
+
+If you enable this policy setting, Windows will block the specified commands from being sent to the TPM on the computer. TPM commands are referenced by a command number. For example, command number 129 is TPM_OwnerReadInternalPub, and command number 170 is TPM_FieldUpgrade. To find the command number associated with each TPM command with TPM 1.2, run "tpm.msc" and navigate to the "Command Management" section.
+
+If you disable or do not configure this policy setting, only those TPM commands specified through the default or local lists may be blocked by Windows. The default list of blocked TPM commands is pre-configured by Windows. You can view the default list by running "tpm.msc", navigating to the "Command Management" section, and making visible the "On Default Block List" column. The local list of blocked TPM commands is configured outside of Group Policy by running "tpm.msc" or through scripting against the Win32_Tpm interface. See related policy settings to enforce or ignore the default and local lists of blocked TPM commands.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Configure the list of blocked TPM commands*
+-   GP name: *BlockedCommandsList_Name*
+-   GP path: *System\Trusted Platform Module Services*
+-   GP ADMX file name: *TPM.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-tpm-cleartpmifnotready-name"></a>**ADMX_TPM/ClearTPMIfNotReady_Name**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting configures the system to prompt the user to clear the TPM if the TPM is detected to be in any state other than Ready. This policy will take effect only if the system’s TPM is in a state other than Ready, including if the TPM is “Ready, with reduced functionality”. The prompt to clear the TPM will start occurring after the next reboot, upon user login only if the logged in user is part of the Administrators group for the system. The prompt can be dismissed, but will reappear after every reboot and login until the policy is disabled or until the TPM is in a Ready state.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Configure the system to clear the TPM if it is not in a ready state.*
+-   GP name: *ClearTPMIfNotReady_Name*
+-   GP path: *System\Trusted Platform Module Services*
+-   GP ADMX file name: *TPM.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-tpm-ignoredefaultlist-name"></a>**ADMX_TPM/IgnoreDefaultList_Name**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting allows you to enforce or ignore the computer's default list of blocked Trusted Platform Module (TPM) commands.
+
+If you enable this policy setting, Windows will ignore the computer's default list of blocked TPM commands and will only block those TPM commands specified by Group Policy or the local list.
+
+The default list of blocked TPM commands is pre-configured by Windows. You can view the default list by running "tpm.msc", navigating to the "Command Management" section, and making visible the "On Default Block List" column. The local list of blocked TPM commands is configured outside of Group Policy by running "tpm.msc" or through scripting against the Win32_Tpm interface. See the related policy setting to configure the Group Policy list of blocked TPM commands.
+
+If you disable or do not configure this policy setting, Windows will block the TPM commands in the default list, in addition to commands in the Group Policy and local lists of blocked TPM commands. 
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Ignore the default list of blocked TPM commands*
+-   GP name: *IgnoreDefaultList_Name*
+-   GP path: *System\Trusted Platform Module Services*
+-   GP ADMX file name: *TPM.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-tpm-ignorelocallist-name"></a>**ADMX_TPM/IgnoreLocalList_Name**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting allows you to enforce or ignore the computer's local list of blocked Trusted Platform Module (TPM) commands.
+
+If you enable this policy setting, Windows will ignore the computer's local list of blocked TPM commands and will only block those TPM commands specified by Group Policy or the default list.
+
+The local list of blocked TPM commands is configured outside of Group Policy by running "tpm.msc" or through scripting against the Win32_Tpm interface. The default list of blocked TPM commands is pre-configured by Windows. See the related policy setting to configure the Group Policy list of blocked TPM commands.
+
+If you disable or do not configure this policy setting, Windows will block the TPM commands found in the local list, in addition to commands in the Group Policy and default lists of blocked TPM commands.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Ignore the local list of blocked TPM commands*
+-   GP name: *IgnoreLocalList_Name*
+-   GP path: *System\Trusted Platform Module Services*
+-   GP ADMX file name: *TPM.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-tpm-osmanagedauth-name"></a>**ADMX_TPM/OSManagedAuth_Name**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting configures how much of the TPM owner authorization information is stored in the registry of the local computer. Depending on the amount of TPM owner authorization information stored locally, the operating system and TPM-based applications can perform certain TPM actions which require TPM owner authorization without requiring the user to enter the TPM owner password.
+
+You can choose to have the operating system store either the full TPM owner authorization value, the TPM administrative delegation blob plus the TPM user delegation blob, or none.
+
+If you enable this policy setting, Windows will store the TPM owner authorization in the registry of the local computer according to the operating system managed TPM authentication setting you choose.
+
+Choose the operating system managed TPM authentication setting of "Full" to store the full TPM owner authorization, the TPM administrative delegation blob and the TPM user delegation blob in the local registry. This setting allows use of the TPM without requiring remote or external storage of the TPM owner authorization value. This setting is appropriate for scenarios which do not depend on preventing reset of the TPM anti-hammering logic or changing the TPM owner authorization value. Some TPM-based applications may require this setting be changed before features which depend on the TPM anti-hammering logic can be used.
+
+Choose the operating system managed TPM authentication setting of "Delegated" to store only the TPM administrative delegation blob and the TPM user delegation blob in the local registry. This setting is appropriate for use with TPM-based applications that depend on the TPM anti-hammering logic.
+
+Choose the operating system managed TPM authentication setting of "None" for compatibility with previous operating systems and applications or for use with scenarios that require TPM owner authorization not be stored locally. Using this setting might cause issues with some TPM-based applications.
+
+> [!NOTE]
+> If the operating system managed TPM authentication setting is changed from "Full" to "Delegated", the full TPM owner authorization value will be regenerated and any copies of the original TPM owner authorization value will be invalid.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Configure the level of TPM owner authorization information available to the operating system*
+-   GP name: *OSManagedAuth_Name*
+-   GP path: *System\Trusted Platform Module Services*
+-   GP ADMX file name: *TPM.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-tpm-optintodsha-name"></a>**ADMX_TPM/OptIntoDSHA_Name**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This group policy enables Device Health Attestation reporting (DHA-report) on supported devices. It enables supported devices to send Device Health Attestation related information (device boot logs, PCR values, TPM certificate, etc.) to Device Health Attestation Service (DHA-Service) every time a device starts. Device Health Attestation Service validates the security state and health of the devices, and makes the findings accessible to enterprise administrators via a cloud based reporting portal. This policy is independent of DHA reports that are initiated by device manageability solutions (like MDM or SCCM), and will not interfere with their workflows.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Enable Device Health Attestation Monitoring and Reporting*
+-   GP name: *OptIntoDSHA_Name*
+-   GP path: *System\Device Health Attestation Service*
+-   GP ADMX file name: *TPM.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-tpm-standarduserauthorizationfailureduration-name"></a>**ADMX_TPM/StandardUserAuthorizationFailureDuration_Name**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting allows you to manage the duration in minutes for counting standard user authorization failures for Trusted Platform Module (TPM) commands requiring authorization. If the number of TPM commands with an authorization failure within the duration equals a threshold, a standard user is prevented from sending commands requiring authorization to the TPM.
+
+This setting helps administrators prevent the TPM hardware from entering a lockout mode because it slows the speed standard users can send commands requiring authorization to the TPM.
+
+An authorization failure occurs each time a standard user sends a command to the TPM and receives an error response indicating an authorization failure occurred. Authorization failures older than this duration are ignored.
+
+For each standard user two thresholds apply. Exceeding either threshold will prevent the standard user from sending a command to the TPM that requires authorization.
+
+The Standard User Lockout Threshold Individual value is the maximum number of authorization failures each standard user may have before the user is not allowed to send commands requiring authorization to the TPM.
+
+The Standard User Lockout Total Threshold value is the maximum total number of authorization failures all standard users may have before all standard users are not allowed to send commands requiring authorization to the TPM.
+
+The TPM is designed to protect itself against password guessing attacks by entering a hardware lockout mode when it receives too many commands with an incorrect authorization value. When the TPM enters a lockout mode it is global for all users including administrators and Windows features like BitLocker Drive Encryption. The number of authorization failures a TPM allows and how long it stays locked out vary by TPM manufacturer. Some TPMs may enter lockout mode for successively longer periods of time with fewer authorization failures depending on past failures. Some TPMs may require a system restart to exit the lockout mode. Other TPMs may require the system to be on so enough clock cycles elapse before the TPM exits the lockout mode.
+
+An administrator with the TPM owner password may fully reset the TPM's hardware lockout logic using the TPM Management Console (tpm.msc). Each time an administrator resets the TPM's hardware lockout logic all prior standard user TPM authorization failures are ignored; allowing standard users to use the TPM normally again immediately.
+
+If this value is not configured, a default value of 480 minutes (8 hours) is used.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Standard User Lockout Duration*
+-   GP name: *StandardUserAuthorizationFailureDuration_Name*
+-   GP path: *System\Trusted Platform Module Services*
+-   GP ADMX file name: *TPM.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-tpm-standarduserauthorizationfailureindividualthreshold-name"></a>**ADMX_TPM/StandardUserAuthorizationFailureIndividualThreshold_Name**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting allows you to manage the maximum number of authorization failures for each standard user for the Trusted Platform Module (TPM). If the number of authorization failures for the user within the duration for Standard User Lockout Duration equals this value, the standard user is prevented from sending commands to the Trusted Platform Module (TPM) that require authorization.
+
+This setting helps administrators prevent the TPM hardware from entering a lockout mode because it slows the speed standard users can send commands requiring authorization to the TPM.
+
+An authorization failure occurs each time a standard user sends a command to the TPM and receives an error response indicating an authorization failure occurred. Authorization failures older than the duration are ignored.
+
+For each standard user two thresholds apply. Exceeding either threshold will prevent the standard user from sending a command to the TPM that requires authorization.
+
+This value is the maximum number of authorization failures each standard user may have before the user is not allowed to send commands requiring authorization to the TPM.
+
+The Standard User Lockout Total Threshold value is the maximum total number of authorization failures all standard users may have before all standard users are not allowed to send commands requiring authorization to the TPM.
+
+The TPM is designed to protect itself against password guessing attacks by entering a hardware lockout mode when it receives too many commands with an incorrect authorization value. When the TPM enters a lockout mode it is global for all users including administrators and Windows features like BitLocker Drive Encryption. The number of authorization failures a TPM allows and how long it stays locked out vary by TPM manufacturer. Some TPMs may enter lockout mode for successively longer periods of time with fewer authorization failures depending on past failures. Some TPMs may require a system restart to exit the lockout mode. Other TPMs may require the system to be on so enough clock cycles elapse before the TPM exits the lockout mode.
+
+An administrator with the TPM owner password may fully reset the TPM's hardware lockout logic using the TPM Management Console (tpm.msc). Each time an administrator resets the TPM's hardware lockout logic all prior standard user TPM authorization failures are ignored; allowing standard users to use the TPM normally again immediately.
+
+If this value is not configured, a default value of 4 is used.
+
+A value of zero means the OS will not allow standard users to send commands to the TPM which may cause an authorization failure.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Standard User Individual Lockout Threshold*
+-   GP name: *StandardUserAuthorizationFailureIndividualThreshold_Name*
+-   GP path: *System\Trusted Platform Module Services*
+-   GP ADMX file name: *TPM.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-tpm-standarduserauthorizationfailuretotalthreshold-name"></a>**ADMX_TPM/StandardUserAuthorizationFailureTotalThreshold_Name**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting allows you to manage the maximum number of authorization failures for all standard users for the Trusted Platform Module (TPM). If the total number of authorization failures for all standard users within the duration for Standard User Lockout Duration equals this value, all standard users are prevented from sending commands to the Trusted Platform Module (TPM) that require authorization.
+
+This setting helps administrators prevent the TPM hardware from entering a lockout mode because it slows the speed standard users can send commands requiring authorization to the TPM.
+
+An authorization failure occurs each time a standard user sends a command to the TPM and receives an error response indicating an authorization failure occurred. Authorization failures older than the duration are ignored.
+
+For each standard user two thresholds apply. Exceeding either threshold will prevent the standard user from sending a command to the TPM that requires authorization.
+
+The Standard User Individual Lockout value is the maximum number of authorization failures each standard user may have before the user is not allowed to send commands requiring authorization to the TPM.
+
+This value is the maximum total number of authorization failures all standard users may have before all standard users are not allowed to send commands requiring authorization to the TPM.
+
+The TPM is designed to protect itself against password guessing attacks by entering a hardware lockout mode when it receives too many commands with an incorrect authorization value. When the TPM enters a lockout mode it is global for all users including administrators and Windows features like BitLocker Drive Encryption. The number of authorization failures a TPM allows and how long it stays locked out vary by TPM manufacturer. Some TPMs may enter lockout mode for successively longer periods of time with fewer authorization failures depending on past failures. Some TPMs may require a system restart to exit the lockout mode. Other TPMs may require the system to be on so enough clock cycles elapse before the TPM exits the lockout mode.
+
+An administrator with the TPM owner password may fully reset the TPM's hardware lockout logic using the TPM Management Console (tpm.msc). Each time an administrator resets the TPM's hardware lockout logic all prior standard user TPM authorization failures are ignored; allowing standard users to use the TPM normally again immediately.
+
+If this value is not configured, a default value of 9 is used.
+
+A value of zero means the OS will not allow standard users to send commands to the TPM which may cause an authorization failure.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Standard User Total Lockout Threshold*
+-   GP name: *StandardUserAuthorizationFailureTotalThreshold_Name*
+-   GP path: *System\Trusted Platform Module Services*
+-   GP ADMX file name: *TPM.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-tpm-uselegacydap-name"></a>**ADMX_TPM/UseLegacyDAP_Name**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting configures the TPM to use the Dictionary Attack Prevention Parameters (lockout threshold and recovery time) to the values that were used for Windows 10 Version 1607 and below. Setting this policy will take effect only if a) the TPM was originally prepared using a version of Windows after Windows 10 Version 1607 and b) the System has a TPM 2.0. Note that enabling this policy will only take effect after the TPM maintenance task runs (which typically happens after a system restart). Once this policy has been enabled on a system and has taken effect (after a system restart), disabling it will have no impact and the system's TPM will remain configured using the legacy Dictionary Attack Prevention parameters, regardless of the value of this group policy. The only way for the disabled setting of this policy to take effect on a system where it was once enabled is to a) disable it from group policy and b)clear the TPM on the system.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Configure the system to use legacy Dictionary Attack Prevention Parameters setting for TPM 2.0.*
+-   GP name: *UseLegacyDAP_Name*
+-   GP path: *System\Trusted Platform Module Services*
+-   GP ADMX file name: *TPM.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+Footnotes:
+
+- 1 - Available in Windows 10, version 1607.
+- 2 - Available in Windows 10, version 1703.
+- 3 - Available in Windows 10, version 1709.
+- 4 - Available in Windows 10, version 1803.
+- 5 - Available in Windows 10, version 1809.
+- 6 - Available in Windows 10, version 1903.
+- 7 - Available in Windows 10, version 1909.
+- 8 - Available in Windows 10, version 2004.
+
+<!--/Policies-->
+
diff --git a/windows/client-management/mdm/policy-csp-admx-userexperiencevirtualization.md b/windows/client-management/mdm/policy-csp-admx-userexperiencevirtualization.md
new file mode 100644
index 0000000000..d967a2db8e
--- /dev/null
+++ b/windows/client-management/mdm/policy-csp-admx-userexperiencevirtualization.md
@@ -0,0 +1,9476 @@
+---
+title: Policy CSP - ADMX_UserExperienceVirtualization
+description: Policy CSP - ADMX_UserExperienceVirtualization
+ms.author: dansimp
+ms.localizationpriority: medium
+ms.topic: article
+ms.prod: w10
+ms.technology: windows
+author: manikadhiman
+ms.date: 09/30/2020
+ms.reviewer: 
+manager: dansimp
+---
+
+# Policy CSP - ADMX_UserExperienceVirtualization
+> [!WARNING]
+> Some information relates to prereleased products, which may be substantially modified before it's commercially released. Microsoft makes no warranties, expressed or implied, concerning the information provided here.
+
+<hr/>
+
+<!--Policies-->
+## ADMX_UserExperienceVirtualization policies  
+
+<dl>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-calculator">ADMX_UserExperienceVirtualization/Calculator</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-configuresyncmethod">ADMX_UserExperienceVirtualization/ConfigureSyncMethod</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-configurevdi">ADMX_UserExperienceVirtualization/ConfigureVdi</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-contactitdescription">ADMX_UserExperienceVirtualization/ContactITDescription</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-contactiturl">ADMX_UserExperienceVirtualization/ContactITUrl</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-disablewin8sync">ADMX_UserExperienceVirtualization/DisableWin8Sync</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-disablewindowsossettings">ADMX_UserExperienceVirtualization/DisableWindowsOSSettings</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-enableuev">ADMX_UserExperienceVirtualization/EnableUEV</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-finance">ADMX_UserExperienceVirtualization/Finance</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-firstusenotificationenabled">ADMX_UserExperienceVirtualization/FirstUseNotificationEnabled</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-games">ADMX_UserExperienceVirtualization/Games</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-internetexplorer8">ADMX_UserExperienceVirtualization/InternetExplorer8</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-internetexplorer9">ADMX_UserExperienceVirtualization/InternetExplorer9</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-internetexplorer10">ADMX_UserExperienceVirtualization/InternetExplorer10</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-internetexplorer11">ADMX_UserExperienceVirtualization/InternetExplorer11</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-internetexplorercommon">ADMX_UserExperienceVirtualization/InternetExplorerCommon</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-maps">ADMX_UserExperienceVirtualization/Maps</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-maxpackagesizeinbytes">ADMX_UserExperienceVirtualization/MaxPackageSizeInBytes</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-microsoftoffice2010access">ADMX_UserExperienceVirtualization/MicrosoftOffice2010Access</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-microsoftoffice2010common">ADMX_UserExperienceVirtualization/MicrosoftOffice2010Common</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-microsoftoffice2010excel">ADMX_UserExperienceVirtualization/MicrosoftOffice2010Excel</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-microsoftoffice2010infopath">ADMX_UserExperienceVirtualization/MicrosoftOffice2010InfoPath</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-microsoftoffice2010lync">ADMX_UserExperienceVirtualization/MicrosoftOffice2010Lync</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-microsoftoffice2010onenote">ADMX_UserExperienceVirtualization/MicrosoftOffice2010OneNote</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-microsoftoffice2010outlook">ADMX_UserExperienceVirtualization/MicrosoftOffice2010Outlook</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-microsoftoffice2010powerpoint">ADMX_UserExperienceVirtualization/MicrosoftOffice2010PowerPoint</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-microsoftoffice2010project">ADMX_UserExperienceVirtualization/MicrosoftOffice2010Project</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-microsoftoffice2010publisher">ADMX_UserExperienceVirtualization/MicrosoftOffice2010Publisher</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-microsoftoffice2010sharepointdesigner">ADMX_UserExperienceVirtualization/MicrosoftOffice2010SharePointDesigner</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-microsoftoffice2010sharepointworkspace">ADMX_UserExperienceVirtualization/MicrosoftOffice2010SharePointWorkspace</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-microsoftoffice2010visio">ADMX_UserExperienceVirtualization/MicrosoftOffice2010Visio</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-microsoftoffice2010word">ADMX_UserExperienceVirtualization/MicrosoftOffice2010Word</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-microsoftoffice2013access">ADMX_UserExperienceVirtualization/MicrosoftOffice2013Access</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-microsoftoffice2013accessbackup">ADMX_UserExperienceVirtualization/MicrosoftOffice2013AccessBackup</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-microsoftoffice2013common">ADMX_UserExperienceVirtualization/MicrosoftOffice2013Common</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-microsoftoffice2013commonbackup">ADMX_UserExperienceVirtualization/MicrosoftOffice2013CommonBackup</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-microsoftoffice2013excel">ADMX_UserExperienceVirtualization/MicrosoftOffice2013Excel</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-microsoftoffice2013excelbackup">ADMX_UserExperienceVirtualization/MicrosoftOffice2013ExcelBackup</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-microsoftoffice2013infopath">ADMX_UserExperienceVirtualization/MicrosoftOffice2013InfoPath</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-microsoftoffice2013infopathbackup">ADMX_UserExperienceVirtualization/MicrosoftOffice2013InfoPathBackup</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-microsoftoffice2013lync">ADMX_UserExperienceVirtualization/MicrosoftOffice2013Lync</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-microsoftoffice2013lyncbackup">ADMX_UserExperienceVirtualization/MicrosoftOffice2013LyncBackup</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-microsoftoffice2013onedriveforbusiness">ADMX_UserExperienceVirtualization/MicrosoftOffice2013OneDriveForBusiness</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-microsoftoffice2013onenote">ADMX_UserExperienceVirtualization/MicrosoftOffice2013OneNote</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-microsoftoffice2013onenotebackup">ADMX_UserExperienceVirtualization/MicrosoftOffice2013OneNoteBackup</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-microsoftoffice2013outlook">ADMX_UserExperienceVirtualization/MicrosoftOffice2013Outlook</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-microsoftoffice2013outlookbackup">ADMX_UserExperienceVirtualization/MicrosoftOffice2013OutlookBackup</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-microsoftoffice2013powerpoint">ADMX_UserExperienceVirtualization/MicrosoftOffice2013PowerPoint</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-microsoftoffice2013powerpointbackup">ADMX_UserExperienceVirtualization/MicrosoftOffice2013PowerPointBackup</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-microsoftoffice2013project">ADMX_UserExperienceVirtualization/MicrosoftOffice2013Project</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-microsoftoffice2013projectbackup">ADMX_UserExperienceVirtualization/MicrosoftOffice2013ProjectBackup</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-microsoftoffice2013publisher">ADMX_UserExperienceVirtualization/MicrosoftOffice2013Publisher</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-microsoftoffice2013publisherbackup">ADMX_UserExperienceVirtualization/MicrosoftOffice2013PublisherBackup</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-microsoftoffice2013sharepointdesigner">ADMX_UserExperienceVirtualization/MicrosoftOffice2013SharePointDesigner</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-microsoftoffice2013sharepointdesignerbackup">ADMX_UserExperienceVirtualization/MicrosoftOffice2013SharePointDesignerBackup</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-microsoftoffice2013uploadcenter">ADMX_UserExperienceVirtualization/MicrosoftOffice2013UploadCenter</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-microsoftoffice2013visio">ADMX_UserExperienceVirtualization/MicrosoftOffice2013Visio</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-microsoftoffice2013visiobackup">ADMX_UserExperienceVirtualization/MicrosoftOffice2013VisioBackup</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-microsoftoffice2013word">ADMX_UserExperienceVirtualization/MicrosoftOffice2013Word</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-microsoftoffice2013wordbackup">ADMX_UserExperienceVirtualization/MicrosoftOffice2013WordBackup</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-microsoftoffice2016access">ADMX_UserExperienceVirtualization/MicrosoftOffice2016Access</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-microsoftoffice2016accessbackup">ADMX_UserExperienceVirtualization/MicrosoftOffice2016AccessBackup</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-microsoftoffice2016common">ADMX_UserExperienceVirtualization/MicrosoftOffice2016Common</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-microsoftoffice2016commonbackup">ADMX_UserExperienceVirtualization/MicrosoftOffice2016CommonBackup</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-microsoftoffice2016excel">ADMX_UserExperienceVirtualization/MicrosoftOffice2016Excel</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-microsoftoffice2016excelbackup">ADMX_UserExperienceVirtualization/MicrosoftOffice2016ExcelBackup</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-microsoftoffice2016lync">ADMX_UserExperienceVirtualization/MicrosoftOffice2016Lync</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-microsoftoffice2016lyncbackup">ADMX_UserExperienceVirtualization/MicrosoftOffice2016LyncBackup</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-microsoftoffice2016onedriveforbusiness">ADMX_UserExperienceVirtualization/MicrosoftOffice2016OneDriveForBusiness</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-microsoftoffice2016onenote">ADMX_UserExperienceVirtualization/MicrosoftOffice2016OneNote</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-microsoftoffice2016onenotebackup">ADMX_UserExperienceVirtualization/MicrosoftOffice2016OneNoteBackup</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-microsoftoffice2016outlook">ADMX_UserExperienceVirtualization/MicrosoftOffice2016Outlook</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-microsoftoffice2016outlookbackup">ADMX_UserExperienceVirtualization/MicrosoftOffice2016OutlookBackup</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-microsoftoffice2016powerpoint">ADMX_UserExperienceVirtualization/MicrosoftOffice2016PowerPoint</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-microsoftoffice2016powerpointbackup">ADMX_UserExperienceVirtualization/MicrosoftOffice2016PowerPointBackup</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-microsoftoffice2016project">ADMX_UserExperienceVirtualization/MicrosoftOffice2016Project</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-microsoftoffice2016projectbackup">ADMX_UserExperienceVirtualization/MicrosoftOffice2016ProjectBackup</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-microsoftoffice2016publisher">ADMX_UserExperienceVirtualization/MicrosoftOffice2016Publisher</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-microsoftoffice2016publisherbackup">ADMX_UserExperienceVirtualization/MicrosoftOffice2016PublisherBackup</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-microsoftoffice2016uploadcenter">ADMX_UserExperienceVirtualization/MicrosoftOffice2016UploadCenter</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-microsoftoffice2016visio">ADMX_UserExperienceVirtualization/MicrosoftOffice2016Visio</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-microsoftoffice2016visiobackup">ADMX_UserExperienceVirtualization/MicrosoftOffice2016VisioBackup</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-microsoftoffice2016word">ADMX_UserExperienceVirtualization/MicrosoftOffice2016Word</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-microsoftoffice2016wordbackup">ADMX_UserExperienceVirtualization/MicrosoftOffice2016WordBackup</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-microsoftoffice365access2013">ADMX_UserExperienceVirtualization/MicrosoftOffice365Access2013</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-microsoftoffice365access2016">ADMX_UserExperienceVirtualization/MicrosoftOffice365Access2016</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-microsoftoffice365common2013">ADMX_UserExperienceVirtualization/MicrosoftOffice365Common2013</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-microsoftoffice365common2016">ADMX_UserExperienceVirtualization/MicrosoftOffice365Common2016</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-microsoftoffice365excel2013">ADMX_UserExperienceVirtualization/MicrosoftOffice365Excel2013</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-microsoftoffice365excel2016">ADMX_UserExperienceVirtualization/MicrosoftOffice365Excel2016</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-microsoftoffice365infopath2013">ADMX_UserExperienceVirtualization/MicrosoftOffice365InfoPath2013</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-microsoftoffice365lync2013">ADMX_UserExperienceVirtualization/MicrosoftOffice365Lync2013</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-microsoftoffice365lync2016">ADMX_UserExperienceVirtualization/MicrosoftOffice365Lync2016</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-microsoftoffice365onenote2013">ADMX_UserExperienceVirtualization/MicrosoftOffice365OneNote2013</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-microsoftoffice365onenote2016">ADMX_UserExperienceVirtualization/MicrosoftOffice365OneNote2016</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-microsoftoffice365outlook2013">ADMX_UserExperienceVirtualization/MicrosoftOffice365Outlook2013</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-microsoftoffice365outlook2016">ADMX_UserExperienceVirtualization/MicrosoftOffice365Outlook2016</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-microsoftoffice365powerpoint2013">ADMX_UserExperienceVirtualization/MicrosoftOffice365PowerPoint2013</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-microsoftoffice365powerpoint2016">ADMX_UserExperienceVirtualization/MicrosoftOffice365PowerPoint2016</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-microsoftoffice365project2013">ADMX_UserExperienceVirtualization/MicrosoftOffice365Project2013</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-microsoftoffice365project2016">ADMX_UserExperienceVirtualization/MicrosoftOffice365Project2016</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-microsoftoffice365publisher2013">ADMX_UserExperienceVirtualization/MicrosoftOffice365Publisher2013</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-microsoftoffice365publisher2016">ADMX_UserExperienceVirtualization/MicrosoftOffice365Publisher2016</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-microsoftoffice365sharepointdesigner2013">ADMX_UserExperienceVirtualization/MicrosoftOffice365SharePointDesigner2013</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-microsoftoffice365visio2013">ADMX_UserExperienceVirtualization/MicrosoftOffice365Visio2013</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-microsoftoffice365visio2016">ADMX_UserExperienceVirtualization/MicrosoftOffice365Visio2016</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-microsoftoffice365word2013">ADMX_UserExperienceVirtualization/MicrosoftOffice365Word2013</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-microsoftoffice365word2016">ADMX_UserExperienceVirtualization/MicrosoftOffice365Word2016</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-music">ADMX_UserExperienceVirtualization/Music</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-news">ADMX_UserExperienceVirtualization/News</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-notepad">ADMX_UserExperienceVirtualization/Notepad</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-reader">ADMX_UserExperienceVirtualization/Reader</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-repositorytimeout">ADMX_UserExperienceVirtualization/RepositoryTimeout</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-settingsstoragepath">ADMX_UserExperienceVirtualization/SettingsStoragePath</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-settingstemplatecatalogpath">ADMX_UserExperienceVirtualization/SettingsTemplateCatalogPath</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-sports">ADMX_UserExperienceVirtualization/Sports</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-syncenabled">ADMX_UserExperienceVirtualization/SyncEnabled</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-syncovermeterednetwork">ADMX_UserExperienceVirtualization/SyncOverMeteredNetwork</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-syncovermeterednetworkwhenroaming">ADMX_UserExperienceVirtualization/SyncOverMeteredNetworkWhenRoaming</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-syncproviderpingenabled">ADMX_UserExperienceVirtualization/SyncProviderPingEnabled</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-syncunlistedwindows8apps">ADMX_UserExperienceVirtualization/SyncUnlistedWindows8Apps</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-travel">ADMX_UserExperienceVirtualization/Travel</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-trayiconenabled">ADMX_UserExperienceVirtualization/TrayIconEnabled</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-video">ADMX_UserExperienceVirtualization/Video</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-weather">ADMX_UserExperienceVirtualization/Weather</a>
+  </dd>
+  <dd>
+    <a href="#admx-userexperiencevirtualization-wordpad">ADMX_UserExperienceVirtualization/Wordpad</a>
+  </dd>
+</dl>
+
+
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-calculator"></a>**ADMX_UserExperienceVirtualization/Calculator**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting configures the synchronization of user settings of Calculator.
+
+By default, the user settings of Calculator synchronize between computers. Use the policy setting to prevent the user settings of Calculator from synchronization between computers.
+
+If you enable this policy setting, the Calculator user settings continue to synchronize. 
+
+If you disable this policy setting, Calculator user settings are excluded from the synchronization settings.
+
+If you do not configure this policy setting, any defined values will be deleted.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Calculator*
+-   GP name: *Calculator*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization\Applications*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-configuresyncmethod"></a>**ADMX_UserExperienceVirtualization/ConfigureSyncMethod**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting configures the sync provider used by User Experience Virtualization (UE-V) to sync settings between users’ computers. 
+
+With Sync Method set to ”SyncProvider,” the UE-V Agent uses a built-in sync provider to keep user settings synchronized between the computer and the settings storage location. This is the default value. You can disable the sync provider on computers that never go offline and are always connected to the settings storage location.
+
+When SyncMethod is set to “None,” the UE-V Agent uses no sync provider. Settings are written directly to the settings storage location rather than being cached to sync later. 
+
+Set SyncMethod to “External” when an external synchronization engine is being deployed for settings sync. This could use OneDrive, Work Folders, SharePoint or any other engine that uses a local folder to synchronize data between users’ computers. In this mode, UE-V writes settings data to the local folder specified in the settings storage path. 
+
+These settings are then synchronized to other computers by an external synchronization engine. UE-V has no control over this synchronization. It only reads and writes the settings data when the normal UE-V triggers take place.
+With notifications enabled, UE-V users receive a message when the settings sync is delayed. The notification delay policy setting defines the delay before a notification appears.
+
+If you disable this policy setting, the sync provider is used to synchronize settings  between computers and the settings storage location.
+
+If you do not configure this policy setting, any defined values will be deleted.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Configure Sync Method*
+-   GP name: *ConfigureSyncMethod*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-configurevdi"></a>**ADMX_UserExperienceVirtualization/ConfigureVdi**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting configures the synchronization of User Experience Virtualization (UE-V) rollback information for computers running in a non-persistent, pooled VDI environment. 
+
+UE-V settings rollback data and checkpoints are normally stored only on the local computer. With this policy setting enabled, the rollback information is copied to the settings storage location when the user logs off or shuts down their VDI session. 
+
+Enable this setting to register a VDI-specific settings location template and restore data on computers in pooled VDI environments that reset to a clean state on logout. With this policy enabled you can roll settings back to the state when UE-V was installed or to “last-known-good” configurations. Only enable this policy setting on computers running in a non-persistent VDI environment. The VDI Collection Name defines the name of the virtual desktop collection containing the virtual computers. 
+
+If you enable this policy setting, the UE-V rollback state is copied to the settings storage location on logout and restored on login.
+
+If you disable this policy setting, no UE-V rollback state is copied to the settings storage location.
+
+If you do not configure this policy, no UE-V rollback state is copied to the settings storage location.
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *VDI Configuration*
+-   GP name: *ConfigureVdi*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-contactitdescription"></a>**ADMX_UserExperienceVirtualization/ContactITDescription**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting specifies the text of the Contact IT URL hyperlink in the Company Settings Center.
+
+If you enable this policy setting, the Company Settings Center displays the specified text in the link to the Contact IT URL.
+
+If you disable this policy setting, the Company Settings Center does not display an IT Contact link.
+
+If you do not configure this policy setting, any defined values will be deleted.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Contact IT Link Text*
+-   GP name: *ContactITDescription*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-contactiturl"></a>**ADMX_UserExperienceVirtualization/ContactITUrl**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting specifies the URL for the Contact IT link in the Company Settings Center.
+
+If you enable this policy setting, the Company Settings Center Contact IT text links to the specified URL. The link can be of any standard protocol such as http or mailto. 
+
+If you disable this policy setting, the Company Settings Center does not display an IT Contact link.
+
+If you do not configure this policy setting, any defined values will be deleted.
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Contact IT URL*
+-   GP name: *ContactITUrl*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-disablewin8sync"></a>**ADMX_UserExperienceVirtualization/DisableWin8Sync**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting defines whether the User Experience Virtualization (UE-V) Agent synchronizes settings for Windows apps.
+
+By default, the UE-V Agent synchronizes settings for Windows apps between the computer and the settings storage location.  
+
+If you enable this policy setting, the UE-V Agent will not synchronize settings for Windows apps.
+
+If you disable this policy setting, the UE-V Agent will synchronize settings for Windows apps. 
+
+If you do not configure this policy setting, any defined values are deleted.
+
+> [!NOTE]
+> If the user connects their Microsoft account for their computer then the UE-V Agent will not synchronize Windows apps. The Windows apps will default to whatever settings are configured in the Sync your settings configuration in Windows.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Do not synchronize Windows Apps*
+-   GP name: *DisableWin8Sync*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-disablewindowsossettings"></a>**ADMX_UserExperienceVirtualization/DisableWindowsOSSettings**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting configures the synchronization of Windows settings between computers. Certain Windows settings will synchronize between computers by default. These settings include Windows themes, Windows desktop settings, Ease of Access settings, and network printers. Use this policy setting to specify which Windows settings synchronize between computers. You can also use these settings to enable synchronization of users' sign-in information for certain apps, networks, and certificates.
+
+If you enable this policy setting, only the selected Windows settings synchronize. Unselected Windows settings are excluded from settings synchronization.
+
+If you disable this policy setting, all Windows Settings are excluded from the settings synchronization.
+
+If you do not configure this policy setting, any defined values will be deleted.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Synchronize Windows settings*
+-   GP name: *DisableWindowsOSSettings*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-enableuev"></a>**ADMX_UserExperienceVirtualization/EnableUEV**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting allows you to enable or disable User Experience Virtualization (UE-V) feature. 
+
+Reboot is needed for enable to take effect. With Auto-register inbox templates enabled, the UE-V inbox templates such as Office 2016 will be automatically registered when the UE-V Service is enabled. If this option is changed, it will only take effect when UE-V service is re-enabled.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Enable UEV*
+-   GP name: *EnableUEV*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-finance"></a>**ADMX_UserExperienceVirtualization/Finance**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting configures the synchronization of user settings for the Finance app. By default, the user settings of Finance sync between computers. Use the policy setting to prevent the user settings of Finance from synchronizing between computers.
+
+If you enable this policy setting, Finance user settings continue to sync.
+
+If you disable this policy setting, Finance user settings are excluded from synchronization.
+
+If you do not configure this policy setting, any defined values will be deleted.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Finance*
+-   GP name: *Finance*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization\Windows Apps*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-firstusenotificationenabled"></a>**ADMX_UserExperienceVirtualization/FirstUseNotificationEnabled**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting enables a notification in the system tray that appears when the User Experience Virtualization (UE-V) Agent runs for the first time. By default, a notification informs users that Company Settings Center, the user-facing name for the UE-V Agent, now helps to synchronize settings between their work computers.
+
+With this setting enabled, the notification appears the first time that the UE-V Agent runs.
+
+With this setting disabled, no notification appears.
+
+If you do not configure this policy setting, any defined values are deleted.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *First Use Notification*
+-   GP name: *FirstUseNotificationEnabled*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-games"></a>**ADMX_UserExperienceVirtualization/Games**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting configures the synchronization of user settings for the Games app. By default, the user settings of Games sync between computers. Use the policy setting to prevent the user settings of Games from synchronizing between computers.
+
+If you enable this policy setting, Games user settings continue to sync.
+
+If you disable this policy setting, Games user settings are excluded from synchronization.
+
+If you do not configure this policy setting, any defined values will be deleted.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Games*
+-   GP name: *Games*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization\Windows Apps*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-internetexplorer8"></a>**ADMX_UserExperienceVirtualization/InternetExplorer8**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting configures the synchronization of user settings for Internet Explorer 8.
+
+By default, the user settings of Internet Explorer 8 synchronize between computers. Use the policy setting to prevent the user settings for Internet Explorer 8 from synchronization between computers. 
+
+If you enable this policy setting, the Internet Explorer 8 user settings continue to synchronize. 
+
+If you disable this policy setting, Internet Explorer 8 user settings are excluded from the synchronization settings.
+
+If you do not configure this policy setting, any defined values will be deleted.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Internet Explorer 8*
+-   GP name: *InternetExplorer8*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization\Applications*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-internetexplorer9"></a>**ADMX_UserExperienceVirtualization/InternetExplorer9**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting configures the synchronization of user settings for Internet Explorer 9. By default, the user settings of Internet Explorer 9 synchronize between computers. Use the policy setting to prevent the user settings for Internet Explorer 9 from synchronization between computers.
+ 
+If you enable this policy setting, the Internet Explorer 9 user settings continue to synchronize. 
+
+If you disable this policy setting, Internet Explorer 9 user settings are excluded from the synchronization settings.
+
+If you do not configure this policy setting, any defined values will be deleted.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Internet Explorer 9*
+-   GP name: *InternetExplorer9*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization\Applications*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-internetexplorer10"></a>**ADMX_UserExperienceVirtualization/InternetExplorer10**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting configures the synchronization of user settings of Internet Explorer 10. By default, the user settings of Internet Explorer 10 synchronize between computers. Use the policy setting to prevent the user settings for Internet Explorer 10 from synchronization between computers.
+
+If you enable this policy setting, the Internet Explorer 10 user settings continue to synchronize. 
+
+If you disable this policy setting, Internet Explorer 10 user settings are excluded from the synchronization settings.
+
+If you do not configure this policy setting, any defined values will be deleted.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Internet Explorer 10*
+-   GP name: *InternetExplorer10*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization\Applications*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-internetexplorer11"></a>**ADMX_UserExperienceVirtualization/InternetExplorer11**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting configures the synchronization of user settings of Internet Explorer 11. By default, the user settings of Internet Explorer 11 synchronize between computers. Use the policy setting to prevent the user settings for Internet Explorer 11 from synchronization between computers.
+
+If you enable this policy setting, the Internet Explorer 11 user settings continue to synchronize.
+
+If you disable this policy setting, Internet Explorer 11 user settings are excluded from the synchronization settings.
+
+If you do not configure this policy setting, any defined values will be deleted.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Internet Explorer 11*
+-   GP name: *InternetExplorer11*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization\Applications*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-internetexplorercommon"></a>**ADMX_UserExperienceVirtualization/InternetExplorerCommon**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting configures the synchronization of user settings which are common between the versions of Internet Explorer.
+By default, the user settings which are common between the versions of Internet Explorer synchronize between computers. Use the policy setting to prevent the user settings of Internet Explorer from synchronization between computers.
+
+If you enable this policy setting, the user settings which are common between the versions of Internet Explorer continue to synchronize.
+
+If you disable this policy setting, the user settings which are common between the versions of Internet Explorer are excluded from settings synchronization. If any version of the Internet Explorer settings are enabled this policy setting should not be disabled.
+
+If you do not configure this policy setting, any defined values will be deleted.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Internet Explorer Common Settings*
+-   GP name: *InternetExplorerCommon*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization\Applications*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-maps"></a>**ADMX_UserExperienceVirtualization/Maps**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting configures the synchronization of user settings for the Maps app. By default, the user settings of Maps sync between computers. Use the policy setting to prevent the user settings of Maps from synchronizing between computers.
+
+If you enable this policy setting, Maps user settings continue to sync.
+
+If you disable this policy setting, Maps user settings are excluded from synchronization.
+
+If you do not configure this policy setting, any defined values will be deleted.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Maps*
+-   GP name: *Maps*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization\Windows Apps*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-maxpackagesizeinbytes"></a>**ADMX_UserExperienceVirtualization/MaxPackageSizeInBytes**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting allows you to configure the UE-V Agent to write a warning event to the event log when a settings package file size reaches a defined threshold. By default the UE-V Agent does not report information about package file size. 
+
+If you enable this policy setting, specify the threshold file size in bytes. When the settings package file exceeds this threshold the UE-V Agent will write a warning event to the event log.
+
+If you disable or do not configure this policy setting, no event is written to the event log to report settings package size.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Settings package size warning threshold*
+-   GP name: *MaxPackageSizeInBytes*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-microsoftoffice2010access"></a>**ADMX_UserExperienceVirtualization/MicrosoftOffice2010Access**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting configures the synchronization of user settings for Microsoft Access 2010. By default, the user settings of Microsoft Access 2010 synchronize between computers. Use the policy setting to prevent the user settings of Microsoft Access 2010 from synchronization between computers. 
+
+If you enable this policy setting, Microsoft Access 2010 user settings continue to synchronize.
+
+If you disable this policy setting, Microsoft Access 2010 user settings are excluded from the synchronization settings. 
+
+If you do not configure this policy setting, any defined values will be deleted.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Microsoft Access 2010*
+-   GP name: *MicrosoftOffice2010Access*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization\Applications*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-microsoftoffice2010common"></a>**ADMX_UserExperienceVirtualization/MicrosoftOffice2010Common**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting configures the synchronization of user settings which are common between the Microsoft Office Suite 2010 applications. By default, the user settings which are common between the Microsoft Office Suite 2010 applications synchronize between computers. Use the policy setting to prevent the user settings which are common between the Microsoft Office Suite 2010 applications from synchronization between computers. 
+
+If you enable this policy setting, the user settings which are common between the Microsoft Office Suite 2010 applications continue to synchronize.
+
+If you disable this policy setting, the user settings which are common between the Microsoft Office Suite 2010 applications are excluded from the synchronization settings. If any of the Microsoft Office Suite 2010 applications are enabled, this policy setting should not be disabled 
+
+If you do not configure this policy setting, any defined values will be deleted.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Microsoft Office 2010 Common Settings*
+-   GP name: *MicrosoftOffice2010Common*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization\Applications*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-microsoftoffice2010excel"></a>**ADMX_UserExperienceVirtualization/MicrosoftOffice2010Excel**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting configures the synchronization of user settings for Microsoft Excel 2010. By default, the user settings of Microsoft Excel 2010 synchronize between computers. Use the policy setting to prevent the user settings of Microsoft Excel 2010 from synchronization between computers. 
+
+If you enable this policy setting, Microsoft Excel 2010 user settings continue to synchronize.
+
+If you disable this policy setting, Microsoft Excel 2010 user settings are excluded from the synchronization settings. 
+
+If you do not configure this policy setting, any defined values will be deleted.
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Microsoft Excel 2010*
+-   GP name: *MicrosoftOffice2010Excel*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization\Applications*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-microsoftoffice2010infopath"></a>**ADMX_UserExperienceVirtualization/MicrosoftOffice2010InfoPath**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting configures the synchronization of user settings for Microsoft InfoPath 2010. By default, the user settings of Microsoft InfoPath 2010 synchronize between computers. Use the policy setting to prevent the user settings of Microsoft InfoPath 2010 from synchronization between computers.
+
+If you enable this policy setting, Microsoft InfoPath 2010 user settings continue to synchronize.
+
+If you disable this policy setting, Microsoft InfoPath 2010 user settings are excluded from the synchronization settings.
+
+If you do not configure this policy setting, any defined values will be deleted.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Microsoft InfoPath 2010*
+-   GP name: *MicrosoftOffice2010InfoPath*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization\Applications*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-microsoftoffice2010lync"></a>**ADMX_UserExperienceVirtualization/MicrosoftOffice2010Lync**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting configures the synchronization of user settings for Microsoft Lync 2010. By default, the user settings of Microsoft Lync 2010 synchronize between computers. Use the policy setting to prevent the user settings of Microsoft Lync 2010 from synchronization between computers. 
+
+If you enable this policy setting, Microsoft Lync 2010 user settings continue to synchronize.
+
+If you disable this policy setting, Microsoft Lync 2010 user settings are excluded from the synchronization settings. 
+
+If you do not configure this policy setting, any defined values will be deleted.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Microsoft Lync 2010*
+-   GP name: *MicrosoftOffice2010Lync*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization\Applications*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-microsoftoffice2010onenote"></a>**ADMX_UserExperienceVirtualization/MicrosoftOffice2010OneNote**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting configures the synchronization of user settings for Microsoft OneNote 2010. By default, the user settings of Microsoft OneNote 2010 synchronize between computers. Use the policy setting to prevent the user settings of Microsoft OneNote 2010 from synchronization between computers.
+
+If you enable this policy setting, Microsoft OneNote 2010 user settings continue to synchronize.
+
+If you disable this policy setting, Microsoft OneNote 2010 user settings are excluded from the synchronization settings.
+
+If you do not configure this policy setting, any defined values will be deleted.
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Microsoft OneNote 2010*
+-   GP name: *MicrosoftOffice2010OneNote*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization\Applications*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-microsoftoffice2010outlook"></a>**ADMX_UserExperienceVirtualization/MicrosoftOffice2010Outlook**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting configures the synchronization of user settings for Microsoft Outlook 2010. By default, the user settings of Microsoft Outlook 2010 synchronize between computers. Use the policy setting to prevent the user settings of Microsoft Outlook 2010 from synchronization between computers.
+
+If you enable this policy setting, Microsoft Outlook 2010 user settings continue to synchronize.
+
+If you disable this policy setting, Microsoft Outlook 2010 user settings are excluded from the synchronization settings.
+
+If you do not configure this policy setting, any defined values will be deleted.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Microsoft Outlook 2010*
+-   GP name: *MicrosoftOffice2010Outlook*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization\Applications*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-microsoftoffice2010powerpoint"></a>**ADMX_UserExperienceVirtualization/MicrosoftOffice2010PowerPoint**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting configures the synchronization of user settings for Microsoft PowerPoint 2010. By default, the user settings of Microsoft PowerPoint 2010 synchronize between computers. Use the policy setting to prevent the user settings of Microsoft PowerPoint 2010 from synchronization between computers.
+
+If you enable this policy setting, Microsoft PowerPoint 2010 user settings continue to synchronize.
+
+If you disable this policy setting, Microsoft PowerPoint 2010 user settings are excluded from the synchronization settings.
+
+If you do not configure this policy setting, any defined values will be deleted.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Microsoft PowerPoint 2010*
+-   GP name: *MicrosoftOffice2010PowerPoint*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization\Applications*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-microsoftoffice2010project"></a>**ADMX_UserExperienceVirtualization/MicrosoftOffice2010Project**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting configures the synchronization of user settings for Microsoft Project 2010. By default, the user settings of Microsoft Project 2010 synchronize between computers. Use the policy setting to prevent the user settings of Microsoft Project 2010 from synchronization between computers.
+
+If you enable this policy setting, Microsoft Project 2010 user settings continue to synchronize.
+
+If you disable this policy setting, Microsoft Project 2010 user settings are excluded from the synchronization settings.
+
+If you do not configure this policy setting, any defined values will be deleted.
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Microsoft Project 2010*
+-   GP name: *MicrosoftOffice2010Project*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization\Applications*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-microsoftoffice2010publisher"></a>**ADMX_UserExperienceVirtualization/MicrosoftOffice2010Publisher**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting configures the synchronization of user settings for Microsoft Publisher 2010. By default, the user settings of Microsoft Publisher 2010 synchronize between computers. Use the policy setting to prevent the user settings of Microsoft Publisher 2010 from synchronization between computers.
+
+If you enable this policy setting, Microsoft Publisher 2010 user settings continue to synchronize.
+
+If you disable this policy setting, Microsoft Publisher 2010 user settings are excluded from the synchronization settings.
+
+If you do not configure this policy setting, any defined values will be deleted.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Microsoft Publisher 2010*
+-   GP name: *MicrosoftOffice2010Publisher*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization\Applications*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-microsoftoffice2010sharepointdesigner"></a>**ADMX_UserExperienceVirtualization/MicrosoftOffice2010SharePointDesigner**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting configures the synchronization of user settings for Microsoft SharePoint Designer 2010. By default, the user settings of Microsoft SharePoint Designer 2010 synchronize between computers. Use the policy setting to prevent the user settings of Microsoft SharePoint Designer 2010 from synchronization between computers.
+
+If you enable this policy setting, Microsoft SharePoint Designer 2010 user settings continue to synchronize.
+
+If you disable this policy setting, Microsoft SharePoint Designer 2010 user settings are excluded from the synchronization settings.
+
+If you do not configure this policy setting, any defined values will be deleted.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Microsoft SharePoint Designer 2010*
+-   GP name: *MicrosoftOffice2010SharePointDesigner*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization\Applications*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-microsoftoffice2010sharepointworkspace"></a>**ADMX_UserExperienceVirtualization/MicrosoftOffice2010SharePointWorkspace**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting configures the synchronization of user settings for Microsoft SharePoint Workspace 2010. By default, the user settings of Microsoft SharePoint Workspace 2010 synchronize between computers. Use the policy setting to prevent the user settings of Microsoft SharePoint Workspace 2010 from synchronization between computers.
+
+If you enable this policy setting, Microsoft SharePoint Workspace 2010 user settings continue to synchronize.
+
+If you disable this policy setting, Microsoft SharePoint Workspace 2010 user settings are excluded from the synchronization settings.
+
+If you do not configure this policy setting, any defined values will be deleted.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Microsoft SharePoint Workspace 2010*
+-   GP name: *MicrosoftOffice2010SharePointWorkspace*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization\Applications*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-microsoftoffice2010visio"></a>**ADMX_UserExperienceVirtualization/MicrosoftOffice2010Visio**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting configures the synchronization of user settings for Microsoft Visio 2010. By default, the user settings of Microsoft Visio 2010 synchronize between computers. Use the policy setting to prevent the user settings of Microsoft Visio 2010 from synchronization between computers.
+
+If you enable this policy setting, Microsoft Visio 2010 user settings continue to synchronize.
+
+If you disable this policy setting, Microsoft Visio 2010 user settings are excluded from the synchronization settings.
+
+If you do not configure this policy setting, any defined values will be deleted.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Microsoft Visio 2010*
+-   GP name: *MicrosoftOffice2010Visio*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization\Applications*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-microsoftoffice2010word"></a>**ADMX_UserExperienceVirtualization/MicrosoftOffice2010Word**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting configures the synchronization of user settings for Microsoft Word 2010. By default, the user settings of Microsoft Word 2010 synchronize between computers. Use the policy setting to prevent the user settings of Microsoft Word 2010 from synchronization between computers.
+
+If you enable this policy setting, Microsoft Word 2010 user settings continue to synchronize.
+
+If you disable this policy setting, Microsoft Word 2010 user settings are excluded from the synchronization settings.
+
+If you do not configure this policy setting, any defined values will be deleted.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Microsoft Word 2010*
+-   GP name: *MicrosoftOffice2010Word*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization\Applications*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-microsoftoffice2013access"></a>**ADMX_UserExperienceVirtualization/MicrosoftOffice2013Access**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting configures the synchronization of user settings for Microsoft Access 2013. By default, the user settings of Microsoft Access 2013 synchronize between computers. Use the policy setting to prevent the user settings of Microsoft Access 2013 from synchronization between computers.
+
+If you enable this policy setting, Microsoft Access 2013 user settings continue to synchronize.
+
+If you disable this policy setting, Microsoft Access 2013 user settings are excluded from the synchronization settings.
+
+If you do not configure this policy setting, any defined values will be deleted.
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Microsoft Access 2013*
+-   GP name: *MicrosoftOffice2013Access*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization\Applications*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-microsoftoffice2013accessbackup"></a>**ADMX_UserExperienceVirtualization/MicrosoftOffice2013AccessBackup**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting configures the backup of certain user settings for Microsoft Access 2013. Microsoft Access 2013 has user settings that are backed up instead of synchronizing between computers. Use the policy setting to suppress the backup of specific Microsoft Access 2013 settings.
+
+If you enable this policy setting, certain user settings of Microsoft Access 2013 will continue to be backed up.
+
+If you disable this policy setting, certain user settings of Microsoft Access 2013 will not be backed up.
+
+If you do not configure this policy setting, any defined values will be deleted.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Access 2013 backup only*
+-   GP name: *MicrosoftOffice2013AccessBackup*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization\Applications*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-microsoftoffice2013common"></a>**ADMX_UserExperienceVirtualization/MicrosoftOffice2013Common**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting configures the synchronization of user settings which are common between the Microsoft Office Suite 2013 applications. By default, the user settings which are common between the Microsoft Office Suite 2013 applications synchronize between computers. Use the policy setting to prevent the user settings which are common between the Microsoft Office Suite 2013 applications from synchronization between computers.
+
+If you enable this policy setting, the user settings which are common between the Microsoft Office Suite 2013 applications continue to synchronize.
+
+If you disable this policy setting, the user settings which are common between the Microsoft Office Suite 2013 applications are excluded from the synchronization settings. If any of the Microsoft Office Suite 2013 applications are enabled, this policy setting should not be disabled.
+
+If you do not configure this policy setting, any defined values will be deleted.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Microsoft Office 2013 Common Settings*
+-   GP name: *MicrosoftOffice2013Common*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization\Applications*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-microsoftoffice2013commonbackup"></a>**ADMX_UserExperienceVirtualization/MicrosoftOffice2013CommonBackup**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting configures the backup of certain user settings which are common between the Microsoft Office Suite 2013 applications.
+Microsoft Office Suite 2013 has user settings which are common between applications and are backed up instead of synchronizing between computers. Use the policy setting to suppress the backup of specific common Microsoft Office Suite 2013 applications.
+
+If you enable this policy setting, certain user settings which are common between the Microsoft Office Suite 2013 applications will continue to be backed up.
+
+If you disable this policy setting, certain user settings which are common between the Microsoft Office Suite 2013 applications will not be backed up. 
+
+If you do not configure this policy setting, any defined values will be deleted.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Common 2013 backup only*
+-   GP name: *MicrosoftOffice2013CommonBackup*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization\Applications*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-microsoftoffice2013excel"></a>**ADMX_UserExperienceVirtualization/MicrosoftOffice2013Excel**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting configures the synchronization of user settings for Microsoft Excel 2013.
+
+By default, the user settings of Microsoft Excel 2013 synchronize between computers. Use the policy setting to prevent the user settings of Microsoft Excel 2013 from synchronization between computers.
+
+If you enable this policy setting, Microsoft Excel 2013 user settings continue to synchronize.
+
+If you disable this policy setting, Microsoft Excel 2013 user settings are excluded from the synchronization settings.
+
+If you do not configure this policy setting, any defined values will be deleted.
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Microsoft Excel 2013*
+-   GP name: *MicrosoftOffice2013Excel*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization\Applications*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-microsoftoffice2013excelbackup"></a>**ADMX_UserExperienceVirtualization/MicrosoftOffice2013ExcelBackup**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting configures the backup of certain user settings for Microsoft Excel 2013. Microsoft Excel 2013 has user settings that are backed up instead of synchronizing between computers. Use the policy setting to suppress the backup of specific Microsoft Excel 2013 settings.
+
+If you enable this policy setting, certain user settings of Microsoft Excel 2013 will continue to be backed up.
+
+If you disable this policy setting, certain user settings of Microsoft Excel 2013 will not be backed up.
+
+If you do not configure this policy setting, any defined values will be deleted.
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Excel 2013 backup only*
+-   GP name: *MicrosoftOffice2013ExcelBackup*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization\Applications*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-microsoftoffice2013infopath"></a>**ADMX_UserExperienceVirtualization/MicrosoftOffice2013InfoPath**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting configures the synchronization of user settings for Microsoft InfoPath 2013. By default, the user settings of Microsoft InfoPath 2013 synchronize between computers. Use the policy setting to prevent the user settings of Microsoft InfoPath 2013 from synchronization between computers.
+
+If you enable this policy setting, Microsoft InfoPath 2013 user settings continue to synchronize.
+
+If you disable this policy setting, Microsoft InfoPath 2013 user settings are excluded from the synchronization settings.
+
+If you do not configure this policy setting, any defined values will be deleted.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Microsoft InfoPath 2013*
+-   GP name: *MicrosoftOffice2013InfoPath*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization\Applications*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-microsoftoffice2013infopathbackup"></a>**ADMX_UserExperienceVirtualization/MicrosoftOffice2013InfoPathBackup**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting configures the backup of certain user settings for Microsoft InfoPath 2013. Microsoft InfoPath 2013 has user settings that are backed up instead of synchronizing between computers. Use the policy setting to suppress the backup of specific Microsoft InfoPath 2013 settings.
+
+If you enable this policy setting, certain user settings of Microsoft InfoPath 2013 will continue to be backed up.
+
+If you disable this policy setting, certain user settings of Microsoft InfoPath 2013 will not be backed up.
+
+If you do not configure this policy setting, any defined values will be deleted.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *InfoPath 2013 backup only*
+-   GP name: *MicrosoftOffice2013InfoPathBackup*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization\Applications*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-microsoftoffice2013lync"></a>**ADMX_UserExperienceVirtualization/MicrosoftOffice2013Lync**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting configures the synchronization of user settings for Microsoft Lync 2013. By default, the user settings of Microsoft Lync 2013 synchronize between computers. Use the policy setting to prevent the user settings of Microsoft Lync 2013 from synchronization between computers.
+
+If you enable this policy setting, Microsoft Lync 2013 user settings continue to synchronize.
+
+If you disable this policy setting, Microsoft Lync 2013 user settings are excluded from the synchronization settings.
+
+If you do not configure this policy setting, any defined values will be deleted.
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Microsoft Lync 2013*
+-   GP name: *MicrosoftOffice2013Lync*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization\Applications*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-microsoftoffice2013lyncbackup"></a>**ADMX_UserExperienceVirtualization/MicrosoftOffice2013LyncBackup**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting configures the backup of certain user settings for Microsoft Lync 2013. Microsoft Lync 2013 has user settings that are backed up instead of synchronizing between computers. Use the policy setting to suppress the backup of specific Microsoft Lync 2013 settings.
+
+If you enable this policy setting, certain user settings of Microsoft Lync 2013 will continue to be backed up.
+
+If you disable this policy setting, certain user settings of Microsoft Lync 2013 will not be backed up.
+
+If you do not configure this policy setting, any defined values will be deleted.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Lync 2013 backup only*
+-   GP name: *MicrosoftOffice2013LyncBackup*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization\Applications*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-microsoftoffice2013onedriveforbusiness"></a>**ADMX_UserExperienceVirtualization/MicrosoftOffice2013OneDriveForBusiness**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting configures the synchronization of user settings for OneDrive for Business 2013. By default, the user settings of OneDrive for Business 2013 synchronize between computers. Use the policy setting to prevent the user settings of OneDrive for Business 2013 from synchronization between computers.
+
+If you enable this policy setting, OneDrive for Business 2013 user settings continue to synchronize.
+
+If you disable this policy setting, OneDrive for Business 2013 user settings are excluded from the synchronization settings.
+
+If you do not configure this policy setting, any defined values will be deleted.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Microsoft OneDrive for Business 2013*
+-   GP name: *MicrosoftOffice2013OneDriveForBusiness*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization\Applications*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-microsoftoffice2013onenote"></a>**ADMX_UserExperienceVirtualization/MicrosoftOffice2013OneNote**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting configures the synchronization of user settings for Microsoft OneNote 2013. By default, the user settings of Microsoft OneNote 2013 synchronize between computers. Use the policy setting to prevent the user settings of Microsoft OneNote 2013 from synchronization between computers.
+
+If you enable this policy setting, Microsoft OneNote 2013 user settings continue to synchronize.
+
+If you disable this policy setting, Microsoft OneNote 2013 user settings are excluded from the synchronization settings.
+
+If you do not configure this policy setting, any defined values will be deleted.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Microsoft OneNote 2013*
+-   GP name: *MicrosoftOffice2013OneNote*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization\Applications*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-microsoftoffice2013onenotebackup"></a>**ADMX_UserExperienceVirtualization/MicrosoftOffice2013OneNoteBackup**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting configures the backup of certain user settings for Microsoft OneNote 2013. Microsoft OneNote 2013 has user settings that are backed up instead of synchronizing between computers. Use the policy setting to suppress the backup of specific Microsoft OneNote 2013 settings.
+
+If you enable this policy setting, certain user settings of Microsoft OneNote 2013 will continue to be backed up.
+
+If you disable this policy setting, certain user settings of Microsoft OneNote 2013 will not be backed up.
+
+If you do not configure this policy setting, any defined values will be deleted.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *OneNote 2013 backup only*
+-   GP name: *MicrosoftOffice2013OneNoteBackup*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization\Applications*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-microsoftoffice2013outlook"></a>**ADMX_UserExperienceVirtualization/MicrosoftOffice2013Outlook**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting configures the synchronization of user settings for Microsoft Outlook 2013. By default, the user settings of Microsoft Outlook 2013 synchronize between computers. Use the policy setting to prevent the user settings of Microsoft Outlook 2013 from synchronization between computers.
+
+If you enable this policy setting, Microsoft Outlook 2013 user settings continue to synchronize.
+
+If you disable this policy setting, Microsoft Outlook 2013 user settings are excluded from the synchronization settings.
+
+If you do not configure this policy setting, any defined values will be deleted.
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Microsoft Outlook 2013*
+-   GP name: *MicrosoftOffice2013Outlook*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization\Applications*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-microsoftoffice2013outlookbackup"></a>**ADMX_UserExperienceVirtualization/MicrosoftOffice2013OutlookBackup**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting configures the backup of certain user settings for Microsoft Outlook 2013. Microsoft Outlook 2013 has user settings that are backed up instead of synchronizing between computers. Use the policy setting to suppress the backup of specific Microsoft Outlook 2013 settings.
+
+If you enable this policy setting, certain user settings of Microsoft Outlook 2013 will continue to be backed up.
+
+If you disable this policy setting, certain user settings of Microsoft Outlook 2013 will not be backed up.
+
+If you do not configure this policy setting, any defined values will be deleted.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Outlook 2013 backup only*
+-   GP name: *MicrosoftOffice2013OutlookBackup*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization\Applications*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-microsoftoffice2013powerpoint"></a>**ADMX_UserExperienceVirtualization/MicrosoftOffice2013PowerPoint**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting configures the synchronization of user settings for Microsoft PowerPoint 2013. By default, the user settings of Microsoft PowerPoint 2013 synchronize between computers. Use the policy setting to prevent the user settings of Microsoft PowerPoint 2013 from synchronization between computers.
+
+If you enable this policy setting, Microsoft PowerPoint 2013 user settings continue to synchronize.
+
+If you disable this policy setting, Microsoft PowerPoint 2013 user settings are excluded from the synchronization settings.
+
+If you do not configure this policy setting, any defined values will be deleted.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Microsoft PowerPoint 2013*
+-   GP name: *MicrosoftOffice2013PowerPoint*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization\Applications*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-microsoftoffice2013powerpointbackup"></a>**ADMX_UserExperienceVirtualization/MicrosoftOffice2013PowerPointBackup**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting configures the backup of certain user settings for Microsoft PowerPoint 2013. Microsoft PowerPoint 2013 has user settings that are backed up instead of synchronizing between computers. Use the policy setting to suppress the backup of specific Microsoft PowerPoint 2013 settings.
+
+If you enable this policy setting, certain user settings of Microsoft PowerPoint 2013 will continue to be backed up.
+
+If you disable this policy setting, certain user settings of Microsoft PowerPoint 2013 will not be backed up.
+
+If you do not configure this policy setting, any defined values will be deleted.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *PowerPoint 2013 backup only*
+-   GP name: *MicrosoftOffice2013PowerPointBackup*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization\Applications*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-microsoftoffice2013project"></a>**ADMX_UserExperienceVirtualization/MicrosoftOffice2013Project**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting configures the synchronization of user settings for Microsoft Project 2013. By default, the user settings of Microsoft Project 2013 synchronize between computers. Use the policy setting to prevent the user settings of Microsoft Project 2013 from synchronization between computers.
+
+If you enable this policy setting, Microsoft Project 2013 user settings continue to synchronize.
+
+If you disable this policy setting, Microsoft Project 2013 user settings are excluded from the synchronization settings.
+
+If you do not configure this policy setting, any defined values will be deleted.
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Microsoft Project 2013*
+-   GP name: *MicrosoftOffice2013Project*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization\Applications*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-microsoftoffice2013projectbackup"></a>**ADMX_UserExperienceVirtualization/MicrosoftOffice2013ProjectBackup**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting configures the backup of certain user settings for Microsoft Project 2013. Microsoft Project 2013 has user settings that are backed up instead of synchronizing between computers. Use the policy setting to suppress the backup of specific Microsoft Project 2013 settings.
+
+If you enable this policy setting, certain user settings of Microsoft Project 2013 will continue to be backed up.
+
+If you disable this policy setting, certain user settings of Microsoft Project 2013 will not be backed up.
+
+If you do not configure this policy setting, any defined values will be deleted.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Project 2013 backup only*
+-   GP name: *MicrosoftOffice2013ProjectBackup*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization\Applications*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-microsoftoffice2013publisher"></a>**ADMX_UserExperienceVirtualization/MicrosoftOffice2013Publisher**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting configures the synchronization of user settings for Microsoft Publisher 2013. By default, the user settings of Microsoft Publisher 2013 synchronize between computers. Use the policy setting to prevent the user settings of Microsoft Publisher 2013 from synchronization between computers.
+
+If you enable this policy setting, Microsoft Publisher 2013 user settings continue to synchronize.
+
+If you disable this policy setting, Microsoft Publisher 2013 user settings are excluded from the synchronization settings.
+
+If you do not configure this policy setting, any defined values will be deleted.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Microsoft Publisher 2013*
+-   GP name: *MicrosoftOffice2013Publisher*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization\Applications*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-microsoftoffice2013publisherbackup"></a>**ADMX_UserExperienceVirtualization/MicrosoftOffice2013PublisherBackup**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting configures the backup of certain user settings for Microsoft Publisher 2013. Microsoft Publisher 2013 has user settings that are backed up instead of synchronizing between computers. Use the policy setting to suppress the backup of specific Microsoft Publisher 2013 settings.
+
+If you enable this policy setting, certain user settings of Microsoft Publisher 2013 will continue to be backed up.
+
+If you disable this policy setting, certain user settings of Microsoft Publisher 2013 will not be backed up.
+
+If you do not configure this policy setting, any defined values will be deleted.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Publisher 2013 backup only*
+-   GP name: *MicrosoftOffice2013PublisherBackup*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization\Applications*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-microsoftoffice2013sharepointdesigner"></a>**ADMX_UserExperienceVirtualization/MicrosoftOffice2013SharePointDesigner**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting configures the synchronization of user settings for Microsoft SharePoint Designer 2013. By default, the user settings of Microsoft SharePoint Designer 2013 synchronize between computers. Use the policy setting to prevent the user settings of Microsoft SharePoint Designer 2013 from synchronization between computers.
+
+If you enable this policy setting, Microsoft SharePoint Designer 2013 user settings continue to synchronize.
+
+If you disable this policy setting, Microsoft SharePoint Designer 2013 user settings are excluded from the synchronization settings.
+
+If you do not configure this policy setting, any defined values will be deleted.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Microsoft SharePoint Designer 2013*
+-   GP name: *MicrosoftOffice2013SharePointDesigner*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization\Applications*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-microsoftoffice2013sharepointdesignerbackup"></a>**ADMX_UserExperienceVirtualization/MicrosoftOffice2013SharePointDesignerBackup**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting configures the backup of certain user settings for Microsoft SharePoint Designer 2013. Microsoft SharePoint Designer 2013 has user settings that are backed up instead of synchronizing between computers. Use the policy setting to suppress the backup of specific Microsoft SharePoint Designer 2013 settings.
+
+If you enable this policy setting, certain user settings of Microsoft SharePoint Designer 2013 will continue to be backed up.
+
+If you disable this policy setting, certain user settings of Microsoft SharePoint Designer 2013 will not be backed up.
+
+If you do not configure this policy setting, any defined values will be deleted.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *SharePoint Designer 2013 backup only*
+-   GP name: *MicrosoftOffice2013SharePointDesignerBackup*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization\Applications*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-microsoftoffice2013uploadcenter"></a>**ADMX_UserExperienceVirtualization/MicrosoftOffice2013UploadCenter**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting configures the synchronization of user settings for Microsoft Office 2013 Upload Center. By default, the user settings of Microsoft Office 2013 Upload Center synchronize between computers. Use the policy setting to prevent the user settings of Microsoft Office 2013 Upload Center from synchronization between computers.
+
+If you enable this policy setting, Microsoft Office 2013 Upload Center user settings continue to synchronize.
+
+If you disable this policy setting, Microsoft Office 2013 Upload Center user settings are excluded from the synchronization settings.
+
+If you do not configure this policy setting, any defined values will be deleted.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Microsoft Office 2013 Upload Center*
+-   GP name: *MicrosoftOffice2013UploadCenter*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization\Applications*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-microsoftoffice2013visio"></a>**ADMX_UserExperienceVirtualization/MicrosoftOffice2013Visio**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting configures the synchronization of user settings for Microsoft Visio 2013. By default, the user settings of Microsoft Visio 2013 synchronize between computers. Use the policy setting to prevent the user settings of Microsoft Visio 2013 from synchronization between computers.
+
+If you enable this policy setting, Microsoft Visio 2013 user settings continue to synchronize.
+
+If you disable this policy setting, Microsoft Visio 2013 user settings are excluded from the synchronization settings.
+
+If you do not configure this policy setting, any defined values will be deleted.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Microsoft Visio 2013*
+-   GP name: *MicrosoftOffice2013Visio*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization\Applications*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-microsoftoffice2013visiobackup"></a>**ADMX_UserExperienceVirtualization/MicrosoftOffice2013VisioBackup**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting configures the backup of certain user settings for Microsoft Visio 2013. Microsoft Visio 2013 has user settings that are backed up instead of synchronizing between computers. Use the policy setting to suppress the backup of specific Microsoft Visio 2013 settings.
+
+If you enable this policy setting, certain user settings of Microsoft Visio 2013 will continue to be backed up.
+
+If you disable this policy setting, certain user settings of Microsoft Visio 2013 will not be backed up.
+
+If you do not configure this policy setting, any defined values will be deleted.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Visio 2013 backup only*
+-   GP name: *MicrosoftOffice2013VisioBackup*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization\Applications*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-microsoftoffice2013word"></a>**ADMX_UserExperienceVirtualization/MicrosoftOffice2013Word**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting configures the synchronization of user settings for Microsoft Word 2013. By default, the user settings of Microsoft Word 2013 synchronize between computers. Use the policy setting to prevent the user settings of Microsoft Word 2013 from synchronization between computers.
+
+If you enable this policy setting, Microsoft Word 2013 user settings continue to synchronize.
+
+If you disable this policy setting, Microsoft Word 2013 user settings are excluded from the synchronization settings.
+
+If you do not configure this policy setting, any defined values will be deleted.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Microsoft Word 2013*
+-   GP name: *MicrosoftOffice2013Word*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization\Applications*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-microsoftoffice2013wordbackup"></a>**ADMX_UserExperienceVirtualization/MicrosoftOffice2013WordBackup**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting configures the backup of certain user settings for Microsoft Word 2013. Microsoft Word 2013 has user settings that are backed up instead of synchronizing between computers. Use the policy setting to suppress the backup of specific Microsoft Word 2013 settings.
+
+If you enable this policy setting, certain user settings of Microsoft Word 2013 will continue to be backed up.
+
+If you disable this policy setting, certain user settings of Microsoft Word 2013 will not be backed up.
+
+If you do not configure this policy setting, any defined values will be deleted.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Word 2013 backup only*
+-   GP name: *MicrosoftOffice2013WordBackup*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization\Applications*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-microsoftoffice2016access"></a>**ADMX_UserExperienceVirtualization/MicrosoftOffice2016Access**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting configures the synchronization of user settings for Microsoft Access 2016. By default, the user settings of Microsoft Access 2016 synchronize between computers. Use the policy setting to prevent the user settings of Microsoft Access 2016 from synchronization between computers.
+
+If you enable this policy setting, Microsoft Access 2016 user settings continue to synchronize.
+
+If you disable this policy setting, Microsoft Access 2016 user settings are excluded from the synchronization settings.
+
+If you do not configure this policy setting, any defined values will be deleted.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Microsoft Access 2016*
+-   GP name: *MicrosoftOffice2016Access*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization\Applications*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-microsoftoffice2016accessbackup"></a>**ADMX_UserExperienceVirtualization/MicrosoftOffice2016AccessBackup**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting configures the backup of certain user settings for Microsoft Access 2016. Microsoft Access 2016 has user settings that are backed up instead of synchronizing between computers. Use the policy setting to suppress the backup of specific Microsoft Access 2016 settings.
+
+If you enable this policy setting, certain user settings of Microsoft Access 2016 will continue to be backed up.
+
+If you disable this policy setting, certain user settings of Microsoft Access 2016 will not be backed up.
+
+If you do not configure this policy setting, any defined values will be deleted.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Access 2016 backup only*
+-   GP name: *MicrosoftOffice2016AccessBackup*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization\Applications*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-microsoftoffice2016common"></a>**ADMX_UserExperienceVirtualization/MicrosoftOffice2016Common**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting configures the synchronization of user settings which are common between the Microsoft Office Suite 2016 applications. By default, the user settings which are common between the Microsoft Office Suite 2016 applications synchronize between computers. Use the policy setting to prevent the user settings which are common between the Microsoft Office Suite 2016 applications from synchronization between computers.
+
+If you enable this policy setting, the user settings which are common between the Microsoft Office Suite 2016 applications continue to synchronize.
+
+If you disable this policy setting, the user settings which are common between the Microsoft Office Suite 2016 applications are excluded from the synchronization settings. If any of the Microsoft Office Suite 2016 applications are enabled, this policy setting should not be disabled.
+
+If you do not configure this policy setting, any defined values will be deleted.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Microsoft Office 2016 Common Settings*
+-   GP name: *MicrosoftOffice2016Common*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization\Applications*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-microsoftoffice2016commonbackup"></a>**ADMX_UserExperienceVirtualization/MicrosoftOffice2016CommonBackup**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting configures the backup of certain user settings which are common between the Microsoft Office Suite 2016 applications.
+Microsoft Office Suite 2016 has user settings which are common between applications and are backed up instead of synchronizing between computers. Use the policy setting to suppress the backup of specific common Microsoft Office Suite 2016 applications.
+
+If you enable this policy setting, certain user settings which are common between the Microsoft Office Suite 2016 applications will continue to be backed up.
+
+If you disable this policy setting, certain user settings which are common between the Microsoft Office Suite 2016 applications will not be backed up. 
+
+If you do not configure this policy setting, any defined values will be deleted.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Common 2016 backup only*
+-   GP name: *MicrosoftOffice2016CommonBackup*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization\Applications*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-microsoftoffice2016excel"></a>**ADMX_UserExperienceVirtualization/MicrosoftOffice2016Excel**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting configures the synchronization of user settings for Microsoft Excel 2016. By default, the user settings of Microsoft Excel 2016 synchronize between computers. Use the policy setting to prevent the user settings of Microsoft Excel 2016 from synchronization between computers.
+
+If you enable this policy setting, Microsoft Excel 2016 user settings continue to synchronize.
+
+If you disable this policy setting, Microsoft Excel 2016 user settings are excluded from the synchronization settings.
+
+If you do not configure this policy setting, any defined values will be deleted.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Microsoft Excel 2016*
+-   GP name: *MicrosoftOffice2016Excel*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization\Applications*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-microsoftoffice2016excelbackup"></a>**ADMX_UserExperienceVirtualization/MicrosoftOffice2016ExcelBackup**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting configures the backup of certain user settings for Microsoft Excel 2016. Microsoft Excel 2016 has user settings that are backed up instead of synchronizing between computers. Use the policy setting to suppress the backup of specific Microsoft Excel 2016 settings.
+
+If you enable this policy setting, certain user settings of Microsoft Excel 2016 will continue to be backed up.
+
+If you disable this policy setting, certain user settings of Microsoft Excel 2016 will not be backed up.
+
+If you do not configure this policy setting, any defined values will be deleted.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Excel 2016 backup only*
+-   GP name: *MicrosoftOffice2016ExcelBackup*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization\Applications*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-microsoftoffice2016lync"></a>**ADMX_UserExperienceVirtualization/MicrosoftOffice2016Lync**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting configures the synchronization of user settings for Microsoft Lync 2016. By default, the user settings of Microsoft Lync 2016 synchronize between computers. Use the policy setting to prevent the user settings of Microsoft Lync 2016 from synchronization between computers.
+
+If you enable this policy setting, Microsoft Lync 2016 user settings continue to synchronize.
+
+If you disable this policy setting, Microsoft Lync 2016 user settings are excluded from the synchronization settings.
+
+If you do not configure this policy setting, any defined values will be deleted.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Microsoft Lync 2016*
+-   GP name: *MicrosoftOffice2016Lync*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization\Applications*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-microsoftoffice2016lyncbackup"></a>**ADMX_UserExperienceVirtualization/MicrosoftOffice2016LyncBackup**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting configures the backup of certain user settings for Microsoft Lync 2016. Microsoft Lync 2016 has user settings that are backed up instead of synchronizing between computers. Use the policy setting to suppress the backup of specific Microsoft Lync 2016 settings.
+
+If you enable this policy setting, certain user settings of Microsoft Lync 2016 will continue to be backed up.
+
+If you disable this policy setting, certain user settings of Microsoft Lync 2016 will not be backed up.
+
+If you do not configure this policy setting, any defined values will be deleted.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Lync 2016 backup only*
+-   GP name: *MicrosoftOffice2016LyncBackup*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization\Applications*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-microsoftoffice2016onedriveforbusiness"></a>**ADMX_UserExperienceVirtualization/MicrosoftOffice2016OneDriveForBusiness**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting configures the synchronization of user settings for OneDrive for Business 2016. By default, the user settings of OneDrive for Business 2016 synchronize between computers. Use the policy setting to prevent the user settings of OneDrive for Business 2016 from synchronization between computers.
+
+If you enable this policy setting, OneDrive for Business 2016 user settings continue to synchronize.
+
+If you disable this policy setting, OneDrive for Business 2016 user settings are excluded from the synchronization settings.
+
+If you do not configure this policy setting, any defined values will be deleted.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Microsoft OneDrive for Business 2016*
+-   GP name: *MicrosoftOffice2016OneDriveForBusiness*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization\Applications*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-microsoftoffice2016onenote"></a>**ADMX_UserExperienceVirtualization/MicrosoftOffice2016OneNote**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting configures the synchronization of user settings for Microsoft OneNote 2016. By default, the user settings of Microsoft OneNote 2016 synchronize between computers. Use the policy setting to prevent the user settings of Microsoft OneNote 2016 from synchronization between computers.
+
+If you enable this policy setting, Microsoft OneNote 2016 user settings continue to synchronize.
+
+If you disable this policy setting, Microsoft OneNote 2016 user settings are excluded from the synchronization settings.
+
+If you do not configure this policy setting, any defined values will be deleted.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Microsoft OneNote 2016*
+-   GP name: *MicrosoftOffice2016OneNote*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization\Applications*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-microsoftoffice2016onenotebackup"></a>**ADMX_UserExperienceVirtualization/MicrosoftOffice2016OneNoteBackup**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting configures the backup of certain user settings for Microsoft OneNote 2016. Microsoft OneNote 2016 has user settings that are backed up instead of synchronizing between computers. Use the policy setting to suppress the backup of specific Microsoft OneNote 2016 settings.
+
+If you enable this policy setting, certain user settings of Microsoft OneNote 2016 will continue to be backed up.
+
+If you disable this policy setting, certain user settings of Microsoft OneNote 2016 will not be backed up.
+
+If you do not configure this policy setting, any defined values will be deleted.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *OneNote 2016 backup only*
+-   GP name: *MicrosoftOffice2016OneNoteBackup*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization\Applications*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-microsoftoffice2016outlook"></a>**ADMX_UserExperienceVirtualization/MicrosoftOffice2016Outlook**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting configures the synchronization of user settings for Microsoft Outlook 2016. By default, the user settings of Microsoft Outlook 2016 synchronize between computers. Use the policy setting to prevent the user settings of Microsoft Outlook 2016 from synchronization between computers.
+
+If you enable this policy setting, Microsoft Outlook 2016 user settings continue to synchronize.
+
+If you disable this policy setting, Microsoft Outlook 2016 user settings are excluded from the synchronization settings.
+
+If you do not configure this policy setting, any defined values will be deleted.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Microsoft Outlook 2016*
+-   GP name: *MicrosoftOffice2016Outlook*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization\Applications*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-microsoftoffice2016outlookbackup"></a>**ADMX_UserExperienceVirtualization/MicrosoftOffice2016OutlookBackup**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting configures the backup of certain user settings for Microsoft Outlook 2016. Microsoft Outlook 2016 has user settings that are backed up instead of synchronizing between computers. Use the policy setting to suppress the backup of specific Microsoft Outlook 2016 settings.
+
+If you enable this policy setting, certain user settings of Microsoft Outlook 2016 will continue to be backed up.
+
+If you disable this policy setting, certain user settings of Microsoft Outlook 2016 will not be backed up.
+
+If you do not configure this policy setting, any defined values will be deleted.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Outlook 2016 backup only*
+-   GP name: *MicrosoftOffice2016OutlookBackup*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization\Applications*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-microsoftoffice2016powerpoint"></a>**ADMX_UserExperienceVirtualization/MicrosoftOffice2016PowerPoint**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting configures the synchronization of user settings for Microsoft PowerPoint 2016. By default, the user settings of Microsoft PowerPoint 2016 synchronize between computers. Use the policy setting to prevent the user settings of Microsoft PowerPoint 2016 from synchronization between computers.
+
+If you enable this policy setting, Microsoft PowerPoint 2016 user settings continue to synchronize.
+
+If you disable this policy setting, Microsoft PowerPoint 2016 user settings are excluded from the synchronization settings.
+
+If you do not configure this policy setting, any defined values will be deleted.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Microsoft PowerPoint 2016*
+-   GP name: *MicrosoftOffice2016PowerPoint*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization\Applications*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-microsoftoffice2016powerpointbackup"></a>**ADMX_UserExperienceVirtualization/MicrosoftOffice2016PowerPointBackup**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting configures the backup of certain user settings for Microsoft PowerPoint 2016. Microsoft PowerPoint 2016 has user settings that are backed up instead of synchronizing between computers. Use the policy setting to suppress the backup of specific Microsoft PowerPoint 2016 settings.
+
+If you enable this policy setting, certain user settings of Microsoft PowerPoint 2016 will continue to be backed up.
+
+If you disable this policy setting, certain user settings of Microsoft PowerPoint 2016 will not be backed up.
+
+If you do not configure this policy setting, any defined values will be deleted.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *PowerPoint 2016 backup only*
+-   GP name: *MicrosoftOffice2016PowerPointBackup*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization\Applications*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-microsoftoffice2016project"></a>**ADMX_UserExperienceVirtualization/MicrosoftOffice2016Project**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting configures the synchronization of user settings for Microsoft Project 2016.
+By default, the user settings of Microsoft Project 2016 synchronize between computers. Use the policy setting to prevent the user settings of Microsoft Project 2016 from synchronization between computers.
+
+If you enable this policy setting, Microsoft Project 2016 user settings continue to synchronize.
+
+If you disable this policy setting, Microsoft Project 2016 user settings are excluded from the synchronization settings.
+
+If you do not configure this policy setting, any defined values will be deleted.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Microsoft Project 2016*
+-   GP name: *MicrosoftOffice2016Project*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization\Applications*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-microsoftoffice2016projectbackup"></a>**ADMX_UserExperienceVirtualization/MicrosoftOffice2016ProjectBackup**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting configures the backup of certain user settings for Microsoft Project 2016. Microsoft Project 2016 has user settings that are backed up instead of synchronizing between computers. Use the policy setting to suppress the backup of specific Microsoft Project 2016 settings.
+
+If you enable this policy setting, certain user settings of Microsoft Project 2016 will continue to be backed up.
+
+If you disable this policy setting, certain user settings of Microsoft Project 2016 will not be backed up.
+
+If you do not configure this policy setting, any defined values will be deleted.
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Project 2016 backup only*
+-   GP name: *MicrosoftOffice2016ProjectBackup*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization\Applications*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-microsoftoffice2016publisher"></a>**ADMX_UserExperienceVirtualization/MicrosoftOffice2016Publisher**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting configures the synchronization of user settings for Microsoft Publisher 2016. By default, the user settings of Microsoft Publisher 2016 synchronize between computers. Use the policy setting to prevent the user settings of Microsoft Publisher 2016 from synchronization between computers.
+
+If you enable this policy setting, Microsoft Publisher 2016 user settings continue to synchronize.
+
+If you disable this policy setting, Microsoft Publisher 2016 user settings are excluded from the synchronization settings.
+
+If you do not configure this policy setting, any defined values will be deleted.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Microsoft Publisher 2016*
+-   GP name: *MicrosoftOffice2016Publisher*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization\Applications*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-microsoftoffice2016publisherbackup"></a>**ADMX_UserExperienceVirtualization/MicrosoftOffice2016PublisherBackup**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting configures the backup of certain user settings for Microsoft Publisher 2016. Microsoft Publisher 2016 has user settings that are backed up instead of synchronizing between computers. Use the policy setting to suppress the backup of specific Microsoft Publisher 2016 settings.
+
+If you enable this policy setting, certain user settings of Microsoft Publisher 2016 will continue to be backed up.
+
+If you disable this policy setting, certain user settings of Microsoft Publisher 2016 will not be backed up.
+
+If you do not configure this policy setting, any defined values will be deleted.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Publisher 2016 backup only*
+-   GP name: *MicrosoftOffice2016PublisherBackup*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization\Applications*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-microsoftoffice2016uploadcenter"></a>**ADMX_UserExperienceVirtualization/MicrosoftOffice2016UploadCenter**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting configures the synchronization of user settings for Microsoft Office 2016 Upload Center. By default, the user settings of Microsoft Office 2016 Upload Center synchronize between computers. Use the policy setting to prevent the user settings of Microsoft Office 2016 Upload Center from synchronization between computers.
+
+If you enable this policy setting, Microsoft Office 2016 Upload Center user settings continue to synchronize.
+
+If you disable this policy setting, Microsoft Office 2016 Upload Center user settings are excluded from the synchronization settings.
+
+If you do not configure this policy setting, any defined values will be deleted.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Microsoft Office 2016 Upload Center*
+-   GP name: *MicrosoftOffice2016UploadCenter*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization\Applications*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-microsoftoffice2016visio"></a>**ADMX_UserExperienceVirtualization/MicrosoftOffice2016Visio**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting configures the synchronization of user settings for Microsoft Visio 2016. By default, the user settings of Microsoft Visio 2016 synchronize between computers. Use the policy setting to prevent the user settings of Microsoft Visio 2016 from synchronization between computers.
+
+If you enable this policy setting, Microsoft Visio 2016 user settings continue to synchronize.
+
+If you disable this policy setting, Microsoft Visio 2016 user settings are excluded from the synchronization settings.
+
+If you do not configure this policy setting, any defined values will be deleted.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Microsoft Visio 2016*
+-   GP name: *MicrosoftOffice2016Visio*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization\Applications*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-microsoftoffice2016visiobackup"></a>**ADMX_UserExperienceVirtualization/MicrosoftOffice2016VisioBackup**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting configures the backup of certain user settings for Microsoft Visio 2016. Microsoft Visio 2016 has user settings that are backed up instead of synchronizing between computers. Use the policy setting to suppress the backup of specific Microsoft Visio 2016 settings.
+
+If you enable this policy setting, certain user settings of Microsoft Visio 2016 will continue to be backed up.
+
+If you disable this policy setting, certain user settings of Microsoft Visio 2016 will not be backed up.
+
+If you do not configure this policy setting, any defined values will be deleted.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Visio 2016 backup only*
+-   GP name: *MicrosoftOffice2016VisioBackup*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization\Applications*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-microsoftoffice2016word"></a>**ADMX_UserExperienceVirtualization/MicrosoftOffice2016Word**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting configures the synchronization of user settings for Microsoft Word 2016. By default, the user settings of Microsoft Word 2016 synchronize between computers. Use the policy setting to prevent the user settings of Microsoft Word 2016 from synchronization between computers.
+
+If you enable this policy setting, Microsoft Word 2016 user settings continue to synchronize.
+
+If you disable this policy setting, Microsoft Word 2016 user settings are excluded from the synchronization settings.
+
+If you do not configure this policy setting, any defined values will be deleted.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Microsoft Word 2016*
+-   GP name: *MicrosoftOffice2016Word*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization\Applications*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-microsoftoffice2016wordbackup"></a>**ADMX_UserExperienceVirtualization/MicrosoftOffice2016WordBackup**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting configures the backup of certain user settings for Microsoft Word 2016. Microsoft Word 2016 has user settings that are backed up instead of synchronizing between computers. Use the policy setting to suppress the backup of specific Microsoft Word 2016 settings.
+
+If you enable this policy setting, certain user settings of Microsoft Word 2016 will continue to be backed up.
+
+If you disable this policy setting, certain user settings of Microsoft Word 2016 will not be backed up.
+
+If you do not configure this policy setting, any defined values will be deleted.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Word 2016 backup only*
+-   GP name: *MicrosoftOffice2016WordBackup*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization\Applications*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-microsoftoffice365access2013"></a>**ADMX_UserExperienceVirtualization/MicrosoftOffice365Access2013**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting configures the synchronization of user settings for Microsoft Office 365 Access 2013. Microsoft Office 365 synchronizes certain settings by default without UE-V. If the synchronization capabilities of Microsoft Office 365 are disabled, then the user settings of Microsoft Office 365 Access 2013 will synchronize between a user’s work computers with UE-V by default. Use this policy setting to prevent the user settings of Microsoft Office 365 Access 2013 from synchronization between computers with UE-V.
+
+If you enable this policy setting, Microsoft Office 365 Access 2013 user settings continue to sync with UE-V.
+
+If you disable this policy setting, Microsoft Office 365 Access 2013 user settings are excluded from synchronization with UE-V.
+
+If you do not configure this policy setting, any defined values will be deleted.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Microsoft Office 365 Access 2013*
+-   GP name: *MicrosoftOffice365Access2013*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization\Applications*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-microsoftoffice365access2016"></a>**ADMX_UserExperienceVirtualization/MicrosoftOffice365Access2016**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting configures the synchronization of user settings for Microsoft Office 365 Access 2016. Microsoft Office 365 synchronizes certain settings by default without UE-V. If the synchronization capabilities of Microsoft Office 365 are disabled, then the user settings of Microsoft Office 365 Access 2016 will synchronize between a user’s work computers with UE-V by default. Use this policy setting to prevent the user settings of Microsoft Office 365 Access 2016 from synchronization between computers with UE-V.
+
+If you enable this policy setting, Microsoft Office 365 Access 2016 user settings continue to sync with UE-V.
+
+If you disable this policy setting, Microsoft Office 365 Access 2016 user settings are excluded from synchronization with UE-V.
+
+If you do not configure this policy setting, any defined values will be deleted.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Microsoft Office 365 Access 2016*
+-   GP name: *MicrosoftOffice365Access2016*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization\Applications*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-microsoftoffice365common2013"></a>**ADMX_UserExperienceVirtualization/MicrosoftOffice365Common2013**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting configures the synchronization of user settings which are common between the Microsoft Office Suite 2013 applications. Microsoft Office 365 synchronizes certain settings by default without UE-V. If the synchronization capabilities of Microsoft Office 365 are disabled, then the user settings which are common between the Microsoft Office Suite 2013 applications will synchronize between a user’s work computers with UE-V by default. Use this policy setting to prevent the user settings which are common between the Microsoft Office Suite 2013 applications from synchronization between computers with UE-V.
+
+If you enable this policy setting, user settings which are common between the Microsoft Office Suite 2013 applications continue to synchronize with UE-V.
+
+If you disable this policy setting, user settings which are common between the Microsoft Office Suite 2013 applications are excluded from synchronization with UE-V.
+
+If you do not configure this policy setting, any defined values will be deleted.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Microsoft Office 365 Common 2013*
+-   GP name: *MicrosoftOffice365Common2013*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization\Applications*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-microsoftoffice365common2016"></a>**ADMX_UserExperienceVirtualization/MicrosoftOffice365Common2016**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting configures the synchronization of user settings which are common between the Microsoft Office Suite 2016 applications. Microsoft Office 365 synchronizes certain settings by default without UE-V. If the synchronization capabilities of Microsoft Office 365 are disabled, then the user settings which are common between the Microsoft Office Suite 2016 applications will synchronize between a user’s work computers with UE-V by default. Use this policy setting to prevent the user settings which are common between the Microsoft Office Suite 2016 applications from synchronization between computers with UE-V.
+
+If you enable this policy setting, user settings which are common between the Microsoft Office Suite 2016 applications continue to synchronize with UE-V.
+
+If you disable this policy setting, user settings which are common between the Microsoft Office Suite 2016 applications are excluded from synchronization with UE-V.
+
+If you do not configure this policy setting, any defined values will be deleted.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Microsoft Office 365 Common 2016*
+-   GP name: *MicrosoftOffice365Common2016*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization\Applications*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-microsoftoffice365excel2013"></a>**ADMX_UserExperienceVirtualization/MicrosoftOffice365Excel2013**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting configures the synchronization of user settings for Microsoft Office 365 Excel 2013. Microsoft Office 365 synchronizes certain settings by default without UE-V. If the synchronization capabilities of Microsoft Office 365 are disabled, then the user settings of Microsoft Office 365 Excel 2013 will synchronize between a user’s work computers with UE-V by default. Use this policy setting to prevent the user settings of Microsoft Office 365 Excel 2013 from synchronization between computers with UE-V.
+
+If you enable this policy setting, Microsoft Office 365 Excel 2013 user settings continue to sync with UE-V.
+
+If you disable this policy setting, Microsoft Office 365 Excel 2013 user settings are excluded from synchronization with UE-V.
+
+If you do not configure this policy setting, any defined values will be deleted.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Microsoft Office 365 Excel 2013*
+-   GP name: *MicrosoftOffice365Excel2013*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization\Applications*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-microsoftoffice365excel2016"></a>**ADMX_UserExperienceVirtualization/MicrosoftOffice365Excel2016**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting configures the synchronization of user settings for Microsoft Office 365 Excel 2016. Microsoft Office 365 synchronizes certain settings by default without UE-V. If the synchronization capabilities of Microsoft Office 365 are disabled, then the user settings of Microsoft Office 365 Excel 2016 will synchronize between a user’s work computers with UE-V by default. Use this policy setting to prevent the user settings of Microsoft Office 365 Excel 2016 from synchronization between computers with UE-V.
+
+If you enable this policy setting, Microsoft Office 365 Excel 2016 user settings continue to sync with UE-V.
+
+If you disable this policy setting, Microsoft Office 365 Excel 2016 user settings are excluded from synchronization with UE-V.
+
+If you do not configure this policy setting, any defined values will be deleted.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Microsoft Office 365 Excel 2016*
+-   GP name: *MicrosoftOffice365Excel2016*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization\Applications*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-microsoftoffice365infopath2013"></a>**ADMX_UserExperienceVirtualization/MicrosoftOffice365InfoPath2013**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting configures the synchronization of user settings for Microsoft Office 365 InfoPath 2013. Microsoft Office 365 synchronizes certain settings by default without UE-V. If the synchronization capabilities of Microsoft Office 365 are disabled, then the user settings of Microsoft Office 365 InfoPath 2013 will synchronize between a user’s work computers with UE-V by default. Use this policy setting to prevent the user settings of Microsoft Office 365 InfoPath 2013 from synchronization between computers with UE-V.
+
+If you enable this policy setting, Microsoft Office 365 InfoPath 2013 user settings continue to sync with UE-V.
+
+If you disable this policy setting, Microsoft Office 365 InfoPath 2013 user settings are excluded from synchronization with UE-V.
+
+If you do not configure this policy setting, any defined values will be deleted.
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Microsoft Office 365 InfoPath 2013*
+-   GP name: *MicrosoftOffice365InfoPath2013*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization\Applications*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-microsoftoffice365lync2013"></a>**ADMX_UserExperienceVirtualization/MicrosoftOffice365Lync2013**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting configures the synchronization of user settings for Microsoft Office 365 Lync 2013. Microsoft Office 365 synchronizes certain settings by default without UE-V. If the synchronization capabilities of Microsoft Office 365 are disabled, then the user settings of Microsoft Office 365 Lync 2013 will synchronize between a user’s work computers with UE-V by default. Use this policy setting to prevent the user settings of Microsoft Office 365 Lync 2013 from synchronization between computers with UE-V.
+
+If you enable this policy setting, Microsoft Office 365 Lync 2013 user settings continue to sync with UE-V.
+
+If you disable this policy setting, Microsoft Office 365 Lync 2013 user settings are excluded from synchronization with UE-V.
+
+If you do not configure this policy setting, any defined values will be deleted.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Microsoft Office 365 Lync 2013*
+-   GP name: *MicrosoftOffice365Lync2013*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization\Applications*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-microsoftoffice365lync2016"></a>**ADMX_UserExperienceVirtualization/MicrosoftOffice365Lync2016**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting configures the synchronization of user settings for Microsoft Office 365 Lync 2016. Microsoft Office 365 synchronizes certain settings by default without UE-V. If the synchronization capabilities of Microsoft Office 365 are disabled, then the user settings of Microsoft Office 365 Lync 2016 will synchronize between a user’s work computers with UE-V by default. Use this policy setting to prevent the user settings of Microsoft Office 365 Lync 2016 from synchronization between computers with UE-V.
+
+If you enable this policy setting, Microsoft Office 365 Lync 2016 user settings continue to sync with UE-V.
+
+If you disable this policy setting, Microsoft Office 365 Lync 2016 user settings are excluded from synchronization with UE-V.
+
+If you do not configure this policy setting, any defined values will be deleted.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Microsoft Office 365 Lync 2016*
+-   GP name: *MicrosoftOffice365Lync2016*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization\Applications*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-microsoftoffice365onenote2013"></a>**ADMX_UserExperienceVirtualization/MicrosoftOffice365OneNote2013**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting configures the synchronization of user settings for Microsoft Office 365 OneNote 2013. Microsoft Office 365 synchronizes certain settings by default without UE-V. If the synchronization capabilities of Microsoft Office 365 are disabled, then the user settings of Microsoft Office 365 OneNote 2013 will synchronize between a user’s work computers with UE-V by default. Use this policy setting to prevent the user settings of Microsoft Office 365 OneNote 2013 from synchronization between computers with UE-V.
+
+If you enable this policy setting, Microsoft Office 365 OneNote 2013 user settings continue to sync with UE-V.
+
+If you disable this policy setting, Microsoft Office 365 OneNote 2013 user settings are excluded from synchronization with UE-V.
+
+If you do not configure this policy setting, any defined values will be deleted.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Microsoft Office 365 OneNote 2013*
+-   GP name: *MicrosoftOffice365OneNote2013*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization\Applications*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-microsoftoffice365onenote2016"></a>**ADMX_UserExperienceVirtualization/MicrosoftOffice365OneNote2016**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting configures the synchronization of user settings for Microsoft Office 365 OneNote 2016. Microsoft Office 365 synchronizes certain settings by default without UE-V. If the synchronization capabilities of Microsoft Office 365 are disabled, then the user settings of Microsoft Office 365 OneNote 2016 will synchronize between a user’s work computers with UE-V by default. Use this policy setting to prevent the user settings of Microsoft Office 365 OneNote 2016 from synchronization between computers with UE-V.
+
+If you enable this policy setting, Microsoft Office 365 OneNote 2016 user settings continue to sync with UE-V.
+
+If you disable this policy setting, Microsoft Office 365 OneNote 2016 user settings are excluded from synchronization with UE-V.
+
+If you do not configure this policy setting, any defined values will be deleted.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Microsoft Office 365 OneNote 2016*
+-   GP name: *MicrosoftOffice365OneNote2016*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization\Applications*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-microsoftoffice365outlook2013"></a>**ADMX_UserExperienceVirtualization/MicrosoftOffice365Outlook2013**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting configures the synchronization of user settings for Microsoft Office 365 Outlook 2013. Microsoft Office 365 synchronizes certain settings by default without UE-V. If the synchronization capabilities of Microsoft Office 365 are disabled, then the user settings of Microsoft Office 365 Outlook 2013 will synchronize between a user’s work computers with UE-V by default. Use this policy setting to prevent the user settings of Microsoft Office 365 Outlook 2013 from synchronization between computers with UE-V.
+
+If you enable this policy setting, Microsoft Office 365 Outlook 2013 user settings continue to sync with UE-V.
+
+If you disable this policy setting, Microsoft Office 365 Outlook 2013 user settings are excluded from synchronization with UE-V.
+
+If you do not configure this policy setting, any defined values will be deleted.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Microsoft Office 365 Outlook 2013*
+-   GP name: *MicrosoftOffice365Outlook2013*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization\Applications*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-microsoftoffice365outlook2016"></a>**ADMX_UserExperienceVirtualization/MicrosoftOffice365Outlook2016**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting configures the synchronization of user settings for Microsoft Office 365 Outlook 2016. Microsoft Office 365 synchronizes certain settings by default without UE-V. If the synchronization capabilities of Microsoft Office 365 are disabled, then the user settings of Microsoft Office 365 Outlook 2016 will synchronize between a user’s work computers with UE-V by default. Use this policy setting to prevent the user settings of Microsoft Office 365 Outlook 2016 from synchronization between computers with UE-V.
+
+If you enable this policy setting, Microsoft Office 365 Outlook 2016 user settings continue to sync with UE-V.
+
+If you disable this policy setting, Microsoft Office 365 Outlook 2016 user settings are excluded from synchronization with UE-V.
+
+If you do not configure this policy setting, any defined values will be deleted.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Microsoft Office 365 Outlook 2016*
+-   GP name: *MicrosoftOffice365Outlook2016*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization\Applications*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-microsoftoffice365powerpoint2013"></a>**ADMX_UserExperienceVirtualization/MicrosoftOffice365PowerPoint2013**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting configures the synchronization of user settings for Microsoft Office 365 PowerPoint 2013. Microsoft Office 365 synchronizes certain settings by default without UE-V. If the synchronization capabilities of Microsoft Office 365 are disabled, then the user settings of Microsoft Office 365 PowerPoint 2013 will synchronize between a user’s work computers with UE-V by default. Use this policy setting to prevent the user settings of Microsoft Office 365 PowerPoint 2013 from synchronization between computers with UE-V.
+
+If you enable this policy setting, Microsoft Office 365 PowerPoint 2013 user settings continue to sync with UE-V.
+
+If you disable this policy setting, Microsoft Office 365 PowerPoint 2013 user settings are excluded from synchronization with UE-V.
+
+If you do not configure this policy setting, any defined values will be deleted.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Microsoft Office 365 PowerPoint 2013*
+-   GP name: *MicrosoftOffice365PowerPoint2013*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization\Applications*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-microsoftoffice365powerpoint2016"></a>**ADMX_UserExperienceVirtualization/MicrosoftOffice365PowerPoint2016**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting configures the synchronization of user settings for Microsoft Office 365 PowerPoint 2016. Microsoft Office 365 synchronizes certain settings by default without UE-V. If the synchronization capabilities of Microsoft Office 365 are disabled, then the user settings of Microsoft Office 365 PowerPoint 2016 will synchronize between a user’s work computers with UE-V by default. Use this policy setting to prevent the user settings of Microsoft Office 365 PowerPoint 2016 from synchronization between computers with UE-V.
+
+If you enable this policy setting, Microsoft Office 365 PowerPoint 2016 user settings continue to sync with UE-V.
+
+If you disable this policy setting, Microsoft Office 365 PowerPoint 2016 user settings are excluded from synchronization with UE-V.
+
+If you do not configure this policy setting, any defined values will be deleted.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Microsoft Office 365 PowerPoint 2016*
+-   GP name: *MicrosoftOffice365PowerPoint2016*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization\Applications*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-microsoftoffice365project2013"></a>**ADMX_UserExperienceVirtualization/MicrosoftOffice365Project2013**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting configures the synchronization of user settings for Microsoft Office 365 Project 2013. Microsoft Office 365 synchronizes certain settings by default without UE-V. If the synchronization capabilities of Microsoft Office 365 are disabled, then the user settings of Microsoft Office 365 Project 2013 will synchronize between a user’s work computers with UE-V by default. Use this policy setting to prevent the user settings of Microsoft Office 365 Project 2013 from synchronization between computers with UE-V.
+
+If you enable this policy setting, Microsoft Office 365 Project 2013 user settings continue to sync with UE-V.
+
+If you disable this policy setting, Microsoft Office 365 Project 2013 user settings are excluded from synchronization with UE-V.
+
+If you do not configure this policy setting, any defined values will be deleted.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Microsoft Office 365 Project 2013*
+-   GP name: *MicrosoftOffice365Project2013*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization\Applications*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-microsoftoffice365project2016"></a>**ADMX_UserExperienceVirtualization/MicrosoftOffice365Project2016**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting configures the synchronization of user settings for Microsoft Office 365 Project 2016. Microsoft Office 365 synchronizes certain settings by default without UE-V. If the synchronization capabilities of Microsoft Office 365 are disabled, then the user settings of Microsoft Office 365 Project 2016 will synchronize between a user’s work computers with UE-V by default. Use this policy setting to prevent the user settings of Microsoft Office 365 Project 2016 from synchronization between computers with UE-V.
+
+If you enable this policy setting, Microsoft Office 365 Project 2016 user settings continue to sync with UE-V.
+
+If you disable this policy setting, Microsoft Office 365 Project 2016 user settings are excluded from synchronization with UE-V.
+
+If you do not configure this policy setting, any defined values will be deleted.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Microsoft Office 365 Project 2016*
+-   GP name: *MicrosoftOffice365Project2016*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization\Applications*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-microsoftoffice365publisher2013"></a>**ADMX_UserExperienceVirtualization/MicrosoftOffice365Publisher2013**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting configures the synchronization of user settings for Microsoft Office 365 Publisher 2013. Microsoft Office 365 synchronizes certain settings by default without UE-V. If the synchronization capabilities of Microsoft Office 365 are disabled, then the user settings of Microsoft Office 365 Publisher 2013 will synchronize between a user’s work computers with UE-V by default. Use this policy setting to prevent the user settings of Microsoft Office 365 Publisher 2013 from synchronization between computers with UE-V.
+
+If you enable this policy setting, Microsoft Office 365 Publisher 2013 user settings continue to sync with UE-V.
+
+If you disable this policy setting, Microsoft Office 365 Publisher 2013 user settings are excluded from synchronization with UE-V.
+
+If you do not configure this policy setting, any defined values will be deleted.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Microsoft Office 365 Publisher 2013*
+-   GP name: *MicrosoftOffice365Publisher2013*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization\Applications*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-microsoftoffice365publisher2016"></a>**ADMX_UserExperienceVirtualization/MicrosoftOffice365Publisher2016**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting configures the synchronization of user settings for Microsoft Office 365 Publisher 2016. Microsoft Office 365 synchronizes certain settings by default without UE-V. If the synchronization capabilities of Microsoft Office 365 are disabled, then the user settings of Microsoft Office 365 Publisher 2016 will synchronize between a user’s work computers with UE-V by default. Use this policy setting to prevent the user settings of Microsoft Office 365 Publisher 2016 from synchronization between computers with UE-V.
+
+If you enable this policy setting, Microsoft Office 365 Publisher 2016 user settings continue to sync with UE-V.
+
+If you disable this policy setting, Microsoft Office 365 Publisher 2016 user settings are excluded from synchronization with UE-V.
+
+If you do not configure this policy setting, any defined values will be deleted.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Microsoft Office 365 Publisher 2016*
+-   GP name: *MicrosoftOffice365Publisher2016*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization\Applications*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-microsoftoffice365sharepointdesigner2013"></a>**ADMX_UserExperienceVirtualization/MicrosoftOffice365SharePointDesigner2013**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting configures the synchronization of user settings for Microsoft Office 365 SharePoint Designer 2013. Microsoft Office 365 synchronizes certain settings by default without UE-V. If the synchronization capabilities of Microsoft Office 365 are disabled, then the user settings of Microsoft Office 365 SharePoint Designer 2013 will synchronize between a user’s work computers with UE-V by default. Use this policy setting to prevent the user settings of Microsoft Office 365 SharePoint Designer 2013 from synchronization between computers with UE-V.
+
+If you enable this policy setting, Microsoft Office 365 SharePoint Designer 2013 user settings continue to sync with UE-V.
+
+If you disable this policy setting, Microsoft Office 365 SharePoint Designer 2013 user settings are excluded from synchronization with UE-V.
+
+If you do not configure this policy setting, any defined values will be deleted.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Microsoft Office 365 SharePoint Designer 2013*
+-   GP name: *MicrosoftOffice365SharePointDesigner2013*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization\Applications*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-microsoftoffice365visio2013"></a>**ADMX_UserExperienceVirtualization/MicrosoftOffice365Visio2013**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting configures the synchronization of user settings for Microsoft Office 365 Visio 2013. Microsoft Office 365 synchronizes certain settings by default without UE-V. If the synchronization capabilities of Microsoft Office 365 are disabled, then the user settings of Microsoft Office 365 Visio 2013 will synchronize between a user’s work computers with UE-V by default. Use this policy setting to prevent the user settings of Microsoft Office 365 Visio 2013 from synchronization between computers with UE-V.
+
+If you enable this policy setting, Microsoft Office 365 Visio 2013 user settings continue to sync with UE-V.
+
+If you disable this policy setting, Microsoft Office 365 Visio 2013 user settings are excluded from synchronization with UE-V.
+
+If you do not configure this policy setting, any defined values will be deleted.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Microsoft Office 365 Visio 2013*
+-   GP name: *MicrosoftOffice365Visio2013*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization\Applications*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-microsoftoffice365visio2016"></a>**ADMX_UserExperienceVirtualization/MicrosoftOffice365Visio2016**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting configures the synchronization of user settings for Microsoft Office 365 Visio 2016. Microsoft Office 365 synchronizes certain settings by default without UE-V. If the synchronization capabilities of Microsoft Office 365 are disabled, then the user settings of Microsoft Office 365 Visio 2016 will synchronize between a user’s work computers with UE-V by default. Use this policy setting to prevent the user settings of Microsoft Office 365 Visio 2016 from synchronization between computers with UE-V.
+
+If you enable this policy setting, Microsoft Office 365 Visio 2016 user settings continue to sync with UE-V.
+
+If you disable this policy setting, Microsoft Office 365 Visio 2016 user settings are excluded from synchronization with UE-V.
+
+If you do not configure this policy setting, any defined values will be deleted.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Microsoft Office 365 Visio 2016*
+-   GP name: *MicrosoftOffice365Visio2016*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization\Applications*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-microsoftoffice365word2013"></a>**ADMX_UserExperienceVirtualization/MicrosoftOffice365Word2013**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting configures the synchronization of user settings for Microsoft Office 365 Word 2013. Microsoft Office 365 synchronizes certain settings by default without UE-V. If the synchronization capabilities of Microsoft Office 365 are disabled, then the user settings of Microsoft Office 365 Word 2013 will synchronize between a user’s work computers with UE-V by default. Use this policy setting to prevent the user settings of Microsoft Office 365 Word 2013 from synchronization between computers with UE-V.
+
+If you enable this policy setting, Microsoft Office 365 Word 2013 user settings continue to sync with UE-V.
+
+If you disable this policy setting, Microsoft Office 365 Word 2013 user settings are excluded from synchronization with UE-V.
+
+If you do not configure this policy setting, any defined values will be deleted.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Microsoft Office 365 Word 2013*
+-   GP name: *MicrosoftOffice365Word2013*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization\Applications*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-microsoftoffice365word2016"></a>**ADMX_UserExperienceVirtualization/MicrosoftOffice365Word2016**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting configures the synchronization of user settings for Microsoft Office 365 Word 2016. Microsoft Office 365 synchronizes certain settings by default without UE-V. If the synchronization capabilities of Microsoft Office 365 are disabled, then the user settings of Microsoft Office 365 Word 2016 will synchronize between a user’s work computers with UE-V by default. Use this policy setting to prevent the user settings of Microsoft Office 365 Word 2016 from synchronization between computers with UE-V.
+
+If you enable this policy setting, Microsoft Office 365 Word 2016 user settings continue to sync with UE-V.
+
+If you disable this policy setting, Microsoft Office 365 Word 2016 user settings are excluded from synchronization with UE-V.
+
+If you do not configure this policy setting, any defined values will be deleted.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Microsoft Office 365 Word 2016*
+-   GP name: *MicrosoftOffice365Word2016*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization\Applications*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-music"></a>**ADMX_UserExperienceVirtualization/Music**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting configures the synchronization of user settings for the Music app. By default, the user settings of Music sync between computers. Use the policy setting to prevent the user settings of Music from synchronizing between computers.
+
+If you enable this policy setting, Music user settings continue to sync.
+
+If you disable this policy setting, Music user settings are excluded from the synchronizing settings.
+
+If you do not configure this policy setting, any defined values will be deleted.
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Music*
+-   GP name: *Music*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization\Windows Apps*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-news"></a>**ADMX_UserExperienceVirtualization/News**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting configures the synchronization of user settings for the News app. By default, the user settings of News sync between computers. Use the policy setting to prevent the user settings of News from synchronizing between computers.
+
+If you enable this policy setting, News user settings continue to sync.
+
+If you disable this policy setting, News user settings are excluded from synchronization.
+
+If you do not configure this policy setting, any defined values will be deleted.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *News*
+-   GP name: *News*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization\Windows Apps*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-notepad"></a>**ADMX_UserExperienceVirtualization/Notepad**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting configures the synchronization of user settings of Notepad. By default, the user settings of Notepad synchronize between computers. Use the policy setting to prevent the user settings of Notepad from synchronization between computers.
+
+If you enable this policy setting, the Notepad user settings continue to synchronize. 
+
+If you disable this policy setting, Notepad user settings are excluded from the synchronization settings.
+
+If you do not configure this policy setting, any defined values will be deleted.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Notepad*
+-   GP name: *Notepad*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization\Applications*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-reader"></a>**ADMX_UserExperienceVirtualization/Reader**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting configures the synchronization of user settings for the Reader app. By default, the user settings of Reader sync between computers. Use the policy setting to prevent the user settings of Reader from synchronizing between computers.
+
+If you enable this policy setting, Reader user settings continue to sync.
+
+If you disable this policy setting, Reader user settings are excluded from the synchronization.
+
+If you do not configure this policy setting, any defined values will be deleted.
+      
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Reader*
+-   GP name: *Reader*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization\Windows Apps*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-repositorytimeout"></a>**ADMX_UserExperienceVirtualization/RepositoryTimeout**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting configures the number of milliseconds that the computer waits when retrieving user settings from the settings storage location. You can use this setting to override the default value of 2000 milliseconds. 
+
+If you enable this policy setting, set the number of milliseconds that the system waits to retrieve settings. 
+
+If you disable or do not configure this policy setting, the default value of 2000 milliseconds is used.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Synchronization timeout*
+-   GP name: *RepositoryTimeout*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-settingsstoragepath"></a>**ADMX_UserExperienceVirtualization/SettingsStoragePath**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting configures where the settings package files that contain user settings are stored.
+
+If you enable this policy setting, the user settings are stored in the specified location. 
+
+If you disable or do not configure this policy setting, the user settings are stored in the user’s home directory if configured for your environment. 
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Settings storage path*
+-   GP name: *SettingsStoragePath*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-settingstemplatecatalogpath"></a>**ADMX_UserExperienceVirtualization/SettingsTemplateCatalogPath**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting configures where custom settings location templates are stored and if the catalog will be used to replace the default Microsoft templates installed with the UE-V Agent.
+
+If you enable this policy setting, the UE-V Agent checks the specified location once each day and updates its synchronization behavior based on the templates in this location. Settings location templates added or updated since the last check are registered by the UE-V Agent. The UE-V Agent deregisters templates that were removed from this location.
+
+If you specify a UNC path and leave the option to replace the default Microsoft templates unchecked, the UE-V Agent will use the default Microsoft templates installed by the UE-V Agent and custom templates in the settings template catalog. If there are custom templates in the settings template catalog which use the same ID as the default Microsoft templates, they will be ignored.
+
+If you specify a UNC path and check the option to replace the default Microsoft templates, all of the default Microsoft templates installed by the UE-V Agent will be deleted from the computer and only the templates located in the settings template catalog will be used.
+
+If you disable this policy setting, the UE-V Agent will not use the custom settings location templates. If you disable this policy setting after it has been enabled, the UE-V Agent will not restore the default Microsoft templates. 
+
+If you do not configure this policy setting, any defined values will be deleted.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Settings template catalog path*
+-   GP name: *SettingsTemplateCatalogPath*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-sports"></a>**ADMX_UserExperienceVirtualization/Sports**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting configures the synchronization of user settings for the Sports app. By default, the user settings of Sports sync between computers. Use the policy setting to prevent the user settings of Sports from synchronizing between computers.
+
+If you enable this policy setting, Sports user settings continue to sync.
+
+If you disable this policy setting, Sports user settings are excluded from synchronization.
+
+If you do not configure this policy setting, any defined values will be deleted.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Sports*
+-   GP name: *Sports*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization\Windows Apps*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-syncenabled"></a>**ADMX_UserExperienceVirtualization/SyncEnabled**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting allows you to enable or disable User Experience Virtualization (UE-V). Only applies to Windows 10 or earlier.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Use User Experience Virtualization (UE-V)*
+-   GP name: *SyncEnabled*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-syncovermeterednetwork"></a>**ADMX_UserExperienceVirtualization/SyncOverMeteredNetwork**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting defines whether the User Experience Virtualization (UE-V) Agent synchronizes settings over metered connections. By default, the UE-V Agent does not synchronize settings over a metered connection.
+
+With this setting enabled, the UE-V Agent synchronizes settings over a metered connection.
+
+With this setting disabled, the UE-V Agent does not synchronize settings over a metered connection.
+
+If you do not configure this policy setting, any defined values are deleted.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Sync settings over metered connections*
+-   GP name: *SyncOverMeteredNetwork*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-syncovermeterednetworkwhenroaming"></a>**ADMX_UserExperienceVirtualization/SyncOverMeteredNetworkWhenRoaming**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting defines whether the User Experience Virtualization (UE-V) Agent synchronizes settings over metered connections outside of the home provider network, for example when connected via a roaming connection. By default, the UE-V Agent does not synchronize settings over a metered connection that is roaming.
+
+With this setting enabled, the UE-V Agent synchronizes settings over a metered connection that is roaming.
+
+With this setting disabled, the UE-V Agent will not synchronize settings over a metered connection that is roaming.
+
+If you do not configure this policy setting, any defined values are deleted.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Sync settings over metered connections even when roaming*
+-   GP name: *SyncOverMeteredNetworkWhenRoaming*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-syncproviderpingenabled"></a>**ADMX_UserExperienceVirtualization/SyncProviderPingEnabled**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting allows you to configure the User Experience Virtualization (UE-V) sync provider to ping the settings storage path before attempting to sync settings. If the ping is successful then the sync provider attempts to synchronize the settings packages. If the ping is unsuccessful then the sync provider doesn’t attempt the synchronization.
+
+If you enable this policy setting, the sync provider pings the settings storage location before synchronizing settings packages.
+
+If you disable this policy setting, the sync provider doesn’t ping the settings storage location before synchronizing settings packages. 
+
+If you do not configure this policy, any defined values will be deleted.    
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Ping the settings storage location before sync*
+-   GP name: *SyncProviderPingEnabled*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-syncunlistedwindows8apps"></a>**ADMX_UserExperienceVirtualization/SyncUnlistedWindows8Apps**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting defines the default settings sync behavior of the User Experience Virtualization (UE-V) Agent for Windows apps that are not explicitly listed in Windows App List. By default, the UE-V Agent only synchronizes settings of those Windows apps included in the Windows App List.
+
+With this setting enabled, the settings of all Windows apps not expressly disable in the Windows App List are synchronized.
+
+With this setting disabled, only the settings of the Windows apps set to synchronize in the Windows App List are synchronized.
+
+If you do not configure this policy setting, any defined values are deleted.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Sync Unlisted Windows Apps*
+-   GP name: *SyncUnlistedWindows8Apps*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-travel"></a>**ADMX_UserExperienceVirtualization/Travel**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting configures the synchronization of user settings for the Travel app. By default, the user settings of Travel sync between computers. Use the policy setting to prevent the user settings of Travel from synchronizing between computers.
+
+If you enable this policy setting, Travel user settings continue to sync.
+
+If you disable this policy setting, Travel user settings are excluded from synchronization.
+
+If you do not configure this policy setting, any defined values will be deleted.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Travel*
+-   GP name: *Travel*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization\Windows Apps*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-trayiconenabled"></a>**ADMX_UserExperienceVirtualization/TrayIconEnabled**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting enables the User Experience Virtualization (UE-V) tray icon. By default, an icon appears in the system tray that displays notifications for UE-V. This icon also provides a link to the UE-V Agent application, Company Settings Center. Users can open the Company Settings Center by right-clicking the icon and selecting Open or by double-clicking the icon. When this group policy setting is enabled, the UE-V tray icon is visible, the UE-V notifications display, and the Company Settings Center is accessible from the tray icon.
+
+With this setting disabled, the tray icon does not appear in the system tray, UE-V never displays notifications, and the user cannot access Company Settings Center from the system tray. The Company Settings Center remains accessible through the Control Panel and the Start menu or Start screen.
+
+If you do not configure this policy setting, any defined values are deleted.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Tray Icon*
+-   GP name: *TrayIconEnabled*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-video"></a>**ADMX_UserExperienceVirtualization/Video**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting configures the synchronization of user settings for the Video app. By default, the user settings of Video sync between computers. Use the policy setting to prevent the user settings of Video from synchronizing between computers.
+
+If you enable this policy setting, Video user settings continue to sync.
+
+If you disable this policy setting, Video user settings are excluded from synchronization.
+
+If you do not configure this policy setting, any defined values will be deleted.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Video*
+-   GP name: *Video*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization\Windows Apps*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-weather"></a>**ADMX_UserExperienceVirtualization/Weather**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting configures the synchronization of user settings for the Weather app. By default, the user settings of Weather sync between computers. Use the policy setting to prevent the user settings of Weather from synchronizing between computers.
+
+If you enable this policy setting, Weather user settings continue to sync.
+
+If you disable this policy setting, Weather user settings are excluded from synchronization.
+
+If you do not configure this policy setting, any defined values will be deleted.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Weather*
+-   GP name: *Weather*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization\Windows Apps*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+<!--Policy-->
+<a href="" id="admx-userexperiencevirtualization-wordpad"></a>**ADMX_UserExperienceVirtualization/Wordpad**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting configures the synchronization of user settings of WordPad. By default, the user settings of WordPad synchronize between computers. Use the policy setting to prevent the user settings of WordPad from synchronization between computers.
+
+If you enable this policy setting, the WordPad user settings continue to synchronize. 
+
+If you disable this policy setting, WordPad user settings are excluded from the synchronization settings.
+
+If you do not configure this policy setting, any defined values will be deleted.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *WordPad*
+-   GP name: *Wordpad*
+-   GP path: *Windows Components\Microsoft User Experience Virtualization\Applications*
+-   GP ADMX file name: *UserExperienceVirtualization.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+Footnotes:
+
+- 1 - Available in Windows 10, version 1607.
+- 2 - Available in Windows 10, version 1703.
+- 3 - Available in Windows 10, version 1709.
+- 4 - Available in Windows 10, version 1803.
+- 5 - Available in Windows 10, version 1809.
+- 6 - Available in Windows 10, version 1903.
+- 7 - Available in Windows 10, version 1909.
+- 8 - Available in Windows 10, version 2004.
+
+<!--/Policies-->
+
diff --git a/windows/client-management/mdm/policy-csp-admx-w32time.md b/windows/client-management/mdm/policy-csp-admx-w32time.md
new file mode 100644
index 0000000000..a9b6715a43
--- /dev/null
+++ b/windows/client-management/mdm/policy-csp-admx-w32time.md
@@ -0,0 +1,429 @@
+---
+title: Policy CSP - ADMX_W32Time
+description: Policy CSP - ADMX_W32Time
+ms.author: dansimp
+ms.localizationpriority: medium
+ms.topic: article
+ms.prod: w10
+ms.technology: windows
+author: manikadhiman
+ms.date: 09/28/2020
+ms.reviewer: 
+manager: dansimp
+---
+
+# Policy CSP - ADMX_W32Time
+> [!WARNING]
+> Some information relates to prereleased products, which may be substantially modified before it's commercially released. Microsoft makes no warranties, expressed or implied, concerning the information provided here.
+
+<hr/>
+
+<!--Policies-->
+## ADMX_W32Time policies  
+
+<dl>
+  <dd>
+    <a href="#admx-w32time-policy-config">ADMX_W32Time/W32TIME_POLICY_CONFIG</a>
+  </dd>
+  <dd>
+    <a href="#admx-w32time-policy-configure-ntpclient">ADMX_W32Time/W32TIME_POLICY_CONFIGURE_NTPCLIENT</a>
+  </dd>
+  <dd>
+    <a href="#admx-w32time-policy-enable-ntpclient">ADMX_W32Time/W32TIME_POLICY_ENABLE_NTPCLIENT</a>
+  </dd>
+  <dd>
+    <a href="#admx-w32time-policy-enable-ntpserver">ADMX_W32Time/W32TIME_POLICY_ENABLE_NTPSERVER</a>
+  </dd>
+</dl>
+
+
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-w32time-policy-config"></a>**ADMX_W32Time/W32TIME_POLICY_CONFIG**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting allows you to specify Clock discipline and General values for the Windows Time service (W32time) for domain controllers including RODCs.
+
+If this policy setting is enabled, W32time Service on target machines use the settings provided here. Otherwise, the service on target machines use locally configured settings values.
+
+For more details on individual parameters, combinations of parameter values as well as definitions of flags, see https://go.microsoft.com/fwlink/?linkid=847809.
+
+**FrequencyCorrectRate**
+This parameter controls the rate at which the W32time corrects the local clock's frequency. Lower values cause slower corrections; larger values cause more frequent corrections. Default: 4 (scalar).
+
+**HoldPeriod**
+This parameter indicates how many consistent time samples the client computer must receive in a series before subsequent time samples are evaluated as potential spikes. Default: 5
+
+**LargePhaseOffset**
+If a time sample differs from the client computer's local clock by more than LargePhaseOffset, the local clock is deemed to have drifted considerably, or in other words, spiked. Default: 50,000,000 100-nanosecond units (ns) or 5 seconds.
+
+**MaxAllowedPhaseOffset**
+If a response is received that has a time variation that is larger than this parameter value, W32time sets the client computer's local clock immediately to the time that is accepted as accurate from the Network Time Protocol (NTP) server. If the time variation is less than this value, the client computer's local clock is corrected gradually. Default: 300 seconds.
+
+**MaxNegPhaseCorrection**
+If a time sample is received that indicates a time in the past (as compared to the client computer's local clock) that has a time difference that is greater than the MaxNegPhaseCorrection value, the time sample is discarded. Default: 172,800 seconds.
+
+**MaxPosPhaseCorrection**
+If a time sample is received that indicates a time in the future (as compared to the client computer's local clock) that has a time difference greater than the MaxPosPhaseCorrection value, the time sample is discarded. Default: 172,800 seconds.
+
+**PhaseCorrectRate**
+This parameter controls how quickly W32time corrects the client computer's local clock difference to match time samples that are accepted as accurate from the NTP server. Lower values cause the clock to correct more slowly; larger values cause the clock to correct more quickly. Default: 7 (scalar).
+
+**PollAdjustFactor**
+This parameter controls how quickly W32time changes polling intervals. When responses are considered to be accurate, the polling interval lengthens automatically. When responses are considered to be inaccurate, the polling interval shortens automatically. Default: 5 (scalar).
+
+**SpikeWatchPeriod**
+This parameter specifies the amount of time that samples with time offset larger than LargePhaseOffset are received before these samples are accepted as accurate. SpikeWatchPeriod is used in conjunction with HoldPeriod to help eliminate sporadic, inaccurate time samples that are returned from a peer. Default: 900 seconds.
+
+**UpdateInterval**
+This parameter specifies the amount of time that W32time waits between corrections when the clock is being corrected gradually. When it makes a gradual correction, the service adjusts the clock slightly, waits this amount of time, and then checks to see if another adjustment is needed, until the correction is finished. Default: 100 1/100th second units, or 1 second.
+
+General parameters:
+
+**AnnounceFlags**
+This parameter is a bitmask value that controls how time service availability is advertised through NetLogon. Default: 0x0a hexadecimal
+
+**EventLogFlags**
+This parameter controls special events that may be logged to the Event Viewer System log. Default: 0x02 hexadecimal bitmask.
+
+**LocalClockDispersion**
+This parameter indicates the maximum error in seconds that is reported by the NTP server to clients that are requesting a time sample. (Applies only when the NTP server is using the time of the local CMOS clock.) Default: 10 seconds.
+
+**MaxPollInterval**
+This parameter controls the maximum polling interval, which defines the maximum amount of time between polls of a peer. Default: 10 in log base-2, or 1024 seconds. (Should not be set higher than 15.)
+
+**MinPollInterval**
+This parameter controls the minimum polling interval that defines the minimum amount of time between polls of a peer. Default: 6 in log base-2, or 64 seconds.
+
+**ClockHoldoverPeriod**
+This parameter indicates the maximum number of seconds a system clock can nominally hold its accuracy without synchronizing with a time source. If this period of time passes without W32time obtaining new samples from any of its input providers, W32time initiates a rediscovery of time sources. Default: 7800 seconds.
+
+**RequireSecureTimeSyncRequests**
+This parameter controls whether or not the DC will respond to time sync requests that use older authentication protocols. If enabled (set to 1), the DC will not respond to requests using such protocols. Default: 0 Boolean.
+
+**UtilizeSslTimeData**
+This parameter controls whether W32time will use time data computed from SSL traffic on the machine as an additional input for correcting the local clock.  Default: 1 (enabled) Boolean
+
+**ClockAdjustmentAuditLimit**
+This parameter specifies the smallest local clock adjustments that may be logged to the W32time service event log on the target machine. Default: 800 Parts per million (PPM).
+
+RODC parameters:
+
+**ChainEntryTimeout**
+This parameter specifies the maximum amount of time that an entry can remain in the chaining table before the entry is considered to be expired. Expired entries may be removed when the next request or response is processed. Default: 16 seconds.
+
+**ChainMaxEntries**
+This parameter controls the maximum number of entries that are allowed in the chaining table. If the chaining table is full and no expired entries can be removed, any incoming requests are discarded. Default: 128 entries.
+
+**ChainMaxHostEntries**
+This parameter controls the maximum number of entries that are allowed in the chaining table for a particular host. Default: 4 entries.
+
+**ChainDisable**
+This parameter controls whether or not the chaining mechanism is disabled. If chaining is disabled (set to 0), the RODC can synchronize with any domain controller, but hosts that do not have their passwords cached on the RODC will not be able to synchronize with the RODC. Default: 0 Boolean.
+
+**ChainLoggingRate**
+This parameter controls the frequency at which an event that indicates the number of successful and unsuccessful chaining attempts is logged to the System log in Event Viewer. Default: 30 minutes.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Global Configuration Settings*
+-   GP name: *W32TIME_POLICY_CONFIG*
+-   GP path: *System\Windows Time Service*
+-   GP ADMX file name: *W32Time.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-w32time-policy-configure-ntpclient"></a>**ADMX_W32Time/W32TIME_POLICY_CONFIGURE_NTPCLIENT**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting specifies a set of parameters for controlling the Windows NTP Client.
+
+If you enable this policy setting, you can specify the following parameters for the Windows NTP Client.
+
+If you disable or do not configure this policy setting, the Windows NTP Client uses the defaults of each of the following parameters.
+
+**NtpServer**
+The Domain Name System (DNS) name or IP address of an NTP time source. This value is in the form of ""dnsName,flags"" where ""flags"" is a hexadecimal bitmask of the flags for that host. For more information, see the NTP Client Group Policy Settings Associated with Windows Time section of the Windows Time Service Group Policy Settings.  The default value is ""time.windows.com,0x09"". 
+
+**Type**
+This value controls the authentication that W32time uses. The default value is NT5DS.
+
+**CrossSiteSyncFlags**
+This value, expressed as a bitmask, controls how W32time chooses time sources outside its own site. The possible values are 0, 1, and 2. Setting this value to 0 (None) indicates that the time client should not attempt to synchronize time outside its site. Setting this value to 1 (PdcOnly) indicates that only the computers that function as primary domain controller (PDC) emulator operations masters in other domains can be used as synchronization partners when the client has to synchronize time with a partner outside its own site. Setting a value of 2 (All) indicates that any synchronization partner can be used. This value is ignored if the NT5DS value is not set. The default value is 2 decimal (0x02 hexadecimal).
+
+**ResolvePeerBackoffMinutes**
+This value, expressed in minutes, controls how long W32time waits before it attempts to resolve a DNS name when a previous attempt failed. The default value is 15 minutes.
+
+**ResolvePeerBackoffMaxTimes**
+This value controls how many times W32time attempts to resolve a DNS name before the discovery process is restarted. Each time DNS name resolution fails, the amount of time to wait before the next attempt will be twice the previous amount. The default value is seven attempts.
+
+**SpecialPollInterval**
+This NTP client value, expressed in seconds, controls how often a manually configured time source is polled when the time source is configured to use a special polling interval. If the SpecialInterval flag is enabled on the NTPServer setting, the client uses the value that is set as the SpecialPollInterval, instead of a variable interval between MinPollInterval and MaxPollInterval values, to determine how frequently to poll the time source. SpecialPollInterval must be in the range of [MinPollInterval, MaxPollInterval], else the nearest value of the range is picked. Default: 1024 seconds.
+
+**EventLogFlags**
+This value is a bitmask that controls events that may be logged to the System log in Event Viewer. Setting this value to 0x1 indicates that W32time will create an event whenever a time jump is detected. Setting this value to 0x2 indicates that W32time will create an event whenever a time source change is made. Because it is a bitmask value, setting 0x3 (the addition of 0x1 and 0x2) indicates that both time jumps and time source changes will be logged.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Configure Windows NTP Client*
+-   GP name: *W32TIME_POLICY_CONFIGURE_NTPCLIENT*
+-   GP path: *System\Windows Time Service\Time Providers*
+-   GP ADMX file name: *W32Time.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-w32time-policy-enable-ntpclient"></a>**ADMX_W32Time/W32TIME_POLICY_ENABLE_NTPCLIENT**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting specifies whether the Windows NTP Client is enabled.
+
+Enabling the Windows NTP Client allows your computer to synchronize its computer clock with other NTP servers. You might want to disable this service if you decide to use a third-party time provider.
+
+If you enable this policy setting, you can set the local computer clock to synchronize time with NTP servers.
+
+If you disable or do not configure this policy setting, the local computer clock does not synchronize time with NTP servers.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Enable Windows NTP Client*
+-   GP name: *W32TIME_POLICY_ENABLE_NTPCLIENT*
+-   GP path: *System\Windows Time Service\Time Providers*
+-   GP ADMX file name: *W32Time.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-w32time-policy-enable-ntpserver"></a>**ADMX_W32Time/W32TIME_POLICY_ENABLE_NTPSERVER**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting allows you to specify whether the Windows NTP Server is enabled.
+
+If you enable this policy setting for the Windows NTP Server, your computer can service NTP requests from other computers.
+
+If you disable or do not configure this policy setting, your computer cannot service NTP requests from other computers.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Enable Windows NTP Server*
+-   GP name: *W32TIME_POLICY_ENABLE_NTPSERVER*
+-   GP path: *System\Windows Time Service\Time Providers*
+-   GP ADMX file name: *W32Time.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+Footnotes:
+
+- 1 - Available in Windows 10, version 1607.
+- 2 - Available in Windows 10, version 1703.
+- 3 - Available in Windows 10, version 1709.
+- 4 - Available in Windows 10, version 1803.
+- 5 - Available in Windows 10, version 1809.
+- 6 - Available in Windows 10, version 1903.
+- 7 - Available in Windows 10, version 1909.
+- 8 - Available in Windows 10, version 2004.
+
+<!--/Policies-->
+
diff --git a/windows/client-management/mdm/policy-csp-admx-wincal.md b/windows/client-management/mdm/policy-csp-admx-wincal.md
new file mode 100644
index 0000000000..bceaf394ed
--- /dev/null
+++ b/windows/client-management/mdm/policy-csp-admx-wincal.md
@@ -0,0 +1,192 @@
+---
+title: Policy CSP - ADMX_WinCal
+description: Policy CSP - ADMX_WinCal
+ms.author: dansimp
+ms.localizationpriority: medium
+ms.topic: article
+ms.prod: w10
+ms.technology: windows
+author: manikadhiman
+ms.date: 09/28/2020
+ms.reviewer: 
+manager: dansimp
+---
+
+# Policy CSP - ADMX_WinCal
+> [!WARNING]
+> Some information relates to prereleased products, which may be substantially modified before it's commercially released. Microsoft makes no warranties, expressed or implied, concerning the information provided here.
+
+<hr/>
+
+<!--Policies-->
+## ADMX_WinCal policies  
+
+<dl>
+  <dd>
+    <a href="#admx-wincal-turnoffwincal-1">ADMX_WinCal/TurnOffWinCal_1</a>
+  </dd>
+  <dd>
+    <a href="#admx-wincal-turnoffwincal-2">ADMX_WinCal/TurnOffWinCal_2</a>
+  </dd>
+</dl>
+
+
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-wincal-turnoffwincal-1"></a>**ADMX_WinCal/TurnOffWinCal_1**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. Windows Calendar is a feature that allows users to manage appointments and tasks by creating personal calendars, publishing them, and subscribing to other users calendars.
+
+If you enable this setting, Windows Calendar will be turned off.
+
+If you disable or do not configure this setting, Windows Calendar will be turned on.
+
+The default is for Windows Calendar to be turned on.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Turn off Windows Calendar*
+-   GP name: *TurnOffWinCal_1*
+-   GP path: *Windows Components\Windows Calendar*
+-   GP ADMX file name: *WinCal.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-wincal-turnoffwincal-2"></a>**ADMX_WinCal/TurnOffWinCal_2**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. Windows Calendar is a feature that allows users to manage appointments and tasks by creating personal calendars, publishing them, and subscribing to other users calendars.
+
+If you enable this setting, Windows Calendar will be turned off.
+
+If you disable or do not configure this setting, Windows Calendar will be turned on.
+
+The default is for Windows Calendar to be turned on.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Turn off Windows Calendar*
+-   GP name: *TurnOffWinCal_2*
+-   GP path: *Windows Components\Windows Calendar*
+-   GP ADMX file name: *WinCal.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+Footnotes:
+
+- 1 - Available in Windows 10, version 1607.
+- 2 - Available in Windows 10, version 1703.
+- 3 - Available in Windows 10, version 1709.
+- 4 - Available in Windows 10, version 1803.
+- 5 - Available in Windows 10, version 1809.
+- 6 - Available in Windows 10, version 1903.
+- 7 - Available in Windows 10, version 1909.
+- 8 - Available in Windows 10, version 2004.
+
+<!--/Policies-->
+
diff --git a/windows/client-management/mdm/policy-csp-admx-windowsanytimeupgrade.md b/windows/client-management/mdm/policy-csp-admx-windowsanytimeupgrade.md
new file mode 100644
index 0000000000..8b06f92864
--- /dev/null
+++ b/windows/client-management/mdm/policy-csp-admx-windowsanytimeupgrade.md
@@ -0,0 +1,115 @@
+---
+title: Policy CSP - ADMX_WindowsAnytimeUpgrade
+description: Policy CSP - ADMX_WindowsAnytimeUpgrade
+ms.author: dansimp
+ms.localizationpriority: medium
+ms.topic: article
+ms.prod: w10
+ms.technology: windows
+author: manikadhiman
+ms.date: 09/29/2020
+ms.reviewer: 
+manager: dansimp
+---
+
+# Policy CSP - ADMX_WindowsAnytimeUpgrade
+> [!WARNING]
+> Some information relates to prereleased products, which may be substantially modified before it's commercially released. Microsoft makes no warranties, expressed or implied, concerning the information provided here.
+
+<hr/>
+
+<!--Policies-->
+## ADMX_WindowsAnytimeUpgrade policies  
+
+<dl>
+  <dd>
+    <a href="#admx-windowsanytimeupgrade-disabled">ADMX_WindowsAnytimeUpgrade/Disabled</a>
+  </dd>
+</dl>
+
+
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-windowsanytimeupgrade-disabled"></a>**ADMX_WindowsAnytimeUpgrade/Disabled**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. By default, Add features to Windows 10 is available for all administrators. 
+
+If you enable this policy setting, the wizard will not run.
+
+If you disable this policy setting or set it to Not Configured, the wizard will run.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Prevent the wizard from running.*
+-   GP name: *Disabled*
+-   GP path: *Windows Components\Add features to Windows 10*
+-   GP ADMX file name: *WindowsAnytimeUpgrade.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+Footnotes:
+
+- 1 - Available in Windows 10, version 1607.
+- 2 - Available in Windows 10, version 1703.
+- 3 - Available in Windows 10, version 1709.
+- 4 - Available in Windows 10, version 1803.
+- 5 - Available in Windows 10, version 1809.
+- 6 - Available in Windows 10, version 1903.
+- 7 - Available in Windows 10, version 1909.
+- 8 - Available in Windows 10, version 2004.
+
+<!--/Policies-->
+
diff --git a/windows/client-management/mdm/policy-csp-admx-windowsconnectnow.md b/windows/client-management/mdm/policy-csp-admx-windowsconnectnow.md
new file mode 100644
index 0000000000..80b7d947fa
--- /dev/null
+++ b/windows/client-management/mdm/policy-csp-admx-windowsconnectnow.md
@@ -0,0 +1,264 @@
+---
+title: Policy CSP - ADMX_WindowsConnectNow
+description: Policy CSP - ADMX_WindowsConnectNow
+ms.author: dansimp
+ms.localizationpriority: medium
+ms.topic: article
+ms.prod: w10
+ms.technology: windows
+author: manikadhiman
+ms.date: 09/28/2020
+ms.reviewer: 
+manager: dansimp
+---
+
+# Policy CSP - ADMX_WindowsConnectNow
+> [!WARNING]
+> Some information relates to prereleased products, which may be substantially modified before it's commercially released. Microsoft makes no warranties, expressed or implied, concerning the information provided here.
+
+<hr/>
+
+<!--Policies-->
+## ADMX_WindowsConnectNow policies  
+
+<dl>
+  <dd>
+    <a href="#admx-windowsconnectnow-wcn-disablewcnui-1">ADMX_WindowsConnectNow/WCN_DisableWcnUi_1</a>
+  </dd>
+  <dd>
+    <a href="#admx-windowsconnectnow-wcn-disablewcnui-2">ADMX_WindowsConnectNow/WCN_DisableWcnUi_2</a>
+  </dd>
+  <dd>
+    <a href="#admx-windowsconnectnow-wcn-enableregistrar">ADMX_WindowsConnectNow/WCN_EnableRegistrar</a>
+  </dd>
+</dl>
+
+
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-windowsconnectnow-wcn-disablewcnui-1"></a>**ADMX_WindowsConnectNow/WCN_DisableWcnUi_1**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting prohibits access to Windows Connect Now (WCN) wizards. 
+
+If you enable this policy setting, the wizards are turned off and users have no access to any of the wizard tasks. All the configuration related tasks, including "Set up a wireless router or access point" and "Add a wireless device" are disabled. 
+
+If you disable or do not configure this policy setting, users can access the wizard tasks, including "Set up a wireless router or access point" and "Add a wireless device." The default for this policy setting allows users to access all WCN wizards.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Prohibit access of the Windows Connect Now wizards*
+-   GP name: *WCN_DisableWcnUi_1*
+-   GP path: *Network\Windows Connect Now*
+-   GP ADMX file name: *WindowsConnectNow.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-windowsconnectnow-wcn-disablewcnui-2"></a>**ADMX_WindowsConnectNow/WCN_DisableWcnUi_2**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting prohibits access to Windows Connect Now (WCN) wizards. 
+
+If you enable this policy setting, the wizards are turned off and users have no access to any of the wizard tasks. All the configuration related tasks, including "Set up a wireless router or access point" and "Add a wireless device" are disabled. 
+
+If you disable or do not configure this policy setting, users can access the wizard tasks, including "Set up a wireless router or access point" and "Add a wireless device." The default for this policy setting allows users to access all WCN wizards.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Prohibit access of the Windows Connect Now wizards*
+-   GP name: *WCN_DisableWcnUi_2*
+-   GP path: *Network\Windows Connect Now*
+-   GP ADMX file name: *WindowsConnectNow.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-windowsconnectnow-wcn-enableregistrar"></a>**ADMX_WindowsConnectNow/WCN_EnableRegistrar**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting allows the configuration of wireless settings using Windows Connect Now (WCN). The WCN Registrar enables the discovery and configuration of devices over Ethernet (UPnP), over In-band 802.11 WLAN, through the Windows Portable Device API (WPD), and via USB Flash drives.
+
+Additional options are available to allow discovery and configuration over a specific medium. 
+
+If you enable this policy setting, additional choices are available to turn off the operations over a specific medium. 
+
+If you disable this policy setting, operations are disabled over all media. 
+
+If you do not configure this policy setting, operations are enabled over all media. 
+
+The default for this policy setting allows operations over all media.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Configuration of wireless settings using Windows Connect Now*
+-   GP name: *WCN_EnableRegistrar*
+-   GP path: *Network\Windows Connect Now*
+-   GP ADMX file name: *WindowsConnectNow.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+Footnotes:
+
+- 1 - Available in Windows 10, version 1607.
+- 2 - Available in Windows 10, version 1703.
+- 3 - Available in Windows 10, version 1709.
+- 4 - Available in Windows 10, version 1803.
+- 5 - Available in Windows 10, version 1809.
+- 6 - Available in Windows 10, version 1903.
+- 7 - Available in Windows 10, version 1909.
+- 8 - Available in Windows 10, version 2004.
+
+<!--/Policies-->
+
diff --git a/windows/client-management/mdm/policy-csp-admx-windowsmediadrm.md b/windows/client-management/mdm/policy-csp-admx-windowsmediadrm.md
new file mode 100644
index 0000000000..d9845c8533
--- /dev/null
+++ b/windows/client-management/mdm/policy-csp-admx-windowsmediadrm.md
@@ -0,0 +1,116 @@
+---
+title: Policy CSP - ADMX_WindowsMediaDRM
+description: Policy CSP - ADMX_WindowsMediaDRM
+ms.author: dansimp
+ms.localizationpriority: medium
+ms.topic: article
+ms.prod: w10
+ms.technology: windows
+author: manikadhiman
+ms.date: 08/13/2020
+ms.reviewer: 
+manager: dansimp
+---
+
+# Policy CSP - ADMX_WindowsMediaDRM
+> [!WARNING]
+> Some information relates to prereleased products, which may be substantially modified before it's commercially released. Microsoft makes no warranties, expressed or implied, concerning the information provided here.
+
+<hr/>
+
+<!--Policies-->
+## ADMX_WindowsMediaDRM policies  
+
+<dl>
+  <dd>
+    <a href="#admx-windowsmediadrm-disableonline">ADMX_WindowsMediaDRM/DisableOnline</a>
+  </dd>
+</dl>
+
+
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-windowsmediadrm-disableonline"></a>**ADMX_WindowsMediaDRM/DisableOnline**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting prevents Windows Media Digital Rights Management (DRM) from accessing the Internet (or intranet).
+
+When enabled, Windows Media DRM is prevented from accessing the Internet (or intranet) for license acquisition and security upgrades.
+
+When this policy is enabled, programs are not able to acquire licenses for secure content, upgrade Windows Media DRM security components, or restore backed up content licenses.  Secure content that is already licensed to the local computer will continue to play. Users are also able to protect music that they copy from a CD and play this protected content on their computer, since the license is generated locally in this scenario.
+
+When this policy is either disabled or not configured, Windows Media DRM functions normally and will connect to the Internet (or intranet) to acquire licenses, download security upgrades, and perform license restoration.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Prevent Windows Media DRM Internet Access*
+-   GP name: *DisableOnline*
+-   GP path: *Windows Components\Windows Media Digital Rights Management*
+-   GP ADMX file name: *WindowsMediaDRM.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+Footnotes:
+
+- 1 - Available in Windows 10, version 1607.
+- 2 - Available in Windows 10, version 1703.
+- 3 - Available in Windows 10, version 1709.
+- 4 - Available in Windows 10, version 1803.
+- 5 - Available in Windows 10, version 1809.
+- 6 - Available in Windows 10, version 1903.
+- 7 - Available in Windows 10, version 1909.
+- 8 - Available in Windows 10, version 2004.
+
+<!--/Policies-->
+
diff --git a/windows/client-management/mdm/policy-csp-admx-windowsmediaplayer.md b/windows/client-management/mdm/policy-csp-admx-windowsmediaplayer.md
new file mode 100644
index 0000000000..69a27c1fef
--- /dev/null
+++ b/windows/client-management/mdm/policy-csp-admx-windowsmediaplayer.md
@@ -0,0 +1,1614 @@
+---
+title: Policy CSP - ADMX_WindowsMediaPlayer
+description: Policy CSP - ADMX_WindowsMediaPlayer
+ms.author: dansimp
+ms.localizationpriority: medium
+ms.topic: article
+ms.prod: w10
+ms.technology: windows
+author: manikadhiman
+ms.date: 10/09/2020
+ms.reviewer: 
+manager: dansimp
+---
+
+# Policy CSP - ADMX_WindowsMediaPlayer
+> [!WARNING]
+> Some information relates to prereleased products, which may be substantially modified before it's commercially released. Microsoft makes no warranties, expressed or implied, concerning the information provided here.
+
+<hr/>
+
+<!--Policies-->
+## ADMX_WindowsMediaPlayer policies  
+
+<dl>
+  <dd>
+    <a href="#admx-windowsmediaplayer-configurehttpproxysettings">ADMX_WindowsMediaPlayer/ConfigureHTTPProxySettings</a>
+  </dd>
+  <dd>
+    <a href="#admx-windowsmediaplayer-configuremmsproxysettings">ADMX_WindowsMediaPlayer/ConfigureMMSProxySettings</a>
+  </dd>
+  <dd>
+    <a href="#admx-windowsmediaplayer-configurertspproxysettings">ADMX_WindowsMediaPlayer/ConfigureRTSPProxySettings</a>
+  </dd>
+  <dd>
+    <a href="#admx-windowsmediaplayer-disableautoupdate">ADMX_WindowsMediaPlayer/DisableAutoUpdate</a>
+  </dd>
+  <dd>
+    <a href="#admx-windowsmediaplayer-disablenetworksettings">ADMX_WindowsMediaPlayer/DisableNetworkSettings</a>
+  </dd>
+  <dd>
+    <a href="#admx-windowsmediaplayer-disablesetupfirstuseconfiguration">ADMX_WindowsMediaPlayer/DisableSetupFirstUseConfiguration</a>
+  </dd>
+  <dd>
+    <a href="#admx-windowsmediaplayer-donotshowanchor">ADMX_WindowsMediaPlayer/DoNotShowAnchor</a>
+  </dd>
+  <dd>
+    <a href="#admx-windowsmediaplayer-dontuseframeinterpolation">ADMX_WindowsMediaPlayer/DontUseFrameInterpolation</a>
+  </dd>
+  <dd>
+    <a href="#admx-windowsmediaplayer-enablescreensaver">ADMX_WindowsMediaPlayer/EnableScreenSaver</a>
+  </dd>
+  <dd>
+    <a href="#admx-windowsmediaplayer-hideprivacytab">ADMX_WindowsMediaPlayer/HidePrivacyTab</a>
+  </dd>
+  <dd>
+    <a href="#admx-windowsmediaplayer-hidesecuritytab">ADMX_WindowsMediaPlayer/HideSecurityTab</a>
+  </dd>
+  <dd>
+    <a href="#admx-windowsmediaplayer-networkbuffering">ADMX_WindowsMediaPlayer/NetworkBuffering</a>
+  </dd>
+  <dd>
+    <a href="#admx-windowsmediaplayer-policycodecupdate">ADMX_WindowsMediaPlayer/PolicyCodecUpdate</a>
+  </dd>
+  <dd>
+    <a href="#admx-windowsmediaplayer-preventcddvdmetadataretrieval">ADMX_WindowsMediaPlayer/PreventCDDVDMetadataRetrieval</a>
+  </dd>
+  <dd>
+    <a href="#admx-windowsmediaplayer-preventlibrarysharing">ADMX_WindowsMediaPlayer/PreventLibrarySharing</a>
+  </dd>
+  <dd>
+    <a href="#admx-windowsmediaplayer-preventmusicfilemetadataretrieval">ADMX_WindowsMediaPlayer/PreventMusicFileMetadataRetrieval</a>
+  </dd>
+  <dd>
+    <a href="#admx-windowsmediaplayer-preventquicklaunchshortcut">ADMX_WindowsMediaPlayer/PreventQuickLaunchShortcut</a>
+  </dd>
+  <dd>
+    <a href="#admx-windowsmediaplayer-preventradiopresetsretrieval">ADMX_WindowsMediaPlayer/PreventRadioPresetsRetrieval</a>
+  </dd>
+  <dd>
+    <a href="#admx-windowsmediaplayer-preventwmpdesktopshortcut">ADMX_WindowsMediaPlayer/PreventWMPDeskTopShortcut</a>
+  </dd>
+  <dd>
+    <a href="#admx-windowsmediaplayer-skinlockdown">ADMX_WindowsMediaPlayer/SkinLockDown</a>
+  </dd>
+  <dd>
+    <a href="#admx-windowsmediaplayer-windowsstreamingmediaprotocols">ADMX_WindowsMediaPlayer/WindowsStreamingMediaProtocols</a>
+  </dd>
+</dl>
+
+
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-windowsmediaplayer-configurehttpproxysettings"></a>**ADMX_WindowsMediaPlayer/ConfigureHTTPProxySettings**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting allows you to specify the HTTP proxy settings for Windows Media Player.
+
+If you enable this policy setting, select one of the following proxy types:
+
+- Autodetect: the proxy settings are automatically detected.
+- Custom: unique proxy settings are used.
+- Use browser proxy settings: browser's proxy settings are used.
+
+If the Custom proxy type is selected, the rest of the options on the Setting tab must be specified because no default settings are used for the proxy. The options are ignored if Autodetect or Browser is selected.
+
+The Configure button on the Network tab in the Player is not available for the HTTP protocol and the proxy cannot be configured. If the "Hide network tab" policy setting is also enabled, the entire Network tab is hidden.
+
+This policy is ignored if the "Streaming media protocols" policy setting is enabled and HTTP is not selected.
+
+If you disable this policy setting, the HTTP proxy server cannot be used and the user cannot configure the HTTP proxy.
+
+If you do not configure this policy setting, users can configure the HTTP proxy settings.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Configure HTTP Proxy*
+-   GP name: *ConfigureHTTPProxySettings*
+-   GP path: *Windows Components\Windows Media Player\Networking*
+-   GP ADMX file name: *WindowsMediaPlayer.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-windowsmediaplayer-configuremmsproxysettings"></a>**ADMX_WindowsMediaPlayer/ConfigureMMSProxySettings**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting allows you to specify the MMS proxy settings for Windows Media Player.
+
+If you enable this policy setting, select one of the following proxy types:
+
+- Autodetect: the proxy settings are automatically detected.
+- Custom: unique proxy settings are used.
+
+If the Custom proxy type is selected, the rest of the options on the Setting tab must be specified; otherwise, the default settings are used. The options are ignored if Autodetect is selected.
+
+The Configure button on the Network tab in the Player is not available and the protocol cannot be configured. If the "Hide network tab" policy setting is also enabled, the entire Network tab is hidden.
+
+This policy setting is ignored if the "Streaming media protocols" policy setting is enabled and Multicast is not selected.
+
+If you disable this policy setting, the MMS proxy server cannot be used and users cannot configure the MMS proxy settings.
+
+If you do not configure this policy setting, users can configure the MMS proxy settings.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Configure MMS Proxy*
+-   GP name: *ConfigureMMSProxySettings*
+-   GP path: *Windows Components\Windows Media Player\Networking*
+-   GP ADMX file name: *WindowsMediaPlayer.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-windowsmediaplayer-configurertspproxysettings"></a>**ADMX_WindowsMediaPlayer/ConfigureRTSPProxySettings**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting allows you to specify the RTSP proxy settings for Windows Media Player.
+
+If you enable this policy setting, select one of the following proxy types:
+
+- Autodetect: the proxy settings are automatically detected.
+- Custom: unique proxy settings are used.
+
+If the Custom proxy type is selected, the rest of the options on the Setting tab must be specified; otherwise, the default settings are used. The options are ignored if Autodetect is selected.
+
+The Configure button on the Network tab in the Player is not available and the protocol cannot be configured. If the "Hide network tab" policy setting is also enabled, the entire Network tab is hidden.
+
+If you disable this policy setting, the RTSP proxy server cannot be used and users cannot change the RTSP proxy settings.
+
+If you do not configure this policy setting, users can configure the RTSP proxy settings.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Configure RTSP Proxy*
+-   GP name: *ConfigureRTSPProxySettings*
+-   GP path: *Windows Components\Windows Media Player\Networking*
+-   GP ADMX file name: *WindowsMediaPlayer.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-windowsmediaplayer-disableautoupdate"></a>**ADMX_WindowsMediaPlayer/DisableAutoUpdate**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting allows you to turn off do not show first use dialog boxes.
+
+If you enable this policy setting, the Privacy Options and Installation Options dialog boxes are prevented from being displayed the first time a user starts Windows Media Player.
+
+This policy setting prevents the dialog boxes which allow users to select privacy, file types, and other desktop options from being displayed when the Player is first started. Some of the options can be configured by using other Windows Media Player group policies.
+
+If you disable or do not configure this policy setting, the dialog boxes are displayed when the user starts the Player for the first time.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Prevent Automatic Updates*
+-   GP name: *DisableAutoUpdate*
+-   GP path: *Windows Components\Windows Media Player*
+-   GP ADMX file name: *WindowsMediaPlayer.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-windowsmediaplayer-disablenetworksettings"></a>**ADMX_WindowsMediaPlayer/DisableNetworkSettings**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting allows you to hide the Network tab.
+
+If you enable this policy setting, the Network tab in Windows Media Player is hidden. The default network settings are used unless the user has previously defined network settings for the Player.
+
+If you disable or do not configure this policy setting, the Network tab appears and users can use it to configure network settings.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Hide Network Tab*
+-   GP name: *DisableNetworkSettings*
+-   GP path: *Windows Components\Windows Media Player\Networking*
+-   GP ADMX file name: *WindowsMediaPlayer.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-windowsmediaplayer-disablesetupfirstuseconfiguration"></a>**ADMX_WindowsMediaPlayer/DisableSetupFirstUseConfiguration**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting allows you to prevent the anchor window from being displayed when Windows Media Player is in skin mode.
+
+If you enable this policy setting, the anchor window is hidden when the Player is in skin mode. In addition, the option on the Player tab in the Player that enables users to choose whether the anchor window displays is not available.
+
+If you disable or do not configure this policy setting, users can show or hide the anchor window when the Player is in skin mode by using the Player tab in the Player.
+
+If you do not configure this policy setting, and the "Set and lock skin" policy setting is enabled, some options in the anchor window are not available.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Do Not Show First Use Dialog Boxes*
+-   GP name: *DisableSetupFirstUseConfiguration*
+-   GP path: *Windows Components\Windows Media Player*
+-   GP ADMX file name: *WindowsMediaPlayer.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-windowsmediaplayer-donotshowanchor"></a>**ADMX_WindowsMediaPlayer/DoNotShowAnchor**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting prevents the anchor window from being displayed when Windows Media Player is in skin mode.
+
+This policy hides the anchor window when the Player is in skin mode. In addition, the option on the Player tab in the Player that enables users to choose whether the anchor window displays is not available.
+
+When this policy is not configured or disabled, users can show or hide the anchor window when the Player is in skin mode by using the Player tab in the Player.
+
+When this policy is not configured and the Set and Lock Skin policy is enabled, some options in the anchor window are not available.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Do Not Show Anchor*
+-   GP name: *DoNotShowAnchor*
+-   GP path: *Windows Components\Windows Media Player\User Interface*
+-   GP ADMX file name: *WindowsMediaPlayer.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-windowsmediaplayer-dontuseframeinterpolation"></a>**ADMX_WindowsMediaPlayer/DontUseFrameInterpolation**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting allows you to prevent video smoothing from occurring.
+
+If you enable this policy setting, video smoothing is prevented, which can improve video playback on computers with limited resources. In addition, the Use Video Smoothing check box in the Video Acceleration Settings dialog box in the Player is cleared and is not available.
+
+If you disable this policy setting, video smoothing occurs if necessary, and the Use Video Smoothing check box is selected and is not available.
+
+If you do not configure this policy setting, video smoothing occurs if necessary. Users can change the setting for the Use Video Smoothing check box.
+
+Video smoothing is available only on the Windows XP Home Edition and Windows XP Professional operating systems.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Prevent Video Smoothing*
+-   GP name: *DontUseFrameInterpolation*
+-   GP path: *Windows Components\Windows Media Player*
+-   GP ADMX file name: *WindowsMediaPlayer.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-windowsmediaplayer-enablescreensaver"></a>**ADMX_WindowsMediaPlayer/EnableScreenSaver**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting allows a screen saver to interrupt playback.
+
+If you enable this policy setting, a screen saver is displayed during playback of digital media according to the options selected on the Screen Saver tab in the Display Properties dialog box in Control Panel. The Allow screen saver during playback check box on the Player tab in the Player is selected and is not available.
+
+If you disable this policy setting, a screen saver does not interrupt playback even if users have selected a screen saver. The Allow screen saver during playback check box is cleared and is not available.
+
+If you do not configure this policy setting, users can change the setting for the Allow screen saver during playback check box.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Allow Screen Saver*
+-   GP name: *EnableScreenSaver*
+-   GP path: *Windows Components\Windows Media Player\Playback*
+-   GP ADMX file name: *WindowsMediaPlayer.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-windowsmediaplayer-hideprivacytab"></a>**ADMX_WindowsMediaPlayer/HidePrivacyTab**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting allows you to hide the Privacy tab in Windows Media Player.
+
+If you enable this policy setting, the "Update my music files (WMA and MP3 files) by retrieving missing media information from the Internet" check box on the Media Library tab is available, even though the Privacy tab is hidden, unless the "Prevent music file media information retrieval" policy setting is enabled.
+
+The default privacy settings are used for the options on the Privacy tab unless the user changed the settings previously.
+
+If you disable or do not configure this policy setting, the Privacy tab is not hidden, and users can configure any privacy settings not configured by other polices.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Prevent Automatic Updates*
+-   GP name: *HidePrivacyTab*
+-   GP path: *Windows Components\Windows Media Player\User Interface*
+-   GP ADMX file name: *WindowsMediaPlayer.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-windowsmediaplayer-hidesecuritytab"></a>**ADMX_WindowsMediaPlayer/HideSecurityTab**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting allows you to hide the Security tab in Windows Media Player.
+
+If you enable this policy setting, the default security settings for the options on the Security tab are used unless the user changed the settings previously. Users can still change security and zone settings by using Internet Explorer unless these settings have been hidden or disabled by Internet Explorer policies.
+
+If you disable or do not configure this policy setting, users can configure the security settings on the Security tab.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Hide Security Tab*
+-   GP name: *HideSecurityTab*
+-   GP path: *Windows Components\Windows Media Player\User Interface*
+-   GP ADMX file name: *WindowsMediaPlayer.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-windowsmediaplayer-networkbuffering"></a>**ADMX_WindowsMediaPlayer/NetworkBuffering**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting allows you to specify whether network buffering uses the default or a specified number of seconds.
+
+If you enable this policy setting, select one of the following options to specify the number of seconds streaming media is buffered before it is played.
+
+- Custom: the number of seconds, up to 60, that streaming media is buffered.
+- Default: default network buffering is used and the number of seconds that is specified is ignored.
+
+The "Use default buffering" and "Buffer" options on the Performance tab in the Player are not available.
+
+If you disable or do not configure this policy setting, users can change the buffering options on the Performance tab.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Configure Network Buffering*
+-   GP name: *NetworkBuffering*
+-   GP path: *Windows Components\Windows Media Player\Networking*
+-   GP ADMX file name: *WindowsMediaPlayer.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-windowsmediaplayer-policycodecupdate"></a>**ADMX_WindowsMediaPlayer/PolicyCodecUpdate**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting allows you to prevent Windows Media Player from downloading codecs.
+
+If you enable this policy setting, the Player is prevented from automatically downloading codecs to your computer. In addition, the Download codecs automatically check box on the Player tab in the Player is not available.
+
+If you disable this policy setting, codecs are automatically downloaded and the Download codecs automatically check box is not available.
+
+If you do not configure this policy setting, users can change the setting for the Download codecs automatically check box.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Prevent Codec Download*
+-   GP name: *PolicyCodecUpdate*
+-   GP path: *Windows Components\Windows Media Player\Playback*
+-   GP ADMX file name: *WindowsMediaPlayer.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-windowsmediaplayer-preventcddvdmetadataretrieval"></a>**ADMX_WindowsMediaPlayer/PreventCDDVDMetadataRetrieval**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting allows you to prevent media information for CDs and DVDs from being retrieved from the Internet.
+
+If you enable this policy setting, the Player is prevented from automatically obtaining media information from the Internet for CDs and DVDs played by users. In addition, the Retrieve media information for CDs and DVDs from the Internet check box on the Privacy Options tab in the first use dialog box and on the Privacy tab in the Player are not selected and are not available.
+
+If you disable or do not configure this policy setting, users can change the setting of the Retrieve media information for CDs and DVDs from the Internet check box.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Prevent CD and DVD Media Information Retrieval*
+-   GP name: *PreventCDDVDMetadataRetrieval*
+-   GP path: *Windows Components\Windows Media Player*
+-   GP ADMX file name: *WindowsMediaPlayer.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-windowsmediaplayer-preventlibrarysharing"></a>**ADMX_WindowsMediaPlayer/PreventLibrarySharing**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting allows you to prevent media sharing from Windows Media Player.
+
+If you enable this policy setting, any user on this computer is prevented from sharing digital media content from Windows Media Player with other computers and devices that are on the same network. Media sharing is disabled from Windows Media Player or from programs that depend on the Player's media sharing feature.
+
+If you disable or do not configure this policy setting, anyone using Windows Media Player can turn media sharing on or off.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Prevent Media Sharing*
+-   GP name: *PreventLibrarySharing*
+-   GP path: *Windows Components\Windows Media Player*
+-   GP ADMX file name: *WindowsMediaPlayer.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-windowsmediaplayer-preventmusicfilemetadataretrieval"></a>**ADMX_WindowsMediaPlayer/PreventMusicFileMetadataRetrieval**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting allows you to prevent media information for music files from being retrieved from the Internet.
+
+If you enable this policy setting, the Player is prevented from automatically obtaining media information for music files such as Windows Media Audio (WMA) and MP3 files from the Internet. In addition, the Update my music files (WMA and MP3 files) by retrieving missing media information from the Internet check box in the first use dialog box and on the Privacy and Media Library tabs in the Player are not selected and are not available.
+
+If you disable or do not configure this policy setting, users can change the setting of the Update my music files (WMA and MP3 files) by retrieving missing media information from the Internet check box.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Prevent Music File Media Information Retrieval*
+-   GP name: *PreventMusicFileMetadataRetrieval*
+-   GP path: *Windows Components\Windows Media Player*
+-   GP ADMX file name: *WindowsMediaPlayer.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-windowsmediaplayer-preventquicklaunchshortcut"></a>**ADMX_WindowsMediaPlayer/PreventQuickLaunchShortcut**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting allows you to prevent a shortcut for the Player from being added to the Quick Launch bar.
+
+If you enable this policy setting, the user cannot add the shortcut for the Player to the Quick Launch bar.
+
+If you disable or do not configure this policy setting, the user can choose whether to add the shortcut for the Player to the Quick Launch bar.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Prevent Quick Launch Toolbar Shortcut Creation*
+-   GP name: *PreventQuickLaunchShortcut*
+-   GP path: *Windows Components\Windows Media Player*
+-   GP ADMX file name: *WindowsMediaPlayer.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-windowsmediaplayer-preventradiopresetsretrieval"></a>**ADMX_WindowsMediaPlayer/PreventRadioPresetsRetrieval**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * User
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting allows you to prevent radio station presets from being retrieved from the Internet.
+
+If you enable this policy setting, the Player is prevented from automatically retrieving radio station presets from the Internet and displaying them in Media Library. In addition, presets that exist before the policy is configured are not be updated, and presets a user adds are not be displayed.
+
+If you disable or do not configure this policy setting, the Player automatically retrieves radio station presets from the Internet.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *PPrevent Radio Station Preset Retrieval*
+-   GP name: *PreventRadioPresetsRetrieval*
+-   GP path: *Windows Components\Windows Media Player*
+-   GP ADMX file name: *WindowsMediaPlayer.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-windowsmediaplayer-preventwmpdesktopshortcut"></a>**ADMX_WindowsMediaPlayer/PreventWMPDeskTopShortcut**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting allows you to prevent a shortcut icon for the Player from being added to the user's desktop.
+
+If you enable this policy setting, users cannot add the Player shortcut icon to their desktops.
+
+If you disable or do not configure this policy setting, users can choose whether to add the Player shortcut icon to their desktops.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Prevent Desktop Shortcut Creation*
+-   GP name: *PreventWMPDeskTopShortcut*
+-   GP path: *Windows Components\Windows Media Player*
+-   GP ADMX file name: *WindowsMediaPlayer.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-windowsmediaplayer-skinlockdown"></a>**ADMX_WindowsMediaPlayer/SkinLockDown**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting allows you to set and lock Windows Media Player in skin mode, using a specified skin.
+
+If you enable this policy setting, the Player displays only in skin mode using the skin specified in the Skin box on the Setting tab.
+
+You must use the complete file name for the skin (for example, skin_name.wmz), and the skin must be installed in the %programfiles%\Windows Media Player\Skins Folder on a user's computer. If the skin is not installed on a user's computer, or if the Skin box is blank, the Player opens by using the Corporate skin. The only way to specify the Corporate skin is to leave the Skin box blank.
+
+A user has access only to the Player features that are available with the specified skin. Users cannot switch the Player to full mode and cannot choose a different skin.
+
+If you disable or do not configure this policy setting, users can display the Player in full or skin mode and have access to all available features of the Player.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Set and Lock Skin*
+-   GP name: *SkinLockDown*
+-   GP path: *Windows Components\Windows Media Player\User Interface*
+-   GP ADMX file name: *WindowsMediaPlayer.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-windowsmediaplayer-windowsstreamingmediaprotocols"></a>**ADMX_WindowsMediaPlayer/WindowsStreamingMediaProtocols**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * User
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting allows you to specify that Windows Media Player can attempt to use selected protocols when receiving streaming media from a server running Windows Media Services.
+
+If you enable this policy setting, the protocols that are selected on the Network tab of the Player are used to receive a stream initiated through an MMS or RTSP URL from a Windows Media server. If the RSTP/UDP check box is selected, a user can specify UDP ports in the Use ports check box. If the user does not specify UDP ports, the Player uses default ports when using the UDP protocol. This policy setting also specifies that multicast streams can be received if the "Allow the Player to receive multicast streams" check box on the Network tab is selected.
+
+If you enable this policy setting, the administrator must also specify the protocols that are available to users on the Network tab. If the administrator does not specify any protocols, the Player cannot access an MMS or RTSP URL from a Windows Media server. If the "Hide network tab" policy setting is enabled, the entire Network tab is hidden.
+
+If you do not configure this policy setting, users can select the protocols to use on the Network tab.
+
+If you disable this policy setting, the Protocols for MMS URLs and Multicast streams areas of the Network tab are not available and the Player cannot receive an MMS or RTSP stream from a Windows Media server.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Streaming Media Protocols*
+-   GP name: *WindowsStreamingMediaProtocols*
+-   GP path: *Windows Components\Windows Media Player\Networking*
+-   GP ADMX file name: *WindowsMediaPlayer.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+Footnotes:
+
+- 1 - Available in Windows 10, version 1607.
+- 2 - Available in Windows 10, version 1703.
+- 3 - Available in Windows 10, version 1709.
+- 4 - Available in Windows 10, version 1803.
+- 5 - Available in Windows 10, version 1809.
+- 6 - Available in Windows 10, version 1903.
+- 7 - Available in Windows 10, version 1909.
+- 8 - Available in Windows 10, version 2004.
+
+<!--/Policies-->
+
diff --git a/windows/client-management/mdm/policy-csp-admx-wininit.md b/windows/client-management/mdm/policy-csp-admx-wininit.md
new file mode 100644
index 0000000000..dbbecca9d5
--- /dev/null
+++ b/windows/client-management/mdm/policy-csp-admx-wininit.md
@@ -0,0 +1,258 @@
+---
+title: Policy CSP - ADMX_WinInit
+description: Policy CSP - ADMX_WinInit
+ms.author: dansimp
+ms.localizationpriority: medium
+ms.topic: article
+ms.prod: w10
+ms.technology: windows
+author: manikadhiman
+ms.date: 09/29/2020
+ms.reviewer: 
+manager: dansimp
+---
+
+# Policy CSP - ADMX_WinInit
+> [!WARNING]
+> Some information relates to prereleased products, which may be substantially modified before it's commercially released. Microsoft makes no warranties, expressed or implied, concerning the information provided here.
+
+<hr/>
+
+<!--Policies-->
+## ADMX_WinInit policies  
+
+<dl>
+  <dd>
+    <a href="#admx-wininit-disablenamedpipeshutdownpolicydescription">ADMX_WinInit/DisableNamedPipeShutdownPolicyDescription</a>
+  </dd>
+  <dd>
+    <a href="#admx-wininit-hiberboot">ADMX_WinInit/Hiberboot</a>
+  </dd>
+  <dd>
+    <a href="#admx-wininit-shutdowntimeouthungsessionsdescription">ADMX_WinInit/ShutdownTimeoutHungSessionsDescription</a>
+  </dd>
+</dl>
+
+
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-wininit-disablenamedpipeshutdownpolicydescription"></a>**ADMX_WinInit/DisableNamedPipeShutdownPolicyDescription**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting controls the legacy remote shutdown interface (named pipe). The named pipe remote shutdown interface is needed in order to shutdown this system from a remote Windows XP or Windows Server 2003 system.
+
+If you enable this policy setting, the system does not create the named pipe remote shutdown interface.
+
+If you disable or do not configure this policy setting, the system creates the named pipe remote shutdown interface.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Turn off legacy remote shutdown interface*
+-   GP name: *DisableNamedPipeShutdownPolicyDescription*
+-   GP path: *Windows Components\Shutdown Options*
+-   GP ADMX file name: *WinInit.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-wininit-hiberboot"></a>**ADMX_WinInit/Hiberboot**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting controls the use of fast startup.  
+
+If you enable this policy setting, the system requires hibernate to be enabled.
+
+If you disable or do not configure this policy setting, the local setting is used.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Require use of fast startup*
+-   GP name: *Hiberboot*
+-   GP path: *System\Shutdown*
+-   GP ADMX file name: *WinInit.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-wininit-shutdowntimeouthungsessionsdescription"></a>**ADMX_WinInit/ShutdownTimeoutHungSessionsDescription**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10 Insider Preview Build 20185. This policy setting configures the number of minutes the system waits for the hung logon sessions before proceeding with the system shutdown.
+
+If you enable this policy setting, the system waits for the hung logon sessions for the number of minutes specified.
+
+If you disable or do not configure this policy setting, the default timeout value is 3 minutes for workstations and 15 minutes for servers.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Timeout for hung logon sessions during shutdown*
+-   GP name: *ShutdownTimeoutHungSessionsDescription*
+-   GP path: *Windows Components\Shutdown Options*
+-   GP ADMX file name: *WinInit.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+Footnotes:
+
+- 1 - Available in Windows 10, version 1607.
+- 2 - Available in Windows 10, version 1703.
+- 3 - Available in Windows 10, version 1709.
+- 4 - Available in Windows 10, version 1803.
+- 5 - Available in Windows 10, version 1809.
+- 6 - Available in Windows 10, version 1903.
+- 7 - Available in Windows 10, version 1909.
+- 8 - Available in Windows 10, version 2004.
+
+<!--/Policies-->
+
diff --git a/windows/client-management/mdm/policy-csp-controlpolicyconflict.md b/windows/client-management/mdm/policy-csp-controlpolicyconflict.md
index 9a867b0778..2cde160250 100644
--- a/windows/client-management/mdm/policy-csp-controlpolicyconflict.md
+++ b/windows/client-management/mdm/policy-csp-controlpolicyconflict.md
@@ -100,7 +100,7 @@ The [Policy DDF](policy-ddf-file.md) contains the following tags to identify the
 -  \<MSFT:GPRegistryMappedName\>    
 -  \<MSFT:GPDBMappedName\>  
 
-For the list MDM-GP mapping list, see [Policy CSPs supported by Group Policy
+For the list MDM-GP mapping list, see [Policies in Policy CSP supported by Group Policy
 ](policy-csps-supported-by-group-policy.md).
 
 The MDM Diagnostic report shows the applied configurations states of a device including policies, certificates, configuration sources, and resource information. The report includes a list of blocked GP settings because MDM equivalent is configured, if any. To get the diagnostic report, go to **Settings** > **Accounts** > **Access work or school** > and then click the desired work or school account. Scroll to the bottom of the page to **Advanced Diagnostic Report** and then click **Create Report**.
diff --git a/windows/client-management/mdm/policy-csp-localusersandgroups.md b/windows/client-management/mdm/policy-csp-localusersandgroups.md
new file mode 100644
index 0000000000..38ef9aa0b9
--- /dev/null
+++ b/windows/client-management/mdm/policy-csp-localusersandgroups.md
@@ -0,0 +1,232 @@
+---
+title: Policy CSP - LocalUsersAndGroups
+description: Policy CSP - LocalUsersAndGroups
+ms.author: dansimp
+ms.topic: article
+ms.prod: w10
+ms.technology: windows
+author: manikadhiman
+ms.localizationpriority: medium
+ms.date: 10/14/2020
+ms.reviewer: 
+manager: dansimp
+---
+
+# Policy CSP - LocalUsersAndGroups
+
+> [!WARNING]
+> Some information relates to prereleased products, which may be substantially modified before it's commercially released. Microsoft makes no warranties, expressed or implied, concerning the information provided here.
+
+<hr/>
+
+<!--Policies-->
+## LocalUsersAndGroups policies  
+
+<dl>
+  <dd>
+    <a href="#localusersandgroups-configure">LocalUsersAndGroups/Configure</a>
+  </dd>
+</dl>
+
+
+<hr/>
+
+<!--Policy-->
+<a href="" id="localusersandgroups-configure"></a>**LocalUsersAndGroups/Configure**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/checkmark.png" alt="check mark" /><sup>9</sup></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/checkmark.png" alt="check mark" /><sup>9</sup></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /><sup>9</sup></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/checkmark.png" alt="check mark" /><sup>9</sup></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows 10, version 20H2. This policy setting allows IT admins to add, remove, or replace members of local groups on a managed device.
+
+> [!NOTE]
+> The [RestrictedGroups/ConfigureGroupMembership](./policy-csp-restrictedgroups.md#restrictedgroups-configuregroupmembership) policy setting also allows you to configure members (users or AAD groups) to a Windows 10 local group. However, it allows only for a full replace of the existing groups with the new members and does not allow selective add or remove.
+>
+> Starting from Windows 10, version 20H2, it is recommended to use the LocalUsersandGroups policy instead of the RestrictedGroups policy. Applying both the policies to the same device is unsupported and may yield unpredictable results. 
+
+Here's an example of the policy definition XML for group configuration:
+
+```xml
+<GroupConfiguration>
+    <accessgroup desc = "">
+        <group action = ""/> 
+            <add member = ""/>
+            <remove member = ""/>
+    </accessgroup>
+</GroupConfiguration>
+```
+
+where:
+
+- `<accessgroup desc>`: Specifies the name or SID of the local group to configure. If you specify a SID, the [LookupAccountSid](https://docs.microsoft.com/windows/win32/api/winbase/nf-winbase-lookupaccountsida) API is used to translate the SID to a valid group name. If you specify a name, the [LookupAccountName](https://docs.microsoft.com/windows/win32/api/winbase/nf-winbase-lookupaccountnamea) API is used to lookup the group and validate the name. If name/SID lookup fails, the group is skipped and the next group in the XML file is processed. If there are multiple errors, the last error is returned at the end of the policy processing. 
+- `<group action>`: Specifies the action to take on the local group, which can be Update and Restrict, represented by U and R: 
+    - Update. This action must be used to keep the current group membership intact and add or remove members of the specific group.
+    - Restrict. This action must be used to replace current membership with the newly specified groups. This action provides the same functionality as the [RestrictedGroups/ConfigureGroupMembership](./policy-csp-restrictedgroups.md#restrictedgroups-configuregroupmembership) policy setting.
+- `<add member>`: Specifies the SID or name of the member to configure.
+- `<remove member>`: Specifies the SID or name of the member to remove from the specified group.
+
+    > [!NOTE]
+    > When specifying member names of domain accounts, use fully qualified account names where possible (for example, domain_name\user_name) instead of isolated names (for example, group_name). This way, you can avoid getting ambiguous results when users or groups with the same name exist in multiple domains and locally. See [LookupAccountNameA function](https://docs.microsoft.com/windows/win32/api/winbase/nf-winbase-lookupaccountnamea#remarks) for more information. 
+
+See [Use custom settings for Windows 10 devices in Intune](https://docs.microsoft.com/mem/intune/configuration/custom-settings-windows-10) for information on how to create custom profiles.
+
+> [!IMPORTANT]
+> - `<add member>` and `<remove member>` can use an Azure AD SID or the user's name. For adding or removing Azure AD groups using this policy, you must use the group's SID. Azure AD group SIDs can be obtained using [Graph](https://docs.microsoft.com/graph/api/resources/group?view=graph-rest-1.0#json-representation) API for Groups. The SID is present in the `securityIdentifier` attribute. 
+> - When specifying a SID in the `<add member>` or `<remove member>`, member SIDs are added without attempting to resolve them. Therefore, be very careful when specifying a SID to ensure it is correct.
+> - `<remove member>` is not valid for the R (Restrict) action and will be ignored if present.
+> - The list in the XML is processed in the given order except for the R actions, which get processed last to ensure they win. It also means that if a group is present multiple times with different add/remove values, all of them will be processed in the order they are present.
+
+<!--/Description-->
+<!--SupportedValues-->
+<!--/SupportedValues-->
+<!--Example-->
+
+**Examples**
+
+Example 1: Update action for adding and removing group members.
+
+The following example shows how you can update a local group (**Backup Operators**)—add a domain group as a member using its name (**Contoso\ITAdmins**), add the built-in Administrators group using its [well known SID](https://docs.microsoft.com/windows/win32/secauthz/well-known-sids), add a AAD group by its SID (**S-1-12-1-111111111-22222222222-3333333333-4444444444**), and remove a local account (**Guest**). 
+
+```xml
+<GroupConfiguration> 
+    <accessgroup desc = "Backup Operators"> 
+        <group action = "U" /> 
+        <add member = "Contoso\ITAdmins"/>
+        <add member = "S-1-5-32-544"/>
+        <add member = "S-1-12-1-111111111-22222222222-3333333333-4444444444"/>
+        <remove member = "Guest"/> 
+    </accessgroup> 
+</GroupConfiguration>
+```
+
+Example 2: Restrict action for replacing the group membership.
+
+The following example shows how you can restrict a local group (**Backup Operators**)—replace its membership with the built-in Administrators group using its [well known SID](https://docs.microsoft.com/windows/win32/secauthz/well-known-sids) and add a local account (**Guest**).
+
+```xml
+<GroupConfiguration>
+    <accessgroup desc = "Backup Operators">
+        <group action = "R" />
+        <add member = "S-1-5-32-544"/>
+        <add member = "Guest"/>
+    </accessgroup>
+</GroupConfiguration>
+```
+<!--/Example-->
+<!--Validation-->
+
+<!--/Validation-->
+<!--/Policy-->
+<hr/>
+
+## FAQs
+
+This section provides answers to some common questions you might have about the LocalUsersAndGroups policy CSP. 
+
+### What happens if I accidentally remove the built-in Administrator SID from the Administrators group?
+
+Removing the built-in Administrator account from the built-in Administrators group is blocked at SAM/OS level for security reasons. Attempting to do so will result in failure with the following error: 
+ 
+| Error Code  | Symbolic Name | Error Description | Header |
+|----------|----------|----------|----------|
+|  0x55b (Hex)  <br>  1371 (Dec)  |ERROR_SPECIAL_ACCOUNT|Cannot perform this operation on built-in accounts.|  winerror.h  |
+
+When configuring the built-in Administrators group with the R (Restrict) action, specify the built-in Administrator account SID/Name in `<add member>` to avoid this error.
+
+### Can I add a member that already exists?
+
+Yes, you can add a member that is already a member of a group. This will result in no changes to the group and no error.
+
+### Can I remove a member if it isn't a member of the group?
+
+Yes, you can remove a member even if it isn't a member of the group. This will result in no changes to the group and no error.
+
+### How can I add a domain group as a member to a local group?
+
+To add a domain group as a member to a local group, specify the domain group in `<add member>` of the local group. Use fully qualified account names (for example, domain_name\group_name) instead of isolated names (for example, group_name) for the best results. See [LookupAccountNameA function](https://docs.microsoft.com/windows/win32/api/winbase/nf-winbase-lookupaccountnamea#remarks) for more information. 
+
+### Can I apply more than one LocalUserAndGroups policy/XML to the same device?
+
+No, this is not allowed. Attempting to do so will result in a conflict in Intune.
+
+### What happens if I specify a group name that doesn't exist?
+
+Invalid group names or SIDs will be skipped. Valid parts of the policy will apply, and error will be returned at the end of the processing. This behavior aligns with the on-prem AD GPP (Group Policy Preferences) LocalUsersAndGroups policy. Similarly, invalid member names will be skipped, and error will be returned at the end to notify that not all settings were applied successfully. 
+
+### What happens if I specify R and U in the same XML?
+
+If you specify both R and U in the same XML, the R (Restrict) action takes precedence over U (Update). Therefore, if a group appears twice in the XML, once with U and again with R, the R action wins.
+
+### How do I check the result of a policy that is applied on the client device?
+
+After a policy is applied on the client device, you can investigate the event log to review the result: 
+
+1. Open Event Viewer (**eventvwr.exe**).
+2. Navigate to **Applications and Services Logs** > **Microsoft** > **Windows** > **DeviceManagement-Enterprise-
+Diagnostics-Provider** > **Admin**.
+3. Search for the `LocalUsersAndGroups` string to review the relevant details.
+
+### How can I troubleshoot Name/SID lookup APIs?
+
+To troubleshoot Name/SID lookup APIs:
+
+1. Enable **lsp.log** on the client device by running the following commands:
+
+    ```cmd
+    Set-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Control\Lsa" -Name LspDbgInfoLevel -Value 0x800 -Type dword -Force
+
+    Set-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Control\Lsa" -Name LspDbgTraceOptions -Value 0x1 -Type dword -Force
+    ```
+
+    The **lsp.log** file (**C:\windows\debug\lsp.log**) will be displayed. This log file tracks the SID-Name resolution.
+
+2. Turn the logging off by running the following command:
+
+    ```cmd
+    Set-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Control\Lsa" -Name LspDbgInfoLevel -Value 0x0 -Type dword -Force
+    ```
+
+
+Footnotes:
+
+- 9 - Available in Windows 10, version 20H2.
+
+<!--/Policies-->
diff --git a/windows/client-management/mdm/policy-csp-mixedreality.md b/windows/client-management/mdm/policy-csp-mixedreality.md
new file mode 100644
index 0000000000..9b9c05d03d
--- /dev/null
+++ b/windows/client-management/mdm/policy-csp-mixedreality.md
@@ -0,0 +1,314 @@
+---
+title: Policy CSP - MixedReality
+description: Policy CSP - MixedReality
+ms.author: dansimp
+ms.localizationpriority: medium
+ms.topic: article
+ms.prod: w10
+ms.technology: windows
+author: manikadhiman
+ms.date: 10/06/2020
+ms.reviewer: 
+manager: dansimp
+---
+
+# Policy CSP - MixedReality
+> [!WARNING]
+> Some information relates to prereleased products, which may be substantially modified before it's commercially released. Microsoft makes no warranties, expressed or implied, concerning the information provided here.
+
+
+<hr/>
+
+<!--Policies-->
+## MixedReality policies  
+
+<dl>
+  <dd>
+    <a href="#mixedreality-aadgroupmembershipcachevalidityindays">MixedReality/AADGroupMembershipCacheValidityInDays</a>
+  </dd>
+  <dd>
+    <a href="#mixedreality-brightnessbuttondisabled">MixedReality/BrightnessButtonDisabled</a>
+  </dd>
+  <dd>
+    <a href="#mixedreality-fallbackdiagnostics">MixedReality/FallbackDiagnostics</a>
+  </dd>
+  <dd>
+    <a href="#mixedreality-microphonedisabled">MixedReality/MicrophoneDisabled</a>
+  </dd>
+  <dd>
+    <a href="#mixedreality-volumebuttondisabled">MixedReality/VolumeButtonDisabled</a>
+  </dd>
+</dl>
+
+
+<hr/>
+
+<!--Policy-->
+<a href="" id="mixedreality-aadgroupmembershipcachevalidityindays"></a>**MixedReality/AADGroupMembershipCacheValidityInDays**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>HoloLens (1st gen) Development Edition</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>HoloLens (1st gen) Commercial Suite</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>HoloLens 2</td>
+    <td><img src="images/checkmark.png" alt="check mark" /><sup>9</sup></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+This policy setting controls for how many days Azure AD group membership cache is allowed to be used for Assigned Access configurations targeting Azure AD groups for signed in user. Once this policy setting is set only then cache is used otherwise not. In order for this policy setting to take effect, user must sign out and sign in with Internet available at least once before the cache can be used for subsequent "disconnected" sessions.
+
+<!--/Description-->
+
+<!--ADMXBacked-->
+<!--/ADMXBacked-->
+
+<!--SupportedValues-->
+Supported values are 0-60. The default value is 0 (day) and maximum value is 60 (days).
+
+<!--/SupportedValues-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="mixedreality-brightnessbuttondisabled"></a>**MixedReality/BrightnessButtonDisabled**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>HoloLens (1st gen) Development Edition</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>HoloLens (1st gen) Commercial Suite</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>HoloLens 2</td>
+    <td><img src="images/checkmark.png" alt="check mark" /><sup>9</sup></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+This policy setting controls if pressing the brightness button changes the brightness or not. It only impacts brightness on HoloLens and not the functionality of the button when it is used with other buttons as combination for other purposes.
+
+<!--/Description-->
+
+<!--ADMXBacked-->
+<!--/ADMXBacked-->
+
+<!--SupportedValues-->
+The following list shows the supported values:
+
+- 0 - False (Default)
+- 1 - True
+
+<!--/SupportedValues-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="mixedreality-fallbackdiagnostics"></a>**MixedReality/FallbackDiagnostics**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>HoloLens (1st gen) Development Edition</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>HoloLens (1st gen) Commercial Suite</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>HoloLens 2</td>
+    <td><img src="images/checkmark.png" alt="check mark" /><sup>9</sup></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+This policy setting controls when and if diagnostic logs can be collected using specific button combination on HoloLens.
+
+<!--/Description-->
+
+<!--ADMXBacked-->
+<!--/ADMXBacked-->
+
+<!--SupportedValues-->
+The following list shows the supported values:
+
+- 0 - Disabled
+- 1 - Enabled for device owners
+- 2 - Enabled for all (Default)
+
+<!--/SupportedValues-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="mixedreality-microphonedisabled"></a>**MixedReality/MicrophoneDisabled**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>HoloLens (1st gen) Development Edition</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>HoloLens (1st gen) Commercial Suite</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>HoloLens 2</td>
+    <td><img src="images/checkmark.png" alt="check mark" /><sup>9</sup></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+This policy setting controls whether microphone on HoloLens 2 is disabled or not.
+
+<!--/Description-->
+
+<!--ADMXBacked-->
+<!--/ADMXBacked-->
+
+<!--SupportedValues-->
+The following list shows the supported values:
+
+- 0 - False (Default)
+- 1 - True
+
+<!--/SupportedValues-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="mixedreality-volumebuttondisabled"></a>**MixedReality/VolumeButtonDisabled**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>HoloLens (1st gen) Development Edition</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>HoloLens (1st gen) Commercial Suite</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>HoloLens 2</td>
+    <td><img src="images/checkmark.png" alt="check mark" /><sup>9</sup></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+This policy setting controls if pressing the volume button changes the volume or not. It only impacts volume on HoloLens and not the functionality of the button when it is used with other buttons as combination for other purposes.
+
+<!--/Description-->
+
+<!--ADMXBacked-->
+<!--/ADMXBacked-->
+
+<!--SupportedValues-->
+The following list shows the supported values:
+
+- 0 - False (Default)
+- 1 - True
+
+<!--/SupportedValues-->
+<!--/Policy-->
+<hr/>
+
+Footnotes:
+
+- 9 - Available in Windows 10, version 20H2.
+
+<!--/Policies-->
+
diff --git a/windows/client-management/mdm/policy-csp-restrictedgroups.md b/windows/client-management/mdm/policy-csp-restrictedgroups.md
index 67cb225555..4b9506c5c9 100644
--- a/windows/client-management/mdm/policy-csp-restrictedgroups.md
+++ b/windows/client-management/mdm/policy-csp-restrictedgroups.md
@@ -14,6 +14,9 @@ manager: dansimp
 
 # Policy CSP - RestrictedGroups
 
+> [!IMPORTANT]
+> Starting from Windows 10, version 20H2, it is recommended to use the [LocalUsersandGroups](policy-csp-localusersandgroups.md) policy instead of the RestrictedGroups policy to configure members (users or AAD groups) to a Windows 10 local group. Applying both the policies to the same device is unsupported and may yield unpredictable results. 
+
 
 <hr/>
 
diff --git a/windows/client-management/mdm/policy-csp-system.md b/windows/client-management/mdm/policy-csp-system.md
index 05c983440b..6012a60ed9 100644
--- a/windows/client-management/mdm/policy-csp-system.md
+++ b/windows/client-management/mdm/policy-csp-system.md
@@ -1,13 +1,13 @@
 ---
 title: Policy CSP - System
-description: Learn policy settings that determines whether users can access the Insider build controls in the advanced options for Windows Update.
+description: Learn policy settings that determine whether users can access the Insider build controls in the advanced options for Windows Update.
 ms.author: dansimp
 ms.topic: article
 ms.prod: w10
 ms.technology: windows
 author: manikadhiman
 ms.localizationpriority: medium
-ms.date: 08/12/2020
+ms.date: 10/14/2020
 ms.reviewer: 
 manager: dansimp
 ---
@@ -212,14 +212,13 @@ The following list shows the supported values:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting controls whether Microsoft is a processor or controller for Windows diagnostic data collected from devices. 
+This policy setting opts the device into the Windows enterprise data pipeline. 
 
-If you enable this policy and enroll your devices in your Azure AD tenant, your organization becomes the controller and Microsoft is the processor of this data.
+If you enable this setting, data collected from the device will be opted into the Windows enterprise data pipeline.
 
-If you disable or don't configure this policy setting, Microsoft will be the controller for Windows diagnostic data collected from the device.
+If you disable or don't configure this setting, all data from the device will be collected and processed in accordance with our policies for the Windows standard data pipeline.
 
->[!Note]
-> This policy setting only controls if Microsoft is a processor for Windows diagnostic data from this device. Use the [System/AllowTelemetry](#system-allowtelemetry) policy setting to limit the diagnostic data that can be collected from the device.
+Configuring this setting does not change the telemetry collection level or the ability of the user to change the level. This setting only applies to the Windows operating system and apps included with Windows, not third-party apps or services running on Windows 10.
 
 <!--/Description-->
 <!--ADMXMapped-->
@@ -234,8 +233,8 @@ ADMX Info:
 <!--SupportedValues-->
 The following list shows the supported values:
 
--   0 (default) - Do not use the Windows Commercial Data Pipeline
--   1 - Use the Windows Commercial Data Pipeline
+-   0 (default) - Disabled.
+-   1 - Enabled.
 
 <!--/SupportedValues-->
 <!--Example-->
@@ -245,7 +244,9 @@ The following list shows the supported values:
 
 <!--/Validation-->
 <!--/Policy-->
+
 <hr/>
+
 <!--Policy-->
 <a href="" id="system-allowdevicenameindiagnosticdata"></a>**System/AllowDeviceNameInDiagnosticData**  
 
@@ -488,7 +489,7 @@ The following list shows the supported values:
 
 <!--/Scope-->
 <!--Description-->
-Added in Windows 10, version 1703. Boolean policy setting that determines whether Windows is allowed to download fonts and font catalog data from an online font provider. If you enable this setting, Windows periodically queries an online font provider to determine whether a new font catalog is available. Windows may also download font data if needed to format or render text. If you disable this policy setting, Windows does not connect to an online font provider and only enumerates locally-installed fonts.
+Added in Windows 10, version 1703. Boolean policy setting that determines whether Windows is allowed to download fonts and font catalog data from an online font provider. If you enable this setting, Windows periodically queries an online font provider to determine whether a new font catalog is available. Windows may also download font data if needed to format or render text. If you disable this policy setting, Windows does not connect to an online font provider and only enumerates locally installed fonts.
 
 This MDM setting corresponds to the EnableFontProviders Group Policy setting. If both the Group Policy and the MDM settings are configured, the group policy setting takes precedence. If neither is configured, the behavior depends on a DisableFontProviders registry value. In server editions, this registry value is set to 1 by default, so the default behavior is false (disabled). In all other editions, the registry value is not set by default, so the default behavior is true (enabled).
 
@@ -509,7 +510,7 @@ ADMX Info:
 <!--SupportedValues-->
 The following list shows the supported values:
 
--   0 - false - No traffic to fs.microsoft.com and only locally-installed fonts are available.
+-   0 - false - No traffic to fs.microsoft.com and only locally installed fonts are available.
 -   1 - true (default) - There may be network traffic to fs.microsoft.com and downloadable fonts are available to apps that support them.
 
 <!--/SupportedValues-->
@@ -1605,7 +1606,7 @@ The following list shows the supported values:
 This policy setting, in combination with the System/AllowTelemetry 
  policy setting, enables organizations to send Microsoft a specific set of diagnostic data for IT insights via Windows Analytics services. 
  
-To enable this behavior you must complete two steps:
+To enable this behavior, you must complete two steps:
 <ul>
 <li>Enable this policy setting</li>
 <li>Set Allow Telemetry to level 2 (Enhanced)</li>
diff --git a/windows/client-management/mdm/policy-csp-update.md b/windows/client-management/mdm/policy-csp-update.md
index fb0f2d5519..5403dbf610 100644
--- a/windows/client-management/mdm/policy-csp-update.md
+++ b/windows/client-management/mdm/policy-csp-update.md
@@ -7,7 +7,7 @@ ms.prod: w10
 ms.technology: windows
 author: manikadhiman
 ms.localizationpriority: medium
-ms.date: 02/10/2020
+ms.date: 10/21/2020
 ms.reviewer: 
 manager: dansimp
 ---
@@ -96,6 +96,9 @@ manager: dansimp
   <dd>
     <a href="#update-disabledualscan">Update/DisableDualScan</a>
   </dd>
+  <dd>
+    <a href="#update-disablewufbsafeguards">Update/DisableWUfBSafeguards</a>
+  </dd>
   <dd>
     <a href="#update-engagedrestartdeadline">Update/EngagedRestartDeadline</a>
   </dd>
@@ -1110,8 +1113,8 @@ ADMX Info:
 <!--/ADMXMapped-->
 <!--SupportedValues-->
 Supported values:  
--   true - Enable
--   false - Disable (Default)
+-   0  - Disable (Default)
+-   1  - Enable
 <!--/SupportedValues-->
 <!--Example-->
 
@@ -2013,6 +2016,85 @@ The following list shows the supported values:
 
 <hr/>
 
+<!--Policy-->
+<a href="" id="update-disablewufbsafeguards"></a>**Update/DisableWUfBSafeguards**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/checkmark.png" alt="check mark" /><sup>5</sup></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/checkmark.png" alt="check mark" /><sup>5</sup></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /><sup>5</sup></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/checkmark.png" alt="check mark" /><sup>5</sup></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in Windows Update for Business (WUfB) devices running Windows 10, version 1809 and above and installed with October 2020 security update. This policy setting specifies that a WUfB device should skip safeguards.
+
+Safeguard holds prevent a device with a known compatibility issue from being offered a new OS version. The offering will proceed once a fix is issued and is verified on a held device. The aim of safeguards is to protect the device and user from a failed or poor upgrade experience.
+
+The safeguard holds protection is provided by default to all the devices trying to update to a new Windows 10 Feature Update version via Windows Update.
+
+IT admins can, if necessary, opt devices out of safeguard protections using this policy setting or via the “Disable safeguards for Feature Updates” Group Policy. 
+
+> [!NOTE]
+> Opting out of the safeguards can put devices at risk from known performance issues. We recommend opting out only in an IT environment for validation purposes. Further, you can leverage the Windows Insider Program for Business Release Preview Channel in order to validate the upcoming Windows 10 Feature Update version without the safeguards being applied.
+>
+> The disable safeguards policy will revert to “Not Configured” on a device after moving to a new Windows 10 version, even if previously enabled. This ensures the admin is consciously disabling Microsoft’s default protection from known issues for each new feature update. 
+>
+> Disabling safeguards does not guarantee your device will be able to successfully update. The update may still fail on the device and will likely result in a bad experience post upgrade as you are bypassing the protection given by Microsoft pertaining to known issues.
+
+<!--/Description-->
+<!--ADMXMapped-->
+ADMX Info:  
+-   GP English name: *Disable safeguards for Feature Updates*
+-   GP name: *DisableWUfBSafeguards*
+-   GP path: *Windows Components/Windows Update/Windows Update for Business*
+-   GP ADMX file name: *WindowsUpdate.admx*
+
+<!--/ADMXMapped-->
+<!--SupportedValues-->
+The following list shows the supported values:
+
+- 0 (default) - Safeguards are enabled and devices may be blocked for upgrades until the safeguard is cleared.
+- 1 - Safeguards are not enabled and upgrades will be deployed without blocking on safeguards.
+
+<!--/SupportedValues-->
+<!--/Policy-->
+
+<hr/>
+
 <!--Policy-->
 <a href="" id="update-engagedrestartdeadline"></a>**Update/EngagedRestartDeadline**  
 
@@ -4525,4 +4607,3 @@ Footnotes:
 - 8 - Available in Windows 10, version 2004.
 
 <!--/Policies-->
-
diff --git a/windows/client-management/mdm/policy-csp-windowssandbox.md b/windows/client-management/mdm/policy-csp-windowssandbox.md
new file mode 100644
index 0000000000..898af9ddd1
--- /dev/null
+++ b/windows/client-management/mdm/policy-csp-windowssandbox.md
@@ -0,0 +1,561 @@
+---
+title: Policy CSP - WindowsSandbox
+description: Policy CSP - WindowsSandbox
+ms.author: dansimp
+ms.topic: article
+ms.prod: w10
+ms.technology: windows
+author: manikadhiman
+ms.localizationpriority: medium
+ms.date: 10/14/2020
+---
+
+# Policy CSP - WindowsSandbox
+
+> [!WARNING]
+> Some information relates to prereleased products, which may be substantially modified before it's commercially released. Microsoft makes no warranties, expressed or implied, concerning the information provided here.
+
+
+<hr/>
+
+<!--Policies-->
+## WindowsSandbox policies  
+
+<dl>
+  <dd>
+    <a href="#windowssandbox-allowaudioinput">WindowsSandbox/AllowAudioInput</a>
+  </dd>
+  <dd>
+    <a href="#windowssandbox-allowclipboardredirection">WindowsSandbox/AllowClipboardRedirection</a>
+  </dd>
+  <dd>
+    <a href="#windowssandbox-allownetworking">WindowsSandbox/AllowNetworking</a>
+  </dd>
+  <dd>
+    <a href="#windowssandbox-allowprinterredirection">WindowsSandbox/AllowPrinterRedirection</a>
+  </dd>
+  <dd>
+    <a href="#windowssandbox-allowvgpu">WindowsSandbox/AllowVGPU</a>
+  </dd>
+  <dd>
+    <a href="#windowssandbox-allowvideoinput">WindowsSandbox/AllowVideoInput</a>
+  </dd>
+</dl>
+
+
+<hr/>
+
+<!--Policy-->
+<a href="" id="windowssandbox-allowaudioinput"></a>**WindowsSandbox/AllowAudioInput**
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/checkmark.png" alt="check mark" /><sup>9</sup></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /><sup>9</sup></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/checkmark.png" alt="check mark" /><sup>9</sup></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+This policy setting allows the IT admin to enable or disable audio input to the Sandbox. 
+
+> [!NOTE]
+> There may be security implications of exposing host audio input to the container.
+
+If this policy is not configured, end-users get the default behavior (audio input enabled). 
+
+If audio input is disabled, a user will not be able to enable audio input from their own configuration file. 
+
+If audio input is enabled, a user will be able to disable audio input from their own configuration file to make the device more secure.
+
+> [!NOTE]
+> You must restart Windows Sandbox for any changes to this policy setting to take effect.
+
+<!--/Description-->
+<!--ADMXMapped-->
+ADMX Info:
+
+- GP English Name: *Allow audio input in Windows Sandbox*
+- GP name: *AllowAudioInput*
+- GP path: *Windows Components/Windows Sandbox* 
+- GP ADMX file name: *WindowsSandbox.admx*
+
+<!--/ADMXMapped-->
+<!--SupportedValues-->
+The following are the supported values:  
+
+- 0 - Disabled
+- 1 (default) - Enabled
+
+<!--/SupportedValues-->
+<!--Example-->
+
+<!--/Example-->
+<!--Validation-->
+
+<!--/Validation-->
+<!--/Policy-->
+
+<hr/>
+
+
+<!--Policy-->
+<a href="" id="windowssandbox-allowclipboardredirection"></a>**WindowsSandbox/AllowClipboardRedirection**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/checkmark.png" alt="check mark" /><sup>9</sup></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /><sup>9</sup></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/checkmark.png" alt="check mark" /><sup>9</sup></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+This policy setting allows the IT admin to enable or disable sharing of the host clipboard with the sandbox.
+
+If this policy is not configured, end-users get the default behavior (clipboard redirection enabled. 
+
+If clipboard sharing is disabled, a user will not be able to enable clipboard sharing from their own configuration file. 
+
+If clipboard sharing is enabled, a user will be able to disable clipboard sharing from their own configuration file to make the device more secure.
+
+> [!NOTE]
+> You must restart Windows Sandbox for any changes to this policy setting to take effect.
+
+<!--/Description-->
+<!--ADMXMapped-->
+ADMX Info:
+
+- GP English Name: *Allow clipboard sharing with Windows Sandbox*
+- GP name: *AllowClipboardRedirection*
+- GP path: *Windows Components/Windows Sandbox*
+- GP ADMX file name: *WindowsSandbox.admx*
+
+<!--/ADMXMapped-->
+<!--SupportedValues-->
+The following are the supported values:  
+
+- 0 - Disabled
+- 1 (default) - Enabled
+
+
+<!--/SupportedValues-->
+<!--Example-->
+
+<!--/Example-->
+<!--Validation-->
+
+<!--/Validation-->
+<!--/Policy-->
+
+<hr/>
+
+<!--Policy-->
+<a href="" id="windowssandbox-allownetworking"></a>**WindowsSandbox/AllowNetworking**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/checkmark.png" alt="check mark" /><sup>9</sup></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /><sup>9</sup></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/checkmark.png" alt="check mark" /><sup>9</sup></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+This policy setting allows the IT admin to enable or disable networking in Windows Sandbox. Disabling network access can decrease the attack surface exposed by the Sandbox. Enabling networking can expose untrusted applications to the internal network.
+
+If this policy is not configured, end-users get the default behavior (networking enabled).
+
+If networking is disabled, a user will not be able to enable networking from their own configuration file.
+
+If networking is enabled, a user will be able to disable networking from their own configuration file to make the device more secure.
+
+> [!NOTE]
+> You must restart Windows Sandbox for any changes to this policy setting to take effect.
+
+<!--/Description-->
+<!--ADMXMapped-->
+ADMX Info:
+
+- GP English Name: *Allow networking in Windows Sandbox*
+- GP name: *AllowNetworking*
+- GP path: *Windows Components/Windows Sandbox*
+- GP ADMX file name: *WindowsSandbox.admx*
+
+<!--/ADMXMapped-->
+<!--SupportedValues-->
+The following are the supported values:  
+- 0 - Disabled
+- 1 (default) - Enabled
+
+<!--/SupportedValues-->
+<!--Example-->
+
+<!--/Example-->
+<!--Validation-->
+
+<!--/Validation-->
+<!--/Policy-->
+
+<hr/>
+
+<!--Policy-->
+<a href="" id="windowssandbox-allowprinterredirection"></a>**WindowsSandbox/AllowPrinterRedirection**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/checkmark.png" alt="check mark" /><sup>9</sup></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /><sup>9</sup></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/checkmark.png" alt="check mark" /><sup>9</sup></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+This policy setting allows the IT admin to enable or disable printer sharing from the host into the Sandbox. 
+
+If this policy is not configured, end-users get the default behavior (printer sharing disabled). 
+
+If printer sharing is disabled, a user will not be able to enable printer sharing from their own configuration file. 
+
+If printer sharing is enabled, a user will be able to disable printer sharing from their own configuration file to make the device more secure.
+
+> [!NOTE]
+> You must restart Windows Sandbox for any changes to this policy setting to take effect.
+
+<!--/Description-->
+<!--ADMXMapped-->
+ADMX Info:
+
+- GP English Name: *Allow printer sharing with Windows Sandbox*
+- GP name: *AllowPrinterRedirection*
+- GP path: *Windows Components/Windows Sandbox* 
+- GP ADMX file name: *WindowsSandbox.admx*
+
+<!--/ADMXMapped-->
+<!--SupportedValues-->
+The following are the supported values:
+
+- 0 - Disabled
+- 1 (default) - Enabled
+
+<!--/SupportedValues-->
+<!--Example-->
+
+<!--/Example-->
+<!--Validation-->
+
+<!--/Validation-->
+<!--/Policy-->
+
+<hr/>
+
+<!--Policy-->
+<a href="" id="windowssandbox-allowvgpu"></a>**WindowsSandbox/AllowVGPU**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/checkmark.png" alt="check mark" /><sup>9</sup></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /><sup>9</sup></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/checkmark.png" alt="check mark" /><sup>9</sup></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+This policy setting allows the IT admin to enable or disable virtualized GPU for Windows Sandbox.
+
+> [!NOTE]
+> Enabling virtualized GPU can potentially increase the attack surface of Windows Sandbox. 
+
+If this policy is not configured, end-users get the default behavior (vGPU is disabled). 
+
+If vGPU is disabled, a user will not be able to enable vGPU support from their own configuration file. 
+
+If vGPU is enabled, a user will be able to disable vGPU support from their own configuration file to make the device more secure.
+
+> [!NOTE]
+> You must restart Windows Sandbox for any changes to this policy setting to take effect.
+
+<!--/Description-->
+<!--ADMXMapped-->
+ADMX Info:
+
+- GP English Name: *Allow vGPU sharing for Windows Sandbox*
+- GP name: *AllowVGPU*
+- GP path: *Windows Components/Windows Sandbox*
+- GP ADMX file name: *WindowsSandbox.admx*
+
+<!--/ADMXMapped-->
+<!--SupportedValues-->
+The following are the supported values:
+
+- 0 (default) - Disabled
+- 1 - Enabled
+
+<!--/SupportedValues-->
+<!--Example-->
+
+<!--/Example-->
+<!--Validation-->
+
+<!--/Validation-->
+<!--/Policy-->
+
+<hr/>
+
+<!--Policy-->
+<a href="" id="windowssandbox-allowvideoinput"></a>**WindowsSandbox/AllowVideoInput**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/checkmark.png" alt="check mark" /><sup>9</sup></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /><sup>9</sup></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/checkmark.png" alt="check mark" /><sup>9</sup></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+This policy setting allows the IT admin to enable or disable video input to the Sandbox. 
+
+> [!NOTE]
+> There may be security implications of exposing host video input to the container.
+
+If this policy is not configured, users get the default behavior (video input disabled). 
+
+If video input is disabled, users will not be able to enable video input from their own configuration file. 
+
+If video input is enabled, users will be able to disable video input from their own configuration file to make the device more secure.
+
+> [!NOTE]
+> You must restart Windows Sandbox for any changes to this policy setting to take effect.
+
+<!--/Description-->
+<!--ADMXMapped-->
+ADMX Info: 
+- GP English Name: *Allow video input in Windows Sandbox*
+- GP name: *AllowVideoInput*
+- GP path: *Windows Components/Windows Sandbox*
+- GP ADMX file name: *WindowsSandbox.admx*
+
+<!--/ADMXMapped-->
+<!--SupportedValues-->
+The following are the supported values:
+
+- 0 (default) - Disabled
+- 1 - Enabled
+
+<!--/SupportedValues-->
+<!--Example-->
+
+<!--/Example-->
+<!--Validation-->
+
+<!--/Validation-->
+<!--/Policy-->
+
+<hr/>
+
+Footnotes:
+
+- 1 - Available in Windows 10, version 1607.
+- 2 - Available in Windows 10, version 1703.
+- 3 - Available in Windows 10, version 1709.
+- 4 - Available in Windows 10, version 1803.
+- 5 - Available in Windows 10, version 1809.
+- 6 - Available in Windows 10, version 1903.
+- 7 - Available in Windows 10, version 1909.
+- 8 - Available in Windows 10, version 2004.
+- 9 - Available in Windows 10, version 20H2.
+
+<!--/Policies-->
diff --git a/windows/client-management/mdm/surfacehub-csp.md b/windows/client-management/mdm/surfacehub-csp.md
index fcb23c170c..330dddba01 100644
--- a/windows/client-management/mdm/surfacehub-csp.md
+++ b/windows/client-management/mdm/surfacehub-csp.md
@@ -161,7 +161,7 @@ The following diagram shows the SurfaceHub CSP management objects in tree format
 <thead>
 <tr class="header">
 <th>ErrorContext value</th>
-<th>Stage where error occured</th>
+<th>Stage where error occurred</th>
 <th>Description and suggestions</th>
 </tr>
 </thead>
@@ -239,7 +239,7 @@ The following diagram shows the SurfaceHub CSP management objects in tree format
 <p style="margin-left: 20px">The data type is boolean. Supported operation is Get and Replace.
 
 <a href="" id="inboxapps-welcome-currentbackgroundpath"></a>**InBoxApps/Welcome/CurrentBackgroundPath**  
-<p style="margin-left: 20px">Background image for the welcome screen. To set this, specify a https URL to a PNG file (only PNGs are supported for security reasons).
+<p style="margin-left: 20px">Background image for the welcome screen. To set this, specify a https URL to a PNG file (only PNGs are supported for security reasons). If any certificate authorities need to be trusted in order to access the URL, please ensure they are valid and installed on the Hub, otherwise it may not be able to load the image.
 
 <p style="margin-left: 20px">The data type is string. Supported operation is Get and Replace.
 
diff --git a/windows/client-management/troubleshoot-stop-errors.md b/windows/client-management/troubleshoot-stop-errors.md
index 7eabdf0411..0ed8e1db70 100644
--- a/windows/client-management/troubleshoot-stop-errors.md
+++ b/windows/client-management/troubleshoot-stop-errors.md
@@ -43,7 +43,9 @@ To troubleshoot Stop error messages, follow these general steps:
 2. As a best practice, we recommend that you do the following:
 
     a. Make sure that you install the latest Windows updates, cumulative updates, and rollup updates. To verify the update status, refer to the appropriate update history for your system:
-    
+   - [Windows 10, version 2004](https://support.microsoft.com/help/4555932)  
+   - [Windows 10, version 1909](https://support.microsoft.com/help/4529964)
+   - [Windows 10, version 1903](https://support.microsoft.com/help/4498140)
    - [Windows 10, version 1809](https://support.microsoft.com/help/4464619)
    - [Windows 10, version 1803](https://support.microsoft.com/help/4099479)
    - [Windows 10, version 1709](https://support.microsoft.com/help/4043454)
diff --git a/windows/client-management/troubleshoot-tcpip-netmon.md b/windows/client-management/troubleshoot-tcpip-netmon.md
index f708897928..7f7855bca2 100644
--- a/windows/client-management/troubleshoot-tcpip-netmon.md
+++ b/windows/client-management/troubleshoot-tcpip-netmon.md
@@ -16,7 +16,7 @@ manager: dansimp
 
 In this topic, you will learn how to use Microsoft Network Monitor 3.4, which is a tool for capturing network traffic.
 
-> [Note]
+> [!NOTE]
 > Network Monitor is the archived protocol analyzer and is no longer under development. **Microsoft Message Analyzer** is the replacement for Network Monitor. For more details, see [Microsoft Message Analyzer Operating Guide](https://docs.microsoft.com/message-analyzer/microsoft-message-analyzer-operating-guide).
 
 To get started, [download and run NM34_x64.exe](https://www.microsoft.com/download/details.aspx?id=4865). When you install Network Monitor, it installs its driver and hooks it to all the network adapters installed on the device. You can see the same on the adapter properties, as shown in the following image.
diff --git a/windows/deployment/TOC.yml b/windows/deployment/TOC.yml
index 8778dee89c..fdc36528a1 100644
--- a/windows/deployment/TOC.yml
+++ b/windows/deployment/TOC.yml
@@ -144,6 +144,8 @@
               href: update/media-dynamic-update.md
             - name: Migrating and acquiring optional Windows content
               href: update/optional-content.md
+            - name: Safeguard holds
+              href: update/safeguard-holds.md
             - name: Manage the Windows 10 update experience
               items:              
                 - name: Manage device restarts after updates
@@ -237,6 +239,8 @@
               items:
                 - name: How to troubleshoot Windows Update
                   href: update/windows-update-troubleshooting.md
+                - name: Opt out of safeguard holds
+                  href: update/safeguard-opt-out.md
                 - name: Determine the source of Windows Updates
                   href: update/windows-update-sources.md
                 - name: Common Windows Update errors
diff --git a/windows/deployment/images/sigverif.png b/windows/deployment/images/sigverif.png
new file mode 100644
index 0000000000..0ed0c2fd0c
Binary files /dev/null and b/windows/deployment/images/sigverif.png differ
diff --git a/windows/deployment/planning/windows-10-deprecated-features.md b/windows/deployment/planning/windows-10-deprecated-features.md
index e34b68d47e..18d1d96008 100644
--- a/windows/deployment/planning/windows-10-deprecated-features.md
+++ b/windows/deployment/planning/windows-10-deprecated-features.md
@@ -26,6 +26,7 @@ The features described below are no longer being actively developed, and might b
 
 |Feature    |  Details and mitigation  | Announced in version |
 | ----------- | --------------------- | ---- |
+| Microsoft Edge | The legacy version of Microsoft Edge is no longer being developed.| 2004 |
 | Companion Device Framework | The [Companion Device Framework](https://docs.microsoft.com/windows-hardware/design/device-experiences/windows-hello-companion-device-framework) is no longer under active development.| 2004 |
 | Microsoft Edge | The legacy version of Microsoft Edge is no longer being developed.| 2004 |
 | Dynamic Disks | The [Dynamic Disks](https://docs.microsoft.com/windows/win32/fileio/basic-and-dynamic-disks#dynamic-disks) feature is no longer being developed. This feature will be fully replaced by [Storage Spaces](https://docs.microsoft.com/windows-server/storage/storage-spaces/overview) in a future release.| 2004 |
@@ -37,12 +38,13 @@ The features described below are no longer being actively developed, and might b
 | Wi-Fi WEP and TKIP | Since the 1903 release, a warning message has appeared when connecting to Wi-Fi networks secured with WEP or TKIP (which are not as secure as those using WPA2 or WPA3). In a future release, any connection to a Wi-Fi network using these old ciphers will be disallowed. Wi-Fi routers should be updated to use AES ciphers, available with WPA2 or WPA3. | 1903 |
 | Windows To Go | Windows To Go is no longer being developed. <br><br>The feature does not support feature updates and therefore does not enable you to stay current. It also requires a specific type of USB that is no longer supported by many OEMs.|  1903 |
 | Print 3D app | Going forward, 3D Builder is the recommended 3D printing app. To 3D print objects on new Windows devices, customers must first install 3D Builder from the Store.| 1903 |
-|Companion device dynamic lock APIS|The companion device framework (CDF) APIs enable wearables and other devices to unlock a PC. In Windows 10, version 1709, we introduced [Dynamic Lock](https://docs.microsoft.com/windows/security/identity-protection/hello-for-business/hello-features#dynamic-lock), including an inbox method using Bluetooth to detect whether a user is present and lock or unlock the PC. Because of this, and because third party partners didn't adopt the CDF method, we're no longer developing CDF Dynamic Lock APIs.| 1809 |
+|Companion device dynamic lock APIS|The companion device framework (CDF) APIs enable wearables and other devices to unlock a PC. In Windows 10, version 1709, we introduced [Dynamic Lock](https://docs.microsoft.com/windows/security/identity-protection/hello-for-business/hello-features#dynamic-lock), including an inbox method using Bluetooth to detect whether a user is present and lock or unlock the PC. Because of this, and because non-Microsoft partners didn't adopt the CDF method, we're no longer developing CDF Dynamic Lock APIs.| 1809 |
 |OneSync service|The OneSync service synchronizes data for the Mail, Calendar, and People apps. We've added a sync engine to the Outlook app that provides the same synchronization.| 1809 |
 |Snipping Tool|The Snipping Tool is an application included in Windows 10 that is used to capture screenshots, either the full screen or a smaller, custom "snip" of the screen. In Windows 10, version 1809, we're [introducing a new universal app, Snip & Sketch](https://blogs.windows.com/windowsexperience/2018/05/03/announcing-windows-10-insider-preview-build-17661/#8xbvP8vMO0lF20AM.97), that provides the same screen snipping abilities, as well as additional features. You can launch Snip & Sketch directly and start a snip from there, or just press WIN + Shift + S. Snip & Sketch can also be launched from the “Screen snip” button in the Action Center. We're no longer developing the Snipping Tool as a separate app but are instead consolidating its functionality into Snip & Sketch.| 1809 |
 |[Software Restriction Policies](https://docs.microsoft.com/windows-server/identity/software-restriction-policies/software-restriction-policies) in Group Policy|Instead of using the Software Restriction Policies through Group Policy, you can use [AppLocker](https://docs.microsoft.com/windows/security/threat-protection/applocker/applocker-overview) or [Windows Defender Application Control](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-application-control) to control which apps users can access and what code can run in the kernel.| 1803 |
 |[Offline symbol packages](https://docs.microsoft.com/windows-hardware/drivers/debugger/debugger-download-symbols) (Debug symbol MSIs)|We're no longer making the symbol packages available as a downloadable MSI. Instead, the [Microsoft Symbol Server is moving to be an Azure-based symbol store](https://blogs.msdn.microsoft.com/windbg/2017/10/18/update-on-microsofts-symbol-server/). If you need the Windows symbols, connect to the Microsoft Symbol Server to cache your symbols locally or use a manifest file with SymChk.exe on a computer with internet access.| 1803 |
 |Windows Help Viewer (WinHlp32.exe)|All Windows help information is [available online](https://support.microsoft.com/products/windows?os=windows-10). The Windows Help Viewer is no longer supported in Windows 10. If for any reason you see an error message about "help not supported," possibly when using a non-Microsoft application, read [this support article](https://support.microsoft.com/help/917607/error-opening-help-in-windows-based-programs-feature-not-included-or-h) for additional information and any next steps.| 1803 |
+|MBAE service metadata|The MBAE app experience is replaced by an MO UWP app. For more information, see [Developer guide for creating service metadata](https://docs.microsoft.com/windows-hardware/drivers/mobilebroadband/developer-guide-for-creating-service-metadata) | 1803 |
 |Contacts feature in File Explorer|We're no longer developing the Contacts feature or the corresponding [Windows Contacts API](https://msdn.microsoft.com/library/ff800913.aspx). Instead, you can use the People app in Windows 10 to maintain your contacts.| 1803 |
 |Phone Companion|Use the **Phone** page in the Settings app. In Windows 10, version 1709, we added the new **Phone** page to help you sync your mobile phone with your PC. It includes all the Phone Companion features.| 1803 |
 |IPv4/6 Transition Technologies (6to4, ISATAP, Teredo, and Direct Tunnels)|6to4 has been disabled by default since Windows 10, version 1607 (the Anniversary Update), ISATAP has been disabled by default since Windows 10, version 1703 (the Creators Update), Teredo has been disabled since Windows 10, version 1803, and Direct Tunnels has always been disabled by default. Please use native IPv6 support instead.| 1803 |
diff --git a/windows/deployment/planning/windows-10-removed-features.md b/windows/deployment/planning/windows-10-removed-features.md
index 7085ba9fb5..427f15beab 100644
--- a/windows/deployment/planning/windows-10-removed-features.md
+++ b/windows/deployment/planning/windows-10-removed-features.md
@@ -27,6 +27,7 @@ The following features and functionalities have been removed from the installed
 
 |Feature    |  Details and mitigation  | Removed in version |
 | ----------- | --------------------- | ------ |
+|MBAE service metadata|The MBAE app experience is replaced by an MO UWP app. Metadata for the MBAE service is removed. | 20H2 |
 | Connect app | The **Connect** app for wireless projection using Miracast is no longer installed by default, but is available as an optional feature. To install the app, click on **Settings** > **Apps** > **Optional features** > **Add a feature** and then install the **Wireless Display** app. | 2004 |
 | Rinna and Japanese Address suggestion | The Rinna and Japanese Address suggestion service for Microsoft Japanese Input Method Editor (IME) ended on August 13th, 2020. For more information, see [Rinna and Japanese Address suggestion will no longer be offered](https://support.microsoft.com/help/4576767/windows-10-rinna-and-japanese-address-suggestion) | 2004 |
 | Cortana | Cortana has been updated and enhanced in the Windows 10 May 2020 Update. With [these changes](https://docs.microsoft.com/windows/whats-new/whats-new-windows-10-version-2004#cortana), some previously available consumer skills such as music, connected home, and other non-Microsoft skills are no longer available. | 2004 |
diff --git a/windows/deployment/update/create-deployment-plan.md b/windows/deployment/update/create-deployment-plan.md
index da1db27ff2..a1ce6bbe19 100644
--- a/windows/deployment/update/create-deployment-plan.md
+++ b/windows/deployment/update/create-deployment-plan.md
@@ -6,20 +6,20 @@ ms.mktglfcycl: manage
 author: jaimeo
 ms.localizationpriority: medium
 ms.author: jaimeo
-ms.reviewer: 
+ms.collection: m365initiative-coredeploy
 manager: laurawi
 ms.topic: article
 ---
 
 # Create a deployment plan
 
-A service management mindset means that the devices in your organization fall into a continuum, with the software update process being constantly planned, deployed, monitored, and optimized. And once this process is used for feature updates, quality updates become a lightweight procedure that is simple and fast to execute, ultimately increasing velocity.
+A "service management" mindset means that the devices in your organization fall into a continuum, with the software update process being constantly planned, deployed, monitored, and optimized. And once you use this process for feature updates, quality updates become a lightweight procedure that is simple and fast to execute, ultimately increasing velocity.
 
-When you move to a service management model, you need effective ways of rolling out updates to representative groups of devices, and we’ve found that ring-based deployment is a methodology that works well for us at Microsoft and many other organizations across the globe. Deployment rings in Windows 10 are similar to the deployment groups most organizations constructed for previous major revision upgrades--they are simply a method by which to separate devices into a deployment timeline.
+When you move to a service management model, you need effective ways of rolling out updates to representative groups of devices. We’ve found that a ring-based deployment works well for us at Microsoft and many other organizations across the globe. Deployment rings in Windows 10 are similar to the deployment groups most organizations constructed for previous major revision upgrades. They are simply a method to separate devices into a deployment timeline.
 
-At the highest level, each “ring” comprise a group of users or devices that receive a particular update concurrently. For each ring, IT administrators set criteria to control deferral time or adoption (completion) that should be met before deployment to the next broader ring of devices or users can occur.
+At the highest level, each “ring” comprises a group of users or devices that receive a particular update concurrently. For each ring, IT administrators set criteria to control deferral time or adoption (completion) that should be met before deployment to the next broader ring of devices or users can occur.
 
-A common ring structure comprises three deployment groups:
+A common ring structure uses three deployment groups:
 
 - Preview: Planning and development
 - Limited: Pilot and validation
@@ -34,22 +34,20 @@ A common ring structure comprises three deployment groups:
 
 ## How many rings should I have?
 
-There are no definite rules for exactly how many rings to have for your deployments. As mentioned previously, you might want to ensure zero downtime for mission-critical devices by putting them in their own ring. If you have a large
-organization, you might want to consider assigning devices to rings based on geographic location or the size of rings so that helpdesk resources are more available. Consider the needs of your business and introduce rings that make sense for your organization.
+There are no definite rules for exactly how many rings to have for your deployments. As mentioned previously, you might want to ensure zero downtime for mission-critical devices by putting them in their own ring. If you have a large organization, you might want to consider assigning devices to rings based on geographic location or the size of rings so that helpdesk resources are more available. Consider the needs of your business and introduce rings that make sense for your organization.
 
 ## Advancing between rings
 
-There are basically two strategies for moving deployments from one ring to the next. One is service based, the other project based.
+There are basically two strategies for moving deployments from one ring to the next. One is service-based, the other project based.
 
 - "Red button" (service based): Assumes that content is good until proven bad. Content flows until an issue is discovered, at which point the IT administrator presses the “red button” to stop further distribution.
 - Green button (project based): Assumes that content is bad until proven good. Once all validation has passed, the IT administrator presses the “green button” to push the content to the next ring.
 
-When it comes to deployments, having manual steps in the process usually impedes update velocity, so a "red button" strategy is better when that is your goal. 
+When it comes to deployments, having manual steps in the process usually impedes update velocity. A "red button" strategy is better when that is your goal. 
 
 ## Preview ring
 
-The purpose of the Preview ring is to evaluate the new features of the update. This is specifically *not* for broad parts of the organization but is limited to the people who are responsible for knowing what is coming next,
-generally IT administrators. Ultimately, this is the time the design and planning work happens so that when the public update is actually shipped, you can have greater confidence in the update.
+The purpose of the Preview ring is to evaluate the new features of the update. It's *not* for broad parts of the organization but is limited to the people who are responsible for knowing what is coming next, generally IT administrators. Ultimately, this phase is the time the design and planning work happens so that when the public update is shipped, you can have greater confidence in the update.
 
 > [!NOTE]
 > Being part of the [Windows Insider Program](https://insider.windows.com/for-business/) gives you early access to Windows releases so that you can use Insider Preview builds in your Preview ring to validate your apps and infrastructure, preparing you for public Windows releases. 
@@ -57,14 +55,14 @@ generally IT administrators. Ultimately, this is the time the design and plannin
 
 ### Who goes in the Preview ring?
 
-The Preview ring users are the most tech savvy and resilient people, who will not lose productivity if something goes wrong. In general, these are IT pros, and perhaps a few people in the business organization.
+The Preview ring users are the most tech savvy and resilient people, who will not lose productivity if something goes wrong. In general, these users are IT pros, and perhaps a few people in the business organization.
 
-During your plan and prepare phases, these are the activities you should focus on:
+During your plan and prepare phases, you should focus on the following activities:
 
 - Work with Windows Insider Preview builds.
 - Identify the features and functionality your organization can or wants to use.
 - Establish who will use the features and how they will benefit.
-- Understand why you are putting the update out.
+- Understand why you are putting out the update.
 - Plan for usage feedback.
 
 Remember, you are working with pre-release software in the Preview ring and you will be evaluating features and testing the update for a targeted release.
@@ -76,7 +74,7 @@ Remember, you are working with pre-release software in the Preview ring and you
 
 ## Limited ring
 
-The purpose of the Limited ring is to validate the update on representative devices across the network. During this period, data, and feedback is generated to enable the decision to move forward to broader deployment. Desktop
+The purpose of the Limited ring is to validate the update on representative devices across the network. During this period, data, and feedback are generated to enable the decision to move forward to broader deployment. Desktop
 Analytics can help with defining a good Limited ring of representative devices and assist in monitoring the deployment.
 
 ### Who goes in the Limited ring?
@@ -84,7 +82,7 @@ Analytics can help with defining a good Limited ring of representative devices a
 The most important part of this phase is finding a representative sample of devices and applications across your network. If possible, all hardware and all applications should be represented, and it's important that the people selected for this ring are using their devices regularly in order to generate the data you will need to make a decision for broader deployment across your organization. The IT department, lab devices, and users with the most cutting-edge hardware usually don’t have the applications or device drivers that are truly a representative sample of your network.
 
 
-During your pilot and validate phases, these are the activities you should focus on:
+During your pilot and validate phases, you should focus on the following activities:
 
 - Deploy new innovations.
 - Assess and act if issues are encountered.
@@ -104,7 +102,7 @@ In most businesses, the Broad ring includes the rest of your organization. Becau
 > In some instances, you might hold back on mission critical devices (such as medical devices) until deployment in the Broad ring is complete. Get best practices and recommendations for deploying Windows 10 feature
 > updates to mission critical devices.
 
-During the broad deployment phase, these are the activities you should focus on:
+During the broad deployment phase, you should focus on the following activities:
 
 - Deploy to all devices in the organization.
 - Work through any final unusual issues that were not detected in your Limited ring.
@@ -112,7 +110,7 @@ During the broad deployment phase, these are the activities you should focus on:
 
 ## Ring deployment planning
 
-Previously, we have provided methods for analyzing your deployments, but these have generally been standalone tools to assess, manage and execute deployments. In other words, you would generate an analysis, make a deployment strategy, and then move to your console for implementation, repeating these steps for each deployment. We have combined many of these tasks, and more, into a single interface with Desktop Analytics.
+Previously, we have provided methods for analyzing your deployments, but these have been standalone tools to assess, manage and execute deployments. In other words, you would generate an analysis, make a deployment strategy, and then move to your console for implementation, repeating these steps for each deployment. We have combined many of these tasks, and more, into a single interface with Desktop Analytics.
 
 
 [Desktop Analytics](https://docs.microsoft.com/mem/configmgr/desktop-analytics/overview) is a cloud-based service and a key tool in [Microsoft Endpoint Manager](https://docs.microsoft.com/mem/configmgr/core/understand/microsoft-endpoint-manager-faq). Using artificial intelligence and machine learning, Desktop Analytics is a powerful tool to give you insights and intelligence to
diff --git a/windows/deployment/update/delivery-optimization-proxy.md b/windows/deployment/update/delivery-optimization-proxy.md
index 1c4a8224fc..21e355ea15 100644
--- a/windows/deployment/update/delivery-optimization-proxy.md
+++ b/windows/deployment/update/delivery-optimization-proxy.md
@@ -54,7 +54,7 @@ With NetworkService (if unable to obtain a user token from a signed-in user):
 |---------|---------|
 |Internet Explorer proxy, current user     |  No       |
 |Internet Explorer proxy, device-wide     |   Yes   | 
-|netsh proxy     |  No       |
+|netsh proxy     |  Yes      |
 |Both Internet Explorer proxy (current user) *and* netsh proxy     | Yes, netsh proxy is used        |
 |Both Internet Explorer proxy (device-wide) *and* netsh proxy     | Yes, netsh proxy is used        |
 
@@ -76,4 +76,4 @@ However, you can set the Connected Cache server to use an unauthenticated proxy.
 
 - [How can I configure Proxy AutoConfigURL Setting using Group Policy Preference (GPP)?](https://docs.microsoft.com/archive/blogs/askie/how-can-i-configure-proxy-autoconfigurl-setting-using-group-policy-preference-gpp) 
 - [How to use GPP Registry to uncheck automatically detect settings? ](https://docs.microsoft.com/archive/blogs/askie/how-to-use-gpp-registry-to-uncheck-automatically-detect-settings)
-- [How to configure a proxy server URL and Port using GPP Registry?](https://docs.microsoft.com/archive/blogs/askie/how-to-configure-a-proxy-server-url-and-port-using-gpp-registry) 
\ No newline at end of file
+- [How to configure a proxy server URL and Port using GPP Registry?](https://docs.microsoft.com/archive/blogs/askie/how-to-configure-a-proxy-server-url-and-port-using-gpp-registry) 
diff --git a/windows/deployment/update/eval-infra-tools.md b/windows/deployment/update/eval-infra-tools.md
index 77795ce1c4..ce3c85e030 100644
--- a/windows/deployment/update/eval-infra-tools.md
+++ b/windows/deployment/update/eval-infra-tools.md
@@ -1,8 +1,7 @@
 ---
 title: Evaluate infrastructure and tools
-ms.reviewer: 
 manager: laurawi
-description: 
+description: Steps to make sure your infrastructure is ready to deploy updates
 keywords: updates, servicing, current, deployment, semi-annual channel, feature, quality, rings, insider, tools
 ms.prod: w10
 ms.mktglfcycl: manage
@@ -11,18 +10,18 @@ author: jaimeo
 ms.localizationpriority: medium
 ms.audience: itpro
 ms.topic: article
-ms.collection: M365-modern-desktop
+ms.collection: m365initiative-coredeploy
 ---
 
 # Evaluate infrastructure and tools
 
-Before you deploy an update, it's best to assess your deployment infrastucture (that is, tools such as Configuration Manager, Microsoft Intune, or similar) and current configurations (such as security baselines, administrative templates, and policies that affect updates). Then, set some criteria to define your operational readiness.
+Before you deploy an update, it's best to assess your deployment infrastructure (that is, tools such as Configuration Manager, Microsoft Intune, or similar) and current configurations (such as security baselines, administrative templates, and policies that affect updates). Then, set some criteria to define your operational readiness.
 
 ## Infrastructure
 
 Do your deployment tools need updates?
 
-- If you use Configuration Manager, is it on the Current Branch with the latest release installed. This ensures that it supports the next Windows 10 feature update. Configuration Manager releases are supported for 18 months.
+- If you use Configuration Manager, is it on the Current Branch with the latest release installed. Being on this branch ensures that it supports the next Windows 10 feature update. Configuration Manager releases are supported for 18 months.
 - Using a cloud-based management tool like Microsoft Intune reduces support challenges, since no related products need to be updated.
 - If you use a non-Microsoft tool, check with its product support to make sure you're using the current version and that it supports the next Windows 10 feature update.
 
@@ -30,11 +29,11 @@ Rely on your experiences and data from previous deployments to help you judge ho
 
 ## Device settings
 
-Make sure your security basline, administrative templates, and policies have the right settings to support your devices once the new Windows 10 update is installed.
+Make sure your security baseline, administrative templates, and policies have the right settings to support your devices once the new Windows 10 update is installed.
 
 ### Security baseline
 
-Keep security baslines current to help ensure that your environment is secure and that new security feature in the coming Windows 10 update are set properly.
+Keep security baselines current to help ensure that your environment is secure and that new security feature in the coming Windows 10 update are set properly.
 
 - **Microsoft security baselines**: You should implement security baselines from Microsoft. They are included in the [Security Compliance Toolkit](https://www.microsoft.com/download/details.aspx?id=55319), along with tools for managing them. 
 - **Industry- or region-specific baselines**: Your specific industry or region might have particular baselines that you must follow per regulations. Ensure that any new baselines support the version of Windows 10 you are about to deploy.
@@ -49,14 +48,14 @@ There are a number of Windows policies (set by Group Policy, Intune, or other me
 
 ## Define operational readiness criteria
 
-When you’ve deployed an update, you’ll need to make sure the update isn’t introducing new operational issues. And you’ll also ensure that if incidents arise, the needed documentation and processes are available. To achieve this, work with your operations and support team to define acceptable trends and what documents or processes require updating:
+When you’ve deployed an update, you’ll need to make sure the update isn’t introducing new operational issues. And you’ll also ensure that if incidents arise, the needed documentation and processes are available. Work with your operations and support team to define acceptable trends and what documents or processes require updating:
 
 - **Call trend**: Define what percentage increase in calls relating to Windows 10 feature updates are acceptable or can be supported.
 - **Incident trend**: Define what percentage of increase in calls asking for support relating to Windows 10 feature updates are acceptable or can be supported.
 - **Support documentation**: Review supporting documentation that requires an update to support new infrastructure tooling or configuration as part of the Windows 10 feature update.
 - **Process changes:** Define and update any processes that will change as a result of the Windows 10 feature update.
 
-Your operations and support staff can help you determine if the appropriate information is being tracked at the moment. If it isn't, work out how to get get this information so you can gain the right insight. 
+Your operations and support staff can help you determine if the appropriate information is being tracked at the moment. If it isn't, work out how to get this information so you can gain the right insight. 
 
 ## Tasks
 
diff --git a/windows/deployment/update/images/safeguard-hold-notification.png b/windows/deployment/update/images/safeguard-hold-notification.png
new file mode 100644
index 0000000000..68714d08dc
Binary files /dev/null and b/windows/deployment/update/images/safeguard-hold-notification.png differ
diff --git a/windows/deployment/update/media-dynamic-update.md b/windows/deployment/update/media-dynamic-update.md
index 53779f741d..ea81420b8b 100644
--- a/windows/deployment/update/media-dynamic-update.md
+++ b/windows/deployment/update/media-dynamic-update.md
@@ -18,7 +18,7 @@ ms.topic: article
 
 **Applies to**: Windows 10
 
-This topic explains how to acquire and apply Dynamic Update packages to existing Windows 10 images <em>prior to deployment</em> and includes Windows PowerShell scripts you can use to automate this process.
+This topic explains how to acquire and apply Dynamic Update packages to existing Windows 10 images *prior to deployment* and includes Windows PowerShell scripts you can use to automate this process.
 
 Volume-licensed media is available for each release of Windows 10 in the Volume Licensing Service Center (VLSC) and other relevant channels such as Windows Update for Business, Windows Server Update Services (WSUS), and Visual Studio Subscriptions. You can use Dynamic Update to ensure that Windows 10 devices have the latest feature update packages as part of an in-place upgrade while preserving language pack and Features on Demand (FODs) that might have been previously installed. Dynamic Update also eliminates the need to install a separate quality update as part of the in-place upgrade process.
 
@@ -42,8 +42,7 @@ You can obtain Dynamic Update packages from the [Microsoft Update Catalog](https
 
 ![Table with columns labeled Title, Products, Classification, Last Updated, Version, and Size and four rows listing various dynamic updates and associated KB articles](images/update-catalog.png)
 
-The various Dynamic Update packages might not all be present in the results from a single search, so you might have to search with different keywords to find all of the updates. And you'll need to check various parts of the results to be sure you've identified the needed files. This table shows in <em>bold</em> the key items to search for or look for in the results. For example, to find the relevant "Setup Dynamic Update," you'll have to check the detailed description for the download by selecting the link in the **Title** column of the search results.
-
+The various Dynamic Update packages might not all be present in the results from a single search, so you might have to search with different keywords to find all of the updates. And you'll need to check various parts of the results to be sure you've identified the needed files. This table shows in **bold** the key items to search for or look for in the results. For example, to find the relevant "Setup Dynamic Update," you'll have to check the detailed description for the download by selecting the link in the **Title** column of the search results.
 
 |To find this Dynamic Update packages, search for or check the results here-->  |Title  |Product  |Description (select the **Title** link to see **Details**)  |
 |---------|---------|---------|---------|
@@ -94,8 +93,7 @@ Optional Components, along with the .NET feature, can be installed offline, howe
 
 ## Windows PowerShell scripts to apply Dynamic Updates to an existing image
 
-These examples are for illustration only, and therefore lack error handling. The script assumes that the following packages is stored locally in this folder structure:
-
+These examples are for illustration only, and therefore lack error handling. The script assumes that the following packages are stored locally in this folder structure:
 
 |Folder  |Description  |
 |---------|---------|
@@ -108,49 +106,51 @@ These examples are for illustration only, and therefore lack error handling. The
 The script starts by declaring global variables and creating folders to use for mounting images. Then, make a copy of the original media, from \oldMedia to \newMedia, keeping the original media in case there is a script error and it's necessary to start over from a known state. Also, it will provide a comparison of old versus new media to evaluate changes. To ensure that the new media updates, make sure they are not read-only.
 
 ```powershell
-function Get-TS { return "{0:HH:mm:ss}" -f (Get-Date) }
+#Requires -RunAsAdministrator
 
-Write-Host "$(Get-TS): Starting media refresh"
+function Get-TS { return "{0:HH:mm:ss}" -f [DateTime]::Now }
 
-# Declare media for FOD and LPs
-$FOD_ISO_PATH = "C:\mediaRefresh\packages\FOD-PACKAGES_OEM_PT1_amd64fre_MULTI.iso"
-$LP_ISO_PATH = "C:\mediaRefresh\packages\CLIENTLANGPACKDVD_OEM_MULTI.iso"
+Write-Output "$(Get-TS): Starting media refresh"
 
 # Declare language for showcasing adding optional localized components
-$LANG = "ja-jp"
+$LANG  = "ja-jp"
 $LANG_FONT_CAPABILITY = "jpan"
 
+# Declare media for FOD and LPs
+$FOD_ISO_PATH    = "C:\mediaRefresh\packages\FOD-PACKAGES_OEM_PT1_amd64fre_MULTI.iso"
+$LP_ISO_PATH     = "C:\mediaRefresh\packages\CLIENTLANGPACKDVD_OEM_MULTI.iso"
+
 # Declare Dynamic Update packages
-$LCU_PATH = "C:\mediaRefresh\packages\LCU.msu"
-$SSU_PATH = "C:\mediaRefresh\packages\SSU_DU.msu"
-$SETUP_DU_PATH = "C:\mediaRefresh\packages\Setup_DU.cab"
+$LCU_PATH        = "C:\mediaRefresh\packages\LCU.msu"
+$SSU_PATH        = "C:\mediaRefresh\packages\SSU_DU.msu"
+$SETUP_DU_PATH   = "C:\mediaRefresh\packages\Setup_DU.cab"
 $SAFE_OS_DU_PATH = "C:\mediaRefresh\packages\SafeOS_DU.cab"
-$DOTNET_CU_PATH = "C:\mediaRefresh\packages\DotNet_CU.msu"
+$DOTNET_CU_PATH  = "C:\mediaRefresh\packages\DotNet_CU.msu"
 
 # Declare folders for mounted images and temp files
-$WORKING_PATH = "C:\mediaRefresh\temp"
-$MEDIA_OLD_PATH = "C:\mediaRefresh\oldMedia"
-$MEDIA_NEW_PATH = "C:\mediaRefresh\newMedia"
-$MAIN_OS_MOUNT = $WORKING_PATH + "\MainOSMount"
-$WINRE_MOUNT = $WORKING_PATH + "\WinREMount"
-$WINPE_MOUNT = $WORKING_PATH + "\WinPEMount"
+$MEDIA_OLD_PATH  = "C:\mediaRefresh\oldMedia"
+$MEDIA_NEW_PATH  = "C:\mediaRefresh\newMedia"
+$WORKING_PATH    = "C:\mediaRefresh\temp"
+$MAIN_OS_MOUNT   = "C:\mediaRefresh\temp\MainOSMount"
+$WINRE_MOUNT     = "C:\mediaRefresh\temp\WinREMount"
+$WINPE_MOUNT     = "C:\mediaRefresh\temp\WinPEMount"
 
 # Mount the language pack ISO
-Write-Host "$(Get-TS): Mounting LP ISO"
+Write-Output "$(Get-TS): Mounting LP ISO"
 $LP_ISO_DRIVE_LETTER = (Mount-DiskImage -ImagePath $LP_ISO_PATH -ErrorAction stop | Get-Volume).DriveLetter
 
 # Declare language related cabs
-$WINPE_OC_PATH = Join-Path $LP_ISO_DRIVE_LETTER":" -ChildPath "Windows Preinstallation Environment" | Join-Path -ChildPath "x64" | Join-Path -ChildPath "WinPE_OCs"
-$WINPE_OC_LANG_PATH = Join-Path $WINPE_OC_PATH $LANG
-$WINPE_OC_LANG_CABS = Get-ChildItem $WINPE_OC_LANG_PATH -name
-$WINPE_OC_LP_PATH = Join-Path $WINPE_OC_LANG_PATH "lp.cab"
-$WINPE_FONT_SUPPORT_PATH = Join-Path $WINPE_OC_PATH "WinPE-FontSupport-$LANG.cab"
-$WINPE_SPEECH_TTS_PATH = Join-Path $WINPE_OC_PATH "WinPE-Speech-TTS.cab"
-$WINPE_SPEECH_TTS_LANG_PATH = Join-Path $WINPE_OC_PATH "WinPE-Speech-TTS-$LANG.cab"
-$OS_LP_PATH = $LP_ISO_DRIVE_LETTER + ":\x64\langpacks\" + "Microsoft-Windows-Client-Language-Pack_x64_" + $LANG + ".cab"
+$WINPE_OC_PATH              = "$LP_ISO_DRIVE_LETTER`:\Windows Preinstallation Environment\x64\WinPE_OCs"
+$WINPE_OC_LANG_PATH         = "$WINPE_OC_PATH\$LANG"
+$WINPE_OC_LANG_CABS         = Get-ChildItem $WINPE_OC_LANG_PATH -Name
+$WINPE_OC_LP_PATH           = "$WINPE_OC_LANG_PATH\lp.cab"
+$WINPE_FONT_SUPPORT_PATH    = "$WINPE_OC_PATH\WinPE-FontSupport-$LANG.cab"
+$WINPE_SPEECH_TTS_PATH      = "$WINPE_OC_PATH\WinPE-Speech-TTS.cab"
+$WINPE_SPEECH_TTS_LANG_PATH = "$WINPE_OC_PATH\WinPE-Speech-TTS-$LANG.cab"
+$OS_LP_PATH                 = "$LP_ISO_DRIVE_LETTER`:\x64\langpacks\Microsoft-Windows-Client-Language-Pack_x64_$LANG.cab"
 
 # Mount the Features on Demand ISO
-Write-Host "$(Get-TS): Mounting FOD ISO"
+Write-Output "$(Get-TS): Mounting FOD ISO"
 $FOD_ISO_DRIVE_LETTER = (Mount-DiskImage -ImagePath $FOD_ISO_PATH -ErrorAction stop | Get-Volume).DriveLetter
 $FOD_PATH = $FOD_ISO_DRIVE_LETTER + ":\"
 
@@ -161,10 +161,11 @@ New-Item -ItemType directory -Path $WINRE_MOUNT -ErrorAction stop | Out-Null
 New-Item -ItemType directory -Path $WINPE_MOUNT -ErrorAction stop | Out-Null
 
 # Keep the original media, make a copy of it for the new, updated media.
-Write-Host "$(Get-TS): Copying original media to new media path"
+Write-Output "$(Get-TS): Copying original media to new media path"
 Copy-Item -Path $MEDIA_OLD_PATH"\*" -Destination $MEDIA_NEW_PATH -Force -Recurse -ErrorAction stop | Out-Null
 Get-ChildItem -Path $MEDIA_NEW_PATH -Recurse | Where-Object { -not $_.PSIsContainer -and $_.IsReadOnly } | ForEach-Object { $_.IsReadOnly = $false }
 ```
+
 ### Update WinRE
 
 The script assumes that only a single edition is being updated, indicated by Index = 1 (Windows 10 Education Edition). Then the script mounts the image, saves Winre.wim to the working folder, and mounts it. It then applies servicing stack Dynamic Update, since its components are used for updating other components. Since the script is optionally adding Japanese, it adds the language pack to the image, and installs the Japanese versions of all optional packages already installed in Winre.wim. Then, it applies the Safe OS Dynamic Update package.
@@ -176,25 +177,25 @@ It finishes by cleaning and exporting the image to reduce the image size.
 
 ```powershell
 # Mount the main operating system, used throughout the script
-Write-Host "$(Get-TS): Mounting main OS"
+Write-Output "$(Get-TS): Mounting main OS"
 Mount-WindowsImage -ImagePath $MEDIA_NEW_PATH"\sources\install.wim" -Index 1 -Path $MAIN_OS_MOUNT -ErrorAction stop| Out-Null  
 
 #
 # update Windows Recovery Environment (WinRE)
 #
 Copy-Item -Path $MAIN_OS_MOUNT"\windows\system32\recovery\winre.wim" -Destination $WORKING_PATH"\winre.wim" -Force -Recurse -ErrorAction stop | Out-Null
-Write-Host "$(Get-TS): Mounting WinRE"
+Write-Output "$(Get-TS): Mounting WinRE"
 Mount-WindowsImage -ImagePath $WORKING_PATH"\winre.wim" -Index 1 -Path $WINRE_MOUNT -ErrorAction stop | Out-Null
 
 # Add servicing stack update
-Write-Host "$(Get-TS): Adding package $SSU_PATH"
+Write-Output "$(Get-TS): Adding package $SSU_PATH"
 Add-WindowsPackage -Path $WINRE_MOUNT -PackagePath $SSU_PATH -ErrorAction stop | Out-Null  
 
 #
 # Optional: Add the language to recovery environment
 #
 # Install lp.cab cab
-Write-Host "$(Get-TS): Adding package $WINPE_OC_LP_PATH"
+Write-Output "$(Get-TS): Adding package $WINPE_OC_LP_PATH"
 Add-WindowsPackage -Path $WINRE_MOUNT -PackagePath $WINPE_OC_LP_PATH -ErrorAction stop | Out-Null  
 
 # Install language cabs for each optional package installed
@@ -210,7 +211,7 @@ Foreach ($PACKAGE in $WINRE_INSTALLED_OC) {
             $OC_CAB = $PACKAGE.PackageName.Substring(0, $INDEX) + "_" + $LANG + ".cab"
             if ($WINPE_OC_LANG_CABS.Contains($OC_CAB)) {
                 $OC_CAB_PATH = Join-Path $WINPE_OC_LANG_PATH $OC_CAB
-                Write-Host "$(Get-TS): Adding package $OC_CAB_PATH"
+                Write-Output "$(Get-TS): Adding package $OC_CAB_PATH"
                 Add-WindowsPackage -Path $WINRE_MOUNT -PackagePath $OC_CAB_PATH -ErrorAction stop | Out-Null  
             }
         }
@@ -219,7 +220,7 @@ Foreach ($PACKAGE in $WINRE_INSTALLED_OC) {
 
 # Add font support for the new language
 if ( (Test-Path -Path $WINPE_FONT_SUPPORT_PATH) ) {
-    Write-Host "$(Get-TS): Adding package $WINPE_FONT_SUPPORT_PATH"
+    Write-Output "$(Get-TS): Adding package $WINPE_FONT_SUPPORT_PATH"
     Add-WindowsPackage -Path $WINRE_MOUNT -PackagePath $WINPE_FONT_SUPPORT_PATH -ErrorAction stop | Out-Null
 }
 
@@ -227,30 +228,31 @@ if ( (Test-Path -Path $WINPE_FONT_SUPPORT_PATH) ) {
 if (Test-Path -Path $WINPE_SPEECH_TTS_PATH) {
     if ( (Test-Path -Path $WINPE_SPEECH_TTS_LANG_PATH) ) {
 
-        Write-Host "$(Get-TS): Adding package $WINPE_SPEECH_TTS_PATH"
+        Write-Output "$(Get-TS): Adding package $WINPE_SPEECH_TTS_PATH"
         Add-WindowsPackage -Path $WINRE_MOUNT -PackagePath $WINPE_SPEECH_TTS_PATH -ErrorAction stop | Out-Null
 
-        Write-Host "$(Get-TS): Adding package $WINPE_SPEECH_TTS_LANG_PATH"
+        Write-Output "$(Get-TS): Adding package $WINPE_SPEECH_TTS_LANG_PATH"
         Add-WindowsPackage -Path $WINRE_MOUNT -PackagePath $WINPE_SPEECH_TTS_LANG_PATH -ErrorAction stop | Out-Null
     }
 }
 
 # Add Safe OS
-Write-Host "$(Get-TS): Adding package $SAFE_OS_DU_PATH"
-Add-WindowsPackage -Path $WINRE_MOUNT -PackagePath $SAFE_OS_DU_PATH -ErrorAction stop | Out-Null   
+Write-Output "$(Get-TS): Adding package $SAFE_OS_DU_PATH"
+Add-WindowsPackage -Path $WINRE_MOUNT -PackagePath $SAFE_OS_DU_PATH -ErrorAction stop | Out-Null
 
 # Perform image cleanup
-Write-Host "$(Get-TS): Performing image cleanup on WinRE"
+Write-Output "$(Get-TS): Performing image cleanup on WinRE"
 DISM /image:$WINRE_MOUNT /cleanup-image /StartComponentCleanup | Out-Null
 
 # Dismount
 Dismount-WindowsImage -Path $WINRE_MOUNT  -Save -ErrorAction stop | Out-Null
 
 # Export
-Write-Host "$(Get-TS): Exporting image to $WORKING_PATH\winre2.wim"
+Write-Output "$(Get-TS): Exporting image to $WORKING_PATH\winre2.wim"
 Export-WindowsImage -SourceImagePath $WORKING_PATH"\winre.wim" -SourceIndex 1 -DestinationImagePath $WORKING_PATH"\winre2.wim" -ErrorAction stop | Out-Null
 Move-Item -Path $WORKING_PATH"\winre2.wim" -Destination $WORKING_PATH"\winre.wim" -Force -ErrorAction stop | Out-Null
 ```
+
 ### Update WinPE
 
 This script is similar to the one that updates WinRE, but instead it mounts Boot.wim, applies the packages with the latest cumulative update last, and saves. It repeats this for all images inside of Boot.wim, typically two images. It starts by applying the servicing stack Dynamic Update. Since the script is customizing this media with Japanese, it installs the language pack from the WinPE folder on the language pack ISO. Additionally, add font support and text to speech (TTS) support. Since the script is adding a new language, it rebuilds lang.ini, used to identify languages installed in the image. Finally, it cleans and exports Boot.wim, and copies it back to the new media.
@@ -266,15 +268,15 @@ $WINPE_IMAGES = Get-WindowsImage -ImagePath $MEDIA_NEW_PATH"\sources\boot.wim"
 Foreach ($IMAGE in $WINPE_IMAGES) {
 
     # update WinPE
-    Write-Host "$(Get-TS): Mounting WinPE"
+    Write-Output "$(Get-TS): Mounting WinPE"
     Mount-WindowsImage -ImagePath $MEDIA_NEW_PATH"\sources\boot.wim" -Index $IMAGE.ImageIndex -Path $WINPE_MOUNT -ErrorAction stop | Out-Null  
 
     # Add SSU
-    Write-Host "$(Get-TS): Adding package $SSU_PATH"
+    Write-Output "$(Get-TS): Adding package $SSU_PATH"
     Add-WindowsPackage -Path $WINPE_MOUNT -PackagePath $SSU_PATH -ErrorAction stop | Out-Null
 
     # Install lp.cab cab
-    Write-Host "$(Get-TS): Adding package $WINPE_OC_LP_PATH"
+    Write-Output "$(Get-TS): Adding package $WINPE_OC_LP_PATH"
     Add-WindowsPackage -Path $WINPE_MOUNT -PackagePath $WINPE_OC_LP_PATH -ErrorAction stop | Out-Null  
 
     # Install language cabs for each optional package installed
@@ -291,7 +293,7 @@ Foreach ($IMAGE in $WINPE_IMAGES) {
                 $OC_CAB = $PACKAGE.PackageName.Substring(0, $INDEX) + "_" + $LANG + ".cab"
                 if ($WINPE_OC_LANG_CABS.Contains($OC_CAB)) {
                     $OC_CAB_PATH = Join-Path $WINPE_OC_LANG_PATH $OC_CAB
-                    Write-Host "$(Get-TS): Adding package $OC_CAB_PATH"
+                    Write-Output "$(Get-TS): Adding package $OC_CAB_PATH"
                     Add-WindowsPackage -Path $WINPE_MOUNT -PackagePath $OC_CAB_PATH -ErrorAction stop | Out-Null  
                 }
             }
@@ -300,7 +302,7 @@ Foreach ($IMAGE in $WINPE_IMAGES) {
 
     # Add font support for the new language
     if ( (Test-Path -Path $WINPE_FONT_SUPPORT_PATH) ) {
-        Write-Host "$(Get-TS): Adding package $WINPE_FONT_SUPPORT_PATH"
+        Write-Output "$(Get-TS): Adding package $WINPE_FONT_SUPPORT_PATH"
         Add-WindowsPackage -Path $WINPE_MOUNT -PackagePath $WINPE_FONT_SUPPORT_PATH -ErrorAction stop | Out-Null
     }
 
@@ -308,39 +310,40 @@ Foreach ($IMAGE in $WINPE_IMAGES) {
     if (Test-Path -Path $WINPE_SPEECH_TTS_PATH) {
         if ( (Test-Path -Path $WINPE_SPEECH_TTS_LANG_PATH) ) {
 
-            Write-Host "$(Get-TS): Adding package $WINPE_SPEECH_TTS_PATH"
+            Write-Output "$(Get-TS): Adding package $WINPE_SPEECH_TTS_PATH"
             Add-WindowsPackage -Path $WINPE_MOUNT -PackagePath $WINPE_SPEECH_TTS_PATH -ErrorAction stop | Out-Null
 
-            Write-Host "$(Get-TS): Adding package $WINPE_SPEECH_TTS_LANG_PATH"
+            Write-Output "$(Get-TS): Adding package $WINPE_SPEECH_TTS_LANG_PATH"
             Add-WindowsPackage -Path $WINPE_MOUNT -PackagePath $WINPE_SPEECH_TTS_LANG_PATH -ErrorAction stop | Out-Null
         }
     }
 
     # Generates a new Lang.ini file which is used to define the language packs inside the image
     if ( (Test-Path -Path $WINPE_MOUNT"\sources\lang.ini") ) {
-        Write-Host "$(Get-TS): Updating lang.ini"
+        Write-Output "$(Get-TS): Updating lang.ini"
         DISM /image:$WINPE_MOUNT /Gen-LangINI /distribution:$WINPE_MOUNT | Out-Null
-    }    
+    }
 
     # Add latest cumulative update
-    Write-Host "$(Get-TS): Adding package $LCU_PATH"
+    Write-Output "$(Get-TS): Adding package $LCU_PATH"
     Add-WindowsPackage -Path $WINPE_MOUNT -PackagePath $LCU_PATH -ErrorAction stop | Out-Null  
 
     # Perform image cleanup
-    Write-Host "$(Get-TS): Performing image cleanup on WinPE"
+    Write-Output "$(Get-TS): Performing image cleanup on WinPE"
     DISM /image:$WINPE_MOUNT /cleanup-image /StartComponentCleanup | Out-Null
 
     # Dismount
     Dismount-WindowsImage -Path $WINPE_MOUNT -Save -ErrorAction stop | Out-Null
 
     #Export WinPE
-    Write-Host "$(Get-TS): Exporting image to $WORKING_PATH\boot2.wim"
+    Write-Output "$(Get-TS): Exporting image to $WORKING_PATH\boot2.wim"
     Export-WindowsImage -SourceImagePath $MEDIA_NEW_PATH"\sources\boot.wim" -SourceIndex $IMAGE.ImageIndex -DestinationImagePath $WORKING_PATH"\boot2.wim" -ErrorAction stop | Out-Null
 
 }
 
 Move-Item -Path $WORKING_PATH"\boot2.wim" -Destination $MEDIA_NEW_PATH"\sources\boot.wim" -Force -ErrorAction stop | Out-Null
 ```
+
 ### Update the main operating system
 
 For this next phase, there is no need to mount the main operating system, since it was already mounted in the previous scripts. This script starts by applying the servicing stack Dynamic Update. Then, it adds Japanese language support and then the Japanese language features. Unlike the Dynamic Update packages, it leverages `Add-WindowsCapability` to add these features. For a full list of such features, and their associated capability name, see [Available Features on Demand](https://docs.microsoft.com/windows-hardware/manufacture/desktop/features-on-demand-non-language-fod).
@@ -355,36 +358,36 @@ You can install Optional Components, along with the .NET feature, offline, but t
 #
 
 # Add servicing stack update
-Write-Host "$(Get-TS): Adding package $SSU_PATH"
+Write-Output "$(Get-TS): Adding package $SSU_PATH"
 Add-WindowsPackage -Path $MAIN_OS_MOUNT -PackagePath $SSU_PATH -ErrorAction stop | Out-Null
 
 # Optional: Add language to main OS
-Write-Host "$(Get-TS): Adding package $OS_LP_PATH"
+Write-Output "$(Get-TS): Adding package $OS_LP_PATH"
 Add-WindowsPackage -Path $MAIN_OS_MOUNT -PackagePath $OS_LP_PATH -ErrorAction stop | Out-Null  
 
 # Optional: Add a Features on Demand to the image
-Write-Host "$(Get-TS): Adding language FOD: Language.Fonts.Jpan~~~und-JPAN~0.0.1.0"
+Write-Output "$(Get-TS): Adding language FOD: Language.Fonts.Jpan~~~und-JPAN~0.0.1.0"
 Add-WindowsCapability -Name "Language.Fonts.$LANG_FONT_CAPABILITY~~~und-$LANG_FONT_CAPABILITY~0.0.1.0" -Path $MAIN_OS_MOUNT -Source $FOD_PATH -ErrorAction stop | Out-Null
 
-Write-Host "$(Get-TS): Adding language FOD: Language.Basic~~~$LANG~0.0.1.0"
+Write-Output "$(Get-TS): Adding language FOD: Language.Basic~~~$LANG~0.0.1.0"
 Add-WindowsCapability -Name "Language.Basic~~~$LANG~0.0.1.0" -Path $MAIN_OS_MOUNT -Source $FOD_PATH -ErrorAction stop | Out-Null
 
-Write-Host "$(Get-TS): Adding language FOD: Language.OCR~~~$LANG~0.0.1.0"
+Write-Output "$(Get-TS): Adding language FOD: Language.OCR~~~$LANG~0.0.1.0"
 Add-WindowsCapability -Name "Language.OCR~~~$LANG~0.0.1.0" -Path $MAIN_OS_MOUNT -Source $FOD_PATH -ErrorAction stop | Out-Null
 
-Write-Host "$(Get-TS): Adding language FOD: Language.Handwriting~~~$LANG~0.0.1.0"
+Write-Output "$(Get-TS): Adding language FOD: Language.Handwriting~~~$LANG~0.0.1.0"
 Add-WindowsCapability -Name "Language.Handwriting~~~$LANG~0.0.1.0" -Path $MAIN_OS_MOUNT -Source $FOD_PATH -ErrorAction stop | Out-Null
 
-Write-Host "$(Get-TS): Adding language FOD: Language.TextToSpeech~~~$LANG~0.0.1.0"
+Write-Output "$(Get-TS): Adding language FOD: Language.TextToSpeech~~~$LANG~0.0.1.0"
 Add-WindowsCapability -Name "Language.TextToSpeech~~~$LANG~0.0.1.0" -Path $MAIN_OS_MOUNT -Source $FOD_PATH -ErrorAction stop | Out-Null
 
-Write-Host "$(Get-TS): Adding language FOD:Language.Speech~~~$LANG~0.0.1.0"
+Write-Output "$(Get-TS): Adding language FOD:Language.Speech~~~$LANG~0.0.1.0"
 Add-WindowsCapability -Name "Language.Speech~~~$LANG~0.0.1.0" -Path $MAIN_OS_MOUNT -Source $FOD_PATH -ErrorAction stop | Out-Null
 
 # Note: If I wanted to enable additional Features on Demand, I'd add these here.
 
 # Add latest cumulative update
-Write-Host "$(Get-TS): Adding package $LCU_PATH"
+Write-Output "$(Get-TS): Adding package $LCU_PATH"
 Add-WindowsPackage -Path $MAIN_OS_MOUNT -PackagePath $LCU_PATH -ErrorAction stop | Out-Null
 
 # Copy our updated recovery image from earlier into the main OS
@@ -393,7 +396,7 @@ Add-WindowsPackage -Path $MAIN_OS_MOUNT -PackagePath $LCU_PATH -ErrorAction stop
 Copy-Item -Path $WORKING_PATH"\winre.wim" -Destination $MAIN_OS_MOUNT"\windows\system32\recovery\winre.wim" -Force -Recurse -ErrorAction stop | Out-Null
 
 # Perform image cleanup
-Write-Host "$(Get-TS): Performing image cleanup on main OS"
+Write-Output "$(Get-TS): Performing image cleanup on main OS"
 DISM /image:$MAIN_OS_MOUNT /cleanup-image /StartComponentCleanup | Out-Null
 
 #
@@ -402,18 +405,18 @@ DISM /image:$MAIN_OS_MOUNT /cleanup-image /StartComponentCleanup | Out-Null
 # the image to be booted, and thus if we tried to cleanup after installation, it would fail.
 #
 
-Write-Host "$(Get-TS): Adding NetFX3~~~~"
+Write-Output "$(Get-TS): Adding NetFX3~~~~"
 Add-WindowsCapability -Name "NetFX3~~~~" -Path $MAIN_OS_MOUNT -Source $FOD_PATH -ErrorAction stop | Out-Null
 
 # Add .NET Cumulative Update
-Write-Host "$(Get-TS): Adding package $DOTNET_CU_PATH"
+Write-Output "$(Get-TS): Adding package $DOTNET_CU_PATH"
 Add-WindowsPackage -Path $MAIN_OS_MOUNT -PackagePath $DOTNET_CU_PATH -ErrorAction stop | Out-Null
 
 # Dismount
 Dismount-WindowsImage -Path $MAIN_OS_MOUNT -Save -ErrorAction stop | Out-Null
 
 # Export
-Write-Host "$(Get-TS): Exporting image to $WORKING_PATH\install2.wim"
+Write-Output "$(Get-TS): Exporting image to $WORKING_PATH\install2.wim"
 Export-WindowsImage -SourceImagePath $MEDIA_NEW_PATH"\sources\install.wim" -SourceIndex 1 -DestinationImagePath $WORKING_PATH"\install2.wim" -ErrorAction stop | Out-Null
 Move-Item -Path $WORKING_PATH"\install2.wim" -Destination $MEDIA_NEW_PATH"\sources\install.wim" -Force -ErrorAction stop | Out-Null
 ```
@@ -428,9 +431,10 @@ This part of the script updates the Setup files. It simply copies the individual
 #
 
 # Add Setup DU by copy the files from the package into the newMedia
-Write-Host "$(Get-TS): Adding package $SETUP_DU_PATH"
+Write-Output "$(Get-TS): Adding package $SETUP_DU_PATH"
 cmd.exe /c $env:SystemRoot\System32\expand.exe $SETUP_DU_PATH -F:* $MEDIA_NEW_PATH"\sources" | Out-Null
 ```
+
 ### Finish up
 
 As a last step, the script removes the working folder of temporary files, and unmounts our language pack and Features on Demand ISOs.
@@ -444,9 +448,9 @@ As a last step, the script removes the working folder of temporary files, and un
 Remove-Item -Path $WORKING_PATH -Recurse -Force -ErrorAction stop | Out-Null
 
 # Dismount ISO images
-Write-Host "$(Get-TS): Dismounting ISO images"
+Write-Output "$(Get-TS): Dismounting ISO images"
 Dismount-DiskImage -ImagePath $LP_ISO_PATH -ErrorAction stop | Out-Null
 Dismount-DiskImage -ImagePath $FOD_ISO_PATH -ErrorAction stop | Out-Null
 
-Write-Host "$(Get-TS): Media refresh completed!"
+Write-Output "$(Get-TS): Media refresh completed!"
 ```
diff --git a/windows/deployment/update/plan-define-readiness.md b/windows/deployment/update/plan-define-readiness.md
index 4264b434b1..2e371a0df1 100644
--- a/windows/deployment/update/plan-define-readiness.md
+++ b/windows/deployment/update/plan-define-readiness.md
@@ -1,6 +1,5 @@
 ---
 title: Define readiness criteria
-ms.reviewer: 
 manager: laurawi
 description: Identify important roles and figure out how to classify apps
 keywords: updates, servicing, current, deployment, semi-annual channel, feature, quality, rings, insider, tools
@@ -11,14 +10,14 @@ author: jaimeo
 ms.localizationpriority: medium
 ms.audience: itpro
 ms.topic: article
-ms.collection: M365-modern-desktop
+ms.collection: m365initiative-coredeploy
 ---
 
 # Define readiness criteria
 
 ## Figure out roles and personnel
 
-Planning and managing a deployment involves a variety of distinct activies and roles best suited to each. As you plan, it's worth figuring out which roles you'll need to carry out the deployment and who should fill them. Different roles are active at various phases of a deployment. Depending on the size and complexity of your organization, some of the roles could be filled by the same person. However, it's best to have an established *process manager*, who will oversee all of the tasks for the deployment.
+Planning and managing a deployment involves a variety of distinct activities and roles best suited to each. As you plan, it's worth figuring out which roles you'll need to carry out the deployment and who should fill them. Different roles are active at various phases of a deployment. Depending on the size and complexity of your organization, some of the roles could be filled by the same person. However, it's best to have an established *process manager*, who will oversee all of the tasks for the deployment.
 
 ### Process manager
 
@@ -39,7 +38,7 @@ This table sketches out one view of the other roles, with their responsibilities
 
 |Role  |Responsibilities  |Skills  |Active phases  |
 |---------|---------|---------|---------|
-|Process manager     | Manages the process end to end; ensures inputs and outputs are captures; ensures that activities progress        | IT service management        | Plan, prepare, pilot deployment, broad deployment        |
+|Process manager     | Manages the process end to end; ensures inputs and outputs are captures; ensures that activities progress        | IT Service Management        | Plan, prepare, pilot deployment, broad deployment        |
 |Application owner     | Define application test plan; assign user acceptance testers; certify the application         | Knowledge of critical and important applications        | Plan, prepare, pilot deployment        |
 |Application developer     | Ensure apps are developed to stay compatible with current Windows versions        | Application development; application remediation        | Plan, prepare        |
 |End-user computing     | Typically a group including infrastructure engineers or deployment engineers who ensure upgrade tools are compatible with Windows        | Bare-metal deployment; infrastructure management; application delivery; update management        | Plan, prepare, pilot deployment, broad deployment        |
@@ -54,7 +53,7 @@ This table sketches out one view of the other roles, with their responsibilities
 
 ## Set criteria for rating apps
 
-Some apps in your environment are fundamental to your core business activities. Other apps help workers perform their roles, but aren’t critical to your business operations. Before you start inventorying and assessing the apps in your environment, you should establish some criteria for categorizing your apps, and then determine a priority for each. This will help you understand how best to deploy updates and how to resolve any issues that could arise.
+Some apps in your environment are fundamental to your core business activities. Other apps help workers perform their roles, but aren’t critical to your business operations. Before you start inventorying and assessing the apps in your environment, you should establish some criteria for categorizing your apps, and then determine a priority for each. This process will help you understand how best to deploy updates and how to resolve any issues that could arise.
 
 In the Prepare phase, you'll apply the criteria you define now to every app in your organization.
 
@@ -67,9 +66,9 @@ Here's a suggested classification scheme:
 |Important     | Applications that individual staff members need to support their productivity. Downtime here would affect individual users, but would only have a minimal impact on the business.       |
 |Not important   | There is no impact on the business if these apps are not available for a while.        |
 
-Once you have classified your applications, you should agree what each classification means to the organization in terms of priority and severity. This will help ensure that you can triage problems with the right level of urgency. You should assign each app a time-based priority.
+Once you have classified your applications, you should agree what each classification means to the organization in terms of priority and severity. This activity will help ensure that you can triage problems with the right level of urgency. You should assign each app a time-based priority.
 
-Here's an example priority rating system; of course the specifics could vary for your organization:
+Here's an example priority rating system; the specifics could vary for your organization:
 
 
 |Priority  |Definition  |
@@ -101,7 +100,7 @@ Using the suggested scheme, a financial corporation might classify their apps li
 |Credit processing app     | Critical        |
 |Frontline customer service app     |  Critical       |
 |PDF viewer     | Important        |
-|Image processing app     | Not important        |
+|Image-processing app     | Not important        |
 
 Further, they might combine this classification with severity and priority rankings like this:
 
diff --git a/windows/deployment/update/plan-define-strategy.md b/windows/deployment/update/plan-define-strategy.md
index 4f1c4edfac..fc033d13bd 100644
--- a/windows/deployment/update/plan-define-strategy.md
+++ b/windows/deployment/update/plan-define-strategy.md
@@ -7,18 +7,18 @@ ms.mktglfcycl: manage
 author: jaimeo
 ms.localizationpriority: medium
 ms.author: jaimeo
-ms.reviewer: 
 manager: laurawi
 ms.topic: article
+ms.collection: m365initiative-coredeploy
 ---
 
 # Define update strategy with a calendar
 
 Traditionally, organizations treated the deployment of operating system updates (especially feature updates) as a discrete project that had a beginning, a middle, and an end. A release was "built" (usually in the form of an image) and then distributed to users and their devices.
 
-Today, more organizations are treating deployment as a continual process of updates which roll out across the organization in waves. In this approach, an update is plugged into this process and while it runs, you monitor for anomalies, errors, or user impact and respond as issues arise--without interrupting the entire process. Microsoft has been evolving its Windows 10 release cycles, update mechanisms, and relevant tools to support this model. Feature updates are released twice per year, around March and September. All releases of Windows 10 have 18 months of servicing for all editions. Fall releases of the Enterprise and Education editions have an additional 12 months of servicing for specific Windows 10 releases, for a total of 30 months from initial release.
+Today, more organizations are treating deployment as a continual process of updates that roll out across the organization in waves. In this approach, an update is plugged into this process and while it runs, you monitor for anomalies, errors, or user impact and respond as issues arise--without interrupting the entire process. Microsoft has been evolving its Windows 10 release cycles, update mechanisms, and relevant tools to support this model. Feature updates are released twice per year, around March and September. All releases of Windows 10 have 18 months of servicing for all editions. Fall releases of the Enterprise and Education editions have an additional 12 months of servicing for specific Windows 10 releases, for a total of 30 months from initial release.
 
-Though we encourage you to deploy every available release and maintain a fast cadence for some portion of your environment, we also recognize that you might have a large number of devices, and a need for little or no disruption, an so you might choose to update annually. The 18/30 month lifecycle cadence lets you to allow some portion of you environment to move faster while a majority can move less quickly.
+Though we encourage you to deploy every available release and maintain a fast cadence for some portion of your environment, we also recognize that you might have a large number of devices, and a need for little or no disruption, and so you might choose to update annually. The 18/30 month lifecycle cadence lets you allow some portion of your environment to move faster while a majority can move less quickly.
 
 ## Calendar approaches
 You can use a calendar approach for either a faster twice-per-year cadence or an annual cadence. Depending on company size, installing Windows 10 feature updates less often than once annually risks devices going out of service and becoming vulnerable to security threats, because they will stop receiving the monthly security updates.
@@ -26,24 +26,26 @@ You can use a calendar approach for either a faster twice-per-year cadence or an
 ### Annual
 Here's a calendar showing an example schedule that applies one Windows 10 feature update per calendar year, aligned with Microsoft Endpoint Configuration Manager and Microsoft 365 Apps release cycles:
 
-![Calendar showing an annual update cadence](images/annual-calendar.png)
+[ ![Calendar showing an annual update cadence](images/annual-calendar.png) ](images/annual-calendar.png#lightbox)
 
-This approach provides approximately twelve months of use from each feature update before the next update is due to be installed. By aligning to the Windows 10, version H2 feature update, each release will be serviced for 30 months from the time of availability, giving you more flexibility when applying future feature updates.
+This approach provides approximately 12 months of use from each feature update before the next update is due to be installed. By aligning to the Windows 10, version H2 feature update, each release will be serviced for 30 months from the time of availability, giving you more flexibility when applying future feature updates.
 
 This cadence might be most suitable for you if any of these conditions apply:
 
-- You are just starting your journey with the Windows 10 servicing process. If you are unfamiliar with new processes that support Windows 10 servicing, moving from a once every 3-5 year project to a twice a year feature update process can be daunting. This approach gives you time to learn new approaches and tools to reduce effort and cost.
+- You are just starting your journey with the Windows 10 servicing process. If you are unfamiliar with new processes that support Windows 10 servicing, moving from a project happening once every three to five years to a twice-a-year feature update process can be daunting. This approach gives you time to learn new approaches and tools to reduce effort and cost.
+
 - You want to wait and see how successful other companies are at adopting a Windows 10 feature update.
+
 - You want to go quickly with feature updates, and want the ability to skip a feature update while keeping Windows 10 serviced in case business priorities change. Aligning to the Windows 10 feature update released in the second half of each calendar year, you get additional servicing for Windows 10 (30 months of servicing compared to 18 months).
 
 ### Rapid
 This calendar shows an example schedule that installs each feature update as it is released, twice per year:
 
-![Update calendar showing a faster update cadence](images/rapid-calendar.png)
+[ ![Update calendar showing a faster update cadence](images/rapid-calendar.png) ](images/rapid-calendar.png#lightbox)
 
 This cadence might be best for you if these conditions apply:
 
 - You have a strong appetite for change.
 - You want to continuously update supporting infrastructure and unlock new scenarios.
 - Your organization has a large population of information workers that can use the latest features and functionality in Windows 10 and Office.
-- You have experience with feature updates for Windows 10.
\ No newline at end of file
+- You have experience with feature updates for Windows 10.
diff --git a/windows/deployment/update/plan-determine-app-readiness.md b/windows/deployment/update/plan-determine-app-readiness.md
index 645903d80f..82ecea00a3 100644
--- a/windows/deployment/update/plan-determine-app-readiness.md
+++ b/windows/deployment/update/plan-determine-app-readiness.md
@@ -1,6 +1,5 @@
 ---
 title: Determine application readiness
-ms.reviewer: 
 manager: laurawi
 description: How to test your apps to know which need attention prior to deploying an update
 keywords: updates, servicing, current, deployment, semi-annual channel, feature, quality, rings, insider, tools
@@ -10,7 +9,7 @@ audience: itpro
 ms.localizationpriority: medium
 ms.audience: itpro
 ms.topic: article
-ms.collection: M365-modern-desktop
+ms.collection: m365initiative-coredeploy
 ms.author: jaimeo
 author: jaimeo
 ---
@@ -26,11 +25,11 @@ You can choose from a variety of methods to validate apps. Exactly which ones to
 
 |Validation method  |Description  |
 |---------|---------|
-|Full regression     | A full quality assurance probing. Staff who know the application very well and can validate its core functionality should do this.        |
+|Full regression     | A full quality assurance probing. Staff who know the application well and can validate its core functionality should do this.        |
 |Smoke testing     | The application goes through formal validation. That is, a user validates the application following a detailed plan, ideally with limited, or no knowledge of the application they’re validating.        |
 |Automated testing     |  Software performs tests automatically. The software will let you know whether the tests have passed or failed, and will provide detailed reporting for you automatically.    |
 |Test in pilot     | You pre-select users to be in the pilot deployment group and carry out the same tasks they do on a day-to-day basis to validate the application. Normally you use this method in addition to one of the other validation types.        |
-|Reactive response     | Applications are validated in late pilot, and no specific users are selected. These are normally applications aren't installed on many devices and aren’t handled by enterprise application distribution.        |
+|Reactive response     | Applications are validated in late pilot, and no specific users are selected. These applications normally aren't installed on many devices and aren’t handled by enterprise application distribution.        |
 
 Combining the various validation methods with the app classifications you've previously established might look like this:
 
diff --git a/windows/deployment/update/prepare-deploy-windows.md b/windows/deployment/update/prepare-deploy-windows.md
index 76cbb5eea0..53b1f289ec 100644
--- a/windows/deployment/update/prepare-deploy-windows.md
+++ b/windows/deployment/update/prepare-deploy-windows.md
@@ -1,6 +1,6 @@
 ---
 title: Prepare to deploy Windows
-description:
+description: Final steps to get ready to deploy Windows, including preparing infrastructure, environment, applications, devices, network, capability, and users
 keywords: updates, servicing, current, deployment, semi-annual channel, feature, quality, rings, insider, tools
 ms.prod: w10
 ms.mktglfcycl: manage
@@ -10,6 +10,7 @@ ms.author: jaimeo
 ms.reviewer: 
 manager: laurawi
 ms.topic: article
+ms.collection: m365initiative-coredeploy
 ---
 
 # Prepare to deploy Windows
@@ -31,19 +32,25 @@ Now you're ready to actually start making changes in your environment to get rea
 
 Your infrastructure probably includes many different components and tools. You’ll need to ensure your environment isn’t affected by issues due to the changes you make to the various parts of the infrastructure. Follow these steps:
 
-1.	Review all of the infrastructure changes that you’ve identified in your plan. It’s important to understand the changes that need to be made and to detail how to implement them. This prevents problems later on.
+1.	Review all of the infrastructure changes that you’ve identified in your plan. It’s important to understand the changes that need to be made and to detail how to implement them.  This process prevents problems later on.
+
 2.	Validate your changes. You’ll validate the changes for your infrastructure’s components and tools, to help you understand how your changes could affect your production environment. 
+
 3.	Implement the changes. Once the changes have been validated, you can implement the changes across the wider infrastructure.
 
 
 You should also look at your organization’s environment’s configuration and outline how you’ll implement any necessary changes previously identified in the plan phase to support the update. Consider what you’ll need to do for the various settings and policies that currently underpin the environment. For example:
 
 - Implement new draft security guidance. New versions of Windows can include new features that improve your environment’s security. Your security teams will want to make appropriate changes to security related configurations.
+
 - Update security baselines. Security teams understand the relevant security baselines and will have to work to make sure all baselines fit into whatever guidance they have to adhere to.
+
 However, your configuration will consist of many different settings and policies. It’s important to only apply changes where they are necessary, and where you gain a clear improvement. Otherwise, your environment might face issues that will slow down the update process. You want to ensure your environment isn’t affected adversely because of changes you make. For example:
 
 1.	Review new security settings. Your security team will review the new security settings, to understand how they can best be set to facilitate the update, and to also investigate the potential effects they might have on your environment.
+
 2.	Review security baselines for changes. Security teams will also review all the necessary security baselines, to ensure the changes can be implemented, and ensure your environment remains compliant.
+
 3.	Implement and validate security settings and baseline changes. Your security teams will then implement all of the security settings and baselines, having addressed any potential outstanding issues.
 
 
@@ -100,39 +107,42 @@ Set up [Delivery Optimization](waas-delivery-optimization.md) for peer network s
 
 In the course of surveying your device population, either with Desktop Analytics or by some other means, you might find devices that have systemic problems that could interfere with update installation. Now is the time to fix those problems.
 
-- **Low disk space:** Quality updates require a minimum of two GB to successfully install. Feature updates require between 8 and 15 GB depending upon the configuration. On Windows 10, version 1903 and later you can proactively use the "reserved storage" feature (for wipe and loads, rebuilds, and new builds) to avoid running out of disk space. If you find a group of devices that don't have enough disk space, you can often resolve this by cleaning up log files and asking users to clean up data if necessary. A good place to start is to delete the following files:
-- C:\Windows\temp
-- C:\Windows\cbstemp (though this file might be necessary to investigate update failures)
-- C:\Windows\WindowsUpdate.log (though this file might be necessary to investigate update failures)
-- C:\Windows.Old (these files should automatically clean up after 10 days or might ask the device user for permission to clean up sooner when constrained for disk space)
+- **Low disk space:** Quality updates require a minimum of 2 GB to successfully install. Feature updates require between 8 GB and 15 GB depending upon the configuration. On Windows 10, version 1903 and later you can proactively use the "reserved storage" feature (for wipe and loads, rebuilds, and new builds) to avoid running out of disk space. If you find a group of devices that don't have enough disk space, you can often resolve the problem by cleaning up log files and asking users to clean up data if necessary. A good place to start is to delete the following files:
+
+  - C:\Windows\temp
+  - C:\Windows\cbstemp (though this file might be necessary to investigate update failures)
+  - C:\Windows\WindowsUpdate.log (though this file might be necessary to investigate update failures)
+  - C:\Windows.Old (these files should automatically clean up after 10 days or might ask the device user for permission to clean up sooner when constrained for disk space)
 
 You can also create and run scripts to perform additional cleanup actions on devices, with administrative rights, or use Group Policy settings.
 
-- Clean up the Windows Store Cache by running C:\Windows\sytem32\wsreset.exe
-- Optimize the WinSxS folder on the client machine by using **Dism.exe /online /Cleanup-Image /StartComponentCleanup**
-- Compact the operating system by running **Compact.exe /CompactOS:always**
+- Clean up the Windows Store Cache by running C:\Windows\sytem32\wsreset.exe.
+
+- Optimize the WinSxS folder on the client machine by using **Dism.exe /online /Cleanup-Image /StartComponentCleanup**.
+
+- Compact the operating system by running **Compact.exe /CompactOS:always**.
+
 - Remove Windows Features on Demand that the user doesn't need. See [Features on Demand](https://docs.microsoft.com/windows-hardware/manufacture/desktop/features-on-demand-v2--capabilities) for more guidance.
+
 - Move Windows Known Folders to OneDrive. See [Use Group Policy to control OneDrive sync settings](https://docs.microsoft.com/onedrive/use-group-policy) for more information.
+
 - Clean up the Software Distribution folder. Try deploying these commands as a batch file to run on devices to reset the download state of Windows Updates:
 
-```
-net stop wuauserv
-net stop cryptSvc
-net stop bits
-net stop msiserver
-ren C:\Windows\SoftwareDistribution C:\Windows\SoftwareDistribution.old
-net start wuauserv
-net start cryptSvc
-net start bits
-net start msiserver
-```
-
-- **Application and driver updates:** Out-of-date app or driver software can prevent devices from updating successfully. Desktop Analytics will help you identify drivers and applications that need attention. You can also
-check for known issues in order to take any appropriate action. Deploy any updates from the vendor(s) for any problematic application or driver versions to resolve issues.
-- **Corruption:** In rare circumstances, a device that has repeated installation errors might be corrupted in a way that prevents the system from applying a new update. You might have to repair the Component Based Store from another source. You can do this with the [System File Checker](https://support.microsoft.com/help/929833/use-the-system-file-checker-tool-to-repair-missing-or-corrupted-system).
-
+  ```console
+  net stop wuauserv
+  net stop cryptSvc
+  net stop bits
+  net stop msiserver
+  ren C:\Windows\SoftwareDistribution C:\Windows\SoftwareDistribution.old
+  net start wuauserv
+  net start cryptSvc
+  net start bits
+  net start msiserver
+  ```
 
+- **Application and driver updates:** Out-of-date app or driver software can prevent devices from updating successfully. Desktop Analytics will help you identify drivers and applications that need attention. You can also check for known issues in order to take any appropriate action. Deploy any updates from the vendor(s) for any problematic application or driver versions to resolve issues.
 
+- **Corruption:** In rare circumstances, a device that has repeated installation errors might be corrupted in a way that prevents the system from applying a new update. You might have to repair the Component-Based Store from another source. You can fix the problem with the [System File Checker](https://support.microsoft.com/help/929833/use-the-system-file-checker-tool-to-repair-missing-or-corrupted-system).
 
 
 ## Prepare capability
@@ -140,14 +150,16 @@ check for known issues in order to take any appropriate action. Deploy any updat
 In the plan phase, you determined the specific infrastructure and configuration changes that needed to be implemented to add new capabilities to the environment. Now you can move on to implementing those changes defined in the plan phase. You'll need to complete these higher-level tasks to gain those new capabilities:
 
 - Enable capabilities across the environment by implementing the changes. For example, implement updates to relevant ADMX templates in Active Directory. New Windows versions will come with new policies that you use to update ADMX templates. 
+
 - Validate new changes to understand how they affect the wider environment.
+
 - Remediate any potential problems that have been identified through validation. 
 
 ## Prepare users
 
 Users often feel like they are forced into updating their devices randomly. They often don't fully understand why an update is needed, and they don't know when updates would be applied to their devices ahead of time. It's best to ensure that upcoming updates are communicated clearly and with adequate warning.
 
-You can employ a variety of measures to achieve this, for example:
+You can employ a variety of measures to achieve this goal, for example:
 
 - Send overview email about the update and how it will be deployed to the entire organization.
 - Send personalized emails to users about the update with specific details.
diff --git a/windows/deployment/update/safeguard-holds.md b/windows/deployment/update/safeguard-holds.md
new file mode 100644
index 0000000000..003834c35c
--- /dev/null
+++ b/windows/deployment/update/safeguard-holds.md
@@ -0,0 +1,44 @@
+---
+title: Safeguard holds
+description: What are safeguard holds, how can you tell if one is in effect, and what to do about it
+ms.prod: w10
+ms.mktglfcycl: manage
+author: jaimeo
+ms.localizationpriority: medium
+ms.author: jaimeo
+manager: laurawi
+ms.topic: article
+---
+
+# Safeguard holds
+
+Microsoft uses quality and compatibility data to identify issues that might cause a Windows 10 feature update to fail or roll back. When we find such an issue, we might apply holds to the updating service to prevent affected devices from installing the update in order to safeguard them from these experiences. We also use holds when a customer, a partner, or Microsoft internal validation finds an issue that would cause severe impact (for example, rollback of the update, data loss, loss of connectivity, or loss of key functionality) and when a workaround is not immediately available.
+
+Safeguard holds prevent a device with a known issue from being offered a new operating system version. We renew the offering once a fix is found and verified. We use holds to ensure customers have a successful experience as their device moves to a new version of Windows 10.
+
+The lifespan of holds varies depending on the time required to investigate and fix an issue. During this time Microsoft works diligently to procure, develop, and validate a fix and then offer it to affected devices. We monitor quality and compatibility data to confirm that a fix is complete before releasing the hold. Once we release the hold, Windows Update will resume offering new operating system versions to devices.
+
+Safeguard holds only affect devices that use the Window Update service for updates. We encourage IT admins who manage updates to devices through other channels (such as media installations or updates coming from Windows Server Update Services) to remain aware of known issues that might also be present in their environments.
+
+
+## Am I affected by a safeguard hold?
+
+IT admins can use [Update Compliance](update-compliance-feature-update-status.md#safeguard-holds) to monitor various update health metrics for devices in their organization, including ones affected by a safeguard hold that prevents them from updating to a newer operating system version. 
+
+Queries identify Safeguard IDs for each affected device, giving IT admins a detailed view into the various protections extended to devices. Safeguard IDs for publicly discussed known issues are also included in the [Windows release health](https://aka.ms/windowsreleasehealth) dashboard, where you can easily find information related to publicly available safeguards.
+
+On devices that use Windows Update (but not Windows Update for Business), the **Windows Update** page in the Settings app displays a message stating that an update is on its way, but not ready for the device. Instead of the option to download and install the update, users will see this message:
+
+
+![Feature update message reading "The Windows 10 May 2020 Update is on its way. Once it's ready for your device, you'll see the update available on this page](images/safeguard-hold-notification.png)
+
+If you see this message, it means one or more holds affect your device. When the issue is fixed and the update is safe to install, we’ll release the hold and the update can resume safely.
+
+## What can I do?
+
+We recommend that you do not attempt to manually update until issues have been resolved and holds released.
+
+> [!CAUTION]
+> Opting out of a safeguard hold can put devices at risk from known performance issues. We strongly recommend that you complete robust testing to ensure the impact is acceptable before opting out.
+  
+With that in mind, IT admins who stay informed with [Update Compliance](update-compliance-feature-update-status.md#safeguard-holds) and the [Windows release health](https://aka.ms/windowsreleasehealth) dashboard can choose to temporarily [opt-out of the protection of all safeguard holds](safeguard-opt-out.md) and allow an update to proceed. We recommend opting out only in an IT environment and for validation purposes. If you do opt out of a hold, this condition is temporary. Once an update is complete, the protection of safeguard holds is reinstated automatically. 
diff --git a/windows/deployment/update/safeguard-opt-out.md b/windows/deployment/update/safeguard-opt-out.md
new file mode 100644
index 0000000000..a6ad9a0b05
--- /dev/null
+++ b/windows/deployment/update/safeguard-opt-out.md
@@ -0,0 +1,32 @@
+---
+title: Opt out of safeguard holds
+description: Steps to install an update even it if has a safeguard hold applied
+ms.prod: w10
+ms.mktglfcycl: manage
+author: jaimeo
+ms.localizationpriority: medium
+ms.author: jaimeo
+manager: laurawi
+ms.topic: article
+---
+
+# Opt out of safeguard holds
+
+Safeguard holds prevent a device with a known compatibility issue from being offered a new Windows 10 feature update by using Windows Update. We use safeguard holds to protect the device and user from a failed or poor update experience. We renew the offering once a fix is issued and is verified on an affected device. For more information about safeguard holds, see [Safeguard holds](safeguard-holds.md).
+
+## How can I opt out of safeguard holds?
+
+IT admins can, if necessary, opt devices out of safeguard protections by using the disable safeguards policy. In a Mobile Device Management (MDM) tool, use the **Update/DisableWUfBSafeguards** CSP. In Group Policy, use the **Disable safeguards for Feature Updates** Group Policy. This policy is available to Windows Update for Business devices running Windows 10, version 1809 or later that have installed the October 2020 security update. 
+
+> [!CAUTION]
+> Opting out of a safeguard hold can put devices at risk from known performance issues. 
+
+We recommend opting out only in an IT environment and for validation purposes. You can also validate an upcoming Windows 10 feature update version without the safeguards being applied by using the Release Preview channel of the Windows Insider Program for Business.
+
+Disabling safeguards does not guarantee your device will be able to successfully update. The update might still fail and will likely result in a bad experience since you are bypassing the protection against known issues. 
+
+> [!NOTE]
+> After a device installs a new Windows 10 version, the **Disable safeguards for Feature Updates** Group Policy will revert to “not configured” even if it was previously enabled. We do this to ensure the admin is consciously disabling Microsoft’s default protection from known issues for each new feature update.  
+
+
+
diff --git a/windows/deployment/update/servicing-stack-updates.md b/windows/deployment/update/servicing-stack-updates.md
index 49d29f4d8a..e5a1395289 100644
--- a/windows/deployment/update/servicing-stack-updates.md
+++ b/windows/deployment/update/servicing-stack-updates.md
@@ -28,6 +28,8 @@ Servicing stack updates provide fixes to the servicing stack, the component that
   
 Servicing stack updates improve the reliability of the update process to mitigate potential issues while installing the latest quality updates and feature updates. If you don't install the latest servicing stack update, there's a risk that your device can't be updated with the latest Microsoft security fixes.
 
+For information about some changes to servicing stack updates, see [Simplifing Deployment of Servicing Stack Updates](https://techcommunity.microsoft.com/t5/windows-it-pro-blog/simplifying-on-premises-deployment-of-servicing-stack-updates/ba-p/1646039) on the Windows IT Pro blog.
+
 ## When are they released?
 
 Servicing stack update are released depending on new issues or vulnerabilities. In rare occasions a servicing stack update may need to be released on demand to address an issue impacting systems installing the monthly security update. Starting in November 2018 new servicing stack updates will be classified as "Security" with a severity rating of "Critical."
diff --git a/windows/deployment/update/update-compliance-feature-update-status.md b/windows/deployment/update/update-compliance-feature-update-status.md
index b58012dcad..4cc53cea88 100644
--- a/windows/deployment/update/update-compliance-feature-update-status.md
+++ b/windows/deployment/update/update-compliance-feature-update-status.md
@@ -47,16 +47,6 @@ Update Compliance reporting offers two queries to help you retrieve data relat
 
 Update Compliance reporting will display the Safeguard IDs for known issues affecting a device in the **DeploymentErrorCode** column. Safeguard IDs for publicly discussed known issues are also included in the Windows Release Health dashboard, where you can easily find information related to publicly available safeguards.
 
-### Opting out of safeguard hold
-
-Microsoft will release a device from a safeguard hold when it has determined it can safely and smoothly install a feature update, but you are ultimately in control of your devices and can opt out if desired. 
-To opt out, set the registry key as follows:
-
-- Registry Key Path :: **Computer\HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion**
-- Create New Key    :: **502505fe-762c-4e80-911e-0c3fa4c63fb0**
-- Name              :: **DataRequireGatedScanForFeatureUpdates**
-- Type              :: **REG_DWORD**
-- Value             :: **0**
-
-Setting this registry key to **0** will force the device to opt out from *all* safeguard holds. Any other value, or deleting the key, will resume compatibility protection on the device.  
+### Opt out of safeguard hold
 
+You can [opt out of safeguard protections](safeguard-opt-out.md) by using the **Disable safeguards for Feature Updates** Group Policy. This policy is available to Windows Update for Business devices running Windows 10, version 1809 or later that have installed the October 2020 security update.  
diff --git a/windows/deployment/update/update-compliance-using.md b/windows/deployment/update/update-compliance-using.md
index 09cf255a00..d9207fdefb 100644
--- a/windows/deployment/update/update-compliance-using.md
+++ b/windows/deployment/update/update-compliance-using.md
@@ -62,21 +62,19 @@ The following is a breakdown of the different sections available in Update Compl
 
 
 ## Update Compliance data latency
-Update Compliance uses Windows 10 diagnostic data as its data source. After you add Update Compliance and appropriately configure your devices, it could take 48-72 hours before they first appear. The  process that follows is as follows:
+Update Compliance uses Windows 10 diagnostic data as its data source. After you add Update Compliance and appropriately configure your devices, it could take 48-72 hours before they first appear.
 
-Update Compliance is refreshed every 12 hours. This means that every 12 hours all data that has been gathered over the last 12-hour interval is pushed to Log Analytics. However, the rate at which each type of data is sent from the device and how long it takes to be ready for Update Compliance varies, roughly outlined below.
+The data powering Update Compliance is refreshed every 24 hours, and refreshes with the latest data from all devices part of your organization that have been seen in the past 28 days. The entire set of data is refreshed in each daily snapshot, which means that the same data can be re-ingested even if no new data actually arrived from the device since the last snapshot. Snapshot time can be determined by the TimeGenerated field for each record, while LastScan can be used to roughly determine the freshness of each record's data.  
 
 | Data Type | Data upload rate from device | Data Latency |
 |--|--|--|
 |WaaSUpdateStatus | Once per day |4 hours |
 |WaaSInsiderStatus| Once per day |4 hours |
 |WaaSDeploymentStatus|Every update event (Download, install, etc.)|24-36 hours |
-|WDAVStatus|On signature update|24 hours |
-|WDAVThreat|On threat detection|24 hours |
 |WUDOAggregatedStatus|On update event, aggregated over time|24-36 hours |
 |WUDOStatus|Once per day|12 hours |
 
-This means you should generally expect to see new data device data every 24 hours, except for WaaSDeploymentStatus and WUDOAggregatedStatus, which may take 36-48 hours (if it misses the 36th hour refresh, it would be in the 48th, so the data will be present in the 48th hour refresh). 
+This means you should generally expect to see new data device data every 24 hours, except for WaaSDeploymentStatus and WUDOAggregatedStatus, which may take 36-48 hours.
 
 ## Using Log Analytics
 
@@ -89,4 +87,4 @@ See below for a few topics related to Log Analytics:
 
 ## Related topics
 
-[Get started with Update Compliance](update-compliance-get-started.md)
\ No newline at end of file
+[Get started with Update Compliance](update-compliance-get-started.md)
diff --git a/windows/deployment/update/waas-configure-wufb.md b/windows/deployment/update/waas-configure-wufb.md
index d25d48f473..68b9bc63f3 100644
--- a/windows/deployment/update/waas-configure-wufb.md
+++ b/windows/deployment/update/waas-configure-wufb.md
@@ -5,7 +5,7 @@ manager: laurawi
 description: You can use Group Policy or your mobile device management (MDM) service to configure Windows Update for Business settings for your devices.
 ms.prod: w10
 ms.mktglfcycl: deploy
-
+ms.collection: m365initiative-coredeploy
 audience: itpro
 author: jaimeo
 ms.localizationpriority: medium
@@ -48,7 +48,7 @@ With Windows Update for Business, you can set a device to be on either Windows I
 
 **Release branch policies**
 
-| Policy | Sets registry key under **HKLM\Software** |
+| Policy | Sets registry key under HKLM\Software |
 | --- | --- |
 | GPO for Windows 10, version 1607 or later: </br>Computer Configuration > Administrative Templates > Windows Components > Windows Update > Defer Windows Updates > **Select when Feature Updates are received** | \Policies\Microsoft\Windows\WindowsUpdate\BranchReadinessLevel |
 | GPO for Windows 10, version 1511: </br>Computer Configuration > Administrative Templates > Windows Components > Windows Update > **Defer Upgrades and Updates** | \Policies\Microsoft\Windows\WindowsUpdate\DeferUpgrade |
@@ -73,7 +73,7 @@ For example, a device on the Semi-Annual Channel with `DeferFeatureUpdatesPeriod
 </br></br>
 **Policy settings for deferring feature updates**
 
-| Policy | Sets registry key under **HKLM\Software** |
+| Policy | Sets registry key under HKLM\Software |
 | --- | --- |
 | GPO for Windows 10, version 1607 later: </br>Computer Configuration > Administrative Templates > Windows Components > Windows Update > Defer Windows Updates > **Select when Feature Updates are received** | \Policies\Microsoft\Windows\WindowsUpdate\DeferFeatureUpdates</br>\Policies\Microsoft\Windows\WindowsUpdate\DeferFeatureUpdatesPeriodInDays |
 | GPO for Windows 10, version 1511: </br>Computer Configuration > Administrative Templates > Windows Components > Windows Update > **Defer Upgrades and Updates** | \Policies\Microsoft\Windows\WindowsUpdate\DeferUpgradePeriod |
@@ -97,7 +97,7 @@ In cases where the pause policy is first applied after the configured start date
 
 **Policy settings for pausing feature updates**
 
-| Policy | Sets registry key under **HKLM\Software** |
+| Policy | Sets registry key under HKLM\Software |
 | --- | --- |
 | GPO for Windows 10, version 1607 and later: </br>Computer Configuration > Administrative Templates > Windows Components > Windows Update > Defer Windows Updates > **Select when Feature Updates are received** | **1607:** \Policies\Microsoft\Windows\WindowsUpdate\PauseFeatureUpdates</br>**1703 and later:** \Policies\Microsoft\Windows\WindowsUpdate\PauseFeatureUpdatesStartTime |
 | GPO for Windows 10, version 1511: </br>Computer Configuration > Administrative Templates > Windows Components > Windows Update > **Defer Upgrades and Updates** | \Policies\Microsoft\Windows\WindowsUpdate\Pause |
@@ -134,7 +134,7 @@ You can set your system to receive updates for other Microsoft products—known
 
 **Policy settings for deferring quality updates**
 
-| Policy | Sets registry key under **HKLM\Software** |
+| Policy | Sets registry key under HKLM\Software |
 | --- | --- |
 | GPO for Windows 10, version 1607 and later: </br>Computer Configuration > Administrative Templates > Windows Components > Windows Update > Defer Windows Updates > **Select when Quality Updates are received** | \Policies\Microsoft\Windows\WindowsUpdate\DeferQualityUpdates</br>\Policies\Microsoft\Windows\WindowsUpdate\DeferQualityUpdatesPeriodInDays  |
 | GPO for Windows 10, version 1511: </br>Computer Configuration > Administrative Templates > Windows Components > Windows Update > **Defer Upgrades and Updates** | \Policies\Microsoft\Windows\WindowsUpdate\DeferUpdatePeriod |
@@ -157,7 +157,7 @@ In cases where the pause policy is first applied after the configured start date
 
 **Policy settings for pausing quality updates**
 
-| Policy | Sets registry key under **HKLM\Software** |
+| Policy | Sets registry key under HKLM\Software |
 | --- | --- |
 | GPO for Windows 10, version 1607 and later: </br>Computer Configuration > Administrative Templates > Windows Components > Windows Update > Defer Windows Updates > **Select when Quality Updates are received** |**1607:** \Policies\Microsoft\Windows\WindowsUpdate\PauseQualityUpdates</br>**1703:** \Policies\Microsoft\Windows\WindowsUpdate\PauseQualityUpdatesStartTime  |
 | GPO for Windows 10, version 1511: </br>Computer Configuration > Administrative Templates > Windows Components > Windows Update > **Defer Upgrades and Updates** | \Policies\Microsoft\Windows\WindowsUpdate\Pause |
@@ -207,7 +207,7 @@ Starting with Windows 10, version 1607, you can selectively opt out of receiving
 
 **Policy settings to exclude drivers**
 
-| Policy | Sets registry key under **HKLM\Software** |
+| Policy | Sets registry key under HKLM\Software |
 | --- | --- |
 | GPO for Windows 10, version 1607 and later: </br>Computer Configuration > Administrative Templates > Windows Components > Windows Update > **Do not include drivers with Windows Updates** | \Policies\Microsoft\Windows\WindowsUpdate\ExcludeWUDriversInQualityUpdate  |
 | MDM for Windows 10, version 1607 and later: </br>../Vendor/MSFT/Policy/Config/Update/</br>**ExcludeWUDriversInQualityUpdate** | \Microsoft\PolicyManager\default\Update\ExcludeWUDriversInQualityUpdate |
@@ -220,7 +220,7 @@ The following are quick-reference tables of the supported policy values for Wind
 
 | GPO Key |	Key type | Value |
 | --- | --- | --- |
-| BranchReadinessLevel	| REG_DWORD | 2: systems take Feature Updates for the Windows Insider build - Fast (added in Windows 10, version 1709)</br> 4: systems take Feature Updates for the Windows Insider build - Slow (added in Windows 10, version 1709)</br> 8: systems take Feature Updates for the Release Windows Insider build (added in Windows 10, version 1709)</br> 16: for Windows 10, version 1703: systems take Feature Updates for the Current Branch (CB); for Windows 10, version 1709, 1803 and 1809: systems take Feature Updates from Semi-annual Channel (Targeted) (SAC-T); for Windows 10, version 1903 or later: systems take Feature Updates from Semi-annual Channel </br>32: systems take Feature Updates from Semi-annual Channel </br>Note: Other value or absent: receive all applicable updates |
+| BranchReadinessLevel	| REG_DWORD | 2: systems take Feature Updates for the Windows Insider build - Fast (added in Windows 10, version 1709)</br> 4: systems take Feature Updates for the Windows Insider build - Slow (added in Windows 10, version 1709)</br> 8: systems take Feature Updates for the Release Windows Insider build (added in Windows 10, version 1709)</br> 16: for Windows 10, version 1703: systems take Feature Updates for the Current Branch (CB); for Windows 10, version 1709, 1803 and 1809: systems take Feature Updates from Semi-Annual Channel (Targeted) (SAC-T); for Windows 10, version 1903 or later: systems take Feature Updates from Semi-Annual Channel </br>32: systems take Feature Updates from Semi-Annual Channel </br>Note: Other value or absent: receive all applicable updates |
 | DeferQualityUpdates | REG_DWORD | 1: defer quality updates</br>Other value or absent: don’t defer quality updates | 
 | DeferQualityUpdatesPeriodinDays | REG_DWORD | 0-35: defer quality updates by given days |
 | PauseQualityUpdatesStartTime | REG_DWORD | 1: pause quality updates</br>Other value or absent: don’t pause quality updates |
@@ -234,7 +234,7 @@ The following are quick-reference tables of the supported policy values for Wind
 
 | MDM Key | Key type | Value |
 | --- | --- | --- |
-| BranchReadinessLevel | REG_DWORD |2: systems take Feature Updates for the Windows Insider build - Fast (added in Windows 10, version 1709)</br> 4: systems take Feature Updates for the Windows Insider build - Slow (added in Windows 10, version 1709)</br> 8: systems take Feature Updates for the Release Windows Insider build (added in Windows 10, version 1709)</br> 16: for Windows 10, version 1703: systems take Feature Updates for the Current Branch (CB); for Windows 10, version 1709, 1803 and 1809: systems take Feature Updates from Semi-annual Channel (Targeted) (SAC-T); for Windows 10, version 1903 or later: systems take Feature Updates from Semi-annual Channel </br>32: systems take Feature Updates from Semi-annual Channel </br>Note: Other value or absent: receive all applicable updates |
+| BranchReadinessLevel | REG_DWORD |2: systems take Feature Updates for the Windows Insider build - Fast (added in Windows 10, version 1709)</br> 4: systems take Feature Updates for the Windows Insider build - Slow (added in Windows 10, version 1709)</br> 8: systems take Feature Updates for the Release Windows Insider build (added in Windows 10, version 1709)</br> 16: for Windows 10, version 1703: systems take Feature Updates for the Current Branch (CB); for Windows 10, version 1709, 1803 and 1809: systems take Feature Updates from Semi-Annual Channel (Targeted) (SAC-T); for Windows 10, version 1903 or later: systems take Feature Updates from Semi-Annual Channel </br>32: systems take Feature Updates from Semi-Annual Channel </br>Note: Other value or absent: receive all applicable updates |
 | DeferQualityUpdatesPeriodinDays | REG_DWORD | 0-35: defer quality updates by given days |
 | PauseQualityUpdatesStartTime | REG_DWORD | 1: pause quality updates</br>Other value or absent: don’t pause quality updates |
 | DeferFeatureUpdatesPeriodinDays | REG_DWORD | 0-365: defer feature updates by given days |
diff --git a/windows/deployment/update/waas-delivery-optimization.md b/windows/deployment/update/waas-delivery-optimization.md
index 1def8466e7..d6edc9cf57 100644
--- a/windows/deployment/update/waas-delivery-optimization.md
+++ b/windows/deployment/update/waas-delivery-optimization.md
@@ -1,6 +1,5 @@
 ---
 title: Delivery Optimization for Windows 10 updates
-ms.reviewer: 
 manager: laurawi
 description: Delivery Optimization is a peer-to-peer distribution method in Windows 10
 keywords: oms, operations management suite, wdav, updates, downloads, log analytics
@@ -10,7 +9,9 @@ audience: itpro
 author: jaimeo
 ms.localizationpriority: medium
 ms.author: jaimeo
-ms.collection: M365-modern-desktop
+ms.collection:
+- M365-modern-desktop
+- m365initiative-coredeploy
 ms.topic: article
 ---
 
@@ -111,7 +112,7 @@ In MDM, the same settings are under **.Vendor/MSFT/Policy/Config/DeliveryOptimiz
 
 Starting with Microsoft Intune version 1902, you can set many Delivery Optimization policies as a profile, which you can then apply to groups of devices. For more information, see [Delivery Optimization settings in Microsoft Intune](https://docs.microsoft.com/intune/delivery-optimization-windows))
 
-**Starting with Windows 10, version 1903,** you can use the Azure Active Directory (AAD) Tenant ID as a means to define groups. To do this set the value for DOGroupIdSource to its new maximum value of 5.
+**Starting with Windows 10, version 1903,** you can use the Azure Active Directory (Azure AD) Tenant ID as a means to define groups. To do this set the value for DOGroupIdSource to its new maximum value of 5.
 
 ## Reference
 
@@ -136,7 +137,7 @@ If you set up Delivery Optimization to create peer groups that include devices a
 Delivery Optimization also communicates with its cloud service by using HTTP/HTTPS over port 80.
 
 
-**What are the requirements if I use a proxy?**: You must allow Byte Range requests. See [Proxy requirements for Windows Update](https://support.microsoft.com/help/3175743/proxy-requirements-for-windows-update) for details.
+**What are the requirements if I use a proxy?**: For Delivery Optimization to successfully use the proxy, you should set up the proxy by using Windows proxy settings or Internet Explorer proxy settings. For details see [Using a proxy with Delivery Optimization](https://docs.microsoft.com/windows/deployment/update/delivery-optimization-proxy). Most content downloaded with Delivery Optimization uses byte range requests. Make sure your proxy allows byte range requests. For more information, see [Proxy requirements for Windows Update](https://support.microsoft.com/help/3175743/proxy-requirements-for-windows-update).
 
 **What hostnames should I allow through my firewall to support Delivery Optimization?**: 
 
@@ -192,6 +193,7 @@ If you don’t see any bytes coming from peers the cause might be one of the fol
 - Clients aren’t able to reach the Delivery Optimization cloud services.
 - The cloud service doesn’t see other peers on the network. 
 - Clients aren’t able to connect to peers that are offered back from the cloud service.
+- None of the computers on the network are getting updates from peers.
 
 
 ### Clients aren't able to reach the Delivery Optimization cloud services.
@@ -203,7 +205,6 @@ If you suspect this is the problem, try these steps:
 3. If **DownloadMode** is 99 it could indicate your device is unable to reach the Delivery Optimization cloud services. Ensure that the Delivery Optimization hostnames are allowed access: most importantly **\*.do.dsp.mp.microsoft.com**.
 
 
-
 ### The cloud service doesn't see other peers on the network.
 
 If you suspect this is the problem, try these steps:
@@ -222,6 +223,15 @@ If you suspect this is the problem, try a Telnet test between two devices on the
 2. Run the test. For example, if you are on device with IP 192.168.8.12 and you are trying to test the connection to 192.168.9.17 run **telnet 192.168.9.17 7680** (the syntax is *telnet [destination IP] [port]*. You will either see a connection error or a blinking cursor like this /_. The blinking cursor means success.
 
 
+### None of the computers on the network are getting updates from peers
+
+If you suspect this is the problem, check Delivery Optimization settings that could limit participation in peer caching. Check whether the following settings in assigned group policies, local group policies, are MDM policies are too restrictive:
+
+- Minimum RAM (inclusive) allowed to use peer caching
+- Minimum disk size allowed to use peer caching
+- Enable peer caching while the device connects using VPN.
+- Allow uploads when the device is on battery while under the set battery level
+
 
 
 
diff --git a/windows/deployment/update/waas-integrate-wufb.md b/windows/deployment/update/waas-integrate-wufb.md
index 9d8afa433e..f473a704b2 100644
--- a/windows/deployment/update/waas-integrate-wufb.md
+++ b/windows/deployment/update/waas-integrate-wufb.md
@@ -6,8 +6,7 @@ ms.mktglfcycl: manage
 author: jaimeo
 ms.localizationpriority: medium
 ms.author: jaimeo
-ms.date: 07/27/2017
-ms.reviewer: 
+ms.collection: m365initiative-coredeploy
 manager: laurawi
 ms.topic: article
 ---
@@ -69,7 +68,7 @@ For Windows 10, version 1607, devices can now be configured to receive updates f
 
 - Device is configured to defer Quality Updates using Windows Update for Business and to be managed by WSUS
 - Device is configured to “receive updates for other Microsoft products” along with updates to Windows (**Update/AllowMUUpdateService** = enabled)
-- Admin has also placed Microsoft Update, third-paprty, and locally-published update content on the WSUS server
+- Admin has also placed Microsoft Update, non-Microsoft, and locally published update content on the WSUS server
 
 In this example, the deferral behavior for updates to Office and other non-Windows products is slightly different than if WSUS were not enabled. 
 - In a non-WSUS case, these updates would be deferred just as any update to Windows would be.  
diff --git a/windows/deployment/update/waas-manage-updates-wsus.md b/windows/deployment/update/waas-manage-updates-wsus.md
index db7cd77c90..9f7d882387 100644
--- a/windows/deployment/update/waas-manage-updates-wsus.md
+++ b/windows/deployment/update/waas-manage-updates-wsus.md
@@ -84,7 +84,7 @@ When using WSUS to manage updates on Windows client devices, start by configurin
    ![Example of UI](images/waas-wsus-fig5.png)
    
    >[!IMPORTANT]
-   > Use Regedit.exe to check that the following key is not enabled, because it can break Windows Store connectivity: Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdateDoNotConnectToWindowsUpdateInternetLocations
+   > Use Regedit.exe to check that the following key is not enabled, because it can break Windows Store connectivity: Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\DoNotConnectToWindowsUpdateInternetLocations
     
    > [!NOTE]
    > There are three other settings for automatic update download and installation dates and times. This is simply the option this example uses. For more examples of how to control automatic updates and other related policies, see [Configure Automatic Updates by Using Group Policy](https://technet.microsoft.com/library/cc720539%28v=ws.10%29.aspx). 
diff --git a/windows/deployment/update/waas-servicing-strategy-windows-10-updates.md b/windows/deployment/update/waas-servicing-strategy-windows-10-updates.md
index ae0773920a..e4dd1ed582 100644
--- a/windows/deployment/update/waas-servicing-strategy-windows-10-updates.md
+++ b/windows/deployment/update/waas-servicing-strategy-windows-10-updates.md
@@ -9,6 +9,7 @@ ms.author: jaimeo
 ms.reviewer: 
 manager: laurawi
 ms.topic: article
+ms.collection: m365initiative-coredeploy
 ---
 
 # Prepare servicing strategy for Windows 10 updates
@@ -29,21 +30,21 @@ In the past, traditional Windows deployments tended to be large, lengthy, and ex
 Windows 10 spreads the traditional deployment effort of a Windows upgrade, which typically occurred every few years, over smaller, continuous updates. With this change, you must approach the ongoing deployment and servicing of Windows differently. A strong Windows 10 deployment strategy begins with establishing a simple, repeatable process for testing and deploying each feature update. Here’s an example of what this process might look like:
 
 - **Configure test devices.** Configure test devices in the Windows Insider Program so that Insiders can test feature updates before they’re available to the Semi-Annual Channel. Typically, this would be a small number of test devices that IT staff members use to evaluate pre-release builds of Windows. Microsoft provides current development builds to Windows Insider members approximately every week so that interested users can see the functionality Microsoft is adding. See the section Windows Insider for details on how to enroll in the Windows Insider Program on a Windows 10 device.
-- **Identify excluded devices.** For some organizations, special-purpose devices such as those used to control factory or medical equipment or run ATMs require a stricter, less frequent feature update cycle than the Semi-annual Channel can offer. For those machines, you must install Windows 10 Enterprise LTSB to avoid feature updates for up to 10 years. Identify these devices, and separate them from the phased deployment and servicing cycles to help remove confusion for your administrators and ensure that devices are handled correctly. 
+- **Identify excluded devices.** For some organizations, special-purpose devices such as those used to control factory or medical equipment or run ATMs require a stricter, less frequent feature update cycle than the Semi-Annual Channel can offer. For those machines, you must install Windows 10 Enterprise LTSB to avoid feature updates for up to 10 years. Identify these devices, and separate them from the phased deployment and servicing cycles to help remove confusion for your administrators and ensure that devices are handled correctly. 
 - **Recruit volunteers.** The purpose of testing a deployment is to receive feedback. One effective way to recruit pilot users is to request volunteers. When doing so, clearly state that you’re looking for feedback rather than people to just “try it out” and that there could be occasional issues involved with accepting feature updates right away. With Windows as a service, the expectation is that there should be few issues, but if an issue does arise, you want testers to let you know as soon as possible. When considering whom to recruit for pilot groups, be sure to include members who provide the broadest set of applications and devices to validate the largest number of apps and devices possible.
-- **Update Group Policy.** Each feature update includes new group policies to manage new features. If you use Group Policy to manage devices, the Group Policy Admin for the Active Directory domain will need to download a .admx package and copy it to their [Central Store](https://support.microsoft.com/help/929841/how-to-create-the-central-store-for-group-policy-administrative-templa) (or to the [PolicyDefinitions](https://msdn.microsoft.com/library/bb530196.aspx) directory in the SYSVOL of a domain controller if not using a Central Store). Always manage new group polices from the version of Windows 10 they shipped with by using the Remote Server Administration Tools. The ADMX download package is created at the end of each development cycle and then posted for download. To find the ADMX download package for a given Windows build, search for “ADMX download for Windows build xxxx”. For details about Group Policy management, see [How to create and manage the Central Store for Group Policy Administrative Templates in Windows](https://support.microsoft.com/help/3087759/how-to-create-and-manage-the-central-store-for-group-policy-administra)
+- **Update Group Policy.** Each feature update includes new group policies to manage new features. If you use Group Policy to manage devices, the Group Policy Admin for the Active Directory domain will need to download a .admx package and copy it to their [Central Store](https://support.microsoft.com/help/929841/how-to-create-the-central-store-for-group-policy-administrative-templa) (or to the [PolicyDefinitions](https://msdn.microsoft.com/library/bb530196.aspx) directory in the SYSVOL folder of a domain controller if not using a Central Store). Always manage new group polices from the version of Windows 10 they shipped with by using the Remote Server Administration Tools. The ADMX download package is created at the end of each development cycle and then posted for download. To find the ADMX download package for a given Windows build, search for “ADMX download for Windows build xxxx”. For details about Group Policy management, see [How to create and manage the Central Store for Group Policy Administrative Templates in Windows](https://support.microsoft.com/help/3087759/how-to-create-and-manage-the-central-store-for-group-policy-administra)
 - **Choose a servicing tool.** Decide which product you’ll use to manage the Windows updates in your environment. If you’re currently using Windows Server Update Services (WSUS) or Microsoft Endpoint Configuration Manager to manage your Windows updates, you can continue using those products to manage Windows 10 updates. Alternatively, you can use Windows Update for Business. In addition to which product you’ll use, consider how you’ll deliver the updates. With Windows 10, multiple peer-to-peer options are available to make update distribution faster. For a comparison of tools, see [Servicing tools](waas-overview.md#servicing-tools).
 - **Prioritize applications.** First, create an application portfolio. This list should include everything installed in your organization and any webpages your organization hosts. Next, prioritize this list to identify those that are the most business critical. Because the expectation is that application compatibility with Windows 10 will be high, only the most business critical applications should be tested before the pilot phase; everything else can be tested afterwards. For more information about identifying compatibility issues withe applications, see [Manage Windows upgrades with Upgrade Analytics](../upgrade/manage-windows-upgrades-with-upgrade-readiness.md). 
 
 > [!NOTE]
 > This strategy is applicable to approaching an environment in which Windows 10 already exists. For information about how to deploy or upgrade to Windows 10 where another version of Windows exists, see [Plan for Windows 10 deployment](../planning/index.md).
 >
-> Windows 10 Enterprise LTSB is a separate Long Term Servicing Channel version.
+> Windows 10 Enterprise LTSC is a separate Long Term Servicing Channel version.
 
 Each time Microsoft releases a Windows 10 feature update, the IT department should use the following high-level process to help ensure that the broad deployment is successful:
 
 1.	**Validate compatibility of business critical apps.** Test your most important business-critical applications for compatibility with the new Windows 10 feature update running on your Windows Insider machines identified in the earlier “Configure test machines” step of the Predeployment strategy section. The list of applications involved in this validation process should be small because most applications can be tested during the pilot phase. For more information about device and application compatibility in Windows 10, see the section Compatibility.
-2.	**Target and react to feedback.** With Windows 10, Microsoft expects application and device compatibility to be high, but it’s still important to have targeted groups within both the IT department and business units to verify application compatibility for the remaining applications in your application portfolio. Because only the most business-critical applications are tested beforehand, this will represent the majority of application compatibility testing in your environment. This should not necessarily be a formal process but rather user validation through the use of a particular application. So, the next step is to deploy the feature update to early-adopting IT users and your targeted groups running in the Semi-annual channel that you identified in the “Recruit volunteers” step of the Predeployment strategy section. Be sure to communicate clearly that you’re looking for feedback as soon as possible, and state exactly how users can submit feedback to you. Should an issue arise, have a remediation plan in place to address it. 
+2.	**Target and react to feedback.** With Windows 10, Microsoft expects application and device compatibility to be high, but it’s still important to have targeted groups within both the IT department and business units to verify application compatibility for the remaining applications in your application portfolio. Because only the most business-critical applications are tested beforehand, this will represent the majority of application compatibility testing in your environment. This should not necessarily be a formal process but rather user validation through the use of a particular application. So, the next step is to deploy the feature update to early-adopting IT users and your targeted groups running in the Semi-Annual channel that you identified in the “Recruit volunteers” step of the Predeployment strategy section. Be sure to communicate clearly that you’re looking for feedback as soon as possible, and state exactly how users can submit feedback to you. Should an issue arise, have a remediation plan in place to address it. 
 3.	**Deploy broadly.** Finally, focus on the large-scale deployment using deployment rings, like the ones discussed in Table 1. Build deployment rings that target groups of computers in your selected update-management product. To reduce risk as much as possible, construct your deployment rings in a way that splits individual departments into multiple rings. This way, if you were to encounter an issue, you don’t prevent any critical business from continuing. By using this method, each deployment ring reduces risk as more and more people have been updated in any particular department. 
 
 
diff --git a/windows/deployment/update/waas-wufb-group-policy.md b/windows/deployment/update/waas-wufb-group-policy.md
index fc80d55002..5c22b5cd47 100644
--- a/windows/deployment/update/waas-wufb-group-policy.md
+++ b/windows/deployment/update/waas-wufb-group-policy.md
@@ -6,7 +6,7 @@ ms.mktglfcycl: manage
 author: jaimeo
 ms.localizationpriority: medium
 ms.author: jaimeo
-ms.reviewer: 
+ms.collection: m365initiative-coredeploy
 manager: laurawi
 ms.topic: article
 ---
@@ -59,7 +59,7 @@ Both Windows 10 feature and quality updates are automatically offered to devices
 
 To enable Microsoft Updates use the Group Policy Management Console go to **Computer Configuration > Administrative Templates > Windows Components > Windows Update > Configure Automatic Updates**  and select **Install updates for other Microsoft products**.
 
-Drivers are automatically enabled because they are beneficial to device systems. We recommend that you allow the driver policy to allow drivers to updated on devices (the default), but you can turn this setting off if you prefer to manage drivers manually. If you want to disable driver updates for some reason, use the Group Policy Management Console to go to **Computer Configuration > Administrative Templates > Windows Components > Windows Update > Do not include drivers with Windows Updates** and enable the policy.
+Drivers are automatically enabled because they are beneficial to device systems. We recommend that you allow the driver policy to allow drivers to update on devices (the default), but you can turn this setting off if you prefer to manage drivers manually. If you want to disable driver updates for some reason, use the Group Policy Management Console to go to **Computer Configuration > Administrative Templates > Windows Components > Windows Update > Do not include drivers with Windows Updates** and enable the policy.
 
  We also recommend that you allow Microsoft product updates as discussed previously.
 
@@ -138,7 +138,7 @@ When you set these policies, installation happens automatically at the specified
 
 We recommend that you use **Computer Configuration > Administrative Templates > Windows Components > Windows Update > Specify deadline for automatic updates and restarts** for feature and quality updates to ensure that devices stay secure on Windows 10, version 1709 and later. This works by enabling you to specify the number of days that can elapse after an update is offered to a device before it must be installed. Also you can set the number of days that can elapse after a pending restart before the user is forced to restart.
 
-This policies also offers an option to opt out of automatic restarts until a deadline is reached by presenting an "engaged restart experience" until the deadline has actually expired. At that point the device will automatically schedule a restart regardles of active hours.
+This policies also offers an option to opt out of automatic restarts until a deadline is reached by presenting an "engaged restart experience" until the deadline has actually expired. At that point the device will automatically schedule a restart regardless of active hours.
 
 These notifications are what the user sees depending on the settings you choose:
 
diff --git a/windows/deployment/upgrade/quick-fixes.md b/windows/deployment/upgrade/quick-fixes.md
index fa2817f19b..445b6d5c18 100644
--- a/windows/deployment/upgrade/quick-fixes.md
+++ b/windows/deployment/upgrade/quick-fixes.md
@@ -3,7 +3,7 @@ title: Quick fixes - Windows IT Pro
 ms.reviewer: 
 manager: laurawi
 ms.author: greglin
-description: Learn how to quickly resolve many problems which may come up during a Windows 10 upgrade.
+description: Learn how to quickly resolve many problems, which may come up during a Windows 10 upgrade.
 keywords: deploy, error, troubleshoot, windows, 10, upgrade, code, rollback, ITPro
 ms.prod: w10
 ms.mktglfcycl: deploy
@@ -38,6 +38,7 @@ The Microsoft Virtual Agent provided by [Microsoft Support](https://support.micr
 <li>Check the system drive for errors and attempt repairs. <a href="#repair-the-system-drive" data-raw-source="[More information](#repair-the-system-drive)">More information</a>.</li>
 <li>Run the Windows Update troubleshooter. <a href="#windows-update-troubleshooter" data-raw-source="[More information](#windows-update-troubleshooter)">More information</a>.</li>
 <li>Attempt to restore and repair system files. <a href="#repair-system-files" data-raw-source="[More information](#repair-system-files)">More information</a>.</li>
+<li>Check for unsigned drivers and update or repair them. <a href="#repair-unsigned-drivers" data-raw-source="[More information](#repair-unsigned-drivers)">More information</a>.</li>
 <li>Update Windows so that all available recommended updates are installed, and ensure the computer is rebooted if this is necessary to complete installation of an update. <a href="#update-windows" data-raw-source="[More information](#update-windows)">More information</a>.</li>
 <li>Temporarily uninstall non-Microsoft antivirus software.
   <a href="#uninstall-non-microsoft-antivirus-software" data-raw-source="[More information](#uninstall-non-microsoft-antivirus-software)">More information</a>.</li>
@@ -152,9 +153,78 @@ To check and repair system files:
 
     ```
     > [!NOTE] 
-    > It may take several minutes for the command operations to be completed. For more information, see [Repair a Windows Image](https://msdn.microsoft.com/windows/hardware/commercialize/manufacture/desktop/repair-a-windows-image). 
+    > It may take several minutes for the command operations to be completed. For more information, see [Repair a Windows Image](https://msdn.microsoft.com/windows/hardware/commercialize/manufacture/desktop/repair-a-windows-image) and [Use the System File Checker tool](https://support.microsoft.com/help/929833/use-the-system-file-checker-tool-to-repair-missing-or-corrupted-system).
 
 
+### Repair unsigned drivers
+
+[Drivers](https://docs.microsoft.com/windows-hardware/drivers/gettingstarted/what-is-a-driver-) are files ending in *.dll or *.sys that are used to communicate with hardware components.  Because drivers are so important, they are cryptographically signed to ensure they are genuine. Drivers with a *.sys extension that are not properly signed frequently block the upgrade process. Drivers might not be properly signed if you:
+- Disabled driver signature verification (highly not recommended).
+- A catalog file used to sign a driver is corrupt or missing.
+
+ Catalog files (files with a *.cat extension) are used to sign drivers. If a catalog file is corrupt or missing, the driver will appear to be unsigned, even though it should be signed. To restore the catalog file, reinstall the driver or copy the catalog file from another device. You might need to analyze another device to determine the catalog file that is associated with the unsigned driver.  All drivers should be signed to ensure the upgrade process works.
+
+To check your system for unsigned drivers:
+
+1. Click **Start**.
+2. Type **command**.
+3. Right-click **Command Prompt** and then left-click **Run as administrator**.
+4. If you are prompted by UAC, click **Yes**.
+5. Type **sigverif** and press ENTER. 
+6. The File Signature Verification tool will open. Click **Start**.
+
+    ![File Signature Verification](../images/sigverif.png)
+
+7. After the scanning process is complete, if you see **Your files have been scanned and verified as digitally signed** then you have no unsigned drivers. Otherwise, you will see **The following files have not been digitally signed** and a list will be provided with name, location, and version of all unsigned drivers.
+8. To view and save a log file, click **Advanced**, and then click **View Log**. Save the log file if desired.
+9. Locate drivers in the log file that are unsigned, write down the location and file names. Also write down the catalog that is associated to the driver if it is provided. If the name of a catalog file is not provided you might need to analyze another device that has the same driver with sigverif and sigcheck (described below).
+10. The next step is to check that the driver reported as unsigned by sigverif.exe has a problem. In some cases, sigverif.exe might not be successful at locating the catalog file used to sign a driver, even though the catalog file exists. To perform a detailed driver check, download [sigcheck.zip](https://download.sysinternals.com/files/Sigcheck.zip) and extract the tool to a directory on your computer, for example: **C:\sigcheck**.
+
+    [Sigcheck](https://docs.microsoft.com/sysinternals/downloads/sigcheck) is a tool that you can download and use to review digital signature details of a file. To use sigcheck:
+
+11. In the command window, use the **cd** command to switch to the directory where you extracted sigcheck, for example **cd c:\sigcheck**.
+12. Using the list of unsigned drivers and their associated paths that you obtained from the File Signature Verification tool, run sigcheck to obtain details about the driver, including the catalog file used for signing. Type **sigcheck64 -i \<driver path\>** and press ENTER (or sigcheck -i for a 32 bit OS). See the following example:
+    ```
+    C:\Sigcheck>sigcheck64.exe -i c:\windows\system32\drivers\afd.sys
+    
+    Sigcheck v2.80 - File version and signature viewer
+    Copyright (C) 2004-2020 Mark Russinovich
+    Sysinternals - www.sysinternals.com
+
+    c:\windows\system32\drivers\afd.sys:
+	    Verified:	Signed
+	    Signing date:	6:18 PM 11/29/2017
+	    Signing date:	6:18 PM 11/29/2017
+	    Catalog:	C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_163_for_KB4054518~31bf3856ad364e35~x86~~6.1.1.2.cat
+	    Signers:
+	       Microsoft Windows
+		    Cert Status:	This certificate or one of the certificates in the certificate chain is not time valid.
+		    Valid Usage:	NT5 Crypto, Code Signing
+		    Cert Issuer:	Microsoft Windows Verification PCA
+		    Serial Number:	33 00 00 00 4B 76 63 2D 24 A2 39 9A 8B 00 01 00 00 00 4B
+		    Thumbprint:	B8037C46D0DB7A8CEE502407469B0EE3234D3365
+		    Algorithm:	sha1RSA
+		    Valid from:	11:46 AM 3/1/2017
+		    Valid to:	11:46 AM 5/9/2018
+            (output truncated)
+    ```
+    In the example above, the afd.sys driver is properly signed by the catalog file Package_163_for_KB4054518~31bf3856ad364e35~x86~~6.1.1.2.cat. 
+
+
+13. Optionally, you can generate a list of drivers using driverquery.exe, which is included with Windows. To save a list of signed and unsigned drivers with driverquery, type **driverquery /si > c:\drivers.txt** and press ENTER. See the following example:
+
+    ```cmd
+    C:\>Driverquery /si
+    
+    DeviceName                     InfName       IsSigned Manufacturer             
+    ============================== ============= ======== =========================
+    Microsoft ISATAP Adapter       nettun.inf    TRUE     Microsoft                
+    Generic volume shadow copy     volsnap.inf   TRUE     Microsoft                
+    Generic volume                 volume.inf    TRUE     Microsoft                
+    (truncated)               
+    ```
+    For more information about using driverquery, see [Two Minute Drill: DriverQuery.exe](https://techcommunity.microsoft.com/t5/ask-the-performance-team/two-minute-drill-driverquery-exe/ba-p/374977) and [driverquery](https://docs.microsoft.com/windows-server/administration/windows-commands/driverquery).
+
 ### Update Windows
 
 You should ensure that all important updates are installed before attempting to upgrade. This includes updates to hardware drivers on your computer.
diff --git a/windows/deployment/upgrade/resolution-procedures.md b/windows/deployment/upgrade/resolution-procedures.md
index a96205d6fd..1d75d19367 100644
--- a/windows/deployment/upgrade/resolution-procedures.md
+++ b/windows/deployment/upgrade/resolution-procedures.md
@@ -36,7 +36,7 @@ A frequently observed [result code](upgrade-error-codes.md#result-codes) is 0xC1
 
 The device install log is particularly helpful if rollback occurs during the sysprep operation (extend code 0x30018).  
 
-To resolve a rollback that was caused by driver conflicts, try running setup using a minimal set of drivers and startup programs by performing a [clean boot](https://support.microsoft.com/kb/929135) before initiating the upgrade process.  
+To resolve a rollback that was caused by driver conflicts, try running setup using a minimal set of drivers and startup programs by performing a [clean boot](https://support.microsoft.com/kb/929135) before initiating the upgrade process. Also check to be sure that your drivers are properly signed. For more information, see [Remove unsigned drivers](quick-fixes.md#repair-unsigned-drivers).
 
 See the following general troubleshooting procedures associated with a result code of 0xC1900101:<br /><br />
 
@@ -49,7 +49,7 @@ See the following general troubleshooting procedures associated with a result co
 | 0xC1900101 - 0x30018 | Disconnect all peripheral devices that are connected to the system, except for the mouse, keyboard and display.<br>Contact your hardware vendor to obtain updated device drivers.<br>Ensure that &quot;Download and install updates (recommended)&quot; is accepted at the start of the upgrade process. | A device driver has stopped responding to setup.exe during the upgrade process. |
 | 0xC1900101 - 0x3000D | Disconnect all peripheral devices that are connected to the system, except for the mouse, keyboard and display.<br>Update or uninstall the display driver. | Installation failed during the FIRST_BOOT phase while attempting the MIGRATE_DATA operation.<br>This can occur due to a problem with a display driver. |
 | 0xC1900101 - 0x4000D | Check supplemental rollback logs for a setupmem.dmp file, or event logs for any unexpected reboots or errors.<br>Review the rollback log and determine the stop code.<br>The rollback log is located in the <strong>$Windows.~BT\Sources\Rollback</strong> folder.  An example analysis is shown below. This example is not representative of all cases:<br>&nbsp;<br>Info SP     Crash 0x0000007E detected<br>Info SP       Module name           :<br>Info SP       Bugcheck parameter 1  : 0xFFFFFFFFC0000005<br>Info SP       Bugcheck parameter 2  : 0xFFFFF8015BC0036A<br>Info SP       Bugcheck parameter 3  : 0xFFFFD000E5D23728<br>Info SP       Bugcheck parameter 4  : 0xFFFFD000E5D22F40<br>Info SP     Cannot recover the system.<br>Info SP     Rollback: Showing splash window with restoring text: Restoring your previous version of Windows.<br>&nbsp;<br>Typically, there is a dump file for the crash to analyze. If you are not equipped to debug the dump, then attempt the following basic troubleshooting procedures:<br>&nbsp;<br>1. Make sure you have enough disk space.<br>2. If a driver is identified in the bug check message, disable the driver or check with the manufacturer for driver updates.<br>3. Try changing video adapters.<br>4. Check with your hardware vendor for any BIOS updates.<br>5. Disable BIOS memory options such as caching or shadowing. | A rollback occurred due to a driver configuration issue.<br>Installation failed during the second boot phase while attempting the MIGRATE_DATA operation.<br>This can occur because of incompatible drivers. |
-| 0xC1900101 - 0x40017 | Clean boot into Windows, and then attempt the upgrade to Windows 10. For more information, see [How to perform a clean boot in Windows](https://support.microsoft.com/kb/929135).<br>&nbsp;<br>Ensure that you select the option to "Download and install updates (recommended)."  <br>&nbsp;<br><b>Computers that run Citrix VDA</b>  <br>You may see this message after you upgrade a computer from Windows 10, version 1511 to Windows 10, version 1607. After the second system restart, the system generates this error and then rolls back to the previous version. This problem has also been observed in upgrades to Windows 8.1 and Windows 8.  <br>&nbsp;<br>This problem occurs because the computer has Citrix Virtual Delivery Agent (VDA) installed. Citrix VDA installs device drivers and a file system filter driver (CtxMcsWbc). This Citrix filter driver prevents the upgrade from writing changes to the disk, so the upgrade cannot complete and the system rolls back.  <br>&nbsp;<br>**Resolution**<br>&nbsp;<br>To resolve this problem, install [Cumulative update for Windows 10 Version 1607 and Windows Server 2016: November 8, 2016](https://support.microsoft.com/help/3200970/cumulative-update-for-windows-10-version-1607-and-windows-server-2016).<br>&nbsp;<br>You can work around this problem in two ways:<br>&nbsp;<br>**Workaround 1**<br>&nbsp;<br>1. Use the VDA setup application (VDAWorkstationSetup_7.11) to uninstall Citrix VDA.<br>2. Run the Windows upgrade again.<br>3. Reinstall Citrix VDA.<br>&nbsp;<br>**Workaround 2**<br>&nbsp;<br>If you cannot uninstall Citrix VDA, follow these steps to work around this problem:  <br>&nbsp;<br>1. In Registry Editor, go to the following subkey:<br> **HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4d36e967-e325-11ce-bfc1-08002be10318}\CtxMcsWbc**<br>2. Change the value of the **Start** entry from **0** to **4**. This change disables the Citrix MCS cache service.<br>3. Go to the following subkey:<br> **HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4d36e967-e325-11ce-bfc1-08002be10318}**<br>4. Delete the **CtxMcsWbc** entry.<br>5. Restart the computer, and then try the upgrade again.<br>&nbsp;<br>**Non-Microsoft information disclaimer**  <br>The non-Microsoft products that this article discusses are manufactured by companies that are independent of Microsoft. Microsoft makes no warranty, implied or otherwise, about the performance or reliability of these products. | Windows 10 upgrade failed after the second reboot.<br>This is usually caused by a faulty driver. For example: antivirus filter drivers or encryption drivers. |
+| 0xC1900101 - 0x40017 | Clean boot into Windows, and then attempt the upgrade to Windows 10. For more information, see [How to perform a clean boot in Windows](https://support.microsoft.com/kb/929135).<br>&nbsp;<br>Ensure that you select the option to "Download and install updates (recommended)."  Also be sure to [remove unsigned drivers](quick-fixes.md#repair-unsigned-drivers).<br>&nbsp;<br><b>Computers that run Citrix VDA</b>  <br>You may see this message after you upgrade a computer from Windows 10, version 1511 to Windows 10, version 1607. After the second system restart, the system generates this error and then rolls back to the previous version. This problem has also been observed in upgrades to Windows 8.1 and Windows 8.  <br>&nbsp;<br>This problem occurs because the computer has Citrix Virtual Delivery Agent (VDA) installed. Citrix VDA installs device drivers and a file system filter driver (CtxMcsWbc). This Citrix filter driver prevents the upgrade from writing changes to the disk, so the upgrade cannot complete and the system rolls back.  <br>&nbsp;<br>**Resolution**<br>&nbsp;<br>To resolve this problem, install [Cumulative update for Windows 10 Version 1607 and Windows Server 2016: November 8, 2016](https://support.microsoft.com/help/3200970/cumulative-update-for-windows-10-version-1607-and-windows-server-2016).<br>&nbsp;<br>You can work around this problem in two ways:<br>&nbsp;<br>**Workaround 1**<br>&nbsp;<br>1. Use the VDA setup application (VDAWorkstationSetup_7.11) to uninstall Citrix VDA.<br>2. Run the Windows upgrade again.<br>3. Reinstall Citrix VDA.<br>&nbsp;<br>**Workaround 2**<br>&nbsp;<br>If you cannot uninstall Citrix VDA, follow these steps to work around this problem:  <br>&nbsp;<br>1. In Registry Editor, go to the following subkey:<br> **HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4d36e967-e325-11ce-bfc1-08002be10318}\CtxMcsWbc**<br>2. Change the value of the **Start** entry from **0** to **4**. This change disables the Citrix MCS cache service.<br>3. Go to the following subkey:<br> **HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4d36e967-e325-11ce-bfc1-08002be10318}**<br>4. Delete the **CtxMcsWbc** entry.<br>5. Restart the computer, and then try the upgrade again.<br>&nbsp;<br>**Non-Microsoft information disclaimer**  <br>The non-Microsoft products that this article discusses are manufactured by companies that are independent of Microsoft. Microsoft makes no warranty, implied or otherwise, about the performance or reliability of these products. | Windows 10 upgrade failed after the second reboot.<br>This is usually caused by a faulty driver. For example: antivirus filter drivers or encryption drivers. |
 
 ## 0x800xxxxx
 
diff --git a/windows/docfx.json b/windows/docfx.json
index 48b05bb454..b199d2a9c7 100644
--- a/windows/docfx.json
+++ b/windows/docfx.json
@@ -18,10 +18,11 @@
         "audience": "ITPro",
         "breadcrumb_path": "/itpro/windows/breadcrumb/toc.json",
         "uhfHeaderId": "MSDocsHeader-M365-IT",
-		"_op_documentIdPathDepotMapping": {
-			"./": {
-			  "depot_name": "Win.windows"
-      },
+    		"_op_documentIdPathDepotMapping": {
+    			"./": {
+    			  "depot_name": "Win.windows"
+          }
+        },
       "contributors_to_exclude": [ 
         "rjagiewich", 
         "traya1", 
diff --git a/windows/hub/index.yml b/windows/hub/index.yml
index 0ac1aa5523..289a9ff9e7 100644
--- a/windows/hub/index.yml
+++ b/windows/hub/index.yml
@@ -13,7 +13,7 @@ metadata:
   ms.collection: windows-10
   author: greg-lindsay #Required; your GitHub user alias, with correct capitalization.
   ms.author: greglin #Required; microsoft alias of author; optional team alias.
-  ms.date: 09/23/2020 #Required; mm/dd/yyyy format.
+  ms.date: 10/20/2020 #Required; mm/dd/yyyy format.
   localization_priority: medium
     
 # linkListType: architecture | concept | deploy | download | get-started | how-to-guide | learn | overview | quickstart | reference | tutorial | video | whats-new
@@ -26,12 +26,12 @@ landingContent:
     linkLists:
       - linkListType: overview
         links:
+          - text: What's new in Windows 10, version 20H2
+            url: /windows/whats-new/whats-new-windows-10-version-20H2
           - text: What's new in Windows 10, version 2004
             url: /windows/whats-new/whats-new-windows-10-version-2004
           - text: What's new in Windows 10, version 1909
             url: /windows/whats-new/whats-new-windows-10-version-1909
-          - text: What's new in Windows 10, version 1903
-            url: /windows/whats-new/whats-new-windows-10-version-1903
           - text: Windows 10 release information
             url:  https://docs.microsoft.com/windows/release-information/
 
diff --git a/windows/privacy/basic-level-windows-diagnostic-events-and-fields-1703.md b/windows/privacy/basic-level-windows-diagnostic-events-and-fields-1703.md
index fc3ba2d75a..d3555a0e8a 100644
--- a/windows/privacy/basic-level-windows-diagnostic-events-and-fields-1703.md
+++ b/windows/privacy/basic-level-windows-diagnostic-events-and-fields-1703.md
@@ -13,7 +13,7 @@ manager: dansimp
 ms.collection: M365-security-compliance
 ms.topic: article
 audience: ITPro
-ms.date: 03/27/2020
+ms.date: 09/30/2020
 ms.reviewer:
 ---
 
@@ -33,6 +33,7 @@ Use this article to learn about diagnostic events, grouped by event area, and th
 
 You can learn more about Windows functional and diagnostic data through these articles:
 
+- [Windows 10, version 2004 and Windows 10, version 20H2 required Windows diagnostic events and fields](required-windows-diagnostic-data-events-and-fields-2004.md)
 - [Windows 10, version 1903 and Windows 10, version 1909 basic diagnostic events and fields](basic-level-windows-diagnostic-events-and-fields-1903.md)
 - [Windows 10, version 1809 basic diagnostic events and fields](basic-level-windows-diagnostic-events-and-fields-1809.md)
 - [Windows 10, version 1803 basic diagnostic events and fields](basic-level-windows-diagnostic-events-and-fields-1803.md)
@@ -47,7 +48,7 @@ You can learn more about Windows functional and diagnostic data through these ar
 
 ### Microsoft.Windows.Appraiser.General.ChecksumTotalPictureCount
 
-This event lists the types of objects and how many of each exist on the client device. This allows for a quick way to ensure that the records present on the server match what is present on the client.
+This event lists the types of objects and how many of each exist on the client device. This allows for a quick way to ensure that the records present on the server match what is present on the client. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -81,7 +82,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DatasourceApplicationFileAdd
 
-This event sends compatibility information about a file to help keep Windows up-to-date.
+This event represents the basic metadata about specific application files installed on the system. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -97,7 +98,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DatasourceApplicationFileRemove
 
-This event indicates that the DatasourceApplicationFile object is no longer present.
+This event indicates that the DatasourceApplicationFile object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -108,7 +109,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DatasourceApplicationFileStartSync
 
-This event indicates that a new set of DatasourceApplicationFileAdd events will be sent.
+This event indicates that a new set of DatasourceApplicationFileAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -136,7 +137,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DatasourceDevicePnpRemove
 
-This event indicates that the DatasourceDevicePnp object is no longer present.
+This event indicates that the DatasourceDevicePnp object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -147,7 +148,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DatasourceDevicePnpStartSync
 
-This event indicates that a new set of DatasourceDevicePnpAdd events will be sent.
+This event indicates that a new set of DatasourceDevicePnpAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -167,7 +168,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DatasourceDriverPackageRemove
 
-This event indicates that the DatasourceDriverPackage object is no longer present.
+This event indicates that the DatasourceDriverPackage object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -178,7 +179,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DatasourceDriverPackageStartSync
 
-This event indicates that a new set of DatasourceDriverPackageAdd events will be sent.
+This event indicates that a new set of DatasourceDriverPackageAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -198,7 +199,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DataSourceMatchingInfoBlockRemove
 
-This event indicates that the DataSourceMatchingInfoBlock object is no longer present.
+This event indicates that the DataSourceMatchingInfoBlock object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -209,7 +210,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DataSourceMatchingInfoBlockStartSync
 
-This event indicates that a full set of DataSourceMatchingInfoBlockStAdd events have been sent.
+This event indicates that a full set of DataSourceMatchingInfoBlockStAdd events has completed being sent. This event is used to make compatibility decisions about files to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -229,7 +230,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DataSourceMatchingInfoPassiveRemove
 
-This event indicates that the DataSourceMatchingInfoPassive object is no longer present.
+This event indicates that the DataSourceMatchingInfoPassive object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -240,7 +241,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DataSourceMatchingInfoPassiveStartSync
 
-This event indicates that a new set of DataSourceMatchingInfoPassiveAdd events will be sent.
+This event indicates that a new set of DataSourceMatchingInfoPassiveAdd events will be sent. This event is used to make compatibility decisions about files to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -260,7 +261,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DataSourceMatchingInfoPostUpgradeRemove
 
-This event indicates that the DataSourceMatchingInfoPostUpgrade object is no longer present.
+This event indicates that the DataSourceMatchingInfoPostUpgrade object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -271,7 +272,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DataSourceMatchingInfoPostUpgradeStartSync
 
-This event indicates that a new set of DataSourceMatchingInfoPostUpgradeAdd events will be sent.
+This event indicates that a new set of DataSourceMatchingInfoPostUpgradeAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -292,7 +293,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DatasourceSystemBiosRemove
 
-This event indicates that the DatasourceSystemBios object is no longer present.
+This event indicates that the DatasourceSystemBios object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -303,7 +304,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DatasourceSystemBiosStartSync
 
-This event indicates that a new set of DatasourceSystemBiosAdd events will be sent.
+This event indicates that a new set of DatasourceSystemBiosAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -341,7 +342,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DecisionApplicationFileRemove
 
-This event indicates that the DecisionApplicationFile object is no longer present.
+This event indicates that the DecisionApplicationFile object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -352,7 +353,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DecisionApplicationFileStartSync
 
-This event indicates that a new set of DecisionApplicationFileAdd events will be sent.
+This event indicates that a new set of DecisionApplicationFileAdd events will be sent. This event is used to make compatibility decisions about a file to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -386,7 +387,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DecisionDevicePnpRemove
 
-This event indicates that the DecisionDevicePnp object is no longer present.
+This event Indicates that the DecisionDevicePnp object represented by the objectInstanceId is no longer present. This event is used to make compatibility decisions about PNP devices to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -397,7 +398,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DecisionDevicePnpStartSync
 
-This event indicates that the DecisionDevicePnp object is no longer present.
+This event indicates that a new set of DecisionDevicePnpAdd events will be sent. This event is used to make compatibility decisions about PNP devices to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -422,7 +423,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DecisionDriverPackageRemove
 
-This event indicates that the DecisionDriverPackage object is no longer present.
+This event indicates that the DecisionDriverPackage object represented by the objectInstanceId is no longer present. This event is used to make compatibility decisions about driver packages to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -433,7 +434,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DecisionDriverPackageStartSync
 
-This event indicates that a new set of DecisionDriverPackageAdd events will be sent.
+The DecisionDriverPackageStartSync event indicates that a new set of DecisionDriverPackageAdd events will be sent. This event is used to make compatibility decisions about driver packages to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -459,7 +460,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DecisionMatchingInfoBlockRemove
 
-This event indicates that the DecisionMatchingInfoBlock object is no longer present.
+This event indicates that the DecisionMatchingInfoBlock object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -470,7 +471,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DecisionMatchingInfoBlockStartSync
 
-This event indicates that a new set of DecisionMatchingInfoBlockAdd events will be sent.
+This event indicates that a new set of DecisionMatchingInfoBlockAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -492,7 +493,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DecisionMatchingInfoPassiveRemove
 
-This event Indicates that the DecisionMatchingInfoPassive object is no longer present.
+This event Indicates that the DecisionMatchingInfoPassive object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -503,7 +504,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DecisionMatchingInfoPassiveStartSync
 
-This event indicates that a new set of DecisionMatchingInfoPassiveAdd events will be sent.
+This event indicates that a new set of DecisionMatchingInfoPassiveAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -527,7 +528,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DecisionMatchingInfoPostUpgradeRemove
 
-This event indicates that the DecisionMatchingInfoPostUpgrade object is no longer present.
+This event indicates that the DecisionMatchingInfoPostUpgrade object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -538,7 +539,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DecisionMatchingInfoPostUpgradeStartSync
 
-This event indicates that a new set of DecisionMatchingInfoPostUpgradeAdd events will be sent.
+This event indicates that a new set of DecisionMatchingInfoPostUpgradeAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -564,7 +565,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DecisionMediaCenterRemove
 
-This event indicates that the DecisionMediaCenter object is no longer present.
+This event indicates that the DecisionMediaCenter object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -575,7 +576,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DecisionMediaCenterStartSync
 
-This event indicates that a new set of DecisionMediaCenterAdd events will be sent.
+This event indicates that a new set of DecisionMediaCenterAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -597,7 +598,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DecisionSystemBiosRemove
 
-This event indicates that the DecisionSystemBios object is no longer present.
+This event indicates that the DecisionSystemBios object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -608,7 +609,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DecisionSystemBiosStartSync
 
-This event indicates that a new set of DecisionSystemBiosAdd events will be sent.
+This event indicates that a new set of DecisionSystemBiosAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -619,7 +620,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.EnterpriseScenarioWithDiagTrackServiceRunning
 
-This event indicates that Appraiser has been triggered to run an enterprise scenario while the DiagTrack service is installed. This event can only be sent if a special flag is used to trigger the enterprise scenario.
+This event indicates that Appraiser has been triggered to run an enterprise scenario while the DiagTrack service is installed. This event can only be sent if a special flag is used to trigger the enterprise scenario. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -643,7 +644,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.InventoryApplicationFileAdd
 
-This event represents the basic metadata about a file on the system.  The file must be part of an app and either have a block in the compatibility database or be part of an antivirus program.
+This event represents the basic metadata about a file on the system.  The file must be part of an app and either have a block in the compatibility database or be part of an antivirus program. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -666,7 +667,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.InventoryApplicationFileRemove
 
-This event indicates that the InventoryApplicationFile object is no longer present.
+This event indicates that the InventoryApplicationFile object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -677,7 +678,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.InventoryApplicationFileStartSync
 
-This event indicates that a new set of InventoryApplicationFileAdd events will be sent.
+This event indicates that a new set of InventoryApplicationFileAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -699,7 +700,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.InventoryLanguagePackRemove
 
-This event indicates that the InventoryLanguagePack object is no longer present.
+This event indicates that the InventoryLanguagePack object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -710,7 +711,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.InventoryLanguagePackStartSync
 
-This event indicates that a new set of InventoryLanguagePackAdd events will be sent.
+This event indicates that a new set of InventoryLanguagePackAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -737,7 +738,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.InventoryMediaCenterRemove
 
-This event indicates that the InventoryMediaCenter object is no longer present.
+This event indicates that the InventoryMediaCenter object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -748,7 +749,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.InventoryMediaCenterStartSync
 
-This event indicates that a new set of InventoryMediaCenterAdd events will be sent.
+This event indicates that a new set of InventoryMediaCenterAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -759,7 +760,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.InventorySystemBiosAdd
 
-This event sends basic metadata about the BIOS to determine whether it has a compatibility block.
+This event sends basic metadata about the BIOS to determine whether it has a compatibility block. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -772,7 +773,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.InventorySystemBiosRemove
 
-This event indicates that the InventorySystemBios object is no longer present.
+This event indicates that the InventorySystemBios object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -783,7 +784,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.InventorySystemBiosStartSync
 
-This event indicates that a new set of InventorySystemBiosAdd events will be sent.
+This event indicates that a new set of InventorySystemBiosAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -794,7 +795,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.InventoryUplevelDriverPackageAdd
 
-This event is only runs during setup. It provides a listing of the uplevel driver packages that were downloaded before the upgrade. Is critical to understanding if failures in setup can be traced to not having sufficient uplevel drivers before the upgrade.
+This event runs only during setup. It provides a listing of the uplevel driver packages that were downloaded before the upgrade. It is critical in understanding if failures in setup can be traced to not having sufficient uplevel drivers before the upgrade. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -819,7 +820,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.InventoryUplevelDriverPackageRemove
 
-This event indicates that the InventoryUplevelDriverPackage object is no longer present.
+This event indicates that the InventoryUplevelDriverPackage object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -830,7 +831,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.InventoryUplevelDriverPackageStartSync
 
-This event indicates that a new set of InventoryUplevelDriverPackageAdd events will be sent.
+This event indicates that a new set of InventoryUplevelDriverPackageAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -841,7 +842,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.RunContext
 
-This event indicates what should be expected in the data payload.
+This event is sent at the beginning of an appraiser run, the RunContext indicates what should be expected in the following data payload. This event is used with the other Appraiser events to make compatibility decisions to keep Windows up to date.
 
 The following fields are available:
 
@@ -871,7 +872,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.SystemMemoryRemove
 
-This event that the SystemMemory object is no longer present.
+This event that the SystemMemory object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -882,7 +883,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.SystemMemoryStartSync
 
-This event indicates that a new set of SystemMemoryAdd events will be sent.
+This event indicates that a new set of SystemMemoryAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -904,7 +905,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.SystemProcessorCompareExchangeRemove
 
-This event indicates that the SystemProcessorCompareExchange object is no longer present.
+This event indicates that the SystemProcessorCompareExchange object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -915,7 +916,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.SystemProcessorCompareExchangeStartSync
 
-This event indicates that a new set of SystemProcessorCompareExchangeAdd events will be sent.
+This event indicates that a new set of SystemProcessorCompareExchangeAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -937,7 +938,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.SystemProcessorLahfSahfRemove
 
-This event indicates that the SystemProcessorLahfSahf object is no longer present.
+This event indicates that the SystemProcessorLahfSahf object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -948,7 +949,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.SystemProcessorLahfSahfStartSync
 
-This event indicates that a new set of SystemProcessorLahfSahfAdd events will be sent.
+This event indicates that a new set of SystemProcessorLahfSahfAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -971,7 +972,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.SystemProcessorNxRemove
 
-This event indicates that the SystemProcessorNx object is no longer present.
+This event indicates that the SystemProcessorNx object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -982,7 +983,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.SystemProcessorNxStartSync
 
-This event  indicates that a new set of SystemProcessorNxAdd events will be sent.
+This event  indicates that a new set of SystemProcessorNxAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1004,7 +1005,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.SystemProcessorPrefetchWRemove
 
-This event indicates that the SystemProcessorPrefetchW object is no longer present.
+This event indicates that the SystemProcessorPrefetchW object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1015,7 +1016,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.SystemProcessorPrefetchWStartSync
 
-This event indicates that a new set of SystemProcessorPrefetchWAdd events will be sent.
+This event indicates that a new set of SystemProcessorPrefetchWAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1037,7 +1038,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.SystemProcessorSse2Remove
 
-This event indicates that the SystemProcessorSse2 object is no longer present.
+This event indicates that the SystemProcessorSse2 object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1048,7 +1049,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.SystemProcessorSse2StartSync
 
-This event indicates that a new set of SystemProcessorSse2Add events will be sent.
+This event indicates that a new set of SystemProcessorSse2Add events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1070,7 +1071,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.SystemTouchRemove
 
-This event indicates that the SystemTouch object is no longer present.
+This event indicates that the SystemTouch object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1081,7 +1082,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.SystemTouchStartSync
 
-This event indicates that a new set of SystemTouchAdd events will be sent.
+This event indicates that a new set of SystemTouchAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1103,7 +1104,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.SystemWimRemove
 
-This event indicates that the SystemWim object is no longer present.
+This event indicates that the SystemWim object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1114,7 +1115,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.SystemWimStartSync
 
-This event indicates that a new set of SystemWimAdd events will be sent.
+This event indicates that a new set of SystemWimAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1136,7 +1137,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.SystemWindowsActivationStatusRemove
 
-This event indicates that the SystemWindowsActivationStatus object is no longer present.
+This event indicates that the SystemWindowsActivationStatus object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1147,7 +1148,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.SystemWindowsActivationStatusStartSync
 
-This event indicates that a new set of SystemWindowsActivationStatusAdd events will be sent.
+This event indicates that a new set of SystemWindowsActivationStatusAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1173,7 +1174,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.SystemWlanRemove
 
-This event indicates that the SystemWlan object is no longer present.
+This event indicates that the SystemWlan object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1184,7 +1185,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.SystemWlanStartSync
 
-This event indicates that a new set of SystemWlanAdd events will be sent.
+This event indicates that a new set of SystemWlanAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1247,7 +1248,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.WmdrmRemove
 
-This event indicates that the Wmdrm object is no longer present.
+This event indicates that the Wmdrm object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1258,7 +1259,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.WmdrmStartSync
 
-This event indicates that a new set of WmdrmAdd events will be sent.
+The WmdrmStartSync event indicates that a new set of WmdrmAdd events will be sent. This event is used to understand the usage of older digital rights management on the system, to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1271,7 +1272,7 @@ The following fields are available:
 
 ### Census.App
 
-This event sends version data about the Apps running on this device, to help keep Windows up to date.
+This event sends version data about the Apps running on this device. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -1281,7 +1282,7 @@ The following fields are available:
 
 ### Census.Battery
 
-This event sends type and capacity data about the battery on the device, as well as the number of connected standby devices in use, type to help keep Windows up to date.
+This event sends type and capacity data about the battery on the device, as well as the number of connected standby devices in use. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -1292,19 +1293,9 @@ The following fields are available:
 - **IsAlwaysOnAlwaysConnectedCapable**  Represents whether the battery enables the device to be AlwaysOnAlwaysConnected . Boolean value.
 
 
-### Census.Camera
-
-This event sends data about the resolution of cameras on the device, to help keep Windows up to date.
-
-The following fields are available:
-
-- **FrontFacingCameraResolution**  Represents the resolution of the front facing camera in megapixels. If a front facing camera does not exist, then the value is 0.
-- **RearFacingCameraResolution**  Represents the resolution of the rear facing camera in megapixels. If a rear facing camera does not exist, then the value is 0.
-
-
 ### Census.Enterprise
 
-This event sends data about Azure presence, type, and cloud domain use in order to provide an understanding of the use and integration of devices in an enterprise, cloud, and server environment.
+This event sends data about Azure presence, type, and cloud domain use in order to provide an understanding of the use and integration of devices in an enterprise, cloud, and server environment. The data collected with this event is used to help keep Windows secure.
 
 The following fields are available:
 
@@ -1321,14 +1312,14 @@ The following fields are available:
 - **IsEDPEnabled**  Represents if Enterprise data protected on the device.
 - **IsMDMEnrolled**  Whether the device has been MDM Enrolled or not.
 - **MPNId**  Returns the Partner ID/MPN ID from Regkey. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\DeployID
-- **SCCMClientId**  This ID correlate systems that send data to Compat Analytics (OMS) and other OMS based systems with systems in a Configuration Manager environment.
+- **SCCMClientId**  This ID correlate systems that send data to Compat Analytics (OMS) and other OMS based systems with systems in an Enterprise System Center Configuration Manager (SCCM) environment.
 - **ServerFeatures**  Represents the features installed on a Windows   Server. This can be used by developers and administrators who need to automate the process of determining the features installed on a set of server computers.
 - **SystemCenterID**  The SCCM ID is an anonymized one-way hash of the Active Directory Organization identifier.
 
 
 ### Census.Firmware
 
-This event sends data about the BIOS and startup embedded in the device, to help keep Windows up to date.
+This event sends data about the BIOS and startup embedded in the device. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -1340,7 +1331,7 @@ The following fields are available:
 
 ### Census.Flighting
 
-This event sends Windows Insider data from customers participating in improvement testing and feedback programs, to help keep Windows up to date.
+This event sends Windows Insider data from customers participating in improvement testing and feedback programs. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -1355,7 +1346,7 @@ The following fields are available:
 
 ### Census.Hardware
 
-This event sends data about the device, including hardware type, OEM brand, model line, model, telemetry level setting, and TPM support, to help keep Windows up to date.
+This event sends data about the device, including hardware type, OEM brand, model line, model, telemetry level setting, and TPM support. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -1391,7 +1382,7 @@ The following fields are available:
 
 ### Census.Memory
 
-This event sends data about the memory on the device, including ROM and RAM, to help keep Windows up to date.
+This event sends data about the memory on the device, including ROM and RAM. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -1401,7 +1392,7 @@ The following fields are available:
 
 ### Census.Network
 
-This event sends data about the mobile and cellular network used by the device (mobile service provider, network, device ID, and service cost factors), to help keep Windows up to date.
+This event sends data about the mobile and cellular network used by the device (mobile service provider, network, device ID, and service cost factors). The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -1424,7 +1415,7 @@ The following fields are available:
 
 ### Census.OS
 
-This event sends data about the operating system such as the version, locale, update service configuration, when and how it was originally installed, and whether it is a virtual device, to help keep Windows up to date.
+This event sends data about the operating system such as the version, locale, update service configuration, when and how it was originally installed, and whether it is a virtual device. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -1466,7 +1457,7 @@ The following fields are available:
 
 ### Census.Processor
 
-This event sends data about the processor to help keep Windows up to date.
+This event sends data about the processor. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -1482,13 +1473,13 @@ The following fields are available:
 
 ### Census.Security
 
-Provides information on several important data points about security settings.
+This event provides information about security settings. The data collected with this event is used to help keep Windows secure and up to date.
 
 
 
 ### Census.Speech
 
-This event is used to gather basic speech settings on the device.
+This event is used to gather basic speech settings on the device. The data collected with this event is used to help keep Windows secure.
 
 The following fields are available:
 
@@ -1505,7 +1496,7 @@ The following fields are available:
 
 ### Census.Storage
 
-This event sends data about the total capacity of the system volume and primary disk, to help keep Windows up to date.
+This event sends data about the total capacity of the system volume and primary disk. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -1516,7 +1507,7 @@ The following fields are available:
 
 ### Census.Userdefault
 
-This event sends data about the current user's default preferences for browser and several of the most popular extensions and protocols, to help keep Windows up to date.
+This event sends data about the current user's default preferences for browser and several of the most popular extensions and protocols. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -1526,7 +1517,7 @@ The following fields are available:
 
 ### Census.UserDisplay
 
-This event sends data about the logical/physical display size, resolution and number of internal/external displays, and VRAM on the system, to help keep Windows up to date.
+This event sends data about the logical/physical display size, resolution and number of internal/external displays, and VRAM on the system. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -1548,7 +1539,7 @@ The following fields are available:
 
 ### Census.UserNLS
 
-This event sends data about the default app language, input, and display language preferences set by the user, to help keep Windows up to date.
+This event sends data about the default app language, input, and display language preferences set by the user. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -1561,7 +1552,7 @@ The following fields are available:
 
 ### Census.VM
 
-This event sends data indicating whether virtualization is enabled on the device, and its various characteristics, to help keep Windows up to date.
+This event sends data indicating whether virtualization is enabled on the device, and its various characteristics. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -1574,7 +1565,7 @@ The following fields are available:
 
 ### Census.WU
 
-This event sends data about the Windows update server and other App store policies, to help keep Windows up to date.
+This event sends data about the Windows update server and other App store policies. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -1769,7 +1760,7 @@ The following fields are available:
 
 ### CbsServicingProvider.CbsCapabilitySessionFinalize
 
-This event provides information about the results of installing or uninstalling optional Windows content from Windows Update.
+This event provides information about the results of installing or uninstalling optional Windows content from Windows Update. The data collected with this event is used to help keep Windows up to date.
 
 
 
@@ -1868,7 +1859,7 @@ The following fields are available:
 
 ### TelClientSynthetic.AuthorizationInfo_RuntimeTransition
 
-This event sends data indicating that a device has undergone a change of telemetry opt-in level detected at UTC startup, to help keep Windows up to date. The telemetry opt-in level signals what data we are allowed to collect.
+This event is fired by UTC at state transitions to signal what data we are allowed to collect. The data collected with this event is used to help keep Windows up to date, secure, and performing properly.
 
 The following fields are available:
 
@@ -1887,7 +1878,7 @@ The following fields are available:
 
 ### TelClientSynthetic.AuthorizationInfo_Startup
 
-This event sends data indicating that a device has undergone a change of telemetry opt-in level detected at UTC startup, to help keep Windows up to date. The telemetry opt-in level signals what data we are allowed to collect.
+This event is fired by UTC at startup to signal what data we are allowed to collect. The data collected with this event is used to help keep Windows up to date, secure, and performing properly.
 
 The following fields are available:
 
@@ -1906,7 +1897,7 @@ The following fields are available:
 
 ### TelClientSynthetic.ConnectivityHeartBeat_0
 
-This event sends data about the connectivity status of the Connected User Experience and Telemetry component that uploads telemetry events. If an unrestricted free network (such as Wi-Fi) is available, this event updates the last successful upload time. Otherwise, it checks whether a Connectivity Heartbeat event was fired in the past 24 hours, and if not, it sends an event. A Connectivity Heartbeat event is also sent when a device recovers from costed network to free network.
+This event sends data about the connectivity status of the Connected User Experience and Telemetry component that uploads telemetry events. If an unrestricted free network (such as Wi-Fi) is available, this event updates the last successful upload time. Otherwise, it checks whether a Connectivity Heartbeat event was fired in the past 24 hours, and if not, it sends an event. A Connectivity Heartbeat event is also sent when a device recovers from costed network to free network. This event is fired by UTC during periods of no network as a heartbeat signal, to keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -2168,7 +2159,7 @@ The following fields are available:
 
 ### ChecksumDictionary
 
-The list of values sent by each object type.
+This event provides the list of values sent by each object type. The data collected with this event is used to keep Windows performing properly.
 
 The following fields are available:
 
@@ -2178,7 +2169,7 @@ The following fields are available:
 
 ### COMPID
 
-This event provides a device's internal application compatible ID, a vendor-defined identification that Windows uses to match a device to an INF file. A device can have a list of compatible IDs associated with it.
+This event provides a device's internal application compatible ID, a vendor-defined identification that Windows uses to match a device to an INF file. A device can have a list of compatible IDs associated with it. The data collected with this event is used to keep Windows performing properly.
 
 The following fields are available:
 
@@ -2188,7 +2179,7 @@ The following fields are available:
 
 ### HWID
 
-This event provides a device's internal hardware ID, a vendor-defined identification that Windows uses to match a device to an INF file. In most cases, a device has associated with it a list of hardware IDs.
+This event provides a device's internal hardware ID, a vendor-defined identification that Windows uses to match a device to an INF file. In most cases, a device has associated with it a list of hardware IDs. The data collected with this event is used to keep Windows performing properly.
 
 The following fields are available:
 
@@ -2198,7 +2189,7 @@ The following fields are available:
 
 ### InstallDateArpLastModified
 
-This event indicates the date the add/remove program (ARP) entry was last modified by an update.
+This event indicates the date the add/remove program (ARP) entry was last modified by an update. The data collected with this event is used to keep Windows performing properly.
 
 The following fields are available:
 
@@ -2208,7 +2199,7 @@ The following fields are available:
 
 ### InstallDateFromLinkFile
 
-This event provides the application installation date from the linked file.
+This event provides the application installation date from the linked file. The data collected with this event is used to keep Windows performing properly.
 
 The following fields are available:
 
@@ -2218,7 +2209,7 @@ The following fields are available:
 
 ### InstallDateMsi
 
-The install date from the Microsoft installer (MSI) database.
+This event provides the install date from the Microsoft installer (MSI) database. The data collected with this event is used to keep Windows performing properly.
 
 The following fields are available:
 
@@ -2228,7 +2219,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.AmiTelCacheChecksum
 
-This event captures basic checksum data about the device inventory items stored in the cache for use in validating data completeness for Microsoft.Windows.Inventory.Core events. The fields in this event may change over time, but they will always represent a count of a given object.
+This event captures basic checksum data about the device inventory items stored in the cache for use in validating data completeness for Microsoft.Windows.Inventory.Core events. The fields in this event may change over time, but they will always represent a count of a given object. The data collected with this event is used to keep Windows performing properly.
 
 The following fields are available:
 
@@ -2254,7 +2245,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.AmiTelCacheVersions
 
-This event sends inventory component versions for the Device Inventory data.
+This event sends inventory component versions for the Device Inventory data. The data collected with this event is used to keep Windows performing properly.
 
 The following fields are available:
 
@@ -2266,7 +2257,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.FileSigningInfoAdd
 
-This event enumerates the signatures of files, either driver packages or application executables. For driver packages, this data is collected on demand via Telecommand to limit it only to unrecognized driver packages, saving time for the client and space on the server. For applications, this data is collected for up to 10 random executables on a system.
+This event enumerates the signatures of files, either driver packages or application executables. For driver packages, this data is collected on demand via Telecommand to limit it only to unrecognized driver packages, saving time for the client and space on the server. For applications, this data is collected for up to 10 random executables on a system. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -2283,7 +2274,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.InventoryApplicationAdd
 
-This event sends basic metadata about an application on the system to help keep Windows up to date.
+This event sends basic metadata about an application on the system. The data collected with this event is used to keep Windows performing properly and up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -2312,31 +2303,31 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.InventoryApplicationDriverAdd
 
-This event represents what drivers an application installs.
+This event represents what drivers an application installs. The data collected with this event is used to keep Windows performing properly.
 
 
 
 ### Microsoft.Windows.Inventory.Core.InventoryApplicationDriverStartSync
 
-The InventoryApplicationDriverStartSync event indicates that a new set of InventoryApplicationDriverStartAdd events will be sent.
+The InventoryApplicationDriverStartSync event indicates that a new set of InventoryApplicationDriverStartAdd events will be sent. The data collected with this event is used to keep Windows performing properly.
 
 
 
 ### Microsoft.Windows.Inventory.Core.InventoryApplicationFrameworkAdd
 
-This event provides the basic metadata about the frameworks an application may depend on.
+This event provides the basic metadata about the frameworks an application may depend on. The data collected with this event is used to keep Windows performing properly.
 
 
 
 ### Microsoft.Windows.Inventory.Core.InventoryApplicationFrameworkStartSync
 
-This event indicates that a new set of InventoryApplicationFrameworkAdd events will be sent.
+This event indicates that a new set of InventoryApplicationFrameworkAdd events will be sent. The data collected with this event is used to keep Windows performing properly.
 
 
 
 ### Microsoft.Windows.Inventory.Core.InventoryApplicationRemove
 
-This event indicates that a new set of InventoryDevicePnpAdd events will be sent.
+This event indicates that a new set of InventoryDevicePnpAdd events will be sent. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -2347,7 +2338,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.InventoryApplicationStartSync
 
-This event indicates that a new set of InventoryApplicationAdd events will be sent.
+This event indicates that a new set of InventoryApplicationAdd events will be sent. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -2358,7 +2349,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.InventoryDeviceContainerAdd
 
-This event sends basic metadata about a device container (such as a monitor or printer as opposed to a Plug and Play device) to help keep Windows up to date.
+This event sends basic metadata about a device container (such as a monitor or printer as opposed to a Plug and Play device). The data collected with this event is used to help keep Windows up to date and to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -2382,7 +2373,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.InventoryDeviceContainerRemove
 
-This event indicates that the InventoryDeviceContainer object is no longer present.
+This event indicates that the InventoryDeviceContainer object is no longer present. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -2393,7 +2384,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.InventoryDeviceContainerStartSync
 
-This event indicates that a new set of InventoryDeviceContainerAdd events will be sent.
+This event indicates that a new set of InventoryDeviceContainerAdd events will be sent. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -2404,7 +2395,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.InventoryDeviceInterfaceAdd
 
-This event retrieves information about what sensor interfaces are available on the device.
+This event retrieves information about what sensor interfaces are available on the device. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -2433,7 +2424,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.InventoryDeviceInterfaceStartSync
 
-This event indicates that a new set of InventoryDeviceInterfaceAdd events will be sent.
+This event indicates that a new set of InventoryDeviceInterfaceAdd events will be sent. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -2444,7 +2435,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.InventoryDeviceMediaClassAdd
 
-This event sends additional metadata about a Plug and Play device that is specific to a particular class of devices to help keep Windows up to date while reducing overall size of data payload.
+This event sends additional metadata about a Plug and Play device that is specific to a particular class of devices. The data collected with this event is used to help keep Windows up to date and performing properly while reducing overall size of data payload.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -2457,7 +2448,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.InventoryDeviceMediaClassRemove
 
-This event indicates that the InventoryDeviceMediaClassRemove object is no longer present.
+This event indicates that the InventoryDeviceMediaClass object represented by the objectInstanceId is no longer present. This event is used to understand a PNP device that is specific to a particular class of devices. The data collected with this event is used to help keep Windows up to date and performing properly while reducing overall size of data payload.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -2468,7 +2459,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.InventoryDeviceMediaClassStartSync
 
-This event indicates that a new set of InventoryDeviceMediaClassSAdd events will be sent.
+This event indicates that a new set of InventoryDeviceMediaClassSAdd events will be sent. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -2477,9 +2468,48 @@ The following fields are available:
 - **InventoryVersion**  The version of the inventory file generating the events.
 
 
+### Microsoft.Windows.Inventory.Core.InventoryDevicePnpAdd
+
+This event represents the basic metadata about a plug and play (PNP) device and its associated driver.
+
+This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
+
+The following fields are available:
+
+- **Class**  The device setup class of the driver loaded for the device.
+- **ClassGuid**  The device class unique identifier of the driver package loaded on the device.
+- **COMPID**  The list of “Compatible IDs” for this device. See [COMPID](#compid).
+- **ContainerId**  The system-supplied unique identifier that specifies which group(s) the device(s) installed on the parent (main) device belong to.
+- **Description**  The description of the device.
+- **DeviceState**  Identifies the current state of the parent (main) device.
+- **DriverId**  The unique identifier for the installed driver.
+- **DriverName**  The name of the driver image file.
+- **DriverPackageStrongName**  The immediate parent directory name in the Directory field of InventoryDriverPackage.
+- **DriverVerDate**  The date of the driver loaded for the device
+- **DriverVerVersion**  The version of the driver loaded for the device
+- **Enumerator**  Identifies the bus that enumerated the device.
+- **HWID**  A list of hardware IDs for the device. See [HWID](#hwid).
+- **Inf**  The name of the INF file (possibly renamed by the OS, such as oemXX.inf).
+- **InstallState**  The device installation state. For a list of values, see: https://msdn.microsoft.com/library/windows/hardware/ff543130.aspx
+- **InventoryVersion**  The version number of the inventory process generating the events.
+- **LowerClassFilters**  The identifiers of the Lower Class filters installed for the device.
+- **LowerFilters**  The identifiers of the Lower filters installed for the device.
+- **Manufacturer**  The manufacturer of the device.
+- **MatchingID**  The Hardware ID or Compatible ID that Windows uses to install a device instance.
+- **Model**  Identifies the model of the device.
+- **objectInstanceId**  Deprecated. The Device Instance ID of the device (uniquely identifies a device in the system). Example: pci\ven_8086&dev_0085&subsys_13118086&rev_34\4&2dded11c&0&00e1
+- **ParentId**  The Device Instance ID of the parent of the device.
+- **ProblemCode**  The error code currently returned by the device, if applicable.
+- **Provider**  Identifies the device provider.
+- **Service**  The name of the device service.
+- **STACKID**  The list of hardware IDs for the stack. See [STACKID](#stackid).
+- **UpperClassFilters**  The identifiers of the Upper Class filters installed for the device.
+- **UpperFilters**  The identifiers of the Upper filters installed for the device.
+
+
 ### Microsoft.Windows.Inventory.Core.InventoryDevicePnpRemove
 
-This event indicates that the InventoryDevicePnpRemove object is no longer present.
+This event indicates that the InventoryDevicePnpRemove object is no longer present. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -2490,7 +2520,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.InventoryDevicePnpStartSync
 
-This event indicates that a new set of InventoryDevicePnpAdd events will be sent.
+This event indicates that a new set of InventoryDevicePnpAdd events will be sent. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -2501,19 +2531,19 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.InventoryDeviceUsbHubClassAdd
 
-This event sends basic metadata about the USB hubs on the device.
+This event sends basic metadata about the USB hubs on the device. The data collected with this event is used to keep Windows performing properly.
 
 
 
 ### Microsoft.Windows.Inventory.Core.InventoryDeviceUsbHubClassStartSync
 
-This event indicates that a new set of InventoryDeviceUsbHubClassAdd events will be sent.
+This event indicates that a new set of InventoryDeviceUsbHubClassAdd events will be sent. The data collected with this event is used to keep Windows performing properly.
 
 
 
 ### Microsoft.Windows.Inventory.Core.InventoryDriverBinaryAdd
 
-This event sends basic metadata about driver binaries running on the system to help keep Windows up to date.
+This event sends basic metadata about driver binaries running on the system. The data collected with this event is used to help keep Windows up to date and performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -2540,7 +2570,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.InventoryDriverBinaryRemove
 
-This event indicates that the InventoryDriverBinary object is no longer present.
+This event indicates that the InventoryDriverBinary object is no longer present. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -2551,7 +2581,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.InventoryDriverBinaryStartSync
 
-This event indicates that a new set of InventoryDriverBinaryAdd events will be sent.
+This event indicates that a new set of InventoryDriverBinaryAdd events will be sent. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -2562,7 +2592,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.InventoryDriverPackageAdd
 
-This event sends basic metadata about drive packages installed on the system  to help keep Windows up to date.
+This event sends basic metadata about drive packages installed on the system. The data collected with this event is used to help keep Windows up to date and performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -2581,7 +2611,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.InventoryDriverPackageRemove
 
-This event indicates that the InventoryDriverPackageRemove object is no longer present.
+This event indicates that the InventoryDriverPackageRemove object is no longer present. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -2592,7 +2622,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.InventoryDriverPackageStartSync
 
-This event indicates that a new set of InventoryDriverPackageAdd events will be sent.
+This event indicates that a new set of InventoryDriverPackageAdd events will be sent. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -2601,9 +2631,17 @@ The following fields are available:
 - **InventoryVersion**  The version of the inventory file generating the events.
 
 
+### Microsoft.Windows.Inventory.General. InventoryMiscellaneousMemorySlotArrayInfoRemove
+
+This event indicates that this particular data object represented by the ObjectInstanceId is no longer present. The data collected with this event is used to help keep Windows up to date.
+
+This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
+
+
+
 ### Microsoft.Windows.Inventory.General.AppHealthStaticAdd
 
-This event sends details collected for a specific application on the source device.
+This event sends details collected for a specific application on the source device. The data collected with this event is used to keep Windows performing properly.
 
 The following fields are available:
 
@@ -2630,7 +2668,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.General.AppHealthStaticStartSync
 
-This event indicates the beginning of a series of AppHealthStaticAdd events.
+This event indicates the beginning of a series of AppHealthStaticAdd events. The data collected with this event is used to keep Windows performing properly.
 
 The following fields are available:
 
@@ -2642,115 +2680,121 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousOfficeAddInAdd
 
-Invalid variant - Provides data on the installed Office Add-ins
+This event provides data on the installed Office add-ins. The data collected with this event is used to keep Windows performing properly.
 
 
 
 ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousOfficeAddInRemove
 
-Indicates that this particular data object represented by the objectInstanceId is no longer present.
+This event indicates that the particular data object represented by the objectInstanceId is no longer present. The data collected with this event is used to keep Windows performing properly.
 
 
 
 ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousOfficeAddInStartSync
 
-This event indicates that a new sync is being generated for this object type.
+This event indicates that a new sync is being generated for this object type. The data collected with this event is used to keep Windows performing properly.
 
 
 
 ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousOfficeIdentifiersAdd
 
-Provides data on the Office identifiers.
+This event provides data on the Office identifiers. The data collected with this event is used to keep Windows performing properly.
 
 
 
 ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousOfficeIdentifiersStartSync
 
-Diagnostic event to indicate a new sync is being generated for this object type.
+This is a diagnostic event that indicates a new sync is being generated for this object type. The data collected with this event is used to keep Windows performing properly.
 
 
 
 ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousOfficeIESettingsAdd
 
-Provides data on Office-related Internet Explorer features.
+This event provides data on Office-related Internet Explorer features. The data collected with this event is used to keep Windows performing properly.
 
 
 
 ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousOfficeIESettingsStartSync
 
-Diagnostic event to indicate a new sync is being generated for this object type.
+This is a diagnostic event that indicates a new sync is being generated for this object type. The data collected with this event is used to keep Windows performing properly.
 
 
 
 ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousOfficeInsightsAdd
 
-This event provides insight data on the installed Office products
+This event provides insight data on the installed Office products. The data collected with this event is used to keep Windows performing properly.
 
 
 
 ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousOfficeInsightsRemove
 
-Indicates that this particular data object represented by the objectInstanceId is no longer present.
+This event indicates that the particular data object represented by the objectInstanceId is no longer present. The data collected with this event is used to keep Windows performing properly.
 
 
 
 ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousOfficeInsightsStartSync
 
-This diagnostic event indicates that a new sync is being generated for this object type.
+This diagnostic event indicates that a new sync is being generated for this object type. The data collected with this event is used to keep Windows performing properly.
 
 
 
 ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousOfficeProductsAdd
 
-Describes Office Products installed.
+This event describes all installed Office products. The data collected with this event is used to keep Windows performing properly.
 
 
 
 ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousOfficeProductsStartSync
 
-Diagnostic event to indicate a new sync is being generated for this object type.
+This is a diagnostic event that indicates a new sync is being generated for this object type. The data collected with this event is used to keep Windows performing properly.
 
 
 
 ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousOfficeSettingsAdd
 
-This event describes various Office settings
+This event describes various Office settings. The data collected with this event is used to keep Windows performing properly.
 
 
 
 ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousOfficeSettingsStartSync
 
-Indicates a new sync is being generated for this object type.
+This is a diagnostic event that indicates a new sync is being generated for this object type. The data collected with this event is used to keep Windows performing properly.
 
 
 
 ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousOfficeVBARuleViolationsStartSync
 
-This event indicates that a new sync is being generated for this object type.
+This event indicates that a new sync is being generated for this object type. The data collected with this event is used to keep Windows performing properly.
 
 
 
 ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousOfficeVBAStartSync
 
-Diagnostic event to indicate a new sync is being generated for this object type.
+This diagnostic event indicates that a new sync is being generated for this object type. The data collected with this event is used to keep Windows performing properly.
 
 
 
 ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousUUPInfoAdd
 
-Provides data on Unified Update Platform (UUP) products and what version they are at.
+This event provides data on Unified Update Platform (UUP) products and what version they are at. The data collected with this event is used to keep Windows performing properly.
+
+
+
+### Microsoft.Windows.Inventory.General.InventoryMiscellaneousUUPInfoRemove
+
+This event indicates that this particular data object represented by the objectInstanceId is no longer present. The data collected with this event is used to keep Windows performing properly.
 
 
 
 ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousUUPInfoStartSync
 
-Diagnostic event to indicate a new sync is being generated for this object type.
+This is a diagnostic event that indicates a new sync is being generated for this object type. The data collected with this event is used to keep Windows performing properly.
 
 
 
 ### Microsoft.Windows.Inventory.Indicators.Checksum
 
-This event summarizes the counts for the InventoryMiscellaneousUexIndicatorAdd events.
+This event summarizes the counts for the InventoryMiscellaneousUexIndicatorAdd events. The data collected with this event is used to keep Windows performing properly.
 
 The following fields are available:
 
@@ -2760,7 +2804,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Indicators.InventoryMiscellaneousUexIndicatorAdd
 
-These events represent the basic metadata about the OS indicators installed on the system which are used for keeping the device up to date.
+This event represents the basic metadata about the OS indicators installed on the system. The data collected with this event helps ensure the device is up to date and keeps Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -2772,7 +2816,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Indicators.InventoryMiscellaneousUexIndicatorEndSync
 
-This event indicates that a new set of InventoryMiscellaneousUexIndicatorAdd events has been sent.
+This event indicates that a new set of InventoryMiscellaneousUexIndicatorAdd events has been sent. The data collected with this event helps ensure the device is up to date and keeps Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -2780,7 +2824,7 @@ This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedevic
 
 ### Microsoft.Windows.Inventory.Indicators.InventoryMiscellaneousUexIndicatorRemove
 
-This event is a counterpart to InventoryMiscellaneousUexIndicatorAdd that indicates that the item has been removed.
+This event indicates that this particular data object represented by the objectInstanceId is no longer present. This event is used to understand the OS indicators installed on the system. The data collected with this event helps ensure the device is current and Windows is up to date and performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -2788,7 +2832,7 @@ This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedevic
 
 ### Microsoft.Windows.Inventory.Indicators.InventoryMiscellaneousUexIndicatorStartSync
 
-This event indicates that a new set of InventoryMiscellaneousUexIndicatorAdd events will be sent.
+This event indicates that this particular data object represented by the objectInstanceId is no longer present. This event is used to understand the OS indicators installed on the system. The data collected with this event helps ensure the device is current and Windows is up to date and performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -2796,7 +2840,7 @@ This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedevic
 
 ### STACKID
 
-This event provides the internal compatible ID for the stack.
+This event provides the internal compatible ID for the stack. The data collected with this event is used to keep Windows performing properly.
 
 The following fields are available:
 
@@ -2818,7 +2862,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Kernel.BootEnvironment.OsLaunch
 
-This event includes basic data about the Operating System, collected during Boot and used to evaluate the success of the upgrade process.
+This event includes basic data about the Operating System, collected during Boot and used to evaluate the success of the upgrade process. The data collected with this event is used to keep Windows performing properly.
 
 The following fields are available:
 
@@ -2843,7 +2887,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Kernel.Power.OSStateChange
 
-This event denotes the transition between operating system states (e.g., On, Off, Sleep, etc.). By using this event with Windows Analytics, organizations can use this to help monitor reliability and performance of managed devices.
+This event denotes the transition between operating system states (e.g., On, Off, Sleep, etc.). By using this event with Windows Analytics, organizations can use this to help monitor reliability and performance of managed devices. The data collected with this event is used to keep Windows performing properly.
 
 The following fields are available:
 
@@ -2868,15 +2912,21 @@ The following fields are available:
 
 ## Migration events
 
+### Microsoft.Windows.MigrationCore.MigObjectCountDLUsr
+
+This event returns data to track the count of the migration objects across various phases during feature update. The data collected with this event is used to help keep Windows secure and to track data loss scenarios.
+
+
+
 ### Microsoft.Windows.MigrationCore.MigObjectCountKFSys
 
-This event returns data about the count of the migration objects across various phases during feature update.
+This event returns data about the count of the migration objects across various phases during feature update. The data collected with this event is used to help keep Windows secure and to track data loss scenarios.
 
 
 
 ### Microsoft.Windows.MigrationCore.MigObjectCountKFUsr
 
-This event returns data to track the count of the migration objects across various phases during feature update.
+This event returns data to track the count of the migration objects across various phases during feature update. The data collected with this event is used to help keep Windows secure and to track data loss scenarios.
 
 
 
@@ -2884,7 +2934,7 @@ This event returns data to track the count of the migration objects across vario
 
 ### Microsoft.OneDrive.Sync.Setup.APIOperation
 
-This event includes basic data about install and uninstall OneDrive API operations.
+This event includes basic data about install and uninstall OneDrive API operations. The data collected with this event is used to help keep Windows up to date, secure, and performing properly.
 
 The following fields are available:
 
@@ -2897,7 +2947,7 @@ The following fields are available:
 
 ### Microsoft.OneDrive.Sync.Setup.EndExperience
 
-This event includes a success or failure summary of the installation.
+This event includes a success or failure summary of the installation. The data collected with this event is used to help keep Windows up to date, secure, and performing properly.
 
 The following fields are available:
 
@@ -2909,7 +2959,7 @@ The following fields are available:
 
 ### Microsoft.OneDrive.Sync.Setup.OSUpgradeInstallationOperation
 
-This event is related to the OS version when the OS is upgraded with OneDrive installed.
+This event is related to the OS version when the OS is upgraded with OneDrive installed. The data collected with this event is used to help keep Windows up to date, secure, and performing properly.
 
 The following fields are available:
 
@@ -2925,7 +2975,7 @@ The following fields are available:
 
 ### Microsoft.OneDrive.Sync.Setup.RegisterStandaloneUpdaterAPIOperation
 
-This event is related to registering or unregistering the OneDrive update task.
+This event is related to registering or unregistering the OneDrive update task. The data collected with this event is used to help keep Windows up to date, secure, and performing properly.
 
 The following fields are available:
 
@@ -2938,7 +2988,7 @@ The following fields are available:
 
 ### Microsoft.OneDrive.Sync.Updater.ComponentInstallState
 
-This event includes basic data about the installation state of dependent OneDrive components.
+This event includes basic data about the installation state of dependent OneDrive components. The data collected with this event is used to help keep Windows up to date, secure, and performing properly.
 
 The following fields are available:
 
@@ -2948,7 +2998,7 @@ The following fields are available:
 
 ### Microsoft.OneDrive.Sync.Updater.OfficeRegistration
 
-This event indicates the status of the OneDrive integration with Microsoft Office.
+This event indicates the status of the OneDrive integration with Microsoft Office. The data collected with this event is used to help keep Windows up to date, secure, and performing properly.
 
 The following fields are available:
 
@@ -2957,7 +3007,7 @@ The following fields are available:
 
 ### Microsoft.OneDrive.Sync.Updater.OverlayIconStatus
 
-This event indicates if the OneDrive overlay icon is working correctly. 0 = healthy; 1 = can be fixed; 2 = broken
+This event indicates if the OneDrive overlay icon is working correctly. 0 = healthy; 1 = can be fixed; 2 = broken. The data collected with this event is used to help keep Windows up to date, secure, and performing properly.
 
 The following fields are available:
 
@@ -2967,7 +3017,7 @@ The following fields are available:
 
 ### Microsoft.OneDrive.Sync.Updater.RepairResult
 
-The event determines the result of the installation repair.
+The event determines the result of the installation repair. The data collected with this event is used to help keep Windows up to date, secure, and performing properly.
 
 The following fields are available:
 
@@ -2976,7 +3026,7 @@ The following fields are available:
 
 ### Microsoft.OneDrive.Sync.Updater.SetupBinaryDownloadHResult
 
-This event indicates the status when downloading the OneDrive setup file.
+This event indicates the status when downloading the OneDrive setup file. The data collected with this event is used to help keep Windows up to date, secure, and performing properly.
 
 The following fields are available:
 
@@ -2985,7 +3035,7 @@ The following fields are available:
 
 ### Microsoft.OneDrive.Sync.Updater.UpdateOverallResult
 
-This event sends information describing the result of the update.
+This event sends information describing the result of the update. The data collected with this event is used to help keep Windows up to date, secure, and performing properly.
 
 The following fields are available:
 
@@ -2996,7 +3046,7 @@ The following fields are available:
 
 ### Microsoft.OneDrive.Sync.Updater.UpdateTierReg
 
-This event determines status of the update tier registry values.
+This event determines status of the update tier registry values. The data collected with this event is used to help keep Windows up to date, secure, and performing properly.
 
 The following fields are available:
 
@@ -3006,7 +3056,7 @@ The following fields are available:
 
 ### Microsoft.OneDrive.Sync.Updater.UpdateXmlDownloadHResult
 
-This event determines the status when downloading the OneDrive update configuration file.
+This event determines the status when downloading the OneDrive update configuration file. The data collected with this event is used to help keep Windows up to date, secure, and performing properly.
 
 The following fields are available:
 
@@ -3015,7 +3065,7 @@ The following fields are available:
 
 ### Microsoft.OneDrive.Sync.Updater.WebConnectionStatus
 
-This event determines the error code that was returned when verifying Internet connectivity.
+This event determines the error code that was returned when verifying Internet connectivity. The data collected with this event is used to help keep Windows up to date, secure, and performing properly.
 
 The following fields are available:
 
@@ -3026,7 +3076,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Shell.PrivacyNotifierLogging.PrivacyNotifierCompleted
 
-This event returns data to report the efficacy of a single-use tool to inform users impacted by a known issue and to take corrective action to address the issue.
+This event returns data to report the efficacy of a single-use tool to inform users impacted by a known issue and to take corrective action to address the issue. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -3043,7 +3093,7 @@ The following fields are available:
 
 ### Microsoft.Windows.QualityUpdateAssistant.Applicability
 
-This event sends basic info on whether the device should be updated to the latest cumulative update.
+This event sends basic info on whether the device should be updated to the latest cumulative update. The data collected with this event is used to help keep Windows up to date and secure.
 
 The following fields are available:
 
@@ -3055,7 +3105,7 @@ The following fields are available:
 
 ### Microsoft.Windows.QualityUpdateAssistant.DeviceReadinessCheck
 
-This event sends basic info on whether the device is ready to download the latest cumulative update.
+This event sends basic info on whether the device is ready to download the latest cumulative update. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -3067,7 +3117,7 @@ The following fields are available:
 
 ### Microsoft.Windows.QualityUpdateAssistant.Download
 
-This event sends basic info when download of the latest cumulative update begins.
+This event sends basic info when download of the latest cumulative update begins. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -3079,7 +3129,7 @@ The following fields are available:
 
 ### Microsoft.Windows.QualityUpdateAssistant.Install
 
-This event sends basic info on the result of the installation of the latest cumulative update.
+This event sends basic info on the result of the installation of the latest cumulative update. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -3093,7 +3143,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Remediation.Applicable
 
-deny
+This event indicates whether Windows Update sediment remediations need to be applied to the sediment device to keep Windows up to date. A sediment device is one that has been on a previous OS version for an extended period. The remediations address issues on the system that prevent the device from receiving OS updates.
 
 The following fields are available:
 
@@ -3141,7 +3191,7 @@ The following fields are available:
 - **RemediationNoisyHammerUserLoggedInAdmin**  TRUE if there is the user currently logged in is an Admin.
 - **RemediationShellDeviceManaged**  TRUE if the device is WSUS managed or Windows Updated disabled.
 - **RemediationShellDeviceNewOS**  TRUE if the device has a recently installed OS.
-- **RemediationShellDeviceSccm**  TRUE if the device is managed by Configuration Manager.
+- **RemediationShellDeviceSccm**  TRUE if the device is managed by SCCM (Microsoft System Center Configuration Manager).
 - **RemediationShellDeviceZeroExhaust**  TRUE if the device has opted out of Windows Updates completely.
 - **RemediationTargetMachine**  Indicates whether the device is a target of the specified fix.
 - **RemediationTaskHealthAutochkProxy**  True/False based on the health of the AutochkProxy task.
@@ -3268,7 +3318,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Remediation.DiskCleanUnExpectedErrorEvent
 
-This event indicates that an unexpected error occurred during an update and provides information to help address the issue.
+This event indicates that an unexpected error occurred during an update and provides information to help address the issue. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -3282,7 +3332,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Remediation.Error
 
-This event indicates a Sediment Pack error (update stack failure) has been detected and provides information to help address the issue.
+This event indicates a Sediment Pack error (update stack failure) has been detected and provides information to help address the issue. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -3293,7 +3343,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Remediation.FallbackError
 
-This event indicates an error when Self Update results in a Fallback and provides information to help address the issue.
+This event indicates an error when Self Update results in a Fallback and provides information to help address the issue. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -3303,7 +3353,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Remediation.RemediationNotifyUserFixIssuesInvokeUIEvent
 
-This event occurs when the Notify User task executes and provides information about the cause of the notification.
+This event occurs when the Notify User task executes and provides information about the cause of the notification. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -3319,7 +3369,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Remediation.RemediationShellFailedAutomaticAppUpdateModifyEventId
 
-This event provides the modification of the date on which an Automatic App Update scheduled task failed and provides information about the failure.
+This event provides the modification of the date on which an Automatic App Update scheduled task failed and provides information about the failure. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -3331,7 +3381,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Remediation.RemediationShellUnexpectedExceptionId
 
-This event identifies the remediation plug-in that returned an unexpected exception and provides information about the exception.
+This event identifies the remediation plug-in that returned an unexpected exception and provides information about the exception. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -3343,7 +3393,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Remediation.RemediationUHEnableServiceFailed
 
-This event tracks the health of key update (Remediation) services and whether they are enabled.
+This event tracks the health of key update (Remediation) services and whether they are enabled. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -3382,7 +3432,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Remediation.Started
 
-deny
+This event is sent when Windows Update sediment remediations have started on the sediment device to keep Windows up to date. A sediment device is one that has been on a previous OS version for an extended period. The remediations address issues on the system that prevent the device from receiving OS updates.
 
 The following fields are available:
 
@@ -3452,7 +3502,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Sediment.Info.DetailedState
 
-This event is sent when detailed state information is needed from an update trial run.
+This event is sent when detailed state information is needed from an update trial run. The data collected with this event is used to help keep Windows up to date.
 
 
 
@@ -3473,7 +3523,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Sediment.Info.DownloadServiceProgress
 
-This event indicates the progress of the downloader in 1% increments.
+This event indicates the progress of the downloader in 1% increments. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -3574,7 +3624,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Sediment.OSRSS.Error
 
-This event indicates an error occurred in the Operating System Remediation System Service (OSRSS). The information provided helps ensure future upgrade/update attempts are more successful.
+This event indicates an error occurred in the Operating System Remediation System Service (OSRSS). The information provided helps ensure future upgrade/update attempts are more successful. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -3637,7 +3687,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Sediment.OSRSS.SelfUpdate
 
-This event returns metadata after Operating System Remediation System Service (OSRSS) successfully replaces itself with a new version.
+This event returns metadata after Operating System Remediation System Service (OSRSS) successfully replaces itself with a new version. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -3648,7 +3698,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Sediment.OSRSS.UrlState
 
-This event indicates the state the Operating System Remediation System Service (OSRSS)  is in while attempting a download from the URL.
+This event indicates the state the Operating System Remediation System Service (OSRSS) is in while attempting a download from the URL. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -3662,7 +3712,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Sediment.ServiceInstaller.ApplicabilityCheckFailed
 
-This event returns data relating to the error state after one of the applicability checks for the installer component of the Operating System Remediation System Service (OSRSS) has failed.
+This event returns data relating to the error state after one of the applicability checks for the installer component of the Operating System Remediation System Service (OSRSS) has failed. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -3693,7 +3743,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Sediment.ServiceInstaller.Error
 
-This event indicates an error occurred in the Operating System Remediation System Service (OSRSS). The information provided helps ensure future upgrade/update attempts are more successful.
+This event indicates an error occurred in the Operating System Remediation System Service (OSRSS). The information provided helps ensure future upgrade/update attempts are more successful. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -3797,7 +3847,7 @@ The following fields are available:
 
 ### Microsoft.Windows.SedimentLauncher.Applicable
 
-This event is sent when the Windows Update sediment remediations launcher finds that an applicable plug-in to address issues that may be preventing the sediment device from receiving OS updates.  A sediment device is one that has been on a previous OS version for an extended period.
+This event is sent when the Windows Update sediment remediations launcher finds that an applicable plug-in to address issues that may be preventing the sediment device from receiving OS updates.  A sediment device is one that has been on a previous OS version for an extended period. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -3813,7 +3863,7 @@ The following fields are available:
 
 ### Microsoft.Windows.SedimentLauncher.Completed
 
-This event is sent when the Windows Update sediment remediations launcher finishes running a plug-in to address issues that may be preventing the sediment device from receiving OS updates.  A sediment device is one that has been on a previous OS version for an extended period.
+This event is sent when the Windows Update sediment remediations launcher finishes running a plug-in to address issues that may be preventing the sediment device from receiving OS updates.  A sediment device is one that has been on a previous OS version for an extended period. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -3828,7 +3878,7 @@ The following fields are available:
 
 ### Microsoft.Windows.SedimentLauncher.Error
 
-This event indicates an error occurred during the execution of the plug-in. The information provided helps ensure future upgrade/update attempts are more successful.
+This event indicates an error occurred during the execution of the plug-in. The information provided helps ensure future upgrade/update attempts are more successful. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -3839,7 +3889,7 @@ The following fields are available:
 
 ### Microsoft.Windows.SedimentLauncher.FallbackError
 
-This event indicates that an error occurred during execution of the plug-in fallback.
+This event indicates that an error occurred during execution of the plug-in fallback. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -3848,7 +3898,7 @@ The following fields are available:
 
 ### Microsoft.Windows.SedimentLauncher.Information
 
-This event provides general information returned from the plug-in.
+This event provides general information returned from the plug-in. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -3859,7 +3909,7 @@ The following fields are available:
 
 ### Microsoft.Windows.SedimentLauncher.Started
 
-This event is sent when the Windows Update sediment remediations launcher starts running a plug-in to address issues that may be preventing the sediment device from receiving OS updates.  A sediment device is one that has been on a previous OS version for an extended period.
+This event is sent when the Windows Update sediment remediations launcher starts running a plug-in to address issues that may be preventing the sediment device from receiving OS updates.  A sediment device is one that has been on a previous OS version for an extended period. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -3872,7 +3922,7 @@ The following fields are available:
 
 ### Microsoft.Windows.SedimentLauncher.wilResult
 
-This event provides the result from the Windows internal library.
+This event provides the result from the Windows internal library. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -3897,7 +3947,7 @@ The following fields are available:
 
 ### Microsoft.Windows.SedimentService.Applicable
 
-This event is sent when the Windows Update sediment remediations service finds that an applicable plug-in to address issues that may be preventing the sediment device from receiving OS updates.  A sediment device is one that has been on a previous OS version for an extended period.
+This event is sent when the Windows Update sediment remediations service finds that an applicable plug-in to address issues that may be preventing the sediment device from receiving OS updates.  A sediment device is one that has been on a previous OS version for an extended period. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -3913,7 +3963,7 @@ The following fields are available:
 
 ### Microsoft.Windows.SedimentService.Completed
 
-This event is sent when the Windows Update sediment remediations service finishes running a plug-in to address issues that may be preventing the sediment device from receiving OS updates.  A sediment device is one that has been on a previous OS version for an extended period.
+This event is sent when the Windows Update sediment remediations service finishes running a plug-in to address issues that may be preventing the sediment device from receiving OS updates.  A sediment device is one that has been on a previous OS version for an extended period. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -3935,7 +3985,7 @@ The following fields are available:
 
 ### Microsoft.Windows.SedimentService.Error
 
-This event indicates whether an error condition occurred in the plug-in.
+This event indicates whether an error condition occurred in the plug-in. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -3946,7 +3996,7 @@ The following fields are available:
 
 ### Microsoft.Windows.SedimentService.FallbackError
 
-This event indicates whether an error occurred for a fallback in the plug-in.
+This event indicates whether an error occurred for a fallback in the plug-in. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -3955,7 +4005,7 @@ The following fields are available:
 
 ### Microsoft.Windows.SedimentService.Information
 
-This event provides general information returned from the plug-in.
+This event provides general information returned from the plug-in. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -3966,7 +4016,7 @@ The following fields are available:
 
 ### Microsoft.Windows.SedimentService.Started
 
-This event is sent when the Windows Update sediment remediations service starts running a plug-in to address issues that may be preventing the sediment device from receiving OS updates.  A sediment device is one that has been on a previous OS version for an extended period.
+This event is sent when the Windows Update sediment remediations service starts running a plug-in to address issues that may be preventing the sediment device from receiving OS updates.  A sediment device is one that has been on a previous OS version for an extended period. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -3979,7 +4029,7 @@ The following fields are available:
 
 ### Microsoft.Windows.SedimentService.wilResult
 
-This event provides the result from the Windows internal library.
+This event provides the result from the Windows internal library. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -4070,7 +4120,7 @@ The following fields are available:
 
 ### wilActivity
 
-This event provides a Windows Internal Library context used for Product and Service diagnostics.
+This event provides a Windows Internal Library context used for Product and Service diagnostics. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -4095,7 +4145,7 @@ The following fields are available:
 
 ### wilResult
 
-This event provides a Windows Internal Library context used for Product and Service diagnostics.
+This event provides a Windows Internal Library context used for Product and Service diagnostics. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -4122,19 +4172,19 @@ The following fields are available:
 
 ### SIHEngineTelemetry.EvalApplicability
 
-This event is sent when targeting logic is evaluated to determine if a device is eligible for a given action.
+This event is sent when targeting logic is evaluated to determine if a device is eligible for a given action. The data collected with this event is used to help keep Windows up to date.
 
 
 
 ### SIHEngineTelemetry.ExecuteAction
 
-This event is triggered with SIH attempts to execute (e.g. install) the update or action in question. Includes important information like if the update required a reboot.
+This event is triggered with SIH attempts to execute (e.g. install) the update or action in question. Includes important information like if the update required a reboot. The data collected with this event is used to help keep Windows up to date.
 
 
 
 ### SIHEngineTelemetry.PostRebootReport
 
-This event reports the status of an action following a reboot, should one have been required.
+This event reports the status of an action following a reboot, should one have been required. The data collected with this event is used to help keep Windows up to date.
 
 
 
@@ -4142,7 +4192,7 @@ This event reports the status of an action following a reboot, should one have b
 
 ### SoftwareUpdateClientTelemetry.CheckForUpdates
 
-This event sends tracking data about the software distribution client check for content that is applicable to a device, to help keep Windows up to date
+This event sends tracking data about the software distribution client check for content that is applicable to a device, to help keep Windows up to date.
 
 The following fields are available:
 
@@ -4339,7 +4389,7 @@ The following fields are available:
 
 ### SoftwareUpdateClientTelemetry.DownloadCheckpoint
 
-This event provides a checkpoint between each of the Windows Update download phases for UUP content
+This event provides a checkpoint between each of the Windows Update download phases for UUP content. The data collected with this event is used to help keep Windows up to date, secure, and performing properly.
 
 The following fields are available:
 
@@ -4361,7 +4411,7 @@ The following fields are available:
 
 ### SoftwareUpdateClientTelemetry.DownloadHeartbeat
 
-This event allows tracking of ongoing downloads and contains data to explain the current state of the download
+This event allows tracking of ongoing downloads and contains data to explain the current state of the download. The data collected with this event is used to help keep Windows up to date, secure, and performing properly.
 
 The following fields are available:
 
@@ -4466,7 +4516,7 @@ The following fields are available:
 
 ### SoftwareUpdateClientTelemetry.SLSDiscovery
 
-This event sends data about the ability of Windows to discover the location of a backend server with which it must connect to perform updates or content acquisition, in order to determine disruptions in availability of update services and provide context for Windows Update errors.
+This event sends data about the ability of Windows to discover the location of a backend server with which it must connect to perform updates or content acquisition, in order to determine disruptions in availability of update services and provide context for Windows Update errors. The data collected with this event is used to help keep Windows up to date, secure, and performing properly.
 
 The following fields are available:
 
@@ -4482,7 +4532,7 @@ The following fields are available:
 
 ### SoftwareUpdateClientTelemetry.UpdateDetected
 
-This event sends data about an AppX app that has been updated from the Microsoft Store, including what app needs an update and what version/architecture is required, in order to understand and address problems with apps getting required updates.
+This event sends data about an AppX app that has been updated from the Microsoft Store, including what app needs an update and what version/architecture is required, in order to understand and address problems with apps getting required updates. The data collected with this event is used to help keep Windows up to date, secure, and performing properly.
 
 The following fields are available:
 
@@ -4497,7 +4547,7 @@ The following fields are available:
 
 ### SoftwareUpdateClientTelemetry.UpdateMetadataIntegrity
 
-This event identifies whether updates have been tampered with and protects against man-in-the-middle attacks.
+This event helps to identify whether update content has been tampered with and protects against man-in-the-middle attack. The data collected with this event is used to help keep Windows up to date, secure, and performing properly.
 
 The following fields are available:
 
@@ -4529,7 +4579,7 @@ The following fields are available:
 
 ### Microsoft.Windows.UpdateAssistant.Orchestrator.BlockingEventId
 
-The event sends basic info on the reason that Windows 10 was not updated due to compatibility issues, previous rollbacks, or admin policies.
+The event sends basic info on the reason that Windows 10 was not updated due to compatibility issues, previous rollbacks, or admin policies. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -4540,7 +4590,7 @@ The following fields are available:
 - **DeviceIsMdmManaged**  This device is MDM managed.
 - **IsNetworkAvailable**  If the device network is not available.
 - **IsNetworkMetered**  If network is metered.
-- **IsSccmManaged**  This device is managed by Configuration Manager.
+- **IsSccmManaged**  This device is SCCM managed.
 - **NewlyInstalledOs**  OS is newly installed quiet period.
 - **PausedByPolicy**  Updates are paused by policy.
 - **RecoveredFromRS3**  Previously recovered from RS3.
@@ -4553,7 +4603,7 @@ The following fields are available:
 
 ### Microsoft.Windows.UpdateAssistant.Orchestrator.DeniedLaunchEventId
 
-The event sends basic info when a device was blocked or prevented from updating to the latest Windows 10 version.
+The event sends basic info when a device was blocked or prevented from updating to the latest Windows 10 version. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -4564,7 +4614,7 @@ The following fields are available:
 
 ### Microsoft.Windows.UpdateAssistant.Orchestrator.FailedLaunchEventId
 
-Event to mark that Update Assistant Orchestrator failed to launch Update Assistant.
+This event indicates that Update Assistant Orchestrator failed to launch Update Assistant. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -4575,7 +4625,7 @@ The following fields are available:
 
 ### Microsoft.Windows.UpdateAssistant.Orchestrator.FailedOneSettingsQueryEventId
 
-Event indicating One Settings was not queried by update assistant.
+This event indicates that One Settings was not queried by update assistant. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -4585,7 +4635,7 @@ The following fields are available:
 
 ### Microsoft.Windows.UpdateAssistant.Orchestrator.LaunchEventId
 
-This event sends basic information on whether the device should be updated to the latest Windows 10 version.
+This event sends basic information on whether the device should be updated to the latest Windows 10 version. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -4599,7 +4649,7 @@ The following fields are available:
 
 ### Microsoft.Windows.UpdateAssistant.Orchestrator.RestoreEventId
 
-The event sends basic info on whether the Windows 10 update notification has previously launched.
+The event sends basic info on whether the Windows 10 update notification has previously launched. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -4612,7 +4662,7 @@ The following fields are available:
 
 ### Update360Telemetry.UpdateAgent_DownloadRequest
 
-This event sends data during the download request phase of updating Windows.
+This event sends data during the download request phase of updating Windows. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -4639,7 +4689,7 @@ The following fields are available:
 
 ### Update360Telemetry.UpdateAgent_FellBackToCanonical
 
-This event collects information when Express could not be used, and the update had to fall back to “canonical” during the new UUP (Unified Update Platform) update scenario; which is leveraged by both Mobile and Desktop.
+This event collects information when Express could not be used, and the update had to fall back to “canonical” during the new UUP (Unified Update Platform) update scenario; which is leveraged by both Mobile and Desktop. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -4655,7 +4705,7 @@ The following fields are available:
 
 ### Update360Telemetry.UpdateAgent_Initialize
 
-This event sends data during the initialize phase of updating Windows.
+This event sends data during the initialize phase of updating Windows. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -4673,7 +4723,7 @@ The following fields are available:
 
 ### Update360Telemetry.UpdateAgent_Install
 
-This event sends data during the install phase of updating Windows.
+This event sends data during the install phase of updating Windows. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -4689,7 +4739,7 @@ The following fields are available:
 
 ### Update360Telemetry.UpdateAgent_Merge
 
-This event sends data on the merge phase when updating Windows.
+This event sends data on the merge phase when updating Windows. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -4705,7 +4755,7 @@ The following fields are available:
 
 ### Update360Telemetry.UpdateAgent_ModeStart
 
-This event sends data for the start of each mode during the process of updating Windows.
+This event sends data for the start of each mode during the process of updating Windows. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -4720,7 +4770,7 @@ The following fields are available:
 
 ### Update360Telemetry.UpdateAgent_SetupBoxLaunch
 
-This event sends data during the launching of the setup box when updating Windows.
+This event sends data during the launching of the setup box when updating Windows. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -4737,7 +4787,7 @@ The following fields are available:
 
 ### Update360Telemetry.UpdateAgentCommit
 
-This event collects information regarding the commit phase of the new Unified Update Platform (UUP) update scenario, which is leveraged by both Mobile and Desktop.
+This event collects information regarding the commit phase of the new Unified Update Platform (UUP) update scenario, which is leveraged by both Mobile and Desktop. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -4753,7 +4803,7 @@ The following fields are available:
 
 ### Update360Telemetry.UpdateAgentDownloadRequest
 
-This event sends data for the download request phase of updating Windows via the new Unified Update Platform (UUP) scenario. Applicable to PC and Mobile.
+This event sends data for the download request phase of updating Windows via the new Unified Update Platform (UUP) scenario. Applicable to PC and Mobile. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -4784,7 +4834,7 @@ The following fields are available:
 
 ### Update360Telemetry.UpdateAgentExpand
 
-This event collects information regarding the expansion phase of the new Unified Update Platform (UUP) update scenario, which is leveraged by both Mobile and Desktop.
+This event collects information regarding the expansion phase of the new Unified Update Platform (UUP) update scenario, which is leveraged by both Mobile and Desktop. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -4804,7 +4854,7 @@ The following fields are available:
 
 ### Update360Telemetry.UpdateAgentInitialize
 
-This event sends data for the initialize phase of updating Windows via the new Unified Update Platform (UUP) scenario, which is applicable to both PCs and Mobile.
+This event sends data for the initialize phase of updating Windows via the new Unified Update Platform (UUP) scenario, which is applicable to both PCs and Mobile. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -4822,7 +4872,7 @@ The following fields are available:
 
 ### Update360Telemetry.UpdateAgentInstall
 
-This event sends data for the install phase of updating Windows.
+This event sends data for the install phase of updating Windows. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -4838,7 +4888,7 @@ The following fields are available:
 
 ### Update360Telemetry.UpdateAgentMitigationResult
 
-This event sends data indicating the result of each update agent mitigation.
+This event sends data indicating the result of each update agent mitigation. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -4864,13 +4914,13 @@ The following fields are available:
 
 ### Update360Telemetry.UpdateAgentMitigationSummary
 
-This event sends a summary of all the update agent mitigations available for an this update.
+This event sends a summary of all the update agent mitigations available for an this update. The data collected with this event is used to help keep Windows secure and up to date.
 
 
 
 ### Update360Telemetry.UpdateAgentModeStart
 
-This event sends data for the start of each mode during the process of updating Windows via the new Unified Update Platform (UUP) scenario. Applicable to both PCs and Mobile.
+This event sends data for the start of each mode during the process of updating Windows via the new Unified Update Platform (UUP) scenario. Applicable to both PCs and Mobile. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -4886,13 +4936,13 @@ The following fields are available:
 
 ### Update360Telemetry.UpdateAgentOneSettings
 
-This event collects information regarding the post reboot phase of the new UUP (Unified Update Platform) update scenario; which is leveraged by both Mobile and Desktop.
+This event collects information regarding the post reboot phase of the new UUP (Unified Update Platform) update scenario; which is leveraged by both Mobile and Desktop. The data collected with this event is used to help keep Windows secure and up to date.
 
 
 
 ### Update360Telemetry.UpdateAgentSetupBoxLaunch
 
-The UpdateAgent_SetupBoxLaunch event sends data for the launching of the setup box when updating Windows via the new Unified Update Platform (UUP) scenario. This event is only applicable to PCs.
+The UpdateAgent_SetupBoxLaunch event sends data for the launching of the setup box when updating Windows via the new Unified Update Platform (UUP) scenario. This event is only applicable to PCs. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -4921,13 +4971,13 @@ This event indicates whether devices received additional or critical supplementa
 
 ### FacilitatorTelemetry.DUDownload
 
-This event returns data about the download of supplemental packages critical to upgrading a device to the next version of Windows.
+This event returns data about the download of supplemental packages critical to upgrading a device to the next version of Windows. The data collected with this event is used to help keep Windows secure and up to date.
 
 
 
 ### FacilitatorTelemetry.InitializeDU
 
-This event determines whether devices received additional or critical supplemental content during an OS upgrade.
+This event determines whether devices received additional or critical supplemental content during an OS upgrade. The data collected with this event is used to help keep Windows secure and up to date.
 
 
 
@@ -4975,7 +5025,7 @@ The following fields are available:
 
 ### Setup360Telemetry.OsUninstall
 
-This event sends data regarding OS updates and upgrades from Windows 7, Windows 8, and Windows 10. Specifically, it indicates the outcome of an OS uninstall.
+This event sends data regarding OS updates and upgrades from Windows 7, Windows 8, and Windows 10. Specifically, it indicates the outcome of an OS uninstall. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -5122,19 +5172,19 @@ This event helps determine whether the device received supplemental content duri
 
 ### Setup360Telemetry.Setup360MitigationResult
 
-This event sends data indicating the result of each setup mitigation.
+This event sends data indicating the result of each setup mitigation. The data collected with this event is used to help keep Windows secure and up to date.
 
 
 
 ### Setup360Telemetry.Setup360MitigationSummary
 
-This event sends a summary of all the setup mitigations available for this update.
+This event sends a summary of all the setup mitigations available for this update. The data collected with this event is used to help keep Windows secure and up to date.
 
 
 
 ### Setup360Telemetry.Setup360OneSettings
 
-This event collects information regarding the post reboot phase of the new UUP (Unified Update Platform) update scenario; which is leveraged by both Mobile and Desktop.
+This event collects information regarding the post reboot phase of the new UUP (Unified Update Platform) update scenario; which is leveraged by both Mobile and Desktop. The data collected with this event is used to help keep Windows secure and up to date.
 
 
 
@@ -5222,7 +5272,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Store.Partner.ReportApplication
 
-Report application event for Microsoft Store client.
+This is report application event for Microsoft Store client. The data collected with this event is used to help keep Windows up to date and secure.
 
 
 
@@ -5635,7 +5685,7 @@ The following fields are available:
 
 ### Microsoft.OSG.DU.DeliveryOptClient.DownloadCanceled
 
-This event describes when a download was canceled with Delivery Optimization. It's used to understand and address problems regarding downloads.
+This event describes when a download was canceled with Delivery Optimization. It's used to understand and address problems regarding downloads. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -5660,7 +5710,7 @@ The following fields are available:
 
 ### Microsoft.OSG.DU.DeliveryOptClient.DownloadCompleted
 
-This event describes when a download has completed with Delivery Optimization. It's used to understand and address problems regarding downloads.
+This event describes when a download has completed with Delivery Optimization. It's used to understand and address problems regarding downloads. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -5699,7 +5749,7 @@ The following fields are available:
 
 ### Microsoft.OSG.DU.DeliveryOptClient.DownloadPaused
 
-This event represents a temporary suspension of a download with Delivery Optimization. It's used to understand and address problems regarding downloads.
+This event represents a temporary suspension of a download with Delivery Optimization. It's used to understand and address problems regarding downloads. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -5717,7 +5767,7 @@ The following fields are available:
 
 ### Microsoft.OSG.DU.DeliveryOptClient.DownloadStarted
 
-This event sends data describing the start of a new download to enable Delivery Optimization. It's used to understand and address problems regarding downloads.
+This event sends data describing the start of a new download to enable Delivery Optimization. It's used to understand and address problems regarding downloads. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -5749,7 +5799,7 @@ The following fields are available:
 
 ### Microsoft.OSG.DU.DeliveryOptClient.FailureCdnCommunication
 
-This event represents a failure to download from a CDN with Delivery Optimization. It's used to understand and address problems regarding downloads.
+This event represents a failure to download from a CDN with Delivery Optimization. It's used to understand and address problems regarding downloads. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -5770,7 +5820,7 @@ The following fields are available:
 
 ### Microsoft.OSG.DU.DeliveryOptClient.JobError
 
-This event represents a Windows Update job error. It allows for investigation of top errors.
+This event represents a Windows Update job error. It allows for investigation of top errors. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -5826,7 +5876,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.NotificationUx.DialogNotificationToBeDisplayed
 
-This event indicates that a notification dialog box is about to be displayed to user.
+This event indicates that a notification dialog box is about to be displayed to user. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -5850,7 +5900,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.NotificationUx.EnhancedEngagedRebootAcceptAutoDialog
 
-This event indicates that the Enhanced Engaged restart "accept automatically" dialog box was displayed.
+This event indicates that the Enhanced Engaged restart "accept automatically" dialog box was displayed. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -5865,7 +5915,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.NotificationUx.EnhancedEngagedRebootFirstReminderDialog
 
-This event indicates that the Enhanced Engaged restart "first reminder" dialog box was displayed.
+This event indicates that the Enhanced Engaged restart "first reminder" dialog box was displayed. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -5880,7 +5930,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.NotificationUx.EnhancedEngagedRebootForcedPrecursorDialog
 
-This event indicates that the Enhanced Engaged restart "forced precursor" dialog box was displayed.
+This event indicates that the Enhanced Engaged restart "forced precursor" dialog box was displayed. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -5895,7 +5945,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.NotificationUx.EnhancedEngagedRebootForcedWarningDialog
 
-This event indicates that the Enhanced Engaged "forced warning" dialog box was displayed.
+This event indicates that the Enhanced Engaged "forced warning" dialog box was displayed. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -5910,7 +5960,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.NotificationUx.EnhancedEngagedRebootRebootFailedDialog
 
-This event indicates that the Enhanced Engaged restart "restart failed" dialog box was displayed.
+This event indicates that the Enhanced Engaged restart "restart failed" dialog box was displayed. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -5925,7 +5975,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.NotificationUx.EnhancedEngagedRebootRebootImminentDialog
 
-This event indicates that the Enhanced Engaged restart "restart imminent" dialog box was displayed.
+This event indicates that the Enhanced Engaged restart "restart imminent" dialog box was displayed. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -5940,7 +5990,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.NotificationUx.EnhancedEngagedRebootSecondReminderDialog
 
-This event indicates that the second reminder dialog box was displayed for Enhanced Engaged restart.
+This event indicates that the second reminder dialog box was displayed for Enhanced Engaged restart. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -5955,7 +6005,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.NotificationUx.EnhancedEngagedRebootThirdReminderDialog
 
-This event indicates that the third reminder dialog box for Enhanced Engaged restart was displayed.
+This event indicates that the third reminder dialog box for Enhanced Engaged restart was displayed. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -5970,7 +6020,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.CommitFailed
 
-This event indicates that a device was unable to restart after an update.
+This event indicates that a device was unable to restart after an update. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -5980,7 +6030,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.DeferRestart
 
-This event indicates that a restart required for installing updates was postponed.
+This event indicates that a restart required for installing updates was postponed. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -5991,7 +6041,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.Detection
 
-This event indicates that a scan for a Windows Update occurred.
+This event sends launch data for a Windows Update scan to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -6010,7 +6060,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.Download
 
-This event sends launch data for a Windows Update download to help keep Windows up to date.
+This event sends launch data for a Windows Update download to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -6028,7 +6078,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.FlightInapplicable
 
-This event sends data on whether the update was applicable to the device, to help keep Windows up to date.
+This event sends data on whether the update was applicable to the device. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -6043,7 +6093,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.InitiatingReboot
 
-This event sends data about an Orchestrator requesting a reboot from power management to help keep Windows up to date.
+This event sends data about an Orchestrator requesting a reboot from power management to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -6060,7 +6110,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.Install
 
-This event sends launch data for a Windows Update install to help keep Windows up to date.
+This event sends launch data for a Windows Update install to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -6085,7 +6135,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.LowUptimes
 
-This event is sent if a device is identified as not having sufficient uptime to reliably process updates in order to keep secure.
+This event is sent if a device is identified as not having sufficient uptime to reliably process updates in order to keep secure. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -6097,7 +6147,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.OneshotUpdateDetection
 
-This event returns data about scans initiated through settings UI, or background scans that are urgent; to help keep Windows up to date.
+This event returns data about scans initiated through settings UI, or background scans that are urgent; to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -6109,7 +6159,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.PostInstall
 
-This event sends data about lite stack devices (mobile, IOT, anything non-PC) immediately before data migration is launched to help keep Windows up to date.
+This event sends data about lite stack devices (mobile, IOT, anything non-PC) immediately before data migration is launched to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -6125,7 +6175,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.PowerMenuOptionsChanged
 
-This event is sent when the options in power menu changed, usually due to an update pending reboot, or after a update is installed.
+This event is sent when the options in power menu changed, usually due to an update pending reboot, or after a update is installed. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -6137,7 +6187,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.PreShutdownStart
 
-This event is generated before the shutdown and commit operations.
+This event is generated before the shutdown and commit operations. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -6146,7 +6196,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.RebootFailed
 
-This event sends information about whether an update required a reboot and reasons for failure, to help keep Windows up to date.
+This event sends information about whether an update required a reboot and reasons for failure, to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -6166,7 +6216,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.RefreshSettings
 
-This event sends basic data about the version of upgrade settings applied to the system to help keep Windows up to date.
+This event sends basic data about the version of upgrade settings applied to the system to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -6178,7 +6228,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.RestoreRebootTask
 
-This event sends data indicating that a reboot task is missing unexpectedly on a device and the task is restored because a reboot is still required, to help keep Windows up to date.
+This event sends data indicating that a reboot task is missing unexpectedly on a device and the task is restored because a reboot is still required, to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -6190,7 +6240,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.SystemNeeded
 
-This event sends data about why a device is unable to reboot, to help keep Windows up to date.
+This event sends data about why a device is unable to reboot, to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -6206,7 +6256,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.UpdatePolicyCacheRefresh
 
-This event sends data on whether Update Management Policies were enabled on a device, to help keep Windows up to date.
+This event sends data on whether Update Management Policies were enabled on a device, to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -6219,7 +6269,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.UpdateRebootRequired
 
-This event sends data about whether an update required a reboot to help keep Windows up to date.
+This event sends data about whether an update required a reboot to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -6234,7 +6284,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.updateSettingsFlushFailed
 
-This event sends information about an update that encountered problems and was not able to complete.
+This event sends information about an update that encountered problems and was not able to complete. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -6244,7 +6294,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.USODiagnostics
 
-This event sends data on whether the state of the update attempt, to help keep Windows up to date.
+This event sends data on whether the state of the update attempt, to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -6257,7 +6307,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.UsoSession
 
-This event represents the state of the USO service at start and completion.
+This event represents the state of the USO service at start and completion. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -6293,7 +6343,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Ux.MusNotification.EnhancedEngagedRebootUxState
 
-This event sends information about the configuration of Enhanced Direct-to-Engaged (eDTE), which includes values for the timing of how eDTE will progress through each phase of the reboot.
+This event sends information about the configuration of Enhanced Direct-to-Engaged (eDTE), which includes values for the timing of how eDTE will progress through each phase of the reboot. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -6315,7 +6365,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Ux.MusNotification.RebootNoLongerNeeded
 
-This event is sent when a security update has successfully completed.
+This event is sent when a security update has successfully completed. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -6324,7 +6374,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Ux.MusNotification.RebootScheduled
 
-This event sends data about a required reboot that is scheduled with no user interaction, to help keep Windows up to date.
+This event sends basic information about scheduling an update-related reboot, to get security updates and to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -6342,7 +6392,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Ux.MusNotification.ToastDisplayedToScheduleReboot
 
-This event is sent when a toast notification is shown to the user about scheduling a device restart.
+This event is sent when a toast notification is shown to the user about scheduling a device restart. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -6351,7 +6401,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Ux.MusUpdateSettings.RebootScheduled
 
-This event sends basic information for scheduling a device restart to install security updates. It's used to help keep Windows up to date.
+This event sends basic information for scheduling a device restart to install security updates. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -6371,7 +6421,7 @@ The following fields are available:
 
 ### Mitigation360Telemetry.MitigationCustom.CleanupSafeOsImages
 
-This event sends data specific to the CleanupSafeOsImages mitigation used for OS Updates.
+This event sends data specific to the CleanupSafeOsImages mitigation used for OS Updates. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -6395,7 +6445,7 @@ The following fields are available:
 
 ### Mitigation360Telemetry.MitigationCustom.FixupEditionId
 
-This event sends data specific to the FixupEditionId mitigation used for OS Updates.
+This event sends data specific to the FixupEditionId mitigation used for OS Updates. The data collected with this event is used to help keep Windows secure and up to date.
 
 
 
@@ -6403,25 +6453,25 @@ This event sends data specific to the FixupEditionId mitigation used for OS Upda
 
 ### Microsoft.Windows.UpdateReserveManager.CommitPendingHardReserveAdjustment
 
-This event is sent when the Update Reserve Manager commits a hard reserve adjustment that was pending.
+This event is sent when the Update Reserve Manager commits a hard reserve adjustment that was pending. The data collected with this event is used to help keep Windows secure and up to date.
 
 
 
 ### Microsoft.Windows.UpdateReserveManager.InitializeUpdateReserveManager
 
-This event returns data about the Update Reserve Manager, including whether it’s been initialized.
+This event returns data about the Update Reserve Manager, including whether it’s been initialized. The data collected with this event is used to help keep Windows secure and up to date.
 
 
 
 ### Microsoft.Windows.UpdateReserveManager.RemovePendingHardReserveAdjustment
 
-This event is sent when the Update Reserve Manager removes a pending hard reserve adjustment.
+This event is sent when the Update Reserve Manager removes a pending hard reserve adjustment. The data collected with this event is used to help keep Windows secure and up to date.
 
 
 
 ### Microsoft.Windows.UpdateReserveManager.UpdatePendingHardReserveAdjustment
 
-This event is sent when the Update Reserve Manager needs to adjust the size of the hard reserve after the option content is installed.
+This event is sent when the Update Reserve Manager needs to adjust the size of the hard reserve after the option content is installed. The data collected with this event is used to help keep Windows secure and up to date.
 
 
 
diff --git a/windows/privacy/basic-level-windows-diagnostic-events-and-fields-1709.md b/windows/privacy/basic-level-windows-diagnostic-events-and-fields-1709.md
index 6c91cf051e..2be76e6660 100644
--- a/windows/privacy/basic-level-windows-diagnostic-events-and-fields-1709.md
+++ b/windows/privacy/basic-level-windows-diagnostic-events-and-fields-1709.md
@@ -13,7 +13,7 @@ manager: dansimp
 ms.collection: M365-security-compliance
 ms.topic: article
 audience: ITPro
-ms.date: 03/27/2020
+ms.date: 09/30/2020
 ms.reviewer:
 ---
 
@@ -33,6 +33,7 @@ Use this article to learn about diagnostic events, grouped by event area, and th
 
 You can learn more about Windows functional and diagnostic data through these articles:
 
+- [Windows 10, version 2004 and Windows 10, version 20H2 required Windows diagnostic events and fields](required-windows-diagnostic-data-events-and-fields-2004.md)
 - [Windows 10, version 1903 and Windows 10, version 1909 basic diagnostic events and fields](basic-level-windows-diagnostic-events-and-fields-1903.md)
 - [Windows 10, version 1809 basic diagnostic events and fields](basic-level-windows-diagnostic-events-and-fields-1809.md)
 - [Windows 10, version 1803 basic diagnostic events and fields](basic-level-windows-diagnostic-events-and-fields-1803.md)
@@ -47,7 +48,7 @@ You can learn more about Windows functional and diagnostic data through these ar
 
 ### Microsoft.Windows.Appraiser.General.ChecksumTotalPictureCount
 
-Invalid Signature - This event is superseded by an event that contains additional fields.
+This event lists the types of objects and how many of each exist on the client device. This allows for a quick way to ensure that the records present on the server match what is present on the client. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -89,7 +90,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DatasourceApplicationFileAdd
 
-Represents the basic metadata about specific application files installed on the system.
+This event represents the basic metadata about specific application files installed on the system. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -107,7 +108,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DatasourceApplicationFileRemove
 
-This event indicates that the DatasourceApplicationFile object is no longer present.
+This event indicates that the DatasourceApplicationFile object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -118,7 +119,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DatasourceApplicationFileStartSync
 
-This event indicates that a new set of DatasourceApplicationFileAdd events will be sent.
+This event indicates that a new set of DatasourceApplicationFileAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -145,7 +146,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DatasourceDevicePnpRemove
 
-This event indicates that the DatasourceDevicePnp object is no longer present.
+This event indicates that the DatasourceDevicePnp object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -156,7 +157,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DatasourceDevicePnpStartSync
 
-This event indicates that a new set of DatasourceDevicePnpAdd events will be sent.
+This event indicates that a new set of DatasourceDevicePnpAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -178,7 +179,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DatasourceDriverPackageRemove
 
-This event indicates that the DatasourceDriverPackage object is no longer present.
+This event indicates that the DatasourceDriverPackage object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -189,7 +190,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DatasourceDriverPackageStartSync
 
-This event indicates that a new set of DatasourceDriverPackageAdd events will be sent.
+This event indicates that a new set of DatasourceDriverPackageAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -211,7 +212,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DataSourceMatchingInfoBlockRemove
 
-This event indicates that the DataSourceMatchingInfoBlock object is no longer present.
+This event indicates that the DataSourceMatchingInfoBlock object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -222,7 +223,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DataSourceMatchingInfoBlockStartSync
 
-This event indicates that a full set of DataSourceMatchingInfoBlockStAdd events have been sent.
+This event indicates that a full set of DataSourceMatchingInfoBlockStAdd events has completed being sent. This event is used to make compatibility decisions about files to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -244,7 +245,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DataSourceMatchingInfoPassiveRemove
 
-This event indicates that the DataSourceMatchingInfoPassive object is no longer present.
+This event indicates that the DataSourceMatchingInfoPassive object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -255,7 +256,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DataSourceMatchingInfoPassiveStartSync
 
-This event indicates that a new set of DataSourceMatchingInfoPassiveAdd events will be sent.
+This event indicates that a new set of DataSourceMatchingInfoPassiveAdd events will be sent. This event is used to make compatibility decisions about files to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -277,7 +278,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DataSourceMatchingInfoPostUpgradeRemove
 
-This event indicates that the DataSourceMatchingInfoPostUpgrade object is no longer present.
+This event indicates that the DataSourceMatchingInfoPostUpgrade object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -288,7 +289,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DataSourceMatchingInfoPostUpgradeStartSync
 
-This event indicates that a new set of DataSourceMatchingInfoPostUpgradeAdd events will be sent.
+This event indicates that a new set of DataSourceMatchingInfoPostUpgradeAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -310,7 +311,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DatasourceSystemBiosRemove
 
-This event indicates that the DatasourceSystemBios object is no longer present.
+This event indicates that the DatasourceSystemBios object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -321,7 +322,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DatasourceSystemBiosStartSync
 
-This event indicates that a new set of DatasourceSystemBiosAdd events will be sent.
+This event indicates that a new set of DatasourceSystemBiosAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -361,7 +362,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DecisionApplicationFileRemove
 
-This event indicates that the DecisionApplicationFile object is no longer present.
+This event indicates that the DecisionApplicationFile object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -372,7 +373,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DecisionApplicationFileStartSync
 
-This event indicates that a new set of DecisionApplicationFileAdd events will be sent.
+This event indicates that a new set of DecisionApplicationFileAdd events will be sent. This event is used to make compatibility decisions about a file to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -409,7 +410,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DecisionDevicePnpRemove
 
-This event indicates that the DecisionDevicePnp object is no longer present.
+This event Indicates that the DecisionDevicePnp object represented by the objectInstanceId is no longer present. This event is used to make compatibility decisions about PNP devices to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -420,7 +421,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DecisionDevicePnpStartSync
 
-The DecisionDevicePnpStartSync event indicates that a new set of DecisionDevicePnpAdd events will be sent.
+This event indicates that a new set of DecisionDevicePnpAdd events will be sent. This event is used to make compatibility decisions about PNP devices to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -447,7 +448,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DecisionDriverPackageRemove
 
-This event indicates that the DecisionDriverPackage object is no longer present.
+This event indicates that the DecisionDriverPackage object represented by the objectInstanceId is no longer present. This event is used to make compatibility decisions about driver packages to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -458,7 +459,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DecisionDriverPackageStartSync
 
-This event indicates that a new set of DecisionDriverPackageAdd events will be sent.
+The DecisionDriverPackageStartSync event indicates that a new set of DecisionDriverPackageAdd events will be sent. This event is used to make compatibility decisions about driver packages to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -486,7 +487,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DecisionMatchingInfoBlockRemove
 
-This event indicates that the DecisionMatchingInfoBlock object is no longer present.
+This event indicates that the DecisionMatchingInfoBlock object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -497,7 +498,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DecisionMatchingInfoBlockStartSync
 
-This event indicates that a new set of DecisionMatchingInfoBlockAdd events will be sent.
+This event indicates that a new set of DecisionMatchingInfoBlockAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -521,7 +522,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DecisionMatchingInfoPassiveRemove
 
-This event Indicates that the DecisionMatchingInfoPassive object is no longer present.
+This event Indicates that the DecisionMatchingInfoPassive object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -532,7 +533,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DecisionMatchingInfoPassiveStartSync
 
-This event indicates that a new set of DecisionMatchingInfoPassiveAdd events will be sent.
+This event indicates that a new set of DecisionMatchingInfoPassiveAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -558,7 +559,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DecisionMatchingInfoPostUpgradeRemove
 
-This event indicates that the DecisionMatchingInfoPostUpgrade object is no longer present.
+This event indicates that the DecisionMatchingInfoPostUpgrade object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -569,7 +570,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DecisionMatchingInfoPostUpgradeStartSync
 
-This event indicates that a new set of DecisionMatchingInfoPostUpgradeAdd events will be sent.
+This event indicates that a new set of DecisionMatchingInfoPostUpgradeAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -597,7 +598,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DecisionMediaCenterRemove
 
-This event indicates that the DecisionMediaCenter object is no longer present.
+This event indicates that the DecisionMediaCenter object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -608,7 +609,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DecisionMediaCenterStartSync
 
-This event indicates that a new set of DecisionMediaCenterAdd events will be sent.
+This event indicates that a new set of DecisionMediaCenterAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -633,7 +634,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DecisionSystemBiosRemove
 
-This event indicates that the DecisionSystemBios object is no longer present.
+This event indicates that the DecisionSystemBios object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -644,7 +645,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DecisionSystemBiosStartSync
 
-This event indicates that a new set of DecisionSystemBiosAdd events will be sent.
+This event indicates that a new set of DecisionSystemBiosAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -669,7 +670,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.InventoryApplicationFileAdd
 
-This event represents the basic metadata about a file on the system.  The file must be part of an app and either have a block in the compatibility database or be part of an antivirus program.
+This event represents the basic metadata about a file on the system.  The file must be part of an app and either have a block in the compatibility database or be part of an antivirus program. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -698,7 +699,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.InventoryApplicationFileRemove
 
-This event indicates that the InventoryApplicationFile object is no longer present.
+This event indicates that the InventoryApplicationFile object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -709,7 +710,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.InventoryApplicationFileStartSync
 
-This event indicates that a new set of InventoryApplicationFileAdd events will be sent.
+This event indicates that a new set of InventoryApplicationFileAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -733,7 +734,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.InventoryLanguagePackRemove
 
-This event indicates that the InventoryLanguagePack object is no longer present.
+This event indicates that the InventoryLanguagePack object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -744,7 +745,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.InventoryLanguagePackStartSync
 
-This event indicates that a new set of InventoryLanguagePackAdd events will be sent.
+This event indicates that a new set of InventoryLanguagePackAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -773,7 +774,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.InventoryMediaCenterRemove
 
-This event indicates that the InventoryMediaCenter object is no longer present.
+This event indicates that the InventoryMediaCenter object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -784,7 +785,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.InventoryMediaCenterStartSync
 
-This event indicates that a new set of InventoryMediaCenterAdd events will be sent.
+This event indicates that a new set of InventoryMediaCenterAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -795,7 +796,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.InventorySystemBiosAdd
 
-This event sends basic metadata about the BIOS to determine whether it has a compatibility block.
+This event sends basic metadata about the BIOS to determine whether it has a compatibility block. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -810,7 +811,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.InventorySystemBiosRemove
 
-This event indicates that the InventorySystemBios object is no longer present.
+This event indicates that the InventorySystemBios object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -821,7 +822,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.InventorySystemBiosStartSync
 
-This event indicates that a new set of InventorySystemBiosAdd events will be sent.
+This event indicates that a new set of InventorySystemBiosAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -832,7 +833,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.InventoryUplevelDriverPackageAdd
 
-This event is only runs during setup. It provides a listing of the uplevel driver packages that were downloaded before the upgrade. Is critical to understanding if failures in setup can be traced to not having sufficient uplevel drivers before the upgrade.
+This event runs only during setup. It provides a listing of the uplevel driver packages that were downloaded before the upgrade. It is critical in understanding if failures in setup can be traced to not having sufficient uplevel drivers before the upgrade. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -857,7 +858,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.InventoryUplevelDriverPackageRemove
 
-This event indicates that the InventoryUplevelDriverPackage object is no longer present.
+This event indicates that the InventoryUplevelDriverPackage object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -868,7 +869,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.InventoryUplevelDriverPackageStartSync
 
-This event indicates that a new set of InventoryUplevelDriverPackageAdd events will be sent.
+This event indicates that a new set of InventoryUplevelDriverPackageAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -879,7 +880,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.RunContext
 
-This event indicates what should be expected in the data payload.
+This event is sent at the beginning of an appraiser run, the RunContext indicates what should be expected in the following data payload. This event is used with the other Appraiser events to make compatibility decisions to keep Windows up to date.
 
 The following fields are available:
 
@@ -912,7 +913,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.SystemMemoryRemove
 
-This event that the SystemMemory object is no longer present.
+This event that the SystemMemory object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -923,7 +924,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.SystemMemoryStartSync
 
-This event indicates that a new set of SystemMemoryAdd events will be sent.
+This event indicates that a new set of SystemMemoryAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -947,7 +948,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.SystemProcessorCompareExchangeRemove
 
-This event indicates that the SystemProcessorCompareExchange object is no longer present.
+This event indicates that the SystemProcessorCompareExchange object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -958,7 +959,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.SystemProcessorCompareExchangeStartSync
 
-This event indicates that a new set of SystemProcessorCompareExchangeAdd events will be sent.
+This event indicates that a new set of SystemProcessorCompareExchangeAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -982,7 +983,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.SystemProcessorLahfSahfRemove
 
-This event indicates that the SystemProcessorLahfSahf object is no longer present.
+This event indicates that the SystemProcessorLahfSahf object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -993,7 +994,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.SystemProcessorLahfSahfStartSync
 
-This event indicates that a new set of SystemProcessorLahfSahfAdd events will be sent.
+This event indicates that a new set of SystemProcessorLahfSahfAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1018,7 +1019,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.SystemProcessorNxRemove
 
-This event indicates that the SystemProcessorNx object is no longer present.
+This event indicates that the SystemProcessorNx object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1029,7 +1030,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.SystemProcessorNxStartSync
 
-This event  indicates that a new set of SystemProcessorNxAdd events will be sent.
+This event  indicates that a new set of SystemProcessorNxAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1053,7 +1054,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.SystemProcessorPrefetchWRemove
 
-This event indicates that the SystemProcessorPrefetchW object is no longer present.
+This event indicates that the SystemProcessorPrefetchW object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1064,7 +1065,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.SystemProcessorPrefetchWStartSync
 
-This event indicates that a new set of SystemProcessorPrefetchWAdd events will be sent.
+This event indicates that a new set of SystemProcessorPrefetchWAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1088,7 +1089,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.SystemProcessorSse2Remove
 
-This event indicates that the SystemProcessorSse2 object is no longer present.
+This event indicates that the SystemProcessorSse2 object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1099,7 +1100,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.SystemProcessorSse2StartSync
 
-This event indicates that a new set of SystemProcessorSse2Add events will be sent.
+This event indicates that a new set of SystemProcessorSse2Add events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1123,7 +1124,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.SystemTouchRemove
 
-This event indicates that the SystemTouch object is no longer present.
+This event indicates that the SystemTouch object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1134,7 +1135,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.SystemTouchStartSync
 
-This event indicates that a new set of SystemTouchAdd events will be sent.
+This event indicates that a new set of SystemTouchAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1158,7 +1159,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.SystemWimRemove
 
-This event indicates that the SystemWim object is no longer present.
+This event indicates that the SystemWim object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1169,7 +1170,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.SystemWimStartSync
 
-This event indicates that a new set of SystemWimAdd events will be sent.
+This event indicates that a new set of SystemWimAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1193,7 +1194,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.SystemWindowsActivationStatusRemove
 
-This event indicates that the SystemWindowsActivationStatus object is no longer present.
+This event indicates that the SystemWindowsActivationStatus object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1204,7 +1205,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.SystemWindowsActivationStatusStartSync
 
-This event indicates that a new set of SystemWindowsActivationStatusAdd events will be sent.
+This event indicates that a new set of SystemWindowsActivationStatusAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1232,7 +1233,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.SystemWlanRemove
 
-This event indicates that the SystemWlan object is no longer present.
+This event indicates that the SystemWlan object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1243,7 +1244,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.SystemWlanStartSync
 
-This event indicates that a new set of SystemWlanAdd events will be sent.
+This event indicates that a new set of SystemWlanAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1306,7 +1307,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.WmdrmRemove
 
-This event indicates that the Wmdrm object is no longer present.
+This event indicates that the Wmdrm object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1317,7 +1318,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.WmdrmStartSync
 
-This event indicates that a new set of WmdrmAdd events will be sent.
+The WmdrmStartSync event indicates that a new set of WmdrmAdd events will be sent. This event is used to understand the usage of older digital rights management on the system, to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1330,7 +1331,7 @@ The following fields are available:
 
 ### Census.App
 
-This event sends version data about the Apps running on this device, to help keep Windows up to date.
+This event sends version data about the Apps running on this device. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -1348,7 +1349,7 @@ The following fields are available:
 
 ### Census.Battery
 
-This event sends type and capacity data about the battery on the device, as well as the number of connected standby devices in use, type to help keep Windows up to date.
+This event sends type and capacity data about the battery on the device, as well as the number of connected standby devices in use. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -1359,19 +1360,9 @@ The following fields are available:
 - **IsAlwaysOnAlwaysConnectedCapable**  Represents whether the battery enables the device to be AlwaysOnAlwaysConnected . Boolean value.
 
 
-### Census.Camera
-
-This event sends data about the resolution of cameras on the device, to help keep Windows up to date.
-
-The following fields are available:
-
-- **FrontFacingCameraResolution**  Represents the resolution of the front facing camera in megapixels. If a front facing camera does not exist, then the value is 0.
-- **RearFacingCameraResolution**  Represents the resolution of the rear facing camera in megapixels. If a rear facing camera does not exist, then the value is 0.
-
-
 ### Census.Enterprise
 
-This event sends data about Azure presence, type, and cloud domain use in order to provide an understanding of the use and integration of devices in an enterprise, cloud, and server environment.
+This event sends data about Azure presence, type, and cloud domain use in order to provide an understanding of the use and integration of devices in an enterprise, cloud, and server environment. The data collected with this event is used to help keep Windows secure.
 
 The following fields are available:
 
@@ -1389,14 +1380,14 @@ The following fields are available:
 - **IsEDPEnabled**  Represents if Enterprise data protected on the device.
 - **IsMDMEnrolled**  Whether the device has been MDM Enrolled or not.
 - **MPNId**  Returns the Partner ID/MPN ID from Regkey. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\DeployID
-- **SCCMClientId**  This ID correlate systems that send data to Compat Analytics (OMS) and other OMS based systems with systems in a Configuration Manager environment.
-- **ServerFeatures**  Represents the features installed on a Windows Server. This can be used by developers and administrators who need to automate the process of determining the features installed on a set of server computers.
-- **SystemCenterID**  The Configuration Manager ID is an anonymized one-way hash of the Active Directory Organization identifier
+- **SCCMClientId**  This ID correlate systems that send data to Compat Analytics (OMS) and other OMS based systems with systems in an Enterprise SCCM environment.
+- **ServerFeatures**  Represents the features installed on a Windows   Server. This can be used by developers and administrators who need to automate the process of determining the features installed on a set of server computers.
+- **SystemCenterID**  The SCCM ID is an anonymized one-way hash of the Active Directory Organization identifier
 
 
 ### Census.Firmware
 
-This event sends data about the BIOS and startup embedded in the device, to help keep Windows up to date.
+This event sends data about the BIOS and startup embedded in the device. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -1408,7 +1399,7 @@ The following fields are available:
 
 ### Census.Flighting
 
-This event sends Windows Insider data from customers participating in improvement testing and feedback programs, to help keep Windows up to date.
+This event sends Windows Insider data from customers participating in improvement testing and feedback programs. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -1423,7 +1414,7 @@ The following fields are available:
 
 ### Census.Hardware
 
-This event sends data about the device, including hardware type, OEM brand, model line, model, telemetry level setting, and TPM support, to help keep Windows up to date.
+This event sends data about the device, including hardware type, OEM brand, model line, model, telemetry level setting, and TPM support. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -1464,7 +1455,7 @@ The following fields are available:
 
 ### Census.Memory
 
-This event sends data about the memory on the device, including ROM and RAM, to help keep Windows up to date.
+This event sends data about the memory on the device, including ROM and RAM. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -1474,7 +1465,7 @@ The following fields are available:
 
 ### Census.Network
 
-This event sends data about the mobile and cellular network used by the device (mobile service provider, network, device ID, and service cost factors), to help keep Windows up to date.
+This event sends data about the mobile and cellular network used by the device (mobile service provider, network, device ID, and service cost factors). The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -1497,7 +1488,7 @@ The following fields are available:
 
 ### Census.OS
 
-This event sends data about the operating system such as the version, locale, update service configuration, when and how it was originally installed, and whether it is a virtual device, to help keep Windows up to date.
+This event sends data about the operating system such as the version, locale, update service configuration, when and how it was originally installed, and whether it is a virtual device. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -1539,7 +1530,7 @@ The following fields are available:
 
 ### Census.Processor
 
-This event sends data about the processor to help keep Windows up to date.
+This event sends data about the processor. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -1561,7 +1552,7 @@ The following fields are available:
 
 ### Census.Security
 
-This event provides information on about security settings used to help keep Windows up to date and secure.
+This event provides information about security settings. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -1578,7 +1569,7 @@ The following fields are available:
 
 ### Census.Speech
 
-This event is used to gather basic speech settings on the device.
+This event is used to gather basic speech settings on the device. The data collected with this event is used to help keep Windows secure.
 
 The following fields are available:
 
@@ -1595,7 +1586,7 @@ The following fields are available:
 
 ### Census.Storage
 
-This event sends data about the total capacity of the system volume and primary disk, to help keep Windows up to date.
+This event sends data about the total capacity of the system volume and primary disk. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -1606,7 +1597,7 @@ The following fields are available:
 
 ### Census.Userdefault
 
-This event sends data about the current user's default preferences for browser and several of the most popular extensions and protocols, to help keep Windows up to date.
+This event sends data about the current user's default preferences for browser and several of the most popular extensions and protocols. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -1616,7 +1607,7 @@ The following fields are available:
 
 ### Census.UserDisplay
 
-This event sends data about the logical/physical display size, resolution and number of internal/external displays, and VRAM on the system, to help keep Windows up to date.
+This event sends data about the logical/physical display size, resolution and number of internal/external displays, and VRAM on the system. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -1637,7 +1628,7 @@ The following fields are available:
 
 ### Census.UserNLS
 
-This event sends data about the default app language, input, and display language preferences set by the user, to help keep Windows up to date.
+This event sends data about the default app language, input, and display language preferences set by the user. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -1650,7 +1641,7 @@ The following fields are available:
 
 ### Census.VM
 
-This event sends data indicating whether virtualization is enabled on the device, and its various characteristics, to help keep Windows up to date.
+This event sends data indicating whether virtualization is enabled on the device, and its various characteristics. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -1665,7 +1656,7 @@ The following fields are available:
 
 ### Census.WU
 
-This event sends data about the Windows update server and other App store policies, to help keep Windows up to date.
+This event sends data about the Windows update server and other App store policies. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -1888,7 +1879,7 @@ The following fields are available:
 
 ### CbsServicingProvider.CbsCapabilitySessionFinalize
 
-This event provides information about the results of installing or uninstalling optional Windows content from Windows Update.
+This event provides information about the results of installing or uninstalling optional Windows content from Windows Update. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -1958,19 +1949,19 @@ The following fields are available:
 
 ### TelClientSynthetic.AuthorizationInfo_RuntimeTransition
 
-This event sends data indicating that a device has undergone a change of telemetry opt-in level detected at UTC startup, to help keep Windows up to date. The telemetry opt-in level signals what data we are allowed to collect.
+This event is fired by UTC at state transitions to signal what data we are allowed to collect. The data collected with this event is used to help keep Windows up to date, secure, and performing properly.
 
 
 
 ### TelClientSynthetic.AuthorizationInfo_Startup
 
-Fired by UTC at startup to signal what data we are allowed to collect.
+This event is fired by UTC at startup to signal what data we are allowed to collect. The data collected with this event is used to help keep Windows up to date, secure, and performing properly.
 
 
 
 ### TelClientSynthetic.ConnectivityHeartBeat_0
 
-This event sends data about the connectivity status of the Connected User Experience and Telemetry component that uploads telemetry events. If an unrestricted free network (such as Wi-Fi) is available, this event updates the last successful upload time. Otherwise, it checks whether a Connectivity Heartbeat event was fired in the past 24 hours, and if not, it sends an event. A Connectivity Heartbeat event is also sent when a device recovers from costed network to free network.
+This event sends data about the connectivity status of the Connected User Experience and Telemetry component that uploads telemetry events. If an unrestricted free network (such as Wi-Fi) is available, this event updates the last successful upload time. Otherwise, it checks whether a Connectivity Heartbeat event was fired in the past 24 hours, and if not, it sends an event. A Connectivity Heartbeat event is also sent when a device recovers from costed network to free network. This event is fired by UTC during periods of no network as a heartbeat signal, to keep Windows secure and up to date.
 
 
 
@@ -2016,6 +2007,25 @@ This event is triggered when UTC determines it needs to send information about p
 
 ## DxgKernelTelemetry events
 
+### DxgKrnlTelemetry.BddDiag
+
+This event records Microsoft basic display driver diagnostic information. The data collected with this event is used to keep Windows performing properly.
+
+The following fields are available:
+
+- **BiosFlags**  Bitwise flags that contain graphics related firmware information on the device such as the system was booted with display or not, system was using VBIOS or UEFI GOP, and VBIOS has a valid display mode list or not.
+- **CurrentMode**  Information about the current display mode such as the resolution, rotation, and scaling.
+- **DefaultModeReason**  Numeric value indicating the reason that the Microsoft Basic Display Driver is in use.
+- **DefaultModeResolution**  Default resolution that Microsoft Basic Display Driver detected.
+- **DefaultResolutionProvider**  Numeric value indicating the source of the default resolution.
+- **Flags**  Bitwise flags containing Microsoft Basic Display Driver related information such as if it is running because there is no graphics driver or user PnP stopped the graphics driver, it has valid EDID or not on the connected monitor and where the EDID was from, it is running at gray scale mode or not, it is running without display or not.
+- **HeadlessReason**  Numeric value indicating why there is no display.
+- **LogAssertionCount**  Number of assertions that were encountered before this event was recorded.
+- **LogErrorCount**  Number of errors that were encountered before this event was recorded.
+- **MonitorPowerState**  Current power state of the monitor.
+- **Version**  Version of the schema for this event.
+
+
 ### DxgKrnlTelemetry.GPUAdapterInventoryV2
 
 This event sends basic GPU and display driver information to keep Windows and display drivers up-to-date.
@@ -2169,7 +2179,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Upgrade.Uninstall.UninstallFailed
 
-This event sends diagnostic data about failures when uninstalling a feature update, to help resolve any issues preventing customers from reverting to a known state.
+This event sends diagnostic data about failures when uninstalling a feature update, to help resolve any issues preventing customers from reverting to a known state. The data collected with this event is used to help keep Windows up to date and performing properly.
 
 The following fields are available:
 
@@ -2179,7 +2189,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Upgrade.Uninstall.UninstallFinalizedAndRebootTriggered
 
-This event indicates that the uninstall was properly configured and that a system reboot was initiated.
+This event indicates that the uninstall was properly configured and that a system reboot was initiated. The data collected with this event is used to help keep Windows up to date and performing properly.
 
 The following fields are available:
 
@@ -2223,7 +2233,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.AmiTelCacheChecksum
 
-This event captures basic checksum data about the device inventory items stored in the cache for use in validating data completeness for Microsoft.Windows.Inventory.Core events. The fields in this event may change over time, but they will always represent a count of a given object.
+This event captures basic checksum data about the device inventory items stored in the cache for use in validating data completeness for Microsoft.Windows.Inventory.Core events. The fields in this event may change over time, but they will always represent a count of a given object. The data collected with this event is used to keep Windows performing properly.
 
 The following fields are available:
 
@@ -2250,7 +2260,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.AmiTelCacheVersions
 
-This event sends inventory component versions for the Device Inventory data.
+This event sends inventory component versions for the Device Inventory data. The data collected with this event is used to keep Windows performing properly.
 
 The following fields are available:
 
@@ -2260,7 +2270,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.InventoryApplicationAdd
 
-This event sends basic metadata about an application on the system to help keep Windows up to date.
+This event sends basic metadata about an application on the system. The data collected with this event is used to keep Windows performing properly and up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -2289,7 +2299,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.InventoryApplicationDriverAdd
 
-This event represents what drivers an application installs.
+This event represents what drivers an application installs. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -2301,7 +2311,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.InventoryApplicationDriverStartSync
 
-This event indicates that a new set of InventoryApplicationDriverStartAdd events will be sent.
+The InventoryApplicationDriverStartSync event indicates that a new set of InventoryApplicationDriverStartAdd events will be sent. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -2312,7 +2322,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.InventoryApplicationFrameworkAdd
 
-This event provides the basic metadata about the frameworks an application may depend on.
+This event provides the basic metadata about the frameworks an application may depend on. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -2326,7 +2336,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.InventoryApplicationFrameworkStartSync
 
-This event indicates that a new set of InventoryApplicationFrameworkAdd events will be sent.
+This event indicates that a new set of InventoryApplicationFrameworkAdd events will be sent. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -2337,7 +2347,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.InventoryApplicationRemove
 
-This event indicates that a new set of InventoryDevicePnpAdd events will be sent.
+This event indicates that a new set of InventoryDevicePnpAdd events will be sent. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -2348,7 +2358,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.InventoryApplicationStartSync
 
-This event indicates that a new set of InventoryApplicationAdd events will be sent.
+This event indicates that a new set of InventoryApplicationAdd events will be sent. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -2359,7 +2369,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.InventoryDeviceContainerAdd
 
-This event sends basic metadata about a device container (such as a monitor or printer as opposed to a Plug and Play device) to help keep Windows up to date.
+This event sends basic metadata about a device container (such as a monitor or printer as opposed to a Plug and Play device). The data collected with this event is used to help keep Windows up to date and to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -2383,7 +2393,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.InventoryDeviceContainerRemove
 
-This event indicates that the InventoryDeviceContainer object is no longer present.
+This event indicates that the InventoryDeviceContainer object is no longer present. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -2394,7 +2404,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.InventoryDeviceContainerStartSync
 
-This event indicates that a new set of InventoryDeviceContainerAdd events will be sent.
+This event indicates that a new set of InventoryDeviceContainerAdd events will be sent. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -2405,7 +2415,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.InventoryDeviceInterfaceAdd
 
-This event retrieves information about what sensor interfaces are available on the device.
+This event retrieves information about what sensor interfaces are available on the device. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -2435,7 +2445,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.InventoryDeviceInterfaceStartSync
 
-This event indicates that a new set of InventoryDeviceInterfaceAdd events will be sent.
+This event indicates that a new set of InventoryDeviceInterfaceAdd events will be sent. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -2446,7 +2456,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.InventoryDeviceMediaClassAdd
 
-This event sends additional metadata about a Plug and Play device that is specific to a particular class of devices to help keep Windows up to date while reducing overall size of data payload.
+This event sends additional metadata about a Plug and Play device that is specific to a particular class of devices. The data collected with this event is used to help keep Windows up to date and performing properly while reducing overall size of data payload.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -2459,7 +2469,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.InventoryDeviceMediaClassRemove
 
-This event indicates that the InventoryDeviceMediaClassRemove object is no longer present.
+This event indicates that the InventoryDeviceMediaClass object represented by the objectInstanceId is no longer present. This event is used to understand a PNP device that is specific to a particular class of devices. The data collected with this event is used to help keep Windows up to date and performing properly while reducing overall size of data payload.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -2470,7 +2480,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.InventoryDeviceMediaClassStartSync
 
-This event indicates that a new set of InventoryDeviceMediaClassSAdd events will be sent.
+This event indicates that a new set of InventoryDeviceMediaClassSAdd events will be sent. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -2520,7 +2530,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.InventoryDevicePnpRemove
 
-This event indicates that the InventoryDevicePnpRemove object is no longer present.
+This event indicates that the InventoryDevicePnpRemove object is no longer present. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -2531,7 +2541,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.InventoryDevicePnpStartSync
 
-This event indicates that a new set of InventoryDevicePnpAdd events will be sent.
+This event indicates that a new set of InventoryDevicePnpAdd events will be sent. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -2542,7 +2552,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.InventoryDeviceUsbHubClassAdd
 
-This event sends basic metadata about the USB hubs on the device.
+This event sends basic metadata about the USB hubs on the device. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -2555,7 +2565,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.InventoryDeviceUsbHubClassStartSync
 
-This event indicates that a new set of InventoryDeviceUsbHubClassAdd events will be sent.
+This event indicates that a new set of InventoryDeviceUsbHubClassAdd events will be sent. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -2566,7 +2576,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.InventoryDriverBinaryAdd
 
-This event sends basic metadata about driver binaries running on the system to help keep Windows up to date.
+This event sends basic metadata about driver binaries running on the system. The data collected with this event is used to help keep Windows up to date and performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -2593,7 +2603,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.InventoryDriverBinaryRemove
 
-This event indicates that the InventoryDriverBinary object is no longer present.
+This event indicates that the InventoryDriverBinary object is no longer present. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -2604,7 +2614,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.InventoryDriverBinaryStartSync
 
-This event indicates that a new set of InventoryDriverBinaryAdd events will be sent.
+This event indicates that a new set of InventoryDriverBinaryAdd events will be sent. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -2615,7 +2625,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.InventoryDriverPackageAdd
 
-This event sends basic metadata about drive packages installed on the system  to help keep Windows up to date.
+This event sends basic metadata about drive packages installed on the system. The data collected with this event is used to help keep Windows up to date and performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -2635,7 +2645,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.InventoryDriverPackageRemove
 
-This event indicates that the InventoryDriverPackageRemove object is no longer present.
+This event indicates that the InventoryDriverPackageRemove object is no longer present. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -2646,7 +2656,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.InventoryDriverPackageStartSync
 
-This event indicates that a new set of InventoryDriverPackageAdd events will be sent.
+This event indicates that a new set of InventoryDriverPackageAdd events will be sent. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -2655,9 +2665,17 @@ The following fields are available:
 - **InventoryVersion**  The version of the inventory file generating the events.
 
 
+### Microsoft.Windows.Inventory.General. InventoryMiscellaneousMemorySlotArrayInfoRemove
+
+This event indicates that this particular data object represented by the ObjectInstanceId is no longer present. The data collected with this event is used to help keep Windows up to date.
+
+This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
+
+
+
 ### Microsoft.Windows.Inventory.General.AppHealthStaticAdd
 
-This event sends details collected for a specific application on the source device.
+This event sends details collected for a specific application on the source device. The data collected with this event is used to keep Windows performing properly.
 
 The following fields are available:
 
@@ -2684,7 +2702,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.General.AppHealthStaticStartSync
 
-This event indicates the beginning of a series of AppHealthStaticAdd events.
+This event indicates the beginning of a series of AppHealthStaticAdd events. The data collected with this event is used to keep Windows performing properly.
 
 The following fields are available:
 
@@ -2696,7 +2714,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousOfficeAddInAdd
 
-Invalid variant - Provides data on the installed Office Add-ins
+This event provides data on the installed Office add-ins. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -2730,7 +2748,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousOfficeAddInRemove
 
-This event indicates that the particular data object represented by the objectInstanceId is no longer present.
+This event indicates that the particular data object represented by the objectInstanceId is no longer present. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -2738,7 +2756,7 @@ This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedevic
 
 ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousOfficeAddInStartSync
 
-This event indicates that a new sync is being generated for this object type.
+This event indicates that a new sync is being generated for this object type. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -2749,7 +2767,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousOfficeIdentifiersAdd
 
-This event provides data on the Office identifiers
+This event provides data on the Office identifiers. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -2767,7 +2785,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousOfficeIdentifiersStartSync
 
-Diagnostic event to indicate a new sync is being generated for this object type
+This is a diagnostic event that indicates a new sync is being generated for this object type. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -2778,7 +2796,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousOfficeIESettingsAdd
 
-This event includes the Office-related Internet Explorer features
+This event provides data on Office-related Internet Explorer features. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -2804,7 +2822,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousOfficeIESettingsStartSync
 
-Diagnostic event to indicate a new sync is being generated for this object type
+This is a diagnostic event that indicates a new sync is being generated for this object type. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -2815,7 +2833,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousOfficeInsightsAdd
 
-Provides insight data on the installed Office products
+This event provides insight data on the installed Office products. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -2830,7 +2848,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousOfficeInsightsRemove
 
-This event indicates that the particular data object represented by the objectInstanceId is no longer present.
+This event indicates that the particular data object represented by the objectInstanceId is no longer present. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -2838,7 +2856,7 @@ This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedevic
 
 ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousOfficeInsightsStartSync
 
-Diagnostic event to indicate a new sync is being generated for this object type
+This diagnostic event indicates that a new sync is being generated for this object type. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -2849,7 +2867,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousOfficeProductsAdd
 
-This event list all installed Office products
+This event describes all installed Office products. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -2864,7 +2882,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousOfficeProductsStartSync
 
-Diagnostic event to indicate a new sync is being generated for this object type
+This is a diagnostic event that indicates a new sync is being generated for this object type. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -2875,7 +2893,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousOfficeSettingsAdd
 
-This event describes various Office settings
+This event describes various Office settings. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -2889,7 +2907,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousOfficeSettingsStartSync
 
-Diagnostic event to indicate a new sync is being generated for this object type
+This is a diagnostic event that indicates a new sync is being generated for this object type. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -2900,7 +2918,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousOfficeVBAAdd
 
-This event provides a summary rollup count of conditions encountered while performing a local scan of Office files, analyzing for known VBA programmability compatibility issues between legacy office version and ProPlus, and between 32 and 64-bit versions
+This event provides a summary rollup count of conditions encountered while performing a local scan of Office files, analyzing for known VBA programmability compatibility issues between legacy office version and ProPlus, and between 32 and 64-bit versions. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -2931,7 +2949,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousOfficeVBARemove
 
-This event indicates that the particular data object represented by the objectInstanceId is no longer present.
+This event indicates that the particular data object represented by the objectInstanceId is no longer present. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -2939,7 +2957,7 @@ This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedevic
 
 ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousOfficeVBARuleViolationsAdd
 
-This event provides data on Microsoft Office VBA rule violations, including a rollup count per violation type, giving an indication of remediation requirements for an organization. The event identifier is a unique GUID, associated with the validation rule
+This event provides data on Microsoft Office VBA rule violations, including a rollup count per violation type, giving an indication of remediation requirements for an organization. The event identifier is a unique GUID, associated with the validation rule. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -2950,7 +2968,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousOfficeVBARuleViolationsRemove
 
-This event indicates that the particular data object represented by the objectInstanceId is no longer present.
+This event indicates that the particular data object represented by the objectInstanceId is no longer present. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -2958,7 +2976,7 @@ This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedevic
 
 ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousOfficeVBARuleViolationsStartSync
 
-This event indicates that a new sync is being generated for this object type.
+This event indicates that a new sync is being generated for this object type. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -2969,7 +2987,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousOfficeVBAStartSync
 
-Diagnostic event to indicate a new sync is being generated for this object type
+This diagnostic event indicates that a new sync is being generated for this object type. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -2980,7 +2998,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousUUPInfoAdd
 
-Provides data on Unified Update Platform (UUP) products and what version they are at.
+This event provides data on Unified Update Platform (UUP) products and what version they are at. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -2995,7 +3013,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousUUPInfoRemove
 
-Indicates that this particular data object represented by the objectInstanceId is no longer present.
+This event indicates that this particular data object represented by the objectInstanceId is no longer present. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -3003,7 +3021,7 @@ This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedevic
 
 ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousUUPInfoStartSync
 
-Diagnostic event to indicate a new sync is being generated for this object type
+This is a diagnostic event that indicates a new sync is being generated for this object type. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -3011,7 +3029,7 @@ This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedevic
 
 ### Microsoft.Windows.Inventory.Indicators.Checksum
 
-This event summarizes the counts for the InventoryMiscellaneousUexIndicatorAdd events.
+This event summarizes the counts for the InventoryMiscellaneousUexIndicatorAdd events. The data collected with this event is used to keep Windows performing properly.
 
 The following fields are available:
 
@@ -3021,7 +3039,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Indicators.InventoryMiscellaneousUexIndicatorAdd
 
-These events represent the basic metadata about the OS indicators installed on the system which are used for keeping the device up to date.
+This event represents the basic metadata about the OS indicators installed on the system. The data collected with this event helps ensure the device is up to date and keeps Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -3032,7 +3050,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Indicators.InventoryMiscellaneousUexIndicatorRemove
 
-This event is a counterpart to InventoryMiscellaneousUexIndicatorAdd that indicates that the item has been removed.
+This event indicates that this particular data object represented by the objectInstanceId is no longer present. This event is used to understand the OS indicators installed on the system. The data collected with this event helps ensure the device is current and Windows is up to date and performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -3040,7 +3058,7 @@ This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedevic
 
 ### Microsoft.Windows.Inventory.Indicators.InventoryMiscellaneousUexIndicatorStartSync
 
-This event indicates that a new set of InventoryMiscellaneousUexIndicatorAdd events will be sent.
+This event indicates that this particular data object represented by the objectInstanceId is no longer present. This event is used to understand the OS indicators installed on the system. The data collected with this event helps ensure the device is current and Windows is up to date and performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -3060,7 +3078,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Kernel.BootEnvironment.OsLaunch
 
-OS information collected during Boot, used to evaluate the success of the upgrade process.
+This event includes basic data about the Operating System, collected during Boot and used to evaluate the success of the upgrade process. The data collected with this event is used to keep Windows performing properly.
 
 The following fields are available:
 
@@ -3087,19 +3105,19 @@ The following fields are available:
 
 ### Microsoft.Windows.MigrationCore.MigObjectCountDLUsr
 
-This event returns data to track the count of the migration objects across various phases during feature update.
+This event returns data to track the count of the migration objects across various phases during feature update. The data collected with this event is used to help keep Windows secure and to track data loss scenarios.
 
 
 
 ### Microsoft.Windows.MigrationCore.MigObjectCountKFSys
 
-This event returns data about the count of the migration objects across various phases during feature update.
+This event returns data about the count of the migration objects across various phases during feature update. The data collected with this event is used to help keep Windows secure and to track data loss scenarios.
 
 
 
 ### Microsoft.Windows.MigrationCore.MigObjectCountKFUsr
 
-This event returns data to track the count of the migration objects across various phases during feature update.
+This event returns data to track the count of the migration objects across various phases during feature update. The data collected with this event is used to help keep Windows secure and to track data loss scenarios.
 
 
 
@@ -3107,7 +3125,7 @@ This event returns data to track the count of the migration objects across vario
 
 ### Microsoft.OneDrive.Sync.Setup.APIOperation
 
-This event includes basic data about install and uninstall OneDrive API operations.
+This event includes basic data about install and uninstall OneDrive API operations. The data collected with this event is used to help keep Windows up to date, secure, and performing properly.
 
 The following fields are available:
 
@@ -3120,7 +3138,7 @@ The following fields are available:
 
 ### Microsoft.OneDrive.Sync.Setup.EndExperience
 
-This event includes a success or failure summary of the installation.
+This event includes a success or failure summary of the installation. The data collected with this event is used to help keep Windows up to date, secure, and performing properly.
 
 The following fields are available:
 
@@ -3132,7 +3150,7 @@ The following fields are available:
 
 ### Microsoft.OneDrive.Sync.Setup.OSUpgradeInstallationOperation
 
-This event is related to the OS version when the OS is upgraded with OneDrive installed.
+This event is related to the OS version when the OS is upgraded with OneDrive installed. The data collected with this event is used to help keep Windows up to date, secure, and performing properly.
 
 The following fields are available:
 
@@ -3148,7 +3166,7 @@ The following fields are available:
 
 ### Microsoft.OneDrive.Sync.Setup.RegisterStandaloneUpdaterAPIOperation
 
-This event is related to registering or unregistering the OneDrive update task.
+This event is related to registering or unregistering the OneDrive update task. The data collected with this event is used to help keep Windows up to date, secure, and performing properly.
 
 The following fields are available:
 
@@ -3161,7 +3179,7 @@ The following fields are available:
 
 ### Microsoft.OneDrive.Sync.Updater.ComponentInstallState
 
-This event includes basic data about the installation state of dependent OneDrive components.
+This event includes basic data about the installation state of dependent OneDrive components. The data collected with this event is used to help keep Windows up to date, secure, and performing properly.
 
 The following fields are available:
 
@@ -3171,7 +3189,7 @@ The following fields are available:
 
 ### Microsoft.OneDrive.Sync.Updater.OverlayIconStatus
 
-This event indicates if the OneDrive overlay icon is working correctly. 0 = healthy; 1 = can be fixed; 2 = broken
+This event indicates if the OneDrive overlay icon is working correctly. 0 = healthy; 1 = can be fixed; 2 = broken. The data collected with this event is used to help keep Windows up to date, secure, and performing properly.
 
 The following fields are available:
 
@@ -3181,7 +3199,7 @@ The following fields are available:
 
 ### Microsoft.OneDrive.Sync.Updater.UpdateOverallResult
 
-This event sends information describing the result of the update.
+This event sends information describing the result of the update. The data collected with this event is used to help keep Windows up to date, secure, and performing properly.
 
 The following fields are available:
 
@@ -3192,7 +3210,7 @@ The following fields are available:
 
 ### Microsoft.OneDrive.Sync.Updater.UpdateXmlDownloadHResult
 
-This event determines the status when downloading the OneDrive update configuration file.
+This event determines the status when downloading the OneDrive update configuration file. The data collected with this event is used to help keep Windows up to date, secure, and performing properly.
 
 The following fields are available:
 
@@ -3201,7 +3219,7 @@ The following fields are available:
 
 ### Microsoft.OneDrive.Sync.Updater.WebConnectionStatus
 
-This event determines the error code that was returned when verifying Internet connectivity.
+This event determines the error code that was returned when verifying Internet connectivity. The data collected with this event is used to help keep Windows up to date, secure, and performing properly.
 
 The following fields are available:
 
@@ -3212,7 +3230,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Shell.PrivacyNotifierLogging.PrivacyNotifierCompleted
 
-This event returns data to report the efficacy of a single-use tool to inform users impacted by a known issue and to take corrective action to address the issue.
+This event returns data to report the efficacy of a single-use tool to inform users impacted by a known issue and to take corrective action to address the issue. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -3229,7 +3247,7 @@ The following fields are available:
 
 ### Microsoft.Windows.QualityUpdateAssistant.Applicability
 
-This event sends basic info on whether the device should be updated to the latest cumulative update.
+This event sends basic info on whether the device should be updated to the latest cumulative update. The data collected with this event is used to help keep Windows up to date and secure.
 
 The following fields are available:
 
@@ -3241,7 +3259,7 @@ The following fields are available:
 
 ### Microsoft.Windows.QualityUpdateAssistant.DeviceReadinessCheck
 
-This event sends basic info on whether the device is ready to download the latest cumulative update.
+This event sends basic info on whether the device is ready to download the latest cumulative update. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -3253,7 +3271,7 @@ The following fields are available:
 
 ### Microsoft.Windows.QualityUpdateAssistant.Download
 
-This event sends basic info when download of the latest cumulative update begins.
+This event sends basic info when download of the latest cumulative update begins. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -3265,7 +3283,7 @@ The following fields are available:
 
 ### Microsoft.Windows.QualityUpdateAssistant.Install
 
-This event sends basic info on the result of the installation of the latest cumulative update.
+This event sends basic info on the result of the installation of the latest cumulative update. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -3279,7 +3297,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Remediation.Applicable
 
-deny
+This event indicates whether Windows Update sediment remediations need to be applied to the sediment device to keep Windows up to date. A sediment device is one that has been on a previous OS version for an extended period. The remediations address issues on the system that prevent the device from receiving OS updates.
 
 The following fields are available:
 
@@ -3326,7 +3344,7 @@ The following fields are available:
 - **RemediationNoisyHammerUserLoggedInAdmin**  TRUE if there is the user currently logged in is an Admin.
 - **RemediationShellDeviceManaged**  TRUE if the device is WSUS managed or Windows Updated disabled.
 - **RemediationShellDeviceNewOS**  TRUE if the device has a recently installed OS.
-- **RemediationShellDeviceSccm**  TRUE if the device is managed by Configuration Manager.
+- **RemediationShellDeviceSccm**  TRUE if the device is managed by SCCM (Microsoft System Center Configuration Manager).
 - **RemediationShellDeviceZeroExhaust**  TRUE if the device has opted out of Windows Updates completely.
 - **RemediationTargetMachine**  Indicates whether the device is a target of the specified fix.
 - **RemediationTaskHealthAutochkProxy**  True/False based on the health of the AutochkProxy task.
@@ -3362,7 +3380,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Remediation.ChangePowerProfileDetection
 
-Indicates whether the remediation system can put in a request to defer a system-initiated sleep to enable installation of security or quality updates.
+This event indicates whether the remediation system can put in a request to defer a system-initiated sleep to enable installation of security or quality updates, to keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -3499,7 +3517,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Remediation.RemediationShellMainExeEventId
 
-Enables tracking of completion of process that remediates issues preventing security and quality updates.
+This event enables tracking of completion of process that remediates issues preventing security and quality updates keep Windows up to date.
 
 The following fields are available:
 
@@ -3530,7 +3548,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Sediment.Info.DetailedState
 
-This event is sent when detailed state information is needed from an update trial run.
+This event is sent when detailed state information is needed from an update trial run. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -3594,7 +3612,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Sediment.OSRSS.Error
 
-This event indicates an error occurred in the Operating System Remediation System Service (OSRSS). The information provided helps ensure future upgrade/update attempts are more successful.
+This event indicates an error occurred in the Operating System Remediation System Service (OSRSS). The information provided helps ensure future upgrade/update attempts are more successful. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -3657,7 +3675,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Sediment.OSRSS.SelfUpdate
 
-This event returns metadata after Operating System Remediation System Service (OSRSS) successfully replaces itself with a new version.
+This event returns metadata after Operating System Remediation System Service (OSRSS) successfully replaces itself with a new version. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -3668,7 +3686,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Sediment.OSRSS.UrlState
 
-This event indicates the state the Operating System Remediation System Service (OSRSS)  is in while attempting a download from the URL.
+This event indicates the state the Operating System Remediation System Service (OSRSS) is in while attempting a download from the URL. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -3682,7 +3700,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Sediment.ServiceInstaller.ApplicabilityCheckFailed
 
-This event returns data relating to the error state after one of the applicability checks for the installer component of the Operating System Remediation System Service (OSRSS) has failed.
+This event returns data relating to the error state after one of the applicability checks for the installer component of the Operating System Remediation System Service (OSRSS) has failed. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -3783,7 +3801,7 @@ The following fields are available:
 
 ### Microsoft.Windows.SedimentLauncher.Applicable
 
-This event is sent when the Windows Update sediment remediations launcher finds that an applicable plug-in to address issues that may be preventing the sediment device from receiving OS updates.  A sediment device is one that has been on a previous OS version for an extended period.
+This event is sent when the Windows Update sediment remediations launcher finds that an applicable plug-in to address issues that may be preventing the sediment device from receiving OS updates.  A sediment device is one that has been on a previous OS version for an extended period. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -3799,7 +3817,7 @@ The following fields are available:
 
 ### Microsoft.Windows.SedimentLauncher.Completed
 
-This event is sent when the Windows Update sediment remediations launcher finishes running a plug-in to address issues that may be preventing the sediment device from receiving OS updates.  A sediment device is one that has been on a previous OS version for an extended period.
+This event is sent when the Windows Update sediment remediations launcher finishes running a plug-in to address issues that may be preventing the sediment device from receiving OS updates.  A sediment device is one that has been on a previous OS version for an extended period. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -3814,7 +3832,7 @@ The following fields are available:
 
 ### Microsoft.Windows.SedimentLauncher.Error
 
-Error occurred during execution of the plugin.
+This event indicates an error occurred during the execution of the plug-in. The information provided helps ensure future upgrade/update attempts are more successful. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -3825,7 +3843,7 @@ The following fields are available:
 
 ### Microsoft.Windows.SedimentLauncher.FallbackError
 
-This event indicates that an error occurred during execution of the plug-in fallback.
+This event indicates that an error occurred during execution of the plug-in fallback. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -3835,7 +3853,7 @@ The following fields are available:
 
 ### Microsoft.Windows.SedimentLauncher.Information
 
-This event provides general information returned from the plug-in.
+This event provides general information returned from the plug-in. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -3846,7 +3864,7 @@ The following fields are available:
 
 ### Microsoft.Windows.SedimentLauncher.Started
 
-This event is sent when the Windows Update sediment remediations launcher starts running a plug-in to address issues that may be preventing the sediment device from receiving OS updates.  A sediment device is one that has been on a previous OS version for an extended period.
+This event is sent when the Windows Update sediment remediations launcher starts running a plug-in to address issues that may be preventing the sediment device from receiving OS updates.  A sediment device is one that has been on a previous OS version for an extended period. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -3859,7 +3877,7 @@ The following fields are available:
 
 ### Microsoft.Windows.SedimentLauncher.wilResult
 
-This event provides the result from the Windows internal library.
+This event provides the result from the Windows internal library. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -3884,7 +3902,7 @@ The following fields are available:
 
 ### Microsoft.Windows.SedimentService.Applicable
 
-This event is sent when the Windows Update sediment remediations service finds that an applicable plug-in to address issues that may be preventing the sediment device from receiving OS updates.  A sediment device is one that has been on a previous OS version for an extended period.
+This event is sent when the Windows Update sediment remediations service finds that an applicable plug-in to address issues that may be preventing the sediment device from receiving OS updates.  A sediment device is one that has been on a previous OS version for an extended period. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -3900,7 +3918,7 @@ The following fields are available:
 
 ### Microsoft.Windows.SedimentService.Completed
 
-This event is sent when the Windows Update sediment remediations service finishes running a plug-in to address issues that may be preventing the sediment device from receiving OS updates.  A sediment device is one that has been on a previous OS version for an extended period.
+This event is sent when the Windows Update sediment remediations service finishes running a plug-in to address issues that may be preventing the sediment device from receiving OS updates.  A sediment device is one that has been on a previous OS version for an extended period. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -3922,7 +3940,7 @@ The following fields are available:
 
 ### Microsoft.Windows.SedimentService.Error
 
-This event indicates whether an error condition occurred in the plug-in.
+This event indicates whether an error condition occurred in the plug-in. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -3933,7 +3951,7 @@ The following fields are available:
 
 ### Microsoft.Windows.SedimentService.FallbackError
 
-This event indicates whether an error occurred for a fallback in the plug-in.
+This event indicates whether an error occurred for a fallback in the plug-in. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -3943,7 +3961,7 @@ The following fields are available:
 
 ### Microsoft.Windows.SedimentService.Information
 
-This event provides general information returned from the plug-in.
+This event provides general information returned from the plug-in. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -3954,7 +3972,7 @@ The following fields are available:
 
 ### Microsoft.Windows.SedimentService.Started
 
-This event is sent when the Windows Update sediment remediations service starts running a plug-in to address issues that may be preventing the sediment device from receiving OS updates.  A sediment device is one that has been on a previous OS version for an extended period.
+This event is sent when the Windows Update sediment remediations service starts running a plug-in to address issues that may be preventing the sediment device from receiving OS updates.  A sediment device is one that has been on a previous OS version for an extended period. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -3967,7 +3985,7 @@ The following fields are available:
 
 ### Microsoft.Windows.SedimentService.wilResult
 
-This event provides the result from the Windows internal library.
+This event provides the result from the Windows internal library. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -4056,7 +4074,7 @@ The following fields are available:
 
 ### wilActivity
 
-This event provides a Windows Internal Library context used for Product and Service diagnostics.
+This event provides a Windows Internal Library context used for Product and Service diagnostics. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -4081,7 +4099,7 @@ The following fields are available:
 
 ### wilResult
 
-This event provides a Windows Internal Library context used for Product and Service diagnostics.
+This event provides a Windows Internal Library context used for Product and Service diagnostics. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -4108,7 +4126,7 @@ The following fields are available:
 
 ### SIHEngineTelemetry.EvalApplicability
 
-This event is sent when targeting logic is evaluated to determine if a device is eligible a given action.
+This event is sent when targeting logic is evaluated to determine if a device is eligible a given action. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -4126,7 +4144,7 @@ The following fields are available:
 
 ### SIHEngineTelemetry.ExecuteAction
 
-This event is triggered with SIH attempts to execute (e.g. install) the update or action in question. Includes important information like if the update required a reboot.
+This event is triggered with SIH attempts to execute (e.g. install) the update or action in question. Includes important information like if the update required a reboot. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -4142,7 +4160,7 @@ The following fields are available:
 
 ### SIHEngineTelemetry.PostRebootReport
 
-This event reports the status of an action following a reboot, should one have been required.
+This event reports the status of an action following a reboot, should one have been required. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -4157,7 +4175,7 @@ The following fields are available:
 
 ### SIHEngineTelemetry.ServiceStateChange
 
-This event reports the status of attempts to stop or start a service as part of executing an action.
+This event reports the status of attempts to stop or start a service as part of executing an action. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -4174,7 +4192,7 @@ The following fields are available:
 
 ### SIHEngineTelemetry.SLSActionData
 
-This event reports if the SIH client was able to successfully parse the manifest describing the actions to be evaluated.
+This event reports if the SIH client was able to successfully parse the manifest describing the actions to be evaluated. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -4191,7 +4209,7 @@ The following fields are available:
 
 ### SoftwareUpdateClientTelemetry.CheckForUpdates
 
-Scan process event on Windows Update client (see eventscenario field for specifics, e.g.: started/failed/succeeded)
+This event sends tracking data about the software distribution client check for content that is applicable to a device, to help keep Windows up to date.
 
 The following fields are available:
 
@@ -4274,7 +4292,7 @@ The following fields are available:
 
 ### SoftwareUpdateClientTelemetry.Commit
 
-This event tracks the commit process post the update installation when software update client is trying to update the device.
+This event sends data on whether the Update Service has been called to execute an upgrade, to help keep Windows up to date.
 
 The following fields are available:
 
@@ -4305,7 +4323,7 @@ The following fields are available:
 
 ### SoftwareUpdateClientTelemetry.Download
 
-Download process event for target update on Windows Update client (see eventscenario field for specifics, e.g.: started/failed/succeeded)
+This event sends tracking data about the software distribution client download of the content for that update, to help keep Windows up to date.
 
 The following fields are available:
 
@@ -4382,7 +4400,7 @@ The following fields are available:
 
 ### SoftwareUpdateClientTelemetry.DownloadCheckpoint
 
-This event provides a checkpoint between each of the Windows Update download phases for UUP content
+This event provides a checkpoint between each of the Windows Update download phases for UUP content. The data collected with this event is used to help keep Windows up to date, secure, and performing properly.
 
 The following fields are available:
 
@@ -4404,7 +4422,7 @@ The following fields are available:
 
 ### SoftwareUpdateClientTelemetry.DownloadHeartbeat
 
-This event allows tracking of ongoing downloads and contains data to explain the current state of the download
+This event allows tracking of ongoing downloads and contains data to explain the current state of the download. The data collected with this event is used to help keep Windows up to date, secure, and performing properly.
 
 The following fields are available:
 
@@ -4504,7 +4522,7 @@ The following fields are available:
 
 ### SoftwareUpdateClientTelemetry.UpdateDetected
 
-This event sends data about an AppX app that has been updated from the Microsoft Store, including what app needs an update and what version/architecture is required, in order to understand and address problems with apps getting required updates.
+This event sends data about an AppX app that has been updated from the Microsoft Store, including what app needs an update and what version/architecture is required, in order to understand and address problems with apps getting required updates. The data collected with this event is used to help keep Windows up to date, secure, and performing properly.
 
 The following fields are available:
 
@@ -4519,7 +4537,7 @@ The following fields are available:
 
 ### SoftwareUpdateClientTelemetry.UpdateMetadataIntegrity
 
-Ensures Windows Updates are secure and complete. Event helps to identify whether update content has been tampered with and protects against man-in-the-middle attack.
+This event helps to identify whether update content has been tampered with and protects against man-in-the-middle attack. The data collected with this event is used to help keep Windows up to date, secure, and performing properly.
 
 The following fields are available:
 
@@ -4551,7 +4569,7 @@ The following fields are available:
 
 ### Microsoft.Windows.UpdateAssistant.Orchestrator.BlockingEventId
 
-The event sends basic info on the reason that Windows 10 was not updated due to compatibility issues, previous rollbacks, or admin policies.
+The event sends basic info on the reason that Windows 10 was not updated due to compatibility issues, previous rollbacks, or admin policies. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -4562,7 +4580,7 @@ The following fields are available:
 - **DeviceIsMdmManaged**  This device is MDM managed.
 - **IsNetworkAvailable**  If the device network is not available.
 - **IsNetworkMetered**  If network is metered.
-- **IsSccmManaged**  This device is managed by Configuration Manager.
+- **IsSccmManaged**  This device is SCCM managed.
 - **NewlyInstalledOs**  OS is newly installed quiet period.
 - **PausedByPolicy**  Updates are paused by policy.
 - **RecoveredFromRS3**  Previously recovered from RS3.
@@ -4575,7 +4593,7 @@ The following fields are available:
 
 ### Microsoft.Windows.UpdateAssistant.Orchestrator.DeniedLaunchEventId
 
-The event sends basic info when a device was blocked or prevented from updating to the latest Windows 10 version.
+The event sends basic info when a device was blocked or prevented from updating to the latest Windows 10 version. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -4587,7 +4605,7 @@ The following fields are available:
 
 ### Microsoft.Windows.UpdateAssistant.Orchestrator.FailedLaunchEventId
 
-Event to mark that Update Assistant Orchestrator failed to launch Update Assistant.
+This event indicates that Update Assistant Orchestrator failed to launch Update Assistant. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -4598,7 +4616,7 @@ The following fields are available:
 
 ### Microsoft.Windows.UpdateAssistant.Orchestrator.FailedOneSettingsQueryEventId
 
-Event indicating One Settings was not queried by update assistant.
+This event indicates that One Settings was not queried by update assistant. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -4608,7 +4626,7 @@ The following fields are available:
 
 ### Microsoft.Windows.UpdateAssistant.Orchestrator.LaunchEventId
 
-This event sends basic information on whether the device should be updated to the latest Windows 10 version.
+This event sends basic information on whether the device should be updated to the latest Windows 10 version. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -4622,7 +4640,7 @@ The following fields are available:
 
 ### Microsoft.Windows.UpdateAssistant.Orchestrator.RestoreEventId
 
-The event sends basic info on whether the Windows 10 update notification has previously launched.
+The event sends basic info on whether the Windows 10 update notification has previously launched. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -4636,7 +4654,7 @@ The following fields are available:
 
 ### Update360Telemetry.UpdateAgent_DownloadRequest
 
-This event sends data during the download request phase of updating Windows.
+This event sends data during the download request phase of updating Windows. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -4663,7 +4681,7 @@ The following fields are available:
 
 ### Update360Telemetry.UpdateAgent_FellBackToCanonical
 
-This event collects information when Express could not be used, and the update had to fall back to “canonical” during the new UUP (Unified Update Platform) update scenario; which is leveraged by both Mobile and Desktop.
+This event collects information when Express could not be used, and the update had to fall back to “canonical” during the new UUP (Unified Update Platform) update scenario; which is leveraged by both Mobile and Desktop. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -4679,7 +4697,7 @@ The following fields are available:
 
 ### Update360Telemetry.UpdateAgent_Initialize
 
-This event sends data during the initialize phase of updating Windows.
+This event sends data during the initialize phase of updating Windows. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -4697,7 +4715,7 @@ The following fields are available:
 
 ### Update360Telemetry.UpdateAgent_Install
 
-This event sends data during the install phase of updating Windows.
+This event sends data during the install phase of updating Windows. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -4713,7 +4731,7 @@ The following fields are available:
 
 ### Update360Telemetry.UpdateAgent_Merge
 
-This event sends data on the merge phase when updating Windows.
+This event sends data on the merge phase when updating Windows. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -4729,7 +4747,7 @@ The following fields are available:
 
 ### Update360Telemetry.UpdateAgent_ModeStart
 
-This event sends data for the start of each mode during the process of updating Windows.
+This event sends data for the start of each mode during the process of updating Windows. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -4744,7 +4762,7 @@ The following fields are available:
 
 ### Update360Telemetry.UpdateAgent_SetupBoxLaunch
 
-This event sends data during the launching of the setup box when updating Windows.
+This event sends data during the launching of the setup box when updating Windows. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -4761,7 +4779,7 @@ The following fields are available:
 
 ### Update360Telemetry.UpdateAgentCommit
 
-This event collects information regarding the commit phase of the new Unified Update Platform (UUP) update scenario, which is leveraged by both Mobile and Desktop.
+This event collects information regarding the commit phase of the new Unified Update Platform (UUP) update scenario, which is leveraged by both Mobile and Desktop. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -4777,7 +4795,7 @@ The following fields are available:
 
 ### Update360Telemetry.UpdateAgentDownloadRequest
 
-This event sends data for the download request phase of updating Windows via the new Unified Update Platform (UUP) scenario. Applicable to PC and Mobile.
+This event sends data for the download request phase of updating Windows via the new Unified Update Platform (UUP) scenario. Applicable to PC and Mobile. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -4809,7 +4827,7 @@ The following fields are available:
 
 ### Update360Telemetry.UpdateAgentExpand
 
-This event collects information regarding the expansion phase of the new Unified Update Platform (UUP) update scenario, which is leveraged by both Mobile and Desktop.
+This event collects information regarding the expansion phase of the new Unified Update Platform (UUP) update scenario, which is leveraged by both Mobile and Desktop. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -4829,7 +4847,7 @@ The following fields are available:
 
 ### Update360Telemetry.UpdateAgentFellBackToCanonical
 
-This event collects information when express could not be used and we fall back to canonical during the new Unified Update Platform (UUP) update scenario, which is leveraged by both Mobile and Desktop.
+This event collects information when express could not be used and we fall back to canonical during the new Unified Update Platform (UUP) update scenario, which is leveraged by both Mobile and Desktop. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -4845,7 +4863,7 @@ The following fields are available:
 
 ### Update360Telemetry.UpdateAgentInitialize
 
-This event sends data for the initialize phase of updating Windows via the new Unified Update Platform (UUP) scenario, which is applicable to both PCs and Mobile.
+This event sends data for the initialize phase of updating Windows via the new Unified Update Platform (UUP) scenario, which is applicable to both PCs and Mobile. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -4863,7 +4881,7 @@ The following fields are available:
 
 ### Update360Telemetry.UpdateAgentInstall
 
-This event sends data for the install phase of updating Windows.
+This event sends data for the install phase of updating Windows. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -4879,7 +4897,7 @@ The following fields are available:
 
 ### Update360Telemetry.UpdateAgentMerge
 
-The UpdateAgentMerge event sends data on the merge phase when updating Windows.
+The UpdateAgentMerge event sends data on the merge phase when updating Windows. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -4895,7 +4913,7 @@ The following fields are available:
 
 ### Update360Telemetry.UpdateAgentMitigationResult
 
-This event sends data indicating the result of each update agent mitigation.
+This event sends data indicating the result of each update agent mitigation. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -4921,7 +4939,7 @@ The following fields are available:
 
 ### Update360Telemetry.UpdateAgentMitigationSummary
 
-This event sends a summary of all the update agent mitigations available for an this update.
+This event sends a summary of all the update agent mitigations available for an this update. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -4941,7 +4959,7 @@ The following fields are available:
 
 ### Update360Telemetry.UpdateAgentModeStart
 
-This event sends data for the start of each mode during the process of updating Windows via the new Unified Update Platform (UUP) scenario. Applicable to both PCs and Mobile.
+This event sends data for the start of each mode during the process of updating Windows via the new Unified Update Platform (UUP) scenario. Applicable to both PCs and Mobile. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -4957,7 +4975,7 @@ The following fields are available:
 
 ### Update360Telemetry.UpdateAgentOneSettings
 
-This event collects information regarding the post reboot phase of the new UUP (Unified Update Platform) update scenario; which is leveraged by both Mobile and Desktop.
+This event collects information regarding the post reboot phase of the new UUP (Unified Update Platform) update scenario; which is leveraged by both Mobile and Desktop. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -4975,7 +4993,7 @@ The following fields are available:
 
 ### Update360Telemetry.UpdateAgentPostRebootResult
 
-This event collects information for both Mobile and Desktop regarding the post reboot phase of the new Unified Update Platform (UUP) update scenario.
+This event collects information for both Mobile and Desktop regarding the post reboot phase of the new Unified Update Platform (UUP) update scenario. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -4992,7 +5010,7 @@ The following fields are available:
 
 ### Update360Telemetry.UpdateAgentSetupBoxLaunch
 
-The UpdateAgent_SetupBoxLaunch event sends data for the launching of the setup box when updating Windows via the new Unified Update Platform (UUP) scenario. This event is only applicable to PCs.
+The UpdateAgent_SetupBoxLaunch event sends data for the launching of the setup box when updating Windows via the new Unified Update Platform (UUP) scenario. This event is only applicable to PCs. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -5015,7 +5033,7 @@ The following fields are available:
 
 ### Microsoft.Windows.UpdateNotificationPipeline.JavascriptJavascriptCriticalGenericMessage
 
-This event indicates that Javascript is reporting a schema and a set of values for critical telemetry.
+This event indicates that Javascript is reporting a schema and a set of values for critical telemetry. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -5062,7 +5080,7 @@ The following fields are available:
 
 ### Microsoft.Windows.UpdateNotificationPipeline.UNPCampaignHeartbeat
 
-This event is sent at the start of each campaign, to be used as a heartbeat.
+This event is sent at the start of each campaign, to be used as a heartbeat. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -5078,7 +5096,7 @@ The following fields are available:
 
 ### Microsoft.Windows.UpdateNotificationPipeline.UNPCampaignManagerCleaningCampaign
 
-This event indicates that the Campaign Manager is cleaning up the campaign content.
+This event indicates that the Campaign Manager is cleaning up the campaign content. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -5094,7 +5112,7 @@ The following fields are available:
 
 ### Microsoft.Windows.UpdateNotificationPipeline.UnpCampaignManagerGetIsCamppaignCompleteFailed
 
-This event is sent when a campaign completion status query fails.
+This event is sent when a campaign completion status query fails. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -5111,7 +5129,7 @@ The following fields are available:
 
 ### Microsoft.Windows.UpdateNotificationPipeline.UNPCampaignManagerHeartbeat
 
-This event is sent at the start of the CampaignManager event and is intended to be used as a heartbeat.
+This event is sent at the start of the CampaignManager event and is intended to be used as a heartbeat. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -5127,7 +5145,7 @@ The following fields are available:
 
 ### Microsoft.Windows.UpdateNotificationPipeline.UnpCampaignManagerRunCampaignFailed
 
-This event is sent when the Campaign Manager encounters an unexpected error while running the campaign.
+This event is sent when the Campaign Manager encounters an unexpected error while running the campaign. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -5152,13 +5170,13 @@ This event indicates whether devices received additional or critical supplementa
 
 ### FacilitatorTelemetry.DUDownload
 
-This event returns data about the download of supplemental packages critical to upgrading a device to the next version of Windows.
+This event returns data about the download of supplemental packages critical to upgrading a device to the next version of Windows. The data collected with this event is used to help keep Windows secure and up to date.
 
 
 
 ### FacilitatorTelemetry.InitializeDU
 
-This event determines whether devices received additional or critical supplemental content during an OS upgrade.
+This event determines whether devices received additional or critical supplemental content during an OS upgrade. The data collected with this event is used to help keep Windows secure and up to date.
 
 
 
@@ -5206,7 +5224,7 @@ The following fields are available:
 
 ### Setup360Telemetry.OsUninstall
 
-This event sends data regarding OS updates and upgrades from Windows 7, Windows 8, and Windows 10. Specifically, it indicates the outcome of an OS uninstall.
+This event sends data regarding OS updates and upgrades from Windows 7, Windows 8, and Windows 10. Specifically, it indicates the outcome of an OS uninstall. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -5354,19 +5372,19 @@ This event helps determine whether the device received supplemental content duri
 
 ### Setup360Telemetry.Setup360MitigationResult
 
-This event sends data indicating the result of each setup mitigation.
+This event sends data indicating the result of each setup mitigation. The data collected with this event is used to help keep Windows secure and up to date.
 
 
 
 ### Setup360Telemetry.Setup360MitigationSummary
 
-This event sends a summary of all the setup mitigations available for this update.
+This event sends a summary of all the setup mitigations available for this update. The data collected with this event is used to help keep Windows secure and up to date.
 
 
 
 ### Setup360Telemetry.Setup360OneSettings
 
-This event collects information regarding the post reboot phase of the new UUP (Unified Update Platform) update scenario; which is leveraged by both Mobile and Desktop.
+This event collects information regarding the post reboot phase of the new UUP (Unified Update Platform) update scenario; which is leveraged by both Mobile and Desktop. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -5406,16 +5424,25 @@ The following fields are available:
 
 ### Microsoft.Windows.WaaSAssessment.Error
 
-This event returns the name of the missing setting needed to determine the Operating System build age.
+This event returns the name of the missing setting needed to determine the Operating System build age. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
 - **m**  The WaaS (“Workspace as a Service”—cloud-based “workspace”) Assessment Error String.
 
 
+### Microsoft.Windows.WaaSMedic.EngineFailed
+
+This event indicates failure during medic engine execution. The data collected with this event is used to help keep Windows secure and up to date.
+
+The following fields are available:
+
+- **hResult**  Error code from the execution.
+
+
 ### Microsoft.Windows.WaaSMedic.RemediationFailed
 
-This event is sent when the WaaS Medic update stack remediation tool fails to apply a described resolution to a problem that is blocking Windows Update from operating correctly on a target device.
+This event is sent when the WaaS Medic update stack remediation tool fails to apply a described resolution to a problem that is blocking Windows Update from operating correctly on a target device. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -5427,7 +5454,7 @@ The following fields are available:
 
 ### Microsoft.Windows.WaaSMedic.Summary
 
-This event provides the results of the WaaSMedic diagnostic run
+This event provides the results of the WaaSMedic diagnostic run. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -5446,7 +5473,7 @@ The following fields are available:
 
 ### Microsoft.Windows.WaaSMedic.SummaryEvent
 
-This event provides the results from the WaaSMedic engine
+This event provides the result of the WaaSMedic operation. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -5488,7 +5515,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Store.Partner.ReportApplication
 
-Report application event for Microsoft Store client.
+This is report application event for Microsoft Store client. The data collected with this event is used to help keep Windows up to date and secure.
 
 
 
@@ -5882,7 +5909,7 @@ The following fields are available:
 
 ### Microsoft.OSG.DU.DeliveryOptClient.DownloadCanceled
 
-This event describes when a download was canceled with Delivery Optimization. It's used to understand and address problems regarding downloads.
+This event describes when a download was canceled with Delivery Optimization. It's used to understand and address problems regarding downloads. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -5915,7 +5942,7 @@ The following fields are available:
 
 ### Microsoft.OSG.DU.DeliveryOptClient.DownloadCompleted
 
-This event describes when a download has completed with Delivery Optimization. It's used to understand and address problems regarding downloads.
+This event describes when a download has completed with Delivery Optimization. It's used to understand and address problems regarding downloads. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -5963,7 +5990,7 @@ The following fields are available:
 
 ### Microsoft.OSG.DU.DeliveryOptClient.DownloadPaused
 
-This event represents a temporary suspension of a download with Delivery Optimization. It's used to understand and address problems regarding downloads.
+This event represents a temporary suspension of a download with Delivery Optimization. It's used to understand and address problems regarding downloads. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -5983,7 +6010,7 @@ The following fields are available:
 
 ### Microsoft.OSG.DU.DeliveryOptClient.DownloadStarted
 
-This event sends data describing the start of a new download to enable Delivery Optimization. It's used to understand and address problems regarding downloads.
+This event sends data describing the start of a new download to enable Delivery Optimization. It's used to understand and address problems regarding downloads. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -6020,7 +6047,7 @@ The following fields are available:
 
 ### Microsoft.OSG.DU.DeliveryOptClient.FailureCdnCommunication
 
-This event represents a failure to download from a CDN with Delivery Optimization. It's used to understand and address problems regarding downloads.
+This event represents a failure to download from a CDN with Delivery Optimization. It's used to understand and address problems regarding downloads. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -6043,7 +6070,7 @@ The following fields are available:
 
 ### Microsoft.OSG.DU.DeliveryOptClient.JobError
 
-This event represents a Windows Update job error. It allows for investigation of top errors.
+This event represents a Windows Update job error. It allows for investigation of top errors. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -6059,7 +6086,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.DeviceUpdateAgent.UpdateAgentCommit
 
-This event collects information regarding the final commit phase of the new device manifest UUP (Unified Update Platform) update scenario, which is used to install a device manifest describing a set of driver packages
+This event collects information regarding the final commit phase of the new device manifest UUP (Unified Update Platform) update scenario, which is used to install a device manifest describing a set of driver packages. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -6075,7 +6102,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.DeviceUpdateAgent.UpdateAgentDownloadRequest
 
-This event collects information regarding the download request phase of the new device manifest UUP (Unified Update Platform) update scenario, which is used to install a device manifest describing a set of driver packages
+This event collects information regarding the download request phase of the new device manifest UUP (Unified Update Platform) update scenario, which is used to install a device manifest describing a set of driver packages. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -6102,7 +6129,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.DeviceUpdateAgent.UpdateAgentInitialize
 
-This event sends data for initializing a new update session for the new device manifest UUP (Unified Update Platform) update scenario, which is used to install a device manifest describing a set of driver packages
+This event sends data for initializing a new update session for the new device manifest UUP (Unified Update Platform) update scenario, which is used to install a device manifest describing a set of driver packages. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -6120,7 +6147,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.DeviceUpdateAgent.UpdateAgentInstall
 
-This event collects information regarding the install phase of the new device manifest UUP (Unified Update Platform) update scenario, which is used to install a device manifest describing a set of driver packages
+This event collects information regarding the install phase of the new device manifest UUP (Unified Update Platform) update scenario, which is used to install a device manifest describing a set of driver packages. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -6136,7 +6163,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.DeviceUpdateAgent.UpdateAgentModeStart
 
-This event sends data for the start of each mode during the process of updating device manifest assets via the UUP (Unified Update Platform) update scenario. The update scenario is used to install a device manifest describing a set of driver packages.
+This event sends data for the start of each mode during the process of updating device manifest assets via the UUP (Unified Update Platform) update scenario. The update scenario is used to install a device manifest describing a set of driver packages. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -6151,49 +6178,49 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.NotificationUx.DialogNotificationToBeDisplayed
 
-This event indicates that a notification dialog box is about to be displayed to user.
+This event indicates that a notification dialog box is about to be displayed to user. The data collected with this event is used to help keep Windows secure and up to date.
 
 
 
 ### Microsoft.Windows.Update.NotificationUx.EnhancedEngagedRebootAcceptAutoDialog
 
-This event indicates that the Enhanced Engaged restart "accept automatically" dialog box was displayed.
+This event indicates that the Enhanced Engaged restart "accept automatically" dialog box was displayed. The data collected with this event is used to help keep Windows secure and up to date.
 
 
 
 ### Microsoft.Windows.Update.NotificationUx.EnhancedEngagedRebootFirstReminderDialog
 
-This event indicates that the Enhanced Engaged restart "first reminder" dialog box was displayed.
+This event indicates that the Enhanced Engaged restart "first reminder" dialog box was displayed. The data collected with this event is used to help keep Windows secure and up to date.
 
 
 
 ### Microsoft.Windows.Update.NotificationUx.EnhancedEngagedRebootRebootFailedDialog
 
-This event indicates that the Enhanced Engaged restart "restart failed" dialog box was displayed.
+This event indicates that the Enhanced Engaged restart "restart failed" dialog box was displayed. The data collected with this event is used to help keep Windows secure and up to date.
 
 
 
 ### Microsoft.Windows.Update.NotificationUx.EnhancedEngagedRebootRebootImminentDialog
 
-This event indicates that the Enhanced Engaged restart "restart imminent" dialog box was displayed.
+This event indicates that the Enhanced Engaged restart "restart imminent" dialog box was displayed. The data collected with this event is used to help keep Windows secure and up to date.
 
 
 
 ### Microsoft.Windows.Update.NotificationUx.EnhancedEngagedRebootSecondReminderDialog
 
-This event indicates that the second reminder dialog box was displayed for Enhanced Engaged restart.
+This event indicates that the second reminder dialog box was displayed for Enhanced Engaged restart. The data collected with this event is used to help keep Windows secure and up to date.
 
 
 
 ### Microsoft.Windows.Update.NotificationUx.EnhancedEngagedRebootThirdReminderDialog
 
-This event indicates that the third reminder dialog box for Enhanced Engaged restart was displayed.
+This event indicates that the third reminder dialog box for Enhanced Engaged restart was displayed. The data collected with this event is used to help keep Windows secure and up to date.
 
 
 
 ### Microsoft.Windows.Update.NotificationUx.RebootScheduled
 
-Indicates when a reboot is scheduled by the system or a user for a security, quality, or feature update.
+This event sends basic information for scheduling a device restart to install security updates. It's used to help keep Windows secure and up-to-date by indicating when a reboot is scheduled by the system or a user for a security, quality, or feature update.
 
 The following fields are available:
 
@@ -6211,25 +6238,25 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.ActivityRestrictedByActiveHoursPolicy
 
-This event indicates a policy is present that may restrict update activity to outside of active hours.
+This event indicates a policy is present that may restrict update activity to outside of active hours. The data collected with this event is used to help keep Windows secure and up to date.
 
 
 
 ### Microsoft.Windows.Update.Orchestrator.AttemptImmediateReboot
 
-This event sends data when the Windows Update Orchestrator is set to reboot immediately after installing the update.
+This event sends data when the Windows Update Orchestrator is set to reboot immediately after installing the update. The data collected with this event is used to help keep Windows secure and up to date.
 
 
 
 ### Microsoft.Windows.Update.Orchestrator.BlockedByActiveHours
 
-This event indicates that update activity was blocked because it is within the active hours window.
+This event indicates that update activity was blocked because it is within the active hours window. The data collected with this event is used to help keep Windows secure and up to date.
 
 
 
 ### Microsoft.Windows.Update.Orchestrator.CommitFailed
 
-This event indicates that a device was unable to restart after an update.
+This event indicates that a device was unable to restart after an update. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -6239,7 +6266,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.DeferRestart
 
-This event indicates that a restart required for installing updates was postponed.
+This event indicates that a restart required for installing updates was postponed. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -6251,7 +6278,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.Detection
 
-This event indicates that a scan for a Windows Update occurred.
+This event sends launch data for a Windows Update scan to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -6270,7 +6297,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.DisplayNeeded
 
-This event indicates the reboot was postponed due to needing a display.
+This event indicates the reboot was postponed due to needing a display. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -6286,7 +6313,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.Download
 
-This event sends launch data for a Windows Update download to help keep Windows up to date.
+This event sends launch data for a Windows Update download to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -6303,7 +6330,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.FlightInapplicable
 
-This event sends data on whether the update was applicable to the device, to help keep Windows up to date.
+This event sends data on whether the update was applicable to the device. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -6319,7 +6346,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.GameActive
 
-This event indicates that an enabled GameMode process prevented the device from restarting to complete an update.
+This event indicates that an enabled GameMode process prevented the device from restarting to complete an update. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -6330,7 +6357,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.InitiatingReboot
 
-This event sends data about an Orchestrator requesting a reboot from power management to help keep Windows up to date.
+This event sends data about an Orchestrator requesting a reboot from power management to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -6347,7 +6374,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.Install
 
-This event sends launch data for a Windows Update install to help keep Windows up to date.
+This event sends launch data for a Windows Update install to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -6372,7 +6399,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.LowUptimes
 
-This event is sent if a device is identified as not having sufficient uptime to reliably process updates in order to keep secure.
+This event is sent if a device is identified as not having sufficient uptime to reliably process updates in order to keep secure. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -6385,7 +6412,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.OneshotUpdateDetection
 
-This event returns data about scans initiated through settings UI, or background scans that are urgent; to help keep Windows up to date.
+This event returns data about scans initiated through settings UI, or background scans that are urgent; to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -6397,7 +6424,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.PostInstall
 
-This event sends data about lite stack devices (mobile, IOT, anything non-PC) immediately before data migration is launched to help keep Windows up to date.
+This event sends data about lite stack devices (mobile, IOT, anything non-PC) immediately before data migration is launched to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -6414,13 +6441,13 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.PowerMenuOptionsChanged
 
-This event is sent when the options in power menu changed, usually due to an update pending reboot, or after a update is installed.
+This event is sent when the options in power menu changed, usually due to an update pending reboot, or after a update is installed. The data collected with this event is used to help keep Windows secure and up to date.
 
 
 
 ### Microsoft.Windows.Update.Orchestrator.PreShutdownStart
 
-This event is generated before the shutdown and commit operations.
+This event is generated before the shutdown and commit operations. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -6429,7 +6456,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.RebootFailed
 
-This event sends information about whether an update required a reboot and reasons for failure, to help keep Windows up to date.
+This event sends information about whether an update required a reboot and reasons for failure, to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -6448,7 +6475,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.RefreshSettings
 
-This event sends basic data about the version of upgrade settings applied to the system to help keep Windows up to date.
+This event sends basic data about the version of upgrade settings applied to the system to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -6460,7 +6487,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.RestoreRebootTask
 
-This event sends data indicating that a reboot task is missing unexpectedly on a device and the task is restored because a reboot is still required, to help keep Windows up to date.
+This event sends data indicating that a reboot task is missing unexpectedly on a device and the task is restored because a reboot is still required, to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -6470,7 +6497,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.SystemNeeded
 
-This event sends data about why a device is unable to reboot, to help keep Windows up to date.
+This event sends data about why a device is unable to reboot, to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -6484,9 +6511,20 @@ The following fields are available:
 - **wuDeviceid**  Unique device ID used by Windows Update.
 
 
+### Microsoft.Windows.Update.Orchestrator.UpdateInstallPause
+
+This event indicates the data sent when the device pauses an in-progress update. The data collected with this event is used to help keep Windows secure and up to date.
+
+The following fields are available:
+
+- **updateClassificationGUID**  The classification GUID for the update that was paused.
+- **updateId**  An update ID for the update that was paused.
+- **wuDeviceid**  A unique Device ID.
+
+
 ### Microsoft.Windows.Update.Orchestrator.UpdatePolicyCacheRefresh
 
-This event sends data on whether Update Management Policies were enabled on a device, to help keep Windows up to date.
+This event sends data on whether Update Management Policies were enabled on a device, to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -6499,7 +6537,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.UpdateRebootRequired
 
-This event sends data about whether an update required a reboot to help keep Windows up to date.
+This event sends data about whether an update required a reboot to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -6514,7 +6552,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.updateSettingsFlushFailed
 
-This event sends information about an update that encountered problems and was not able to complete.
+This event sends information about an update that encountered problems and was not able to complete. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -6524,7 +6562,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.USODiagnostics
 
-This event sends data on whether the state of the update attempt, to help keep Windows up to date.
+This event sends data on whether the state of the update attempt, to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -6566,7 +6604,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.UsoSession
 
-This event represents the state of the USO service at start and completion.
+This event represents the state of the USO service at start and completion. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -6580,9 +6618,21 @@ The following fields are available:
 - **wuDeviceid**  The Windows Update device GUID.
 
 
+### Microsoft.Windows.Update.Orchestrator.UUPFallBack
+
+This event indicates that USO determined UUP needs to fall back. The data collected with this event is used to help keep Windows secure and up to date.
+
+The following fields are available:
+
+- **EventPublishedTime**  The current event time.
+- **UUPFallBackConfigured**  The fall back error code.
+- **UUPFallBackErrorReason**  The reason for fall back error.
+- **wuDeviceid**  A Windows Update device ID.
+
+
 ### Microsoft.Windows.Update.Ux.MusNotification.EnhancedEngagedRebootUxState
 
-This event sends information about the configuration of Enhanced Direct-to-Engaged (eDTE), which includes values for the timing of how eDTE will progress through each phase of the reboot.
+This event sends information about the configuration of Enhanced Direct-to-Engaged (eDTE), which includes values for the timing of how eDTE will progress through each phase of the reboot. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -6604,7 +6654,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Ux.MusNotification.RebootNoLongerNeeded
 
-This event is sent when a security update has successfully completed.
+This event is sent when a security update has successfully completed. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -6613,7 +6663,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Ux.MusNotification.RebootRequestReasonsToIgnore
 
-This event is sent when the reboot can be deferred based on some reasons, before reboot attempts
+This event is sent when the reboot can be deferred based on some reasons, before reboot attempts. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -6622,7 +6672,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Ux.MusNotification.RebootScheduled
 
-This event sends basic information about scheduling an update-related reboot, to get security updates and to help keep Windows up-to-date.
+This event sends basic information about scheduling an update-related reboot, to get security updates and to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -6641,13 +6691,13 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Ux.MusNotification.UxBrokerFirstReadyToReboot
 
-This event is fired the first time when the reboot is required.
+This event is fired the first time when the reboot is required. The data collected with this event is used to help keep Windows secure and up to date.
 
 
 
 ### Microsoft.Windows.Update.Ux.MusNotification.UxBrokerScheduledTask
 
-This event is sent when MUSE broker schedules a task
+This event is sent when MUSE broker schedules a task. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -6657,7 +6707,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Ux.MusUpdateSettings.RebootScheduled
 
-This event sends basic information for scheduling a device restart to install security updates. It's used to help keep Windows up to date.
+This event sends basic information for scheduling a device restart to install security updates. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -6678,7 +6728,7 @@ The following fields are available:
 
 ### Mitigation360Telemetry.MitigationCustom.CleanupSafeOsImages
 
-This event sends data specific to the CleanupSafeOsImages mitigation used for OS Updates.
+This event sends data specific to the CleanupSafeOsImages mitigation used for OS Updates. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -6704,25 +6754,25 @@ The following fields are available:
 
 ### Microsoft.Windows.UpdateReserveManager.CommitPendingHardReserveAdjustment
 
-This event is sent when the Update Reserve Manager commits a hard reserve adjustment that was pending.
+This event is sent when the Update Reserve Manager commits a hard reserve adjustment that was pending. The data collected with this event is used to help keep Windows secure and up to date.
 
 
 
 ### Microsoft.Windows.UpdateReserveManager.InitializeUpdateReserveManager
 
-This event returns data about the Update Reserve Manager, including whether it’s been initialized.
+This event returns data about the Update Reserve Manager, including whether it’s been initialized. The data collected with this event is used to help keep Windows secure and up to date.
 
 
 
 ### Microsoft.Windows.UpdateReserveManager.RemovePendingHardReserveAdjustment
 
-This event is sent when the Update Reserve Manager removes a pending hard reserve adjustment.
+This event is sent when the Update Reserve Manager removes a pending hard reserve adjustment. The data collected with this event is used to help keep Windows secure and up to date.
 
 
 
 ### Microsoft.Windows.UpdateReserveManager.UpdatePendingHardReserveAdjustment
 
-This event is sent when the Update Reserve Manager needs to adjust the size of the hard reserve after the option content is installed.
+This event is sent when the Update Reserve Manager needs to adjust the size of the hard reserve after the option content is installed. The data collected with this event is used to help keep Windows secure and up to date.
 
 
 
diff --git a/windows/privacy/basic-level-windows-diagnostic-events-and-fields-1803.md b/windows/privacy/basic-level-windows-diagnostic-events-and-fields-1803.md
index 38c6834c3d..b9030aba9a 100644
--- a/windows/privacy/basic-level-windows-diagnostic-events-and-fields-1803.md
+++ b/windows/privacy/basic-level-windows-diagnostic-events-and-fields-1803.md
@@ -13,7 +13,7 @@ manager: dansimp
 ms.collection: M365-security-compliance
 ms.topic: article
 audience: ITPro
-ms.date: 03/27/2020
+ms.date: 09/30/2020
 ms.reviewer:
 ---
 
@@ -33,6 +33,7 @@ Use this article to learn about diagnostic events, grouped by event area, and th
 
 You can learn more about Windows functional and diagnostic data through these articles:
 
+- [Windows 10, version 2004 and Windows 10, version 20H2 required Windows diagnostic events and fields](required-windows-diagnostic-data-events-and-fields-2004.md)
 - [Windows 10, version 1903 and Windows 10, version 1909 basic diagnostic events and fields](basic-level-windows-diagnostic-events-and-fields-1903.md)
 - [Windows 10, version 1809 basic diagnostic events and fields](basic-level-windows-diagnostic-events-and-fields-1809.md)
 - [Windows 10, version 1709 basic diagnostic events and fields](basic-level-windows-diagnostic-events-and-fields-1709.md)
@@ -47,7 +48,7 @@ You can learn more about Windows functional and diagnostic data through these ar
 
 ### Microsoft.Windows.Appraiser.General.ChecksumTotalPictureCount
 
-This event lists the types of objects and how many of each exist on the client device. This allows for a quick way to ensure that the records present on the server match what is present on the client.
+This event lists the types of objects and how many of each exist on the client device. This allows for a quick way to ensure that the records present on the server match what is present on the client. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -123,7 +124,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DatasourceApplicationFileAdd
 
-Represents the basic metadata about specific application files installed on the system.
+This event represents the basic metadata about specific application files installed on the system. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -141,7 +142,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DatasourceApplicationFileRemove
 
-This event indicates that the DatasourceApplicationFile object is no longer present.
+This event indicates that the DatasourceApplicationFile object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -152,7 +153,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DatasourceApplicationFileStartSync
 
-This event indicates that a new set of DatasourceApplicationFileAdd events will be sent.
+This event indicates that a new set of DatasourceApplicationFileAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -179,7 +180,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DatasourceDevicePnpRemove
 
-This event indicates that the DatasourceDevicePnp object is no longer present.
+This event indicates that the DatasourceDevicePnp object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -190,7 +191,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DatasourceDevicePnpStartSync
 
-This event indicates that a new set of DatasourceDevicePnpAdd events will be sent.
+This event indicates that a new set of DatasourceDevicePnpAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -212,7 +213,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DatasourceDriverPackageRemove
 
-This event indicates that the DatasourceDriverPackage object is no longer present.
+This event indicates that the DatasourceDriverPackage object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -223,7 +224,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DatasourceDriverPackageStartSync
 
-This event indicates that a new set of DatasourceDriverPackageAdd events will be sent.
+This event indicates that a new set of DatasourceDriverPackageAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -245,7 +246,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DataSourceMatchingInfoBlockRemove
 
-This event indicates that the DataSourceMatchingInfoBlock object is no longer present.
+This event indicates that the DataSourceMatchingInfoBlock object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -256,7 +257,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DataSourceMatchingInfoBlockStartSync
 
-This event indicates that a full set of DataSourceMatchingInfoBlockStAdd events have been sent.
+This event indicates that a full set of DataSourceMatchingInfoBlockStAdd events has completed being sent. This event is used to make compatibility decisions about files to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -278,7 +279,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DataSourceMatchingInfoPassiveRemove
 
-This event indicates that the DataSourceMatchingInfoPassive object is no longer present.
+This event indicates that the DataSourceMatchingInfoPassive object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -289,7 +290,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DataSourceMatchingInfoPassiveStartSync
 
-This event indicates that a new set of DataSourceMatchingInfoPassiveAdd events will be sent.
+This event indicates that a new set of DataSourceMatchingInfoPassiveAdd events will be sent. This event is used to make compatibility decisions about files to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -311,7 +312,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DataSourceMatchingInfoPostUpgradeRemove
 
-This event indicates that the DataSourceMatchingInfoPostUpgrade object is no longer present.
+This event indicates that the DataSourceMatchingInfoPostUpgrade object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -322,7 +323,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DataSourceMatchingInfoPostUpgradeStartSync
 
-This event indicates that a new set of DataSourceMatchingInfoPostUpgradeAdd events will be sent.
+This event indicates that a new set of DataSourceMatchingInfoPostUpgradeAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -344,7 +345,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DatasourceSystemBiosRemove
 
-This event indicates that the DatasourceSystemBios object is no longer present.
+This event indicates that the DatasourceSystemBios object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -355,7 +356,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DatasourceSystemBiosStartSync
 
-This event indicates that a new set of DatasourceSystemBiosAdd events will be sent.
+This event indicates that a new set of DatasourceSystemBiosAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -396,7 +397,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DecisionApplicationFileRemove
 
-This event indicates that the DecisionApplicationFile object is no longer present.
+This event indicates that the DecisionApplicationFile object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -407,7 +408,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DecisionApplicationFileStartSync
 
-This event indicates that a new set of DecisionApplicationFileAdd events will be sent.
+This event indicates that a new set of DecisionApplicationFileAdd events will be sent. This event is used to make compatibility decisions about a file to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -445,7 +446,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DecisionDevicePnpRemove
 
-This event indicates that the DecisionDevicePnp object is no longer present.
+This event Indicates that the DecisionDevicePnp object represented by the objectInstanceId is no longer present. This event is used to make compatibility decisions about PNP devices to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -456,7 +457,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DecisionDevicePnpStartSync
 
-The DecisionDevicePnpStartSync event indicates that a new set of DecisionDevicePnpAdd events will be sent.
+This event indicates that a new set of DecisionDevicePnpAdd events will be sent. This event is used to make compatibility decisions about PNP devices to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -484,7 +485,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DecisionDriverPackageRemove
 
-This event indicates that the DecisionDriverPackage object is no longer present.
+This event indicates that the DecisionDriverPackage object represented by the objectInstanceId is no longer present. This event is used to make compatibility decisions about driver packages to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -495,7 +496,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DecisionDriverPackageStartSync
 
-This event indicates that a new set of DecisionDriverPackageAdd events will be sent.
+The DecisionDriverPackageStartSync event indicates that a new set of DecisionDriverPackageAdd events will be sent. This event is used to make compatibility decisions about driver packages to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -523,7 +524,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DecisionMatchingInfoBlockRemove
 
-This event indicates that the DecisionMatchingInfoBlock object is no longer present.
+This event indicates that the DecisionMatchingInfoBlock object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -534,7 +535,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DecisionMatchingInfoBlockStartSync
 
-This event indicates that a new set of DecisionMatchingInfoBlockAdd events will be sent.
+This event indicates that a new set of DecisionMatchingInfoBlockAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -559,7 +560,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DecisionMatchingInfoPassiveRemove
 
-This event Indicates that the DecisionMatchingInfoPassive object is no longer present.
+This event Indicates that the DecisionMatchingInfoPassive object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -570,7 +571,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DecisionMatchingInfoPassiveStartSync
 
-This event indicates that a new set of DecisionMatchingInfoPassiveAdd events will be sent.
+This event indicates that a new set of DecisionMatchingInfoPassiveAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -596,7 +597,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DecisionMatchingInfoPostUpgradeRemove
 
-This event indicates that the DecisionMatchingInfoPostUpgrade object is no longer present.
+This event indicates that the DecisionMatchingInfoPostUpgrade object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -607,7 +608,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DecisionMatchingInfoPostUpgradeStartSync
 
-This event indicates that a new set of DecisionMatchingInfoPostUpgradeAdd events will be sent.
+This event indicates that a new set of DecisionMatchingInfoPostUpgradeAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -635,7 +636,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DecisionMediaCenterRemove
 
-This event indicates that the DecisionMediaCenter object is no longer present.
+This event indicates that the DecisionMediaCenter object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -646,7 +647,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DecisionMediaCenterStartSync
 
-This event indicates that a new set of DecisionMediaCenterAdd events will be sent.
+This event indicates that a new set of DecisionMediaCenterAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -671,7 +672,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DecisionSystemBiosRemove
 
-This event indicates that the DecisionSystemBios object is no longer present.
+This event indicates that the DecisionSystemBios object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -682,7 +683,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DecisionSystemBiosStartSync
 
-This event indicates that a new set of DecisionSystemBiosAdd events will be sent.
+This event indicates that a new set of DecisionSystemBiosAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -707,7 +708,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.InventoryApplicationFileAdd
 
-This event represents the basic metadata about a file on the system.  The file must be part of an app and either have a block in the compatibility database or be part of an antivirus program.
+This event represents the basic metadata about a file on the system.  The file must be part of an app and either have a block in the compatibility database or be part of an antivirus program. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -736,7 +737,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.InventoryApplicationFileRemove
 
-This event indicates that the InventoryApplicationFile object is no longer present.
+This event indicates that the InventoryApplicationFile object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -747,7 +748,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.InventoryApplicationFileStartSync
 
-This event indicates that a new set of InventoryApplicationFileAdd events will be sent.
+This event indicates that a new set of InventoryApplicationFileAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -771,7 +772,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.InventoryLanguagePackRemove
 
-This event indicates that the InventoryLanguagePack object is no longer present.
+This event indicates that the InventoryLanguagePack object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -782,7 +783,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.InventoryLanguagePackStartSync
 
-This event indicates that a new set of InventoryLanguagePackAdd events will be sent.
+This event indicates that a new set of InventoryLanguagePackAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -811,7 +812,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.InventoryMediaCenterRemove
 
-This event indicates that the InventoryMediaCenter object is no longer present.
+This event indicates that the InventoryMediaCenter object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -822,7 +823,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.InventoryMediaCenterStartSync
 
-This event indicates that a new set of InventoryMediaCenterAdd events will be sent.
+This event indicates that a new set of InventoryMediaCenterAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -833,7 +834,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.InventorySystemBiosAdd
 
-This event sends basic metadata about the BIOS to determine whether it has a compatibility block.
+This event sends basic metadata about the BIOS to determine whether it has a compatibility block. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -848,7 +849,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.InventorySystemBiosRemove
 
-This event indicates that the InventorySystemBios object is no longer present.
+This event indicates that the InventorySystemBios object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -859,7 +860,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.InventorySystemBiosStartSync
 
-This event indicates that a new set of InventorySystemBiosAdd events will be sent.
+This event indicates that a new set of InventorySystemBiosAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -870,7 +871,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.InventoryUplevelDriverPackageAdd
 
-This event is only runs during setup. It provides a listing of the uplevel driver packages that were downloaded before the upgrade. Is critical to understanding if failures in setup can be traced to not having sufficient uplevel drivers before the upgrade.
+This event runs only during setup. It provides a listing of the uplevel driver packages that were downloaded before the upgrade. It is critical in understanding if failures in setup can be traced to not having sufficient uplevel drivers before the upgrade. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -895,7 +896,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.InventoryUplevelDriverPackageRemove
 
-This event indicates that the InventoryUplevelDriverPackage object is no longer present.
+This event indicates that the InventoryUplevelDriverPackage object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -906,7 +907,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.InventoryUplevelDriverPackageStartSync
 
-This event indicates that a new set of InventoryUplevelDriverPackageAdd events will be sent.
+This event indicates that a new set of InventoryUplevelDriverPackageAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -917,7 +918,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.RunContext
 
-This event indicates what should be expected in the data payload.
+This event is sent at the beginning of an appraiser run, the RunContext indicates what should be expected in the following data payload. This event is used with the other Appraiser events to make compatibility decisions to keep Windows up to date.
 
 The following fields are available:
 
@@ -949,7 +950,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.SystemMemoryRemove
 
-This event that the SystemMemory object is no longer present.
+This event that the SystemMemory object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -960,7 +961,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.SystemMemoryStartSync
 
-This event indicates that a new set of SystemMemoryAdd events will be sent.
+This event indicates that a new set of SystemMemoryAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -984,7 +985,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.SystemProcessorCompareExchangeRemove
 
-This event indicates that the SystemProcessorCompareExchange object is no longer present.
+This event indicates that the SystemProcessorCompareExchange object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -995,7 +996,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.SystemProcessorCompareExchangeStartSync
 
-This event indicates that a new set of SystemProcessorCompareExchangeAdd events will be sent.
+This event indicates that a new set of SystemProcessorCompareExchangeAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1019,7 +1020,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.SystemProcessorLahfSahfRemove
 
-This event indicates that the SystemProcessorLahfSahf object is no longer present.
+This event indicates that the SystemProcessorLahfSahf object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1030,7 +1031,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.SystemProcessorLahfSahfStartSync
 
-This event indicates that a new set of SystemProcessorLahfSahfAdd events will be sent.
+This event indicates that a new set of SystemProcessorLahfSahfAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1055,7 +1056,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.SystemProcessorNxRemove
 
-This event indicates that the SystemProcessorNx object is no longer present.
+This event indicates that the SystemProcessorNx object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1066,7 +1067,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.SystemProcessorNxStartSync
 
-This event  indicates that a new set of SystemProcessorNxAdd events will be sent.
+This event  indicates that a new set of SystemProcessorNxAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1090,7 +1091,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.SystemProcessorPrefetchWRemove
 
-This event indicates that the SystemProcessorPrefetchW object is no longer present.
+This event indicates that the SystemProcessorPrefetchW object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1101,7 +1102,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.SystemProcessorPrefetchWStartSync
 
-This event indicates that a new set of SystemProcessorPrefetchWAdd events will be sent.
+This event indicates that a new set of SystemProcessorPrefetchWAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1125,7 +1126,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.SystemProcessorSse2Remove
 
-This event indicates that the SystemProcessorSse2 object is no longer present.
+This event indicates that the SystemProcessorSse2 object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1136,7 +1137,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.SystemProcessorSse2StartSync
 
-This event indicates that a new set of SystemProcessorSse2Add events will be sent.
+This event indicates that a new set of SystemProcessorSse2Add events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1160,7 +1161,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.SystemTouchRemove
 
-This event indicates that the SystemTouch object is no longer present.
+This event indicates that the SystemTouch object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1171,7 +1172,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.SystemTouchStartSync
 
-This event indicates that a new set of SystemTouchAdd events will be sent.
+This event indicates that a new set of SystemTouchAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1195,7 +1196,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.SystemWimRemove
 
-This event indicates that the SystemWim object is no longer present.
+This event indicates that the SystemWim object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1206,7 +1207,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.SystemWimStartSync
 
-This event indicates that a new set of SystemWimAdd events will be sent.
+This event indicates that a new set of SystemWimAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1230,13 +1231,13 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.SystemWindowsActivationStatusEndSync
 
-This event indicates that a full set of SystemWindowsActivationStatusAdd events has succeeded in being sent.
+This event indicates that a full set of SystemWindowsActivationStatusAdd events has succeeded in being sent. The data collected with this event is used to help keep Windows up to date.
 
 
 
 ### Microsoft.Windows.Appraiser.General.SystemWindowsActivationStatusRemove
 
-This event indicates that the SystemWindowsActivationStatus object is no longer present.
+This event indicates that the SystemWindowsActivationStatus object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1247,7 +1248,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.SystemWindowsActivationStatusStartSync
 
-This event indicates that a new set of SystemWindowsActivationStatusAdd events will be sent.
+This event indicates that a new set of SystemWindowsActivationStatusAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1275,7 +1276,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.SystemWlanRemove
 
-This event indicates that the SystemWlan object is no longer present.
+This event indicates that the SystemWlan object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1286,7 +1287,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.SystemWlanStartSync
 
-This event indicates that a new set of SystemWlanAdd events will be sent.
+This event indicates that a new set of SystemWlanAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1351,7 +1352,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.WmdrmRemove
 
-This event indicates that the Wmdrm object is no longer present.
+This event indicates that the Wmdrm object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1362,7 +1363,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.WmdrmStartSync
 
-This event indicates that a new set of WmdrmAdd events will be sent.
+The WmdrmStartSync event indicates that a new set of WmdrmAdd events will be sent. This event is used to understand the usage of older digital rights management on the system, to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1375,7 +1376,7 @@ The following fields are available:
 
 ### Census.App
 
-This event sends version data about the Apps running on this device, to help keep Windows up to date.
+This event sends version data about the Apps running on this device. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -1393,7 +1394,7 @@ The following fields are available:
 
 ### Census.Azure
 
-This event returns data from Microsoft-internal Azure server machines (only from Microsoft-internal machines with Server SKUs). All other machines (those outside Microsoft and/or machines that are not part of the “Azure fleet”) return empty data sets.
+This event returns data from Microsoft-internal Azure server machines (only from Microsoft-internal machines with Server SKUs). All other machines (those outside Microsoft and/or machines that are not part of the “Azure fleet”) return empty data sets. The data collected with this event is used to help keep Windows secure.
 
 The following fields are available:
 
@@ -1405,7 +1406,7 @@ The following fields are available:
 
 ### Census.Battery
 
-This event sends type and capacity data about the battery on the device, as well as the number of connected standby devices in use, type to help keep Windows up to date.
+This event sends type and capacity data about the battery on the device, as well as the number of connected standby devices in use. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -1416,19 +1417,9 @@ The following fields are available:
 - **IsAlwaysOnAlwaysConnectedCapable**  Represents whether the battery enables the device to be AlwaysOnAlwaysConnected . Boolean value.
 
 
-### Census.Camera
-
-This event sends data about the resolution of cameras on the device, to help keep Windows up to date.
-
-The following fields are available:
-
-- **FrontFacingCameraResolution**  Represents the resolution of the front facing camera in megapixels. If a front facing camera does not exist, then the value is 0.
-- **RearFacingCameraResolution**  Represents the resolution of the rear facing camera in megapixels. If a rear facing camera does not exist, then the value is 0.
-
-
 ### Census.Enterprise
 
-This event sends data about Azure presence, type, and cloud domain use in order to provide an understanding of the use and integration of devices in an enterprise, cloud, and server environment.
+This event sends data about Azure presence, type, and cloud domain use in order to provide an understanding of the use and integration of devices in an enterprise, cloud, and server environment. The data collected with this event is used to help keep Windows secure.
 
 The following fields are available:
 
@@ -1447,14 +1438,14 @@ The following fields are available:
 - **IsEDPEnabled**  Represents if Enterprise data protected on the device.
 - **IsMDMEnrolled**  Whether the device has been MDM Enrolled or not.
 - **MPNId**  Returns the Partner ID/MPN ID from Regkey. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\DeployID
-- **SCCMClientId**  This ID correlate systems that send data to Compat Analytics (OMS) and other OMS based systems with systems in a Configuration Manager environment.
+- **SCCMClientId**  This ID correlate systems that send data to Compat Analytics (OMS) and other OMS based systems with systems in an Enterprise SCCM environment.
 - **ServerFeatures**  Represents the features installed on a Windows   Server. This can be used by developers and administrators who need to automate the process of determining the features installed on a set of server computers.
-- **SystemCenterID**  The Configuration Manager ID is an anonymized one-way hash of the Active Directory Organization identifier
+- **SystemCenterID**  The SCCM ID is an anonymized one-way hash of the Active Directory Organization identifier
 
 
 ### Census.Firmware
 
-This event sends data about the BIOS and startup embedded in the device, to help keep Windows up to date.
+This event sends data about the BIOS and startup embedded in the device. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -1466,7 +1457,7 @@ The following fields are available:
 
 ### Census.Flighting
 
-This event sends Windows Insider data from customers participating in improvement testing and feedback programs, to help keep Windows up to date.
+This event sends Windows Insider data from customers participating in improvement testing and feedback programs. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -1481,7 +1472,7 @@ The following fields are available:
 
 ### Census.Hardware
 
-This event sends data about the device, including hardware type, OEM brand, model line, model, telemetry level setting, and TPM support, to help keep Windows up to date.
+This event sends data about the device, including hardware type, OEM brand, model line, model, telemetry level setting, and TPM support. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -1522,7 +1513,7 @@ The following fields are available:
 
 ### Census.Memory
 
-This event sends data about the memory on the device, including ROM and RAM, to help keep Windows up to date.
+This event sends data about the memory on the device, including ROM and RAM. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -1532,7 +1523,7 @@ The following fields are available:
 
 ### Census.Network
 
-This event sends data about the mobile and cellular network used by the device (mobile service provider, network, device ID, and service cost factors), to help keep Windows up to date.
+This event sends data about the mobile and cellular network used by the device (mobile service provider, network, device ID, and service cost factors). The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -1555,7 +1546,7 @@ The following fields are available:
 
 ### Census.OS
 
-This event sends data about the operating system such as the version, locale, update service configuration, when and how it was originally installed, and whether it is a virtual device, to help keep Windows up to date.
+This event sends data about the operating system such as the version, locale, update service configuration, when and how it was originally installed, and whether it is a virtual device. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -1597,7 +1588,7 @@ The following fields are available:
 
 ### Census.PrivacySettings
 
-This event provides information about the device level privacy settings and whether device-level access was granted to these capabilities. Not all settings are applicable to all devices. Each field records the consent state for the corresponding privacy setting. The consent state is encoded as a 16-bit signed integer, where the first 8 bits represents the effective consent value, and the last 8 bits represent the authority that set the value. The effective consent (first 8 bits) is one of the following values:  -3 = unexpected consent value, -2 = value was not requested, -1 = an error occurred while attempting to retrieve the value, 0 = undefined, 1 = allow, 2 = deny, 3 = prompt. The consent authority (last 8 bits) is one of the following values: -3 = unexpected authority, -2 = value was not requested, -1 = an error occurred while attempting to retrieve the value, 0 = system, 1 = a higher authority (a gating setting, the system-wide setting, or a group policy), 2 = advertising ID group policy, 3 = advertising ID policy for child account, 4 = privacy setting provider doesn't know the actual consent authority, 5 = consent was not configured and a default set in code was used, 6 = system default, 7 = organization policy, 8 = OneSettings.
+This event provides information about the device level privacy settings and whether device-level access was granted to these capabilities. Not all settings are applicable to all devices. Each field records the consent state for the corresponding privacy setting. The consent state is encoded as a 16-bit signed integer, where the first 8 bits represents the effective consent value, and the last 8 bits represent the authority that set the value. The effective consent (first 8 bits) is one of the following values:  -3 = unexpected consent value, -2 = value was not requested, -1 = an error occurred while attempting to retrieve the value, 0 = undefined, 1 = allow, 2 = deny, 3 = prompt. The consent authority (last 8 bits) is one of the following values: -3 = unexpected authority, -2 = value was not requested, -1 = an error occurred while attempting to retrieve the value, 0 = system, 1 = a higher authority (a gating setting, the system-wide setting, or a group policy), 2 = advertising ID group policy, 3 = advertising ID policy for child account, 4 = privacy setting provider doesn't know the actual consent authority, 5 = consent was not configured and a default set in code was used, 6 = system default, 7 = organization policy, 8 = OneSettings. The data collected with this event is used to help keep Windows secure.
 
 The following fields are available:
 
@@ -1641,7 +1632,7 @@ The following fields are available:
 
 ### Census.Processor
 
-This event sends data about the processor to help keep Windows up to date.
+This event sends data about the processor. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -1664,7 +1655,7 @@ The following fields are available:
 
 ### Census.Security
 
-This event provides information on about security settings used to help keep Windows up to date and secure.
+This event provides information about security settings. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -1682,7 +1673,7 @@ The following fields are available:
 
 ### Census.Speech
 
-This event is used to gather basic speech settings on the device.
+This event is used to gather basic speech settings on the device. The data collected with this event is used to help keep Windows secure.
 
 The following fields are available:
 
@@ -1699,7 +1690,7 @@ The following fields are available:
 
 ### Census.Storage
 
-This event sends data about the total capacity of the system volume and primary disk, to help keep Windows up to date.
+This event sends data about the total capacity of the system volume and primary disk. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -1710,7 +1701,7 @@ The following fields are available:
 
 ### Census.Userdefault
 
-This event sends data about the current user's default preferences for browser and several of the most popular extensions and protocols, to help keep Windows up to date.
+This event sends data about the current user's default preferences for browser and several of the most popular extensions and protocols. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -1720,7 +1711,7 @@ The following fields are available:
 
 ### Census.UserDisplay
 
-This event sends data about the logical/physical display size, resolution and number of internal/external displays, and VRAM on the system, to help keep Windows up to date.
+This event sends data about the logical/physical display size, resolution and number of internal/external displays, and VRAM on the system. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -1741,7 +1732,7 @@ The following fields are available:
 
 ### Census.UserNLS
 
-This event sends data about the default app language, input, and display language preferences set by the user, to help keep Windows up to date.
+This event sends data about the default app language, input, and display language preferences set by the user. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -1754,7 +1745,7 @@ The following fields are available:
 
 ### Census.UserPrivacySettings
 
-This event provides information about the current users privacy settings and whether device-level access was granted to these capabilities. Not all settings are applicable to all devices. Each field records the consent state for the corresponding privacy setting. The consent state is encoded as a 16-bit signed integer, where the first 8 bits represents the effective consent value, and the last 8 bits represents the authority that set the value. The effective consent is one of the following values: -3 = unexpected consent value, -2 = value was not requested, -1 = an error occurred while attempting to retrieve the value, 0 = undefined, 1 = allow, 2 = deny, 3 = prompt. The consent authority is one of the following values: -3 = unexpected authority, -2 = value was not requested, -1 = an error occurred while attempting to retrieve the value, 0 = user, 1 = a higher authority (a gating setting, the system-wide setting, or a group policy), 2 = advertising ID group policy, 3 = advertising ID policy for child account, 4 = privacy setting provider doesn't know the actual consent authority, 5 = consent was not configured and a default set in code was used, 6 = system default, 7 = organization policy, 8 = OneSettings.
+This event provides information about the current users privacy settings and whether device-level access was granted to these capabilities. Not all settings are applicable to all devices. Each field records the consent state for the corresponding privacy setting. The consent state is encoded as a 16-bit signed integer, where the first 8 bits represents the effective consent value, and the last 8 bits represents the authority that set the value. The effective consent is one of the following values: -3 = unexpected consent value, -2 = value was not requested, -1 = an error occurred while attempting to retrieve the value, 0 = undefined, 1 = allow, 2 = deny, 3 = prompt. The consent authority is one of the following values: -3 = unexpected authority, -2 = value was not requested, -1 = an error occurred while attempting to retrieve the value, 0 = user, 1 = a higher authority (a gating setting, the system-wide setting, or a group policy), 2 = advertising ID group policy, 3 = advertising ID policy for child account, 4 = privacy setting provider doesn't know the actual consent authority, 5 = consent was not configured and a default set in code was used, 6 = system default, 7 = organization policy, 8 = OneSettings. The data collected with this event is used to help keep Windows secure.
 
 The following fields are available:
 
@@ -1798,7 +1789,7 @@ The following fields are available:
 
 ### Census.VM
 
-This event sends data indicating whether virtualization is enabled on the device, and its various characteristics, to help keep Windows up to date.
+This event sends data indicating whether virtualization is enabled on the device, and its various characteristics. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -1813,7 +1804,7 @@ The following fields are available:
 
 ### Census.WU
 
-This event sends data about the Windows update server and other App store policies, to help keep Windows up to date.
+This event sends data about the Windows update server and other App store policies. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -2030,7 +2021,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Compatibility.Apphelp.SdbFix
 
-Product instrumentation for helping debug/troubleshoot issues with inbox compatibility components.
+Product instrumentation for helping debug/troubleshoot issues with inbox compatibility components. The data collected with this event is used to keep Windows performing properly.
 
 The following fields are available:
 
@@ -2066,7 +2057,7 @@ The following fields are available:
 
 ### CbsServicingProvider.CbsCapabilitySessionFinalize
 
-This event provides information about the results of installing or uninstalling optional Windows content from Windows Update.
+This event provides information about the results of installing or uninstalling optional Windows content from Windows Update. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -2193,7 +2184,7 @@ The following fields are available:
 
 ### DeploymentTelemetry.Deployment_End
 
-This event indicates that a Deployment 360 API has completed.
+This event indicates that a Deployment 360 API has completed. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -2207,7 +2198,7 @@ The following fields are available:
 
 ### DeploymentTelemetry.Deployment_Initialize
 
-This event indicates that the Deployment 360 APIs have been initialized for use.
+This event indicates that the Deployment 360 APIs have been initialized for use. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -2220,7 +2211,7 @@ The following fields are available:
 
 ### DeploymentTelemetry.Deployment_SetupBoxLaunch
 
-This event indicates that the Deployment 360 APIs have launched Setup Box.
+This event indicates that the Deployment 360 APIs have launched Setup Box. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -2233,7 +2224,7 @@ The following fields are available:
 
 ### DeploymentTelemetry.Deployment_SetupBoxResult
 
-This event indicates that the Deployment 360 APIs have received a return from Setup Box.
+This event indicates that the Deployment 360 APIs have received a return from Setup Box. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -2247,7 +2238,7 @@ The following fields are available:
 
 ### DeploymentTelemetry.Deployment_Start
 
-This event indicates that a Deployment 360 API has been called.
+This event indicates that a Deployment 360 API has been called. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -2261,7 +2252,7 @@ The following fields are available:
 
 ### TelClientSynthetic.AuthorizationInfo_RuntimeTransition
 
-This event sends data indicating that a device has undergone a change of telemetry opt-in level detected at UTC startup, to help keep Windows up to date. The telemetry opt-in level signals what data we are allowed to collect.
+This event is fired by UTC at state transitions to signal what data we are allowed to collect. The data collected with this event is used to help keep Windows up to date, secure, and performing properly.
 
 The following fields are available:
 
@@ -2280,7 +2271,7 @@ The following fields are available:
 
 ### TelClientSynthetic.AuthorizationInfo_Startup
 
-Fired by UTC at startup to signal what data we are allowed to collect.
+This event is fired by UTC at startup to signal what data we are allowed to collect. The data collected with this event is used to help keep Windows up to date, secure, and performing properly.
 
 The following fields are available:
 
@@ -2312,6 +2303,21 @@ The following fields are available:
 - **RestrictedNetworkTimeSec**  The total number of seconds with restricted network during this heartbeat period.
 
 
+### TelClientSynthetic.ConnectivityHeartBeat_0
+
+This event sends data about the connectivity status of the Connected User Experience and Telemetry component that uploads telemetry events. If an unrestricted free network (such as Wi-Fi) is available, this event updates the last successful upload time. Otherwise, it checks whether a Connectivity Heartbeat event was fired in the past 24 hours, and if not, it sends an event. A Connectivity Heartbeat event is also sent when a device recovers from costed network to free network. This event is fired by UTC during periods of no network as a heartbeat signal, to keep Windows secure and up to date.
+
+The following fields are available:
+
+- **CensusExitCode**  Last exit code of the Census task.
+- **CensusStartTime**  Time of last Census run.
+- **CensusTaskEnabled**  True if Census is enabled, false otherwise.
+- **LastFreeNetworkLossTime**  The FILETIME at which the last free network loss occurred.
+- **NetworkState**  The network state of the device.
+- **NoNetworkTimeSec**  The total number of seconds without network during this heartbeat period.
+- **RestrictedNetworkTimeSec**  The total number of seconds with restricted network during this heartbeat period.
+
+
 ### TelClientSynthetic.HeartBeat_5
 
 This event sends data about the health and quality of the diagnostic data from the given device, to help keep Windows up to date. It also enables data analysts to determine how 'trusted' the data is from a given device.
@@ -2402,7 +2408,7 @@ The following fields are available:
 
 ### Microsoft.Windows.DirectToUpdate.DTUCoordinatorCheckApplicability
 
-This event  indicates that the Coordinator CheckApplicability call succeeded.
+This event indicates that the Coordinator CheckApplicability call succeeded. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -2415,7 +2421,7 @@ The following fields are available:
 
 ### Microsoft.Windows.DirectToUpdate.DTUCoordinatorCheckApplicabilityGenericFailure
 
-This event indicatse that we have received an unexpected error in the Direct to Update (DTU) Coordinators CheckApplicability call.
+This event indicatse that we have received an unexpected error in the Direct to Update (DTU) Coordinators CheckApplicability call. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -2428,7 +2434,7 @@ The following fields are available:
 
 ### Microsoft.Windows.DirectToUpdate.DTUCoordinatorCleanupGenericFailure
 
-This event indicates that we have received an unexpected error in the Direct to Update (DTU) Coordinator Cleanup call.
+This event indicates that we have received an unexpected error in the Direct to Update (DTU) Coordinator Cleanup call. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -2441,7 +2447,7 @@ The following fields are available:
 
 ### Microsoft.Windows.DirectToUpdate.DTUCoordinatorCleanupSuccess
 
-This event indicates that the Coordinator Cleanup call succeeded.
+This event indicates that the Coordinator Cleanup call succeeded. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -2453,7 +2459,7 @@ The following fields are available:
 
 ### Microsoft.Windows.DirectToUpdate.DTUCoordinatorCommitGenericFailure
 
-This event indicates that we have received an unexpected error in the Direct to Update (DTU) Coordinator Commit call.
+This event indicates that we have received an unexpected error in the Direct to Update (DTU) Coordinator Commit call. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -2466,7 +2472,7 @@ The following fields are available:
 
 ### Microsoft.Windows.DirectToUpdate.DTUCoordinatorCommitSuccess
 
-This event indicates that the Coordinator Commit call succeeded.
+This event indicates that the Coordinator Commit call succeeded. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -2478,7 +2484,7 @@ The following fields are available:
 
 ### Microsoft.Windows.DirectToUpdate.DTUCoordinatorDownloadGenericFailure
 
-This event indicates that we have received an unexpected error in the Direct to Update (DTU) Coordinator Download call.
+This event indicates that we have received an unexpected error in the Direct to Update (DTU) Coordinator Download call. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -2491,7 +2497,7 @@ The following fields are available:
 
 ### Microsoft.Windows.DirectToUpdate.DTUCoordinatorDownloadIgnoredFailure
 
-This event indicates that we have received an error in the Direct to Update (DTU) Coordinator Download call that will be ignored.
+This event indicates that we have received an error in the Direct to Update (DTU) Coordinator Download call that will be ignored. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -2504,7 +2510,7 @@ The following fields are available:
 
 ### Microsoft.Windows.DirectToUpdate.DTUCoordinatorDownloadSuccess
 
-This event indicates that the Coordinator Download call succeeded.
+This event indicates that the Coordinator Download call succeeded. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -2516,7 +2522,7 @@ The following fields are available:
 
 ### Microsoft.Windows.DirectToUpdate.DTUCoordinatorHandleShutdownGenericFailure
 
-This event indicates that we have received an unexpected error in the Direct to Update (DTU) Coordinator HandleShutdown call.
+This event indicates that we have received an unexpected error in the Direct to Update (DTU) Coordinator HandleShutdown call. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -2529,7 +2535,7 @@ The following fields are available:
 
 ### Microsoft.Windows.DirectToUpdate.DTUCoordinatorHandleShutdownSuccess
 
-This event indicates that the Coordinator HandleShutdown call succeeded.
+This event indicates that the Coordinator HandleShutdown call succeeded. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -2541,7 +2547,7 @@ The following fields are available:
 
 ### Microsoft.Windows.DirectToUpdate.DTUCoordinatorInitializeGenericFailure
 
-This event indicates that we have received an unexpected error in the Direct to Update (DTU) Coordinator Initialize call.
+This event indicates that we have received an unexpected error in the Direct to Update (DTU) Coordinator Initialize call. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -2554,7 +2560,7 @@ The following fields are available:
 
 ### Microsoft.Windows.DirectToUpdate.DTUCoordinatorInitializeSuccess
 
-This event indicates that the Coordinator Initialize call succeeded.
+This event indicates that the Coordinator Initialize call succeeded. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -2566,7 +2572,7 @@ The following fields are available:
 
 ### Microsoft.Windows.DirectToUpdate.DTUCoordinatorInstallGenericFailure
 
-This event indicates that we have received an unexpected error in the Direct to Update (DTU) Coordinator Install call.
+This event indicates that we have received an unexpected error in the Direct to Update (DTU) Coordinator Install call. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -2579,7 +2585,7 @@ The following fields are available:
 
 ### Microsoft.Windows.DirectToUpdate.DTUCoordinatorInstallIgnoredFailure
 
-This event indicates that we have received an error in the Direct to Update (DTU) Coordinator Install call that will be ignored.
+This event indicates that we have received an error in the Direct to Update (DTU) Coordinator Install call that will be ignored. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -2592,7 +2598,7 @@ The following fields are available:
 
 ### Microsoft.Windows.DirectToUpdate.DTUCoordinatorInstallSuccess
 
-This event indicates that the Coordinator Install call succeeded.
+This event indicates that the Coordinator Install call succeeded. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -2604,7 +2610,7 @@ The following fields are available:
 
 ### Microsoft.Windows.DirectToUpdate.DTUCoordinatorProgressCallBack
 
-This event indicates that the Coordinator's progress callback has been called.
+This event indicates that the Coordinator's progress callback has been called. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -2630,7 +2636,7 @@ The following fields are available:
 
 ### Microsoft.Windows.DirectToUpdate.DTUCoordinatorSetCommitReadySuccess
 
-This event indicates that the Coordinator SetCommitReady call succeeded.
+This event indicates that the Coordinator SetCommitReady call succeeded. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -2655,7 +2661,7 @@ The following fields are available:
 
 ### Microsoft.Windows.DirectToUpdate.DTUCoordinatorWaitForRebootUiNotShown
 
-This event indicates that the Coordinator WaitForRebootUi call succeeded.
+This event indicates that the Coordinator WaitForRebootUi call succeeded. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -2668,7 +2674,7 @@ The following fields are available:
 
 ### Microsoft.Windows.DirectToUpdate.DTUCoordinatorWaitForRebootUiSelection
 
-This event indicates that the user selected an option on the Reboot UI.
+This event indicates that the user selected an option on the Reboot UI. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -2681,7 +2687,7 @@ The following fields are available:
 
 ### Microsoft.Windows.DirectToUpdate.DTUCoordinatorWaitForRebootUiSuccess
 
-This event indicates that the Coordinator WaitForRebootUi call succeeded.
+This event indicates that the Coordinator WaitForRebootUi call succeeded. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -2693,7 +2699,7 @@ The following fields are available:
 
 ### Microsoft.Windows.DirectToUpdate.DTUHandlerCheckApplicabilityGenericFailure
 
-This event indicates that we have received an unexpected error in the Direct to Update (DTU) Handler CheckApplicability call.
+This event indicates that we have received an unexpected error in the Direct to Update (DTU) Handler CheckApplicability call. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -2707,7 +2713,7 @@ The following fields are available:
 
 ### Microsoft.Windows.DirectToUpdate.DTUHandlerCheckApplicabilityInternalGenericFailure
 
-This event indicates that we have received an unexpected error in the Direct to Update (DTU) Handler CheckApplicabilityInternal call.
+This event indicates that we have received an unexpected error in the Direct to Update (DTU) Handler CheckApplicabilityInternal call. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -2720,7 +2726,7 @@ The following fields are available:
 
 ### Microsoft.Windows.DirectToUpdate.DTUHandlerCheckApplicabilityInternalSuccess
 
-This event indicates that the Handler CheckApplicabilityInternal call succeeded.
+This event indicates that the Handler CheckApplicabilityInternal call succeeded. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -2733,7 +2739,7 @@ The following fields are available:
 
 ### Microsoft.Windows.DirectToUpdate.DTUHandlerCheckApplicabilitySuccess
 
-This event indicates that the Handler CheckApplicability call succeeded.
+This event indicates that the Handler CheckApplicability call succeeded. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -2747,7 +2753,7 @@ The following fields are available:
 
 ### Microsoft.Windows.DirectToUpdate.DTUHandlerCheckIfCoordinatorMinApplicableVersionGenericFailure
 
-This event indicates that we have received an unexpected error in the Direct to Update (DTU) Handler CheckIfCoordinatorMinApplicableVersion call.
+This event indicates that we have received an unexpected error in the Direct to Update (DTU) Handler CheckIfCoordinatorMinApplicableVersion call. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -2760,7 +2766,7 @@ The following fields are available:
 
 ### Microsoft.Windows.DirectToUpdate.DTUHandlerCheckIfCoordinatorMinApplicableVersionSuccess
 
-This event indicates that the Handler CheckIfCoordinatorMinApplicableVersion call succeeded.
+This event indicates that the Handler CheckIfCoordinatorMinApplicableVersion call succeeded. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -2773,7 +2779,7 @@ The following fields are available:
 
 ### Microsoft.Windows.DirectToUpdate.DTUHandlerCommitGenericFailure
 
-This event indicates that we have received an unexpected error in the Direct to Update (DTU) Handler Commit call.
+This event indicates that we have received an unexpected error in the Direct to Update (DTU) Handler Commit call. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -2787,7 +2793,7 @@ The following fields are available:
 
 ### Microsoft.Windows.DirectToUpdate.DTUHandlerCommitSuccess
 
-This event indicates that the Handler Commit call succeeded.
+This event indicates that the Handler Commit call succeeded. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -2800,7 +2806,7 @@ The following fields are available:
 
 ### Microsoft.Windows.DirectToUpdate.DTUHandlerDownloadAndExtractCabAlreadyDownloaded
 
-This event indicates that the Handler Download and Extract cab returned a value indicating that the cab has already been downloaded.
+This event indicates that the Handler Download and Extract cab returned a value indicating that the cab has already been downloaded. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -2812,7 +2818,7 @@ The following fields are available:
 
 ### Microsoft.Windows.DirectToUpdate.DTUHandlerDownloadAndExtractCabFailure
 
-This event indicates that the Handler Download and Extract cab call failed.
+This event indicates that the Handler Download and Extract cab call failed. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -2826,7 +2832,7 @@ The following fields are available:
 
 ### Microsoft.Windows.DirectToUpdate.DTUHandlerDownloadAndExtractCabSuccess
 
-This event indicates that the Handler Download and Extract cab call succeeded.
+This event indicates that the Handler Download and Extract cab call succeeded. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -2838,7 +2844,7 @@ The following fields are available:
 
 ### Microsoft.Windows.DirectToUpdate.DTUHandlerDownloadGenericFailure
 
-This event indicates that we have received an unexpected error in the Direct to Update (DTU) Handler Download call.
+This event indicates that we have received an unexpected error in the Direct to Update (DTU) Handler Download call. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -2851,7 +2857,7 @@ The following fields are available:
 
 ### Microsoft.Windows.DirectToUpdate.DTUHandlerDownloadSuccess
 
-This event indicates that the Handler Download call succeeded.
+This event indicates that the Handler Download call succeeded. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -2863,7 +2869,7 @@ The following fields are available:
 
 ### Microsoft.Windows.DirectToUpdate.DTUHandlerInitializeGenericFailure
 
-This event indicates that we have received an unexpected error in the Direct to Update (DTU) Handler Initialize call.
+This event indicates that we have received an unexpected error in the Direct to Update (DTU) Handler Initialize call. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -2877,7 +2883,7 @@ The following fields are available:
 
 ### Microsoft.Windows.DirectToUpdate.DTUHandlerInitializeSuccess
 
-This event indicates that the Handler Initialize call succeeded.
+This event indicates that the Handler Initialize call succeeded. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -2890,7 +2896,7 @@ The following fields are available:
 
 ### Microsoft.Windows.DirectToUpdate.DTUHandlerInstallGenericFailure
 
-This event indicates that we have received an unexpected error in the Direct to Update (DTU) Handler Install call.
+This event indicates that we have received an unexpected error in the Direct to Update (DTU) Handler Install call. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -2903,7 +2909,7 @@ The following fields are available:
 
 ### Microsoft.Windows.DirectToUpdate.DTUHandlerInstallSuccess
 
-This event indicates that the Coordinator Install call succeeded.
+This event indicates that the Coordinator Install call succeeded. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -2915,7 +2921,7 @@ The following fields are available:
 
 ### Microsoft.Windows.DirectToUpdate.DTUHandlerSetCommitReadyGenericFailure
 
-This event indicates that we have received an unexpected error in the Direct to Update (DTU) Handler SetCommitReady call.
+This event indicates that we have received an unexpected error in the Direct to Update (DTU) Handler SetCommitReady call. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -2928,7 +2934,7 @@ The following fields are available:
 
 ### Microsoft.Windows.DirectToUpdate.DTUHandlerSetCommitReadySuccess
 
-This event indicates that the Handler SetCommitReady call succeeded.
+This event indicates that the Handler SetCommitReady call succeeded. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -2940,7 +2946,7 @@ The following fields are available:
 
 ### Microsoft.Windows.DirectToUpdate.DTUHandlerWaitForRebootUiGenericFailure
 
-This event indicates that we have received an unexpected error in the Direct to Update (DTU) Handler WaitForRebootUi call.
+This event indicates that we have received an unexpected error in the Direct to Update (DTU) Handler WaitForRebootUi call. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -2953,7 +2959,7 @@ The following fields are available:
 
 ### Microsoft.Windows.DirectToUpdate.DTUHandlerWaitForRebootUiSuccess
 
-This event indicates that the Handler WaitForRebootUi call succeeded.
+This event indicates that the Handler WaitForRebootUi call succeeded. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -3127,7 +3133,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Upgrade.Uninstall.UninstallFailed
 
-This event sends diagnostic data about failures when uninstalling a feature update, to help resolve any issues preventing customers from reverting to a known state.
+This event sends diagnostic data about failures when uninstalling a feature update, to help resolve any issues preventing customers from reverting to a known state. The data collected with this event is used to help keep Windows up to date and performing properly.
 
 The following fields are available:
 
@@ -3137,7 +3143,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Upgrade.Uninstall.UninstallFinalizedAndRebootTriggered
 
-This event indicates that the uninstall was properly configured and that a system reboot was initiated.
+This event indicates that the uninstall was properly configured and that a system reboot was initiated. The data collected with this event is used to help keep Windows up to date and performing properly.
 
 
 
@@ -3179,7 +3185,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.AmiTelCacheChecksum
 
-This event captures basic checksum data about the device inventory items stored in the cache for use in validating data completeness for Microsoft.Windows.Inventory.Core events. The fields in this event may change over time, but they will always represent a count of a given object.
+This event captures basic checksum data about the device inventory items stored in the cache for use in validating data completeness for Microsoft.Windows.Inventory.Core events. The fields in this event may change over time, but they will always represent a count of a given object. The data collected with this event is used to keep Windows performing properly.
 
 The following fields are available:
 
@@ -3213,7 +3219,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.AmiTelCacheVersions
 
-This event sends inventory component versions for the Device Inventory data.
+This event sends inventory component versions for the Device Inventory data. The data collected with this event is used to keep Windows performing properly.
 
 The following fields are available:
 
@@ -3223,7 +3229,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.InventoryApplicationAdd
 
-This event sends basic metadata about an application on the system to help keep Windows up to date.
+This event sends basic metadata about an application on the system. The data collected with this event is used to keep Windows performing properly and up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -3252,7 +3258,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.InventoryApplicationDriverAdd
 
-This event represents what drivers an application installs.
+This event represents what drivers an application installs. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -3264,7 +3270,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.InventoryApplicationDriverStartSync
 
-The InventoryApplicationDriverStartSync event indicates that a new set of InventoryApplicationDriverStartAdd events will be sent.
+The InventoryApplicationDriverStartSync event indicates that a new set of InventoryApplicationDriverStartAdd events will be sent. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -3275,7 +3281,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.InventoryApplicationFrameworkAdd
 
-This event provides the basic metadata about the frameworks an application may depend on.
+This event provides the basic metadata about the frameworks an application may depend on. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -3288,7 +3294,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.InventoryApplicationFrameworkStartSync
 
-This event indicates that a new set of InventoryApplicationFrameworkAdd events will be sent.
+This event indicates that a new set of InventoryApplicationFrameworkAdd events will be sent. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -3299,7 +3305,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.InventoryApplicationRemove
 
-This event indicates that a new set of InventoryDevicePnpAdd events will be sent.
+This event indicates that a new set of InventoryDevicePnpAdd events will be sent. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -3310,7 +3316,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.InventoryApplicationStartSync
 
-This event indicates that a new set of InventoryApplicationAdd events will be sent.
+This event indicates that a new set of InventoryApplicationAdd events will be sent. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -3321,7 +3327,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.InventoryDeviceContainerAdd
 
-This event sends basic metadata about a device container (such as a monitor or printer as opposed to a Plug and Play device) to help keep Windows up to date.
+This event sends basic metadata about a device container (such as a monitor or printer as opposed to a Plug and Play device). The data collected with this event is used to help keep Windows up to date and to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -3345,7 +3351,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.InventoryDeviceContainerRemove
 
-This event indicates that the InventoryDeviceContainer object is no longer present.
+This event indicates that the InventoryDeviceContainer object is no longer present. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -3356,7 +3362,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.InventoryDeviceContainerStartSync
 
-This event indicates that a new set of InventoryDeviceContainerAdd events will be sent.
+This event indicates that a new set of InventoryDeviceContainerAdd events will be sent. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -3367,7 +3373,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.InventoryDeviceInterfaceAdd
 
-This event retrieves information about what sensor interfaces are available on the device.
+This event retrieves information about what sensor interfaces are available on the device. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -3397,7 +3403,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.InventoryDeviceInterfaceStartSync
 
-This event indicates that a new set of InventoryDeviceInterfaceAdd events will be sent.
+This event indicates that a new set of InventoryDeviceInterfaceAdd events will be sent. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -3408,7 +3414,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.InventoryDeviceMediaClassAdd
 
-This event sends additional metadata about a Plug and Play device that is specific to a particular class of devices to help keep Windows up to date while reducing overall size of data payload.
+This event sends additional metadata about a Plug and Play device that is specific to a particular class of devices. The data collected with this event is used to help keep Windows up to date and performing properly while reducing overall size of data payload.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -3421,7 +3427,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.InventoryDeviceMediaClassRemove
 
-This event indicates that the InventoryDeviceMediaClassRemove object is no longer present.
+This event indicates that the InventoryDeviceMediaClass object represented by the objectInstanceId is no longer present. This event is used to understand a PNP device that is specific to a particular class of devices. The data collected with this event is used to help keep Windows up to date and performing properly while reducing overall size of data payload.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -3432,7 +3438,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.InventoryDeviceMediaClassStartSync
 
-This event indicates that a new set of InventoryDeviceMediaClassSAdd events will be sent.
+This event indicates that a new set of InventoryDeviceMediaClassSAdd events will be sent. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -3482,7 +3488,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.InventoryDevicePnpRemove
 
-This event indicates that the InventoryDevicePnpRemove object is no longer present.
+This event indicates that the InventoryDevicePnpRemove object is no longer present. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -3493,7 +3499,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.InventoryDevicePnpStartSync
 
-This event indicates that a new set of InventoryDevicePnpAdd events will be sent.
+This event indicates that a new set of InventoryDevicePnpAdd events will be sent. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -3504,7 +3510,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.InventoryDeviceUsbHubClassAdd
 
-This event sends basic metadata about the USB hubs on the device.
+This event sends basic metadata about the USB hubs on the device. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -3517,7 +3523,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.InventoryDeviceUsbHubClassStartSync
 
-This event indicates that a new set of InventoryDeviceUsbHubClassAdd events will be sent.
+This event indicates that a new set of InventoryDeviceUsbHubClassAdd events will be sent. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -3528,7 +3534,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.InventoryDriverBinaryAdd
 
-This event sends basic metadata about driver binaries running on the system to help keep Windows up to date.
+This event sends basic metadata about driver binaries running on the system. The data collected with this event is used to help keep Windows up to date and performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -3555,7 +3561,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.InventoryDriverBinaryRemove
 
-This event indicates that the InventoryDriverBinary object is no longer present.
+This event indicates that the InventoryDriverBinary object is no longer present. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -3566,7 +3572,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.InventoryDriverBinaryStartSync
 
-This event indicates that a new set of InventoryDriverBinaryAdd events will be sent.
+This event indicates that a new set of InventoryDriverBinaryAdd events will be sent. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -3577,7 +3583,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.InventoryDriverPackageAdd
 
-This event sends basic metadata about drive packages installed on the system  to help keep Windows up to date.
+This event sends basic metadata about drive packages installed on the system. The data collected with this event is used to help keep Windows up to date and performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -3597,7 +3603,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.InventoryDriverPackageRemove
 
-This event indicates that the InventoryDriverPackageRemove object is no longer present.
+This event indicates that the InventoryDriverPackageRemove object is no longer present. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -3608,7 +3614,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.InventoryDriverPackageStartSync
 
-This event indicates that a new set of InventoryDriverPackageAdd events will be sent.
+This event indicates that a new set of InventoryDriverPackageAdd events will be sent. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -3617,9 +3623,17 @@ The following fields are available:
 - **InventoryVersion**  The version of the inventory file generating the events.
 
 
+### Microsoft.Windows.Inventory.General. InventoryMiscellaneousMemorySlotArrayInfoRemove
+
+This event indicates that this particular data object represented by the ObjectInstanceId is no longer present. The data collected with this event is used to help keep Windows up to date.
+
+This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
+
+
+
 ### Microsoft.Windows.Inventory.General.AppHealthStaticAdd
 
-This event sends details collected for a specific application on the source device.
+This event sends details collected for a specific application on the source device. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -3649,7 +3663,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.General.AppHealthStaticStartSync
 
-This event indicates the beginning of a series of AppHealthStaticAdd events.
+This event indicates the beginning of a series of AppHealthStaticAdd events. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -3661,9 +3675,17 @@ The following fields are available:
 - **StartTime**  UTC date and time at which this event was sent.
 
 
+### Microsoft.Windows.Inventory.General.InventoryMiscellaneousMemorySlotArrayInfoStartSync
+
+This diagnostic event indicates a new sync is being generated for this object type.
+
+This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
+
+
+
 ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousOfficeAddInAdd
 
-Provides data on the installed Office Add-ins
+This event provides data on the installed Office add-ins. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -3696,7 +3718,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousOfficeAddInRemove
 
-Indicates that this particular data object represented by the objectInstanceId is no longer present.
+This event indicates that the particular data object represented by the objectInstanceId is no longer present. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -3707,7 +3729,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousOfficeAddInStartSync
 
-This event indicates that a new sync is being generated for this object type.
+This event indicates that a new sync is being generated for this object type. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -3718,7 +3740,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousOfficeIdentifiersAdd
 
-Provides data on the Office identifiers
+This event provides data on the Office identifiers. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -3736,7 +3758,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousOfficeIdentifiersStartSync
 
-Diagnostic event to indicate a new sync is being generated for this object type.
+This is a diagnostic event that indicates a new sync is being generated for this object type. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -3747,7 +3769,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousOfficeIESettingsAdd
 
-Office-related Internet Explorer features
+This event provides data on Office-related Internet Explorer features. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -3773,7 +3795,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousOfficeIESettingsStartSync
 
-Diagnostic event to indicate a new sync is being generated for this object type.
+This is a diagnostic event that indicates a new sync is being generated for this object type. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -3784,7 +3806,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousOfficeInsightsAdd
 
-This event provides insight data on the installed Office products
+This event provides insight data on the installed Office products. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -3799,7 +3821,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousOfficeInsightsRemove
 
-Indicates that this particular data object represented by the objectInstanceId is no longer present.
+This event indicates that the particular data object represented by the objectInstanceId is no longer present. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -3810,7 +3832,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousOfficeInsightsStartSync
 
-This diagnostic event indicates that a new sync is being generated for this object type.
+This diagnostic event indicates that a new sync is being generated for this object type. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -3821,7 +3843,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousOfficeProductsAdd
 
-Describes Office Products installed
+This event describes all installed Office products. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -3836,7 +3858,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousOfficeProductsStartSync
 
-Diagnostic event to indicate a new sync is being generated for this object type.
+This is a diagnostic event that indicates a new sync is being generated for this object type. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -3847,7 +3869,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousOfficeSettingsAdd
 
-This event describes various Office settings
+This event describes various Office settings. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -3861,7 +3883,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousOfficeSettingsStartSync
 
-Diagnostic event to indicate a new sync is being generated for this object type.
+This is a diagnostic event that indicates a new sync is being generated for this object type. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -3872,7 +3894,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousOfficeVBAAdd
 
-This event provides a summary rollup count of conditions encountered while performing a local scan of Office files, analyzing for known VBA programmability compatibility issues between legacy office version and ProPlus, and between 32 and 64-bit versions
+This event provides a summary rollup count of conditions encountered while performing a local scan of Office files, analyzing for known VBA programmability compatibility issues between legacy office version and ProPlus, and between 32 and 64-bit versions. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -3904,7 +3926,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousOfficeVBARemove
 
-Indicates that this particular data object represented by the objectInstanceId is no longer present.
+This event indicates that the particular data object represented by the objectInstanceId is no longer present. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -3912,7 +3934,7 @@ This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedevic
 
 ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousOfficeVBARuleViolationsAdd
 
-This event provides data on Microsoft Office VBA rule violations, including a rollup count per violation type, giving an indication of remediation requirements for an organization. The event identifier is a unique GUID, associated with the validation rule
+This event provides data on Microsoft Office VBA rule violations, including a rollup count per violation type, giving an indication of remediation requirements for an organization. The event identifier is a unique GUID, associated with the validation rule. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -3923,7 +3945,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousOfficeVBARuleViolationsRemove
 
-Indicates that this particular data object represented by the objectInstanceId is no longer present.
+This event indicates that the particular data object represented by the objectInstanceId is no longer present. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -3931,7 +3953,7 @@ This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedevic
 
 ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousOfficeVBARuleViolationsStartSync
 
-This event indicates that a new sync is being generated for this object type.
+This event indicates that a new sync is being generated for this object type. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -3942,7 +3964,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousOfficeVBAStartSync
 
-Diagnostic event to indicate a new sync is being generated for this object type.
+This diagnostic event indicates that a new sync is being generated for this object type. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -3953,7 +3975,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousUUPInfoAdd
 
-Provides data on Unified Update Platform (UUP) products and what version they are at.
+This event provides data on Unified Update Platform (UUP) products and what version they are at. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -3968,7 +3990,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousUUPInfoRemove
 
-Indicates that this particular data object represented by the objectInstanceId is no longer present.
+This event indicates that this particular data object represented by the objectInstanceId is no longer present. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -3976,7 +3998,7 @@ This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedevic
 
 ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousUUPInfoStartSync
 
-Diagnostic event to indicate a new sync is being generated for this object type.
+This is a diagnostic event that indicates a new sync is being generated for this object type. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -3984,7 +4006,7 @@ This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedevic
 
 ### Microsoft.Windows.Inventory.Indicators.Checksum
 
-This event summarizes the counts for the InventoryMiscellaneousUexIndicatorAdd events.
+This event summarizes the counts for the InventoryMiscellaneousUexIndicatorAdd events. The data collected with this event is used to keep Windows performing properly.
 
 The following fields are available:
 
@@ -3994,7 +4016,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Indicators.InventoryMiscellaneousUexIndicatorAdd
 
-These events represent the basic metadata about the OS indicators installed on the system which are used for keeping the device up to date.
+This event represents the basic metadata about the OS indicators installed on the system. The data collected with this event helps ensure the device is up to date and keeps Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -4005,7 +4027,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Indicators.InventoryMiscellaneousUexIndicatorRemove
 
-This event is a counterpart to InventoryMiscellaneousUexIndicatorAdd that indicates that the item has been removed.
+This event indicates that this particular data object represented by the objectInstanceId is no longer present. This event is used to understand the OS indicators installed on the system. The data collected with this event helps ensure the device is current and Windows is up to date and performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -4013,7 +4035,7 @@ This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedevic
 
 ### Microsoft.Windows.Inventory.Indicators.InventoryMiscellaneousUexIndicatorStartSync
 
-This event indicates that a new set of InventoryMiscellaneousUexIndicatorAdd events will be sent.
+This event indicates that this particular data object represented by the objectInstanceId is no longer present. This event is used to understand the OS indicators installed on the system. The data collected with this event helps ensure the device is current and Windows is up to date and performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -4033,7 +4055,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Kernel.BootEnvironment.OsLaunch
 
-OS information collected during Boot, used to evaluate the success of the upgrade process.
+This event includes basic data about the Operating System, collected during Boot and used to evaluate the success of the upgrade process. The data collected with this event is used to keep Windows performing properly.
 
 The following fields are available:
 
@@ -4062,7 +4084,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Kernel.Power.OSStateChange
 
-This event indicates an OS state change.
+This event indicates an OS state change. The data collected with this event is used to keep Windows performing properly.
 
 The following fields are available:
 
@@ -4183,7 +4205,104 @@ The following fields are available:
 
 ### Aria.af397ef28e484961ba48646a5d38cf54.Microsoft.WebBrowser.Installer.EdgeUpdate.Ping
 
-This event sends hardware and software inventory information about the Microsoft Edge Update service, Microsoft Edge applications, and the current system environment, including app configuration, update configuration, and hardware capabilities. It's  used to measure the reliability and performance of the EdgeUpdate service and if Microsoft Edge applications are up to date.
+This Ping event sends a detailed inventory of software and hardware information about the EdgeUpdate service, Edge applications, and the current system environment including app configuration, update configuration, and hardware capabilities. This event contains Device Connectivity and Configuration, Product and Service Performance, and Software Setup and Inventory data. One or more events is sent each time any installation, update, or uninstallation occurs with the EdgeUpdate service or with Edge applications. This event is used to measure the reliability and performance of the EdgeUpdate service and if Edge applications are up to date. This is an indication that the event is designed to keep Windows secure and up to date.
+
+The following fields are available:
+
+- **appAp**  Any additional parameters for the specified application. Default: ''.
+- **appAppId**  The GUID that identifies the product. Compatible clients must transmit this attribute. Please see the wiki for additional information. Default: undefined.
+- **appBrandCode**  The brand code under which the product was installed, if any. A brand code is a short (4-character) string used to identify installations that took place as a result of partner deals or website promotions. Default: ''.
+- **appChannel**  An integer indicating the channel of the installation (i.e. Canary or Dev).
+- **appClientId**  A generalized form of the brand code that can accept a wider range of values and is used for similar purposes. Default: ''.
+- **appCohort**  A machine-readable string identifying the release cohort (channel) that the app belongs to. Limited to ASCII characters 32 to 127 (inclusive) and a maximum length of 1024 characters. Default: ''.
+- **appCohortHint**  A machine-readable enum indicating that the client has a desire to switch to a different release cohort. The exact legal values are app-specific and should be shared between the server and app implementations. Limited to ASCII characters 32 to 127 (inclusive) and a maximum length of 1024 characters. Default: ''.
+- **appCohortName**  A stable non-localized human-readable enum indicating which (if any) set of messages the app should display to the user. For example, an app with a cohort Name of 'beta' might display beta-specific branding to the user. Limited to ASCII characters 32 to 127 (inclusive) and a maximum length of 1024 characters. Default: ''.
+- **appConsentState**  Bit flags describing the diagnostic data disclosure and response flow where 1 indicates the affirmative and 0 indicates the negative or unspecified data. Bit 1 indicates consent was given, bit 2 indicates data originated from the download page, bit 18 indicates choice for sending data about how the browser is used, and bit 19 indicates choice for sending data about websites visited.
+- **appDayOfInstall**  The date-based counting equivalent of appInstallTimeDiffSec (the numeric calendar day that the app was installed on). This value is provided by the server in the response to the first request in the installation flow. The client MAY fuzz this value to the week granularity (e.g. send '0' for 0 through 6, '7' for 7 through 13, etc.). The first communication to the server should use a special value of '-1'. A value of '-2' indicates that this value is not known. Please see the wiki for additional information. Default: '-2'.
+- **appExperiments**  A key/value list of experiment identifiers. Experiment labels are used to track membership in different experimental groups, and may be set at install or update time. The experiments string is formatted as a semicolon-delimited concatenation of experiment label strings. An experiment label string is an experiment Name, followed by the '=' character, followed by an experimental label value. For example: 'crdiff=got_bsdiff;optimized=O3'. The client should not transmit the expiration date of any experiments it has, even if the server previously specified a specific expiration date. Default: ''.
+- **appIid**  A GUID that identifies a particular installation flow. For example, each download of a product installer is tagged with a unique GUID. Attempts to install using that installer can then be grouped. A client SHOULD NOT persist the IID GUID after the installation flow of a product is complete.
+- **appInstallTimeDiffSec**  The difference between the current time and the install date in seconds. '0' if unknown. Default: '-1'.
+- **appLang**  The language of the product install, in IETF BCP 47 representation. Default: ''.
+- **appNextVersion**  The version of the app that the update flow to which this event belongs attempted to reach, regardless of the success or failure of the update operation. Please see the wiki for additional information. Default: '0.0.0.0'.
+- **appPingEventAppSize**  The total number of bytes of all downloaded packages. Default: '0'.
+- **appPingEventDownloadMetricsCdnCCC**  ISO 2 character country code that matches to the country updated binaries are delivered from. E.g.: US.
+- **appPingEventDownloadMetricsCdnCID**  Numeric value used to internally track the origins of the updated binaries. For example, 2.
+- **appPingEventDownloadMetricsDownloadedBytes**  For events representing a download, the number of bytes expected to be downloaded. For events representing an entire update flow, the sum of all such expected bytes over the course of the update flow. Default: '0'.
+- **appPingEventDownloadMetricsDownloader**  A string identifying the download algorithm and/or stack. Example values include: 'bits', 'direct', 'winhttp', 'p2p'. Sent in events that have an event type of '14' only. Default: ''.
+- **appPingEventDownloadMetricsDownloadTimeMs**  For events representing a download, the time elapsed between the start of the download and the end of the download, in milliseconds. For events representing an entire update flow, the sum of all such download times over the course of the update flow. Sent in events that have an event type of '1', '2', '3', and '14' only. Default: '0'.
+- **appPingEventDownloadMetricsError**  The error code (if any) of the operation, encoded as a signed base-10 integer. Default: '0'.
+- **appPingEventDownloadMetricsServerIpHint**  For events representing a download, the CDN Host IP address that corresponds to the update file server. The CDN host is controlled by Microsoft servers and always maps to IP addresses hosting *.delivery.mp.microsoft.com or msedgesetup.azureedge.net. Default: ''.
+- **appPingEventDownloadMetricsTotalBytes**  For events representing a download, the number of bytes expected to be downloaded. For events representing an entire update flow, the sum of all such expected bytes over the course of the update flow. Default: '0'.
+- **appPingEventDownloadMetricsUrl**  For events representing a download, the CDN URL provided by the update server for the client to download the update, the URL is controlled by Microsoft servers and always maps back to either *.delivery.mp.microsoft.com or msedgesetup.azureedge.net. Default: ''.
+- **appPingEventDownloadTimeMs**  For events representing a download, the time elapsed between the start of the download and the end of the download, in milliseconds. For events representing an entire update flow, the sum of all such download times over the course of the update flow. Sent in events that have an event type of '1', '2', '3', and '14' only. Default: '0'.
+- **appPingEventErrorCode**  The error code (if any) of the operation, encoded as a signed, base-10 integer. Default: '0'.
+- **appPingEventEventResult**  An enum indicating the result of the event. Please see the wiki for additional information. Default: '0'.
+- **appPingEventEventType**  An enum indicating the type of the event. Compatible clients MUST transmit this attribute. Please see the wiki for additional information.
+- **appPingEventExtraCode1**  Additional numeric information about the operation's result, encoded as a signed, base-10 integer. Default: '0'.
+- **appPingEventInstallTimeMs**  For events representing an install, the time elapsed between the start of the install and the end of the install, in milliseconds. For events representing an entire update flow, the sum of all such durations. Sent in events that have an event type of '2' and '3' only. Default: '0'.
+- **appPingEventNumBytesDownloaded**  The number of bytes downloaded for the specified application. Default: '0'.
+- **appPingEventSequenceId**  An id that uniquely identifies particular events within one requestId. Since a request can contain multiple ping events, this field is necessary to uniquely identify each possible event.
+- **appPingEventSourceUrlIndex**  For events representing a download, the position of the download URL in the list of URLs supplied by the server in a "urls" tag.
+- **appPingEventUpdateCheckTimeMs**  For events representing an entire update flow, the time elapsed between the start of the update check and the end of the update check, in milliseconds. Sent in events that have an event type of '2' and '3' only. Default: '0'.
+- **appUpdateCheckIsUpdateDisabled**  The state of whether app updates are restricted by group policy. True if updates have been restricted by group policy or false if they have not.
+- **appUpdateCheckTargetVersionPrefix**  A component-wise prefix of a version number, or a complete version number suffixed with the $ character. The server should not return an update instruction to a version number that does not match the prefix or complete version number. The prefix is interpreted a dotted-tuple that specifies the exactly-matching elements; it is not a lexical prefix (for example, '1.2.3' must match '1.2.3.4' but must not match '1.2.34'). Default: ''.
+- **appUpdateCheckTtToken**  An opaque access token that can be used to identify the requesting client as a member of a trusted-tester group. If non-empty, the request should be sent over SSL or another secure protocol. Default: ''.
+- **appVersion**  The version of the product install. Please see the wiki for additional information. Default: '0.0.0.0'.
+- **eventType**  A string indicating the type of the event. Please see the wiki for additional information.
+- **hwHasAvx**  '1' if the client's hardware supports the AVX instruction set. '0' if the client's hardware does not support the AVX instruction set. '-1' if unknown. Default: '-1'.
+- **hwHasSse**  '1' if the client's hardware supports the SSE instruction set. '0' if the client's hardware does not support the SSE instruction set. '-1' if unknown. Default: '-1'.
+- **hwHasSse2**  '1' if the client's hardware supports the SSE2 instruction set. '0' if the client's hardware does not support the SSE2 instruction set. '-1' if unknown. Default: '-1'.
+- **hwHasSse3**  '1' if the client's hardware supports the SSE3 instruction set. '0' if the client's hardware does not support the SSE3 instruction set. '-1' if unknown. Default: '-1'.
+- **hwHasSse41**  '1' if the client's hardware supports the SSE4.1 instruction set. '0' if the client's hardware does not support the SSE4.1 instruction set. '-1' if unknown. Default: '-1'.
+- **hwHasSse42**  '1' if the client's hardware supports the SSE4.2 instruction set. '0' if the client's hardware does not support the SSE4.2 instruction set. '-1' if unknown. Default: '-1'.
+- **hwHasSsse3**  '1' if the client's hardware supports the SSSE3 instruction set. '0' if the client's hardware does not support the SSSE3 instruction set. '-1' if unknown. Default: '-1'.
+- **hwPhysmemory**  The physical memory available to the client, truncated down to the nearest gibibyte. '-1' if unknown. This value is intended to reflect the maximum theoretical storage capacity of the client, not including any hard drive or paging to a hard drive or peripheral. Default: '-1'.
+- **isMsftDomainJoined**  '1' if the client is a member of a Microsoft domain. '0' otherwise. Default: '0'.
+- **osArch**  The architecture of the operating system (e.g. 'x86', 'x64', 'arm'). '' if unknown. Default: ''.
+- **osPlatform**  The operating system family that the within which the Omaha client is running (e.g. 'win', 'mac', 'linux', 'ios', 'android'). '' if unknown. The operating system Name should be transmitted in lowercase with minimal formatting. Default: ''.
+- **osServicePack**  The secondary version of the operating system. '' if unknown. Default: ''.
+- **osVersion**  The primary version of the operating system. '' if unknown. Default: ''.
+- **requestCheckPeriodSec**  The update interval in seconds. The value is read from the registry. Default: '-1'.
+- **requestDlpref**  A comma-separated list of values specifying the preferred download URL behavior. The first value is the highest priority, further values reflect secondary, tertiary, et cetera priorities. Legal values are '' (in which case the entire list must be empty, indicating unknown or no-preference) or 'cacheable' (the server should prioritize sending URLs that are easily cacheable). Default: ''.
+- **requestDomainJoined**  '1' if the machine is part of a managed enterprise domain. Otherwise '0'.
+- **requestInstallSource**  A string specifying the cause of the update flow. For example: 'ondemand', or 'scheduledtask'. Default: ''.
+- **requestIsMachine**  '1' if the client is known to be installed with system-level or administrator privileges. '0' otherwise. Default: '0'.
+- **requestOmahaShellVersion**  The version of the Omaha installation folder. Default: ''.
+- **requestOmahaVersion**  The version of the Omaha updater itself (the entity sending this request). Default: '0.0.0.0'.
+- **requestProtocolVersion**  The version of the Omaha protocol. Compatible clients MUST provide a value of '3.0'. Compatible clients must always transmit this attribute. Default: undefined.
+- **requestRequestId**  A randomly-generated (uniformly distributed) GUID, corresponding to the Omaha request. Each request attempt should have (with high probability) a unique request id. Default: ''.
+- **requestSessionCorrelationVectorBase**  A client generated random MS Correlation Vector base code used to correlate the update session with update and CDN servers. Default: ''.
+- **requestSessionId**  A randomly-generated (uniformly distributed) GUID. Each single update flow (e.g. update check, update application, event ping sequence) should have (with high probability) a single unique session ID. Default: ''.
+- **requestTestSource**  Either '', 'dev', 'qa', 'prober', 'auto', or 'ossdev'. Any value except '' indicates that the request is a test and should not be counted toward normal metrics. Default: ''.
+- **requestUid**  A randomly-generated (uniformly distributed) GUID, corresponding to the Omaha user. Each request attempt SHOULD have (with high probability) a unique request id. Default: ''.
+
+
+### Aria.f4a7d46e472049dfba756e11bdbbc08f.Microsoft.WebBrowser.SystemInfo.Config
+
+This config event sends basic device connectivity and configuration information from Microsoft Edge about the current data collection consent, app version, and installation state to keep Microsoft Edge up to date and secure.
+
+The following fields are available:
+
+- **app_version**  The internal Edge build version string, taken from the UMA metrics field system_profile.app_version.
+- **appConsentState**  Bit flags describing consent for data collection on the machine or zero if the state was not retrieved. The following are true when the associated bit is set: consent was granted (0x1), consent was communicated at install (0x2), diagnostic data consent granted (0x20000), browsing data consent granted (0x40000).
+- **Channel**  An integer indicating the channel of the installation (Canary or Dev).
+- **client_id**  A unique identifier with which all other diagnostic client data is associated, taken from the UMA metrics provider. This ID is effectively unique per device, per OS user profile, per release channel (e.g. Canary/Dev/Beta/Stable). client_id is not durable, based on user preferences. client_id is initialized on the first application launch under each OS user profile. client_id is linkable, but not unique across devices or OS user profiles. client_id is reset whenever UMA data collection is disabled, or when the application is uninstalled.
+- **ConnectionType**  The first reported type of network connection currently connected. This can be one of Unknown, Ethernet, WiFi, 2G, 3G, 4G, None, or Bluetooth.
+- **container_client_id**  The client ID of the container, if in WDAG mode. This will be different from the UMA log client ID, which is the client ID of the host in WDAG mode.
+- **container_session_id**  The session ID of the container, if in WDAG mode. This will be different from the UMA log session ID, which is the session ID of the host in WDAG mode.
+- **Etag**  Etag is an identifier representing all service applied configurations and experiments for the current browser session. This field is left empty when Windows diagnostic level is set to Basic or lower or when consent for diagnostic data has been denied.
+- **EventInfo.Level**  The minimum Windows diagnostic data level required for the event where 1 is basic, 2 is enhanced, and 3 is full.
+- **install_date**  The date and time of the most recent installation in seconds since midnight on January 1, 1970 UTC, rounded down to the nearest hour.
+- **installSource**  An enumeration representing the source of this installation: source was not retrieved (0), unspecified source (1), website installer (2), enterprise MSI (3), Windows update (4), Edge updater (5), scheduled or timed task (6, 7), uninstall (8), Edge about page (9), self-repair (10), other install command line (11), reserved (12), unknown source (13).
+- **PayloadClass**  The base class used to serialize and deserialize the Protobuf binary payload.
+- **PayloadGUID**  A random identifier generated for each original monolithic Protobuf payload, before the payload is potentially broken up into manageably-sized chunks for transmission.
+- **PayloadLogType**  The log type for the event correlating with 0 for unknown, 1 for stability, 2 for on-going, 3 for independent, 4 for UKM, or 5 for instance level.
+- **session_id**  An identifier that is incremented each time the user launches the application, irrespective of any client_id changes. session_id is seeded during the initial installation of the application. session_id is effectively unique per client_id value. Several other internal identifier values, such as window or tab IDs, are only meaningful within a particular session. The session_id value is forgotten when the application is uninstalled, but not during an upgrade.
+
+
+### Microsoft.WebBrowser.Installer.EdgeUpdate.Ping
+
+This event sends hardware and software inventory information about the Microsoft Edge Update service, Microsoft Edge applications, and the current system environment, including app configuration, update configuration, and hardware capabilities. It's used to measure the reliability and performance of the EdgeUpdate service and if Microsoft Edge applications are up to date. This is an indication that the event is designed to keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -4203,6 +4322,8 @@ The following fields are available:
 - **appLang**  The language of the product install, in IETF BCP 47 representation. Default: ''.
 - **appNextVersion**  The version of the app that the update attempted to reach, regardless of the success or failure of the update operation. Default: '0.0.0.0'.
 - **appPingEventAppSize**  The total number of bytes of all downloaded packages. Default: '0'.
+- **appPingEventDownloadMetricsCdnCCC**  ISO 2 character country code that matches to the country updated binaries are delivered from. E.g.: US.
+- **appPingEventDownloadMetricsCdnCID**  Numeric value used to internally track the origins of the updated binaries. For example, 2.
 - **appPingEventDownloadMetricsDownloadedBytes**  For events representing a download, the number of bytes expected to be downloaded. For events representing an entire update flow, the sum of all such expected bytes over the course of the update flow. Default: '0'.
 - **appPingEventDownloadMetricsDownloader**  A string identifying the download algorithm and/or stack. Example values include: 'bits', 'direct', 'winhttp', 'p2p'. Sent in events that have an event type of '14' only. Default: ''.
 - **appPingEventDownloadMetricsDownloadTimeMs**  For events representing a download, the time elapsed between the start of the download and the end of the download, in milliseconds. For events representing an entire update flow, the sum of all such download times over the course of the update flow. Sent in events that have an event type of '1', '2', '3', and '14' only. Default: '0'.
@@ -4250,49 +4371,26 @@ The following fields are available:
 - **requestSessionCorrelationVectorBase**  A client generated random MS Correlation Vector base code used to correlate the update session with update and CDN servers. Default: ''.
 - **requestSessionId**  A randomly-generated (uniformly distributed) GUID. Each single update flow (e.g. update check, update application, event ping sequence) SHOULD have (with high probability) a single unique session ID. Default: ''.
 - **requestTestSource**  Either '', 'dev', 'qa', 'prober', 'auto', or 'ossdev'. Any value except '' indicates that the request is a test and should not be counted toward normal metrics. Default: ''.
-- **requestUid**  A randomly-generated (uniformly distributed) GUID, corresponding to the Omaha user. Each request attempt should have (with high probability) a unique request id. Default: ''.
-
-
-### Aria.f4a7d46e472049dfba756e11bdbbc08f.Microsoft.WebBrowser.SystemInfo.Config
-
-This config event sends basic device connectivity and configuration information from Microsoft Edge about the current data collection consent, app version, and installation state to keep Microsoft Edge up to date and secure.
-
-The following fields are available:
-
-- **app_version**  The internal Microsoft Edge build version string.
-- **appConsentState**  Bit flags that describe the consent for data collection on the device, or zero if the state was not retrieved. The following are true when the associated bit is set: consent was granted (0x1), consent was communicated at install (0x2), diagnostic data consent granted (0x20000), browsing data consent granted (0x40000).
-- **Channel**  An integer indicating the channel of the installation (Canary or Dev).
-- **client_id**  A non-durable unique identifier with which all other diagnostic client data is associated. This value is reset whenever UMA data collection is disabled, or when the application is uninstalled.
-- **ConnectionType**  The first reported type of network connection currently connected. Possible values: Unknown, Ethernet, WiFi, 2G, 3G, 4G, None, or Bluetooth
-- **container_client_id**  The client ID of the container if the device is in Windows Defender Application Guard mode.
-- **container_session_id**  The session ID of the container if the device is in Windows Defender Application Guard mode.
-- **Etag**  Etag is an identifier representing all service applied configurations and experiments for the current browser session. There is not value in this field is the device is at the Basic diagnostic data level.
-- **EventInfo.Level**  The minimum Windows diagnostic data level required for the event. Possible values: 1 -- Basic, 2 -- Enhanced, 3 -- Full
-- **install_date**  The date and time of the most recent installation in seconds since midnight on January 1, 1970 UTC, rounded down to the nearest hour.
-- **installSource**  An enumeration representing the source of this installation. Possible values: source was not retrieved (0), unspecified source (1), website installer (2), enterprise MSI (3), Windows update (4), Edge updater (5), scheduled or timed task (6, 7), uninstall (8), Edge about page (9), self-repair (10), other install command line (11), reserved (12), unknown source (13).
-- **PayloadClass**  The base class used to serialize and deserialize the Protobuf binary payload.
-- **PayloadGUID**  A random identifier generated for each original monolithic Protobuf payload, before the payload is potentially broken up into manageably-sized chunks for transmission.
-- **PayloadLogType**  The log type for the event correlating with. Possible values: 0 -- Unknown, 1 -- Stability, 2 -- On-going, 3 -- Independent, 4 -- UKM, or 5 -- Instance level
-- **session_id** An ordered identifier that is guaranteed to be greater than the previous session identifier each time the user launches the application, reset on subsequent launch after client_id changes. session_id is seeded during the initial installation of the application. session_id is effectively unique per client_id value. Several other internal identifier values, such as window or tab IDs, are only meaningful within a particular session. The session_id value is forgotten when the application is uninstalled, but not during an upgrade.
+- **requestUid**  A randomly-generated (uniformly distributed) GUID, corresponding to the Omaha user. Each request attempt SHOULD have (with high probability) a unique request id. Default: ''.
 
 
 ## Migration events
 
 ### Microsoft.Windows.MigrationCore.MigObjectCountDLUsr
 
-This event returns data to track the count of the migration objects across various phases during feature update.
+This event returns data to track the count of the migration objects across various phases during feature update. The data collected with this event is used to help keep Windows secure and to track data loss scenarios.
 
 
 
 ### Microsoft.Windows.MigrationCore.MigObjectCountKFSys
 
-This event returns data about the count of the migration objects across various phases during feature update.
+This event returns data about the count of the migration objects across various phases during feature update. The data collected with this event is used to help keep Windows secure and to track data loss scenarios.
 
 
 
 ### Microsoft.Windows.MigrationCore.MigObjectCountKFUsr
 
-This event returns data to track the count of the migration objects across various phases during feature update.
+This event returns data to track the count of the migration objects across various phases during feature update. The data collected with this event is used to help keep Windows secure and to track data loss scenarios.
 
 
 
@@ -4300,7 +4398,7 @@ This event returns data to track the count of the migration objects across vario
 
 ### Microsoft.Windows.Cast.Miracast.MiracastSessionEnd
 
-This event sends data at the end of a Miracast session that helps determine RTSP related Miracast failures along with some statistics about the session
+This event sends data at the end of a Miracast session that helps determine RTSP related Miracast failures along with some statistics about the session. The data collected with this event is used to keep Windows performing properly.
 
 The following fields are available:
 
@@ -4375,7 +4473,7 @@ The following fields are available:
 
 ### Microsoft.OneDrive.Sync.Setup.APIOperation
 
-This event includes basic data about install and uninstall OneDrive API operations.
+This event includes basic data about install and uninstall OneDrive API operations. The data collected with this event is used to help keep Windows up to date, secure, and performing properly.
 
 The following fields are available:
 
@@ -4388,7 +4486,7 @@ The following fields are available:
 
 ### Microsoft.OneDrive.Sync.Setup.EndExperience
 
-This event includes a success or failure summary of the installation.
+This event includes a success or failure summary of the installation. The data collected with this event is used to help keep Windows up to date, secure, and performing properly.
 
 The following fields are available:
 
@@ -4400,7 +4498,7 @@ The following fields are available:
 
 ### Microsoft.OneDrive.Sync.Setup.OSUpgradeInstallationOperation
 
-This event is related to the OS version when the OS is upgraded with OneDrive installed.
+This event is related to the OS version when the OS is upgraded with OneDrive installed. The data collected with this event is used to help keep Windows up to date, secure, and performing properly.
 
 The following fields are available:
 
@@ -4416,7 +4514,7 @@ The following fields are available:
 
 ### Microsoft.OneDrive.Sync.Setup.RegisterStandaloneUpdaterAPIOperation
 
-This event is related to registering or unregistering the OneDrive update task.
+This event is related to registering or unregistering the OneDrive update task. The data collected with this event is used to help keep Windows up to date, secure, and performing properly.
 
 The following fields are available:
 
@@ -4429,7 +4527,7 @@ The following fields are available:
 
 ### Microsoft.OneDrive.Sync.Updater.ComponentInstallState
 
-This event includes basic data about the installation state of dependent OneDrive components.
+This event includes basic data about the installation state of dependent OneDrive components. The data collected with this event is used to help keep Windows up to date, secure, and performing properly.
 
 The following fields are available:
 
@@ -4439,7 +4537,7 @@ The following fields are available:
 
 ### Microsoft.OneDrive.Sync.Updater.OverlayIconStatus
 
-This event indicates if the OneDrive overlay icon is working correctly. 0 = healthy; 1 = can be fixed; 2 = broken
+This event indicates if the OneDrive overlay icon is working correctly. 0 = healthy; 1 = can be fixed; 2 = broken. The data collected with this event is used to help keep Windows up to date, secure, and performing properly.
 
 The following fields are available:
 
@@ -4449,7 +4547,7 @@ The following fields are available:
 
 ### Microsoft.OneDrive.Sync.Updater.UpdateOverallResult
 
-This event sends information describing the result of the update.
+This event sends information describing the result of the update. The data collected with this event is used to help keep Windows up to date, secure, and performing properly.
 
 The following fields are available:
 
@@ -4460,7 +4558,7 @@ The following fields are available:
 
 ### Microsoft.OneDrive.Sync.Updater.UpdateXmlDownloadHResult
 
-This event determines the status when downloading the OneDrive update configuration file.
+This event determines the status when downloading the OneDrive update configuration file. The data collected with this event is used to help keep Windows up to date, secure, and performing properly.
 
 The following fields are available:
 
@@ -4469,7 +4567,7 @@ The following fields are available:
 
 ### Microsoft.OneDrive.Sync.Updater.WebConnectionStatus
 
-This event determines the error code that was returned when verifying Internet connectivity.
+This event determines the error code that was returned when verifying Internet connectivity. The data collected with this event is used to help keep Windows up to date, secure, and performing properly.
 
 The following fields are available:
 
@@ -4480,7 +4578,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Shell.PrivacyConsentLogging.PrivacyConsentCompleted
 
-This event is used to determine whether the user successfully completed the privacy consent experience.
+This event is used to determine whether the user successfully completed the privacy consent experience. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -4492,7 +4590,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Shell.PrivacyConsentLogging.PrivacyConsentPrep
 
-This event is used to determine whether the user needs to see the privacy consent experience or not.
+This event is used to determine whether the user needs to see the privacy consent experience or not. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -4502,7 +4600,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Shell.PrivacyConsentLogging.PrivacyConsentStatus
 
-Event tells us effectiveness of new privacy experience.
+This event provides the effectiveness of new privacy experience. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -4515,7 +4613,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Shell.PrivacyConsentLogging.wilActivity
 
-This event returns information if an error is encountered while computing whether the user needs to complete privacy consents in certain upgrade scenarios.
+This event returns information if an error is encountered while computing whether the user needs to complete privacy consents in certain upgrade scenarios. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -4539,7 +4637,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Shell.PrivacyNotifierLogging.PrivacyNotifierCompleted
 
-This event returns data to report the efficacy of a single-use tool to inform users impacted by a known issue and to take corrective action to address the issue.
+This event returns data to report the efficacy of a single-use tool to inform users impacted by a known issue and to take corrective action to address the issue. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -4556,7 +4654,7 @@ The following fields are available:
 
 ### Microsoft.Windows.QualityUpdateAssistant.Applicability
 
-This event sends basic info on whether the device should be updated to the latest cumulative update.
+This event sends basic info on whether the device should be updated to the latest cumulative update. The data collected with this event is used to help keep Windows up to date and secure.
 
 The following fields are available:
 
@@ -4568,7 +4666,7 @@ The following fields are available:
 
 ### Microsoft.Windows.QualityUpdateAssistant.DeviceReadinessCheck
 
-This event sends basic info on whether the device is ready to download the latest cumulative update.
+This event sends basic info on whether the device is ready to download the latest cumulative update. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -4580,7 +4678,7 @@ The following fields are available:
 
 ### Microsoft.Windows.QualityUpdateAssistant.Download
 
-This event sends basic info when download of the latest cumulative update begins.
+This event sends basic info when download of the latest cumulative update begins. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -4592,7 +4690,7 @@ The following fields are available:
 
 ### Microsoft.Windows.QualityUpdateAssistant.Install
 
-This event sends basic info on the result of the installation of the latest cumulative update.
+This event sends basic info on the result of the installation of the latest cumulative update. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -4606,7 +4704,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Remediation.Applicable
 
-deny
+This event indicates whether Windows Update sediment remediations need to be applied to the sediment device to keep Windows up to date. A sediment device is one that has been on a previous OS version for an extended period. The remediations address issues on the system that prevent the device from receiving OS updates.
 
 The following fields are available:
 
@@ -4654,7 +4752,7 @@ The following fields are available:
 - **RemediationNoisyHammerUserLoggedInAdmin**  TRUE if there is the user currently logged in is an Admin.
 - **RemediationShellDeviceManaged**  TRUE if the device is WSUS managed or Windows Updated disabled.
 - **RemediationShellDeviceNewOS**  TRUE if the device has a recently installed OS.
-- **RemediationShellDeviceSccm**  TRUE if the device is managed by Configuration Manager.
+- **RemediationShellDeviceSccm**  TRUE if the device is managed by SCCM (Microsoft System Center Configuration Manager).
 - **RemediationShellDeviceZeroExhaust**  TRUE if the device has opted out of Windows Updates completely.
 - **RemediationTargetMachine**  Indicates whether the device is a target of the specified fix.
 - **RemediationTaskHealthAutochkProxy**  True/False based on the health of the AutochkProxy task.
@@ -4690,7 +4788,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Remediation.ChangePowerProfileDetection
 
-Indicates whether the remediation system can put in a request to defer a system-initiated sleep to enable installation of security or quality updates.
+This event indicates whether the remediation system can put in a request to defer a system-initiated sleep to enable installation of security or quality updates, to keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -4831,7 +4929,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Remediation.RemediationShellMainExeEventId
 
-Enables tracking of completion of process that remediates issues preventing security and quality updates.
+This event enables tracking of completion of process that remediates issues preventing security and quality updates keep Windows up to date.
 
 The following fields are available:
 
@@ -4863,7 +4961,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Sediment.Info.DetailedState
 
-This event is sent when detailed state information is needed from an update trial run.
+This event is sent when detailed state information is needed from an update trial run. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -4932,7 +5030,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Sediment.OSRSS.Error
 
-This event indicates an error occurred in the Operating System Remediation System Service (OSRSS). The information provided helps ensure future upgrade/update attempts are more successful.
+This event indicates an error occurred in the Operating System Remediation System Service (OSRSS). The information provided helps ensure future upgrade/update attempts are more successful. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -4995,7 +5093,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Sediment.OSRSS.SelfUpdate
 
-This event returns metadata after Operating System Remediation System Service (OSRSS) successfully replaces itself with a new version.
+This event returns metadata after Operating System Remediation System Service (OSRSS) successfully replaces itself with a new version. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -5006,7 +5104,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Sediment.OSRSS.UrlState
 
-This event indicates the state the Operating System Remediation System Service (OSRSS)  is in while attempting a download from the URL.
+This event indicates the state the Operating System Remediation System Service (OSRSS) is in while attempting a download from the URL. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -5080,7 +5178,7 @@ The following fields are available:
 
 ### Microsoft.Windows.SedimentLauncher.Applicable
 
-This event is sent when the Windows Update sediment remediations launcher finds that an applicable plug-in to address issues that may be preventing the sediment device from receiving OS updates.  A sediment device is one that has been on a previous OS version for an extended period.
+This event is sent when the Windows Update sediment remediations launcher finds that an applicable plug-in to address issues that may be preventing the sediment device from receiving OS updates.  A sediment device is one that has been on a previous OS version for an extended period. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -5096,7 +5194,7 @@ The following fields are available:
 
 ### Microsoft.Windows.SedimentLauncher.Completed
 
-This event is sent when the Windows Update sediment remediations launcher finishes running a plug-in to address issues that may be preventing the sediment device from receiving OS updates.  A sediment device is one that has been on a previous OS version for an extended period.
+This event is sent when the Windows Update sediment remediations launcher finishes running a plug-in to address issues that may be preventing the sediment device from receiving OS updates.  A sediment device is one that has been on a previous OS version for an extended period. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -5111,7 +5209,7 @@ The following fields are available:
 
 ### Microsoft.Windows.SedimentLauncher.Started
 
-This event is sent when the Windows Update sediment remediations launcher starts running a plug-in to address issues that may be preventing the sediment device from receiving OS updates.  A sediment device is one that has been on a previous OS version for an extended period.
+This event is sent when the Windows Update sediment remediations launcher starts running a plug-in to address issues that may be preventing the sediment device from receiving OS updates.  A sediment device is one that has been on a previous OS version for an extended period. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -5124,7 +5222,7 @@ The following fields are available:
 
 ### Microsoft.Windows.SedimentService.Applicable
 
-This event is sent when the Windows Update sediment remediations service finds that an applicable plug-in to address issues that may be preventing the sediment device from receiving OS updates.  A sediment device is one that has been on a previous OS version for an extended period.
+This event is sent when the Windows Update sediment remediations service finds that an applicable plug-in to address issues that may be preventing the sediment device from receiving OS updates.  A sediment device is one that has been on a previous OS version for an extended period. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -5140,7 +5238,7 @@ The following fields are available:
 
 ### Microsoft.Windows.SedimentService.Completed
 
-This event is sent when the Windows Update sediment remediations service finishes running a plug-in to address issues that may be preventing the sediment device from receiving OS updates.  A sediment device is one that has been on a previous OS version for an extended period.
+This event is sent when the Windows Update sediment remediations service finishes running a plug-in to address issues that may be preventing the sediment device from receiving OS updates.  A sediment device is one that has been on a previous OS version for an extended period. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -5162,7 +5260,7 @@ The following fields are available:
 
 ### Microsoft.Windows.SedimentService.Started
 
-This event is sent when the Windows Update sediment remediations service starts running a plug-in to address issues that may be preventing the sediment device from receiving OS updates.  A sediment device is one that has been on a previous OS version for an extended period.
+This event is sent when the Windows Update sediment remediations service starts running a plug-in to address issues that may be preventing the sediment device from receiving OS updates.  A sediment device is one that has been on a previous OS version for an extended period. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -5239,7 +5337,7 @@ The following fields are available:
 
 ### wilActivity
 
-This event provides a Windows Internal Library context used for Product and Service diagnostics.
+This event provides a Windows Internal Library context used for Product and Service diagnostics. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -5264,7 +5362,7 @@ The following fields are available:
 
 ### wilResult
 
-This event provides a Windows Internal Library context used for Product and Service diagnostics.
+This event provides a Windows Internal Library context used for Product and Service diagnostics. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -5289,15 +5387,45 @@ The following fields are available:
 
 ## SIH events
 
+### SIHEngineTelemetry.EvalApplicability
+
+This event is sent when targeting logic is evaluated to determine if a device is eligible for a given action. The data collected with this event is used to help keep Windows up to date.
+
+The following fields are available:
+
+- **ActionReasons**  If an action has been assessed as inapplicable, the additional logic prevented it.
+- **AdditionalReasons**  If an action has been assessed as inapplicable, the additional logic prevented it.
+- **CachedEngineVersion**  The engine DLL version that is being used.
+- **EventInstanceID**  A unique identifier for event instance.
+- **EventScenario**  Indicates the purpose of sending this event – whether because the software distribution just started checking for content, or whether it was cancelled, succeeded, or failed.
+- **HandlerReasons**  If an action has been assessed as inapplicable, the installer technology-specific logic prevented it.
+- **IsExecutingAction**  If the action is presently being executed.
+- **ServiceGuid**  A unique identifier that represents which service the software distribution client is connecting to (SIH, Windows Update, Microsoft Store, etc.).
+- **SihclientVersion**  The client version that is being used.
+- **StandardReasons**  If an action has been assessed as inapplicable, the standard logic the prevented it.
+- **StatusCode**  Result code of the event (success, cancellation, failure code HResult).
+- **UpdateID**  A unique identifier for the action being acted upon.
+- **WuapiVersion**  The Windows Update API version that is currently installed.
+- **WuaucltVersion**  The Windows Update client version that is currently installed.
+- **WuauengVersion**  The Windows Update engine version that is currently installed.
+- **WUDeviceID**  The unique identifier controlled by the software distribution client.
+
+
 ### SIHEngineTelemetry.ExecuteAction
 
-This event is triggered with SIH attempts to execute (e.g. install) the update or action in question. Includes important information like if the update required a reboot.
+This event is triggered with SIH attempts to execute (e.g. install) the update or action in question. Includes important information like if the update required a reboot. The data collected with this event is used to help keep Windows up to date.
+
+
+
+### SIHEngineTelemetry.PostRebootReport
+
+This event reports the status of an action following a reboot, should one have been required. The data collected with this event is used to help keep Windows up to date.
 
 
 
 ### SIHEngineTelemetry.SLSActionData
 
-This event reports if the SIH client was able to successfully parse the manifest describing the actions to be evaluated.
+This event reports if the SIH client was able to successfully parse the manifest describing the actions to be evaluated. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -5318,7 +5446,7 @@ The following fields are available:
 
 ### SoftwareUpdateClientTelemetry.CheckForUpdates
 
-Scan process event on Windows Update client (see eventscenario field for specifics, e.g.: started/failed/succeeded)
+This event sends tracking data about the software distribution client check for content that is applicable to a device, to help keep Windows up to date.
 
 The following fields are available:
 
@@ -5401,7 +5529,7 @@ The following fields are available:
 
 ### SoftwareUpdateClientTelemetry.Commit
 
-This event tracks the commit process post the update installation when software update client is trying to update the device.
+This event sends data on whether the Update Service has been called to execute an upgrade, to help keep Windows up to date.
 
 The following fields are available:
 
@@ -5431,7 +5559,7 @@ The following fields are available:
 
 ### SoftwareUpdateClientTelemetry.Download
 
-Download process event for target update on Windows Update client. See EventScenario field for specifics (started/failed/succeeded).
+This event sends tracking data about the software distribution client download of the content for that update, to help keep Windows up to date.
 
 The following fields are available:
 
@@ -5505,7 +5633,7 @@ The following fields are available:
 
 ### SoftwareUpdateClientTelemetry.DownloadCheckpoint
 
-This event provides a checkpoint between each of the Windows Update download phases for UUP content
+This event provides a checkpoint between each of the Windows Update download phases for UUP content. The data collected with this event is used to help keep Windows up to date, secure, and performing properly.
 
 The following fields are available:
 
@@ -5527,7 +5655,7 @@ The following fields are available:
 
 ### SoftwareUpdateClientTelemetry.DownloadHeartbeat
 
-This event allows tracking of ongoing downloads and contains data to explain the current state of the download
+This event allows tracking of ongoing downloads and contains data to explain the current state of the download. The data collected with this event is used to help keep Windows up to date, secure, and performing properly.
 
 The following fields are available:
 
@@ -5623,7 +5751,7 @@ The following fields are available:
 
 ### SoftwareUpdateClientTelemetry.UpdateDetected
 
-This event sends data about an AppX app that has been updated from the Microsoft Store, including what app needs an update and what version/architecture is required, in order to understand and address problems with apps getting required updates.
+This event sends data about an AppX app that has been updated from the Microsoft Store, including what app needs an update and what version/architecture is required, in order to understand and address problems with apps getting required updates. The data collected with this event is used to help keep Windows up to date, secure, and performing properly.
 
 The following fields are available:
 
@@ -5638,7 +5766,7 @@ The following fields are available:
 
 ### SoftwareUpdateClientTelemetry.UpdateMetadataIntegrity
 
-Ensures Windows Updates are secure and complete. Event helps to identify whether update content has been tampered with and protects against man-in-the-middle attack.
+This event helps to identify whether update content has been tampered with and protects against man-in-the-middle attack. The data collected with this event is used to help keep Windows up to date, secure, and performing properly.
 
 The following fields are available:
 
@@ -5671,7 +5799,7 @@ The following fields are available:
 
 ### Microsoft.Windows.UpdateAssistant.Orchestrator.BlockingEventId
 
-The event sends basic info on the reason that Windows 10 was not updated due to compatibility issues, previous rollbacks, or admin policies.
+The event sends basic info on the reason that Windows 10 was not updated due to compatibility issues, previous rollbacks, or admin policies. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -5682,7 +5810,7 @@ The following fields are available:
 - **DeviceIsMdmManaged**  This device is MDM managed.
 - **IsNetworkAvailable**  If the device network is not available.
 - **IsNetworkMetered**  If network is metered.
-- **IsSccmManaged**  This device is managed by Configuration Manager.
+- **IsSccmManaged**  This device is SCCM managed.
 - **NewlyInstalledOs**  OS is newly installed quiet period.
 - **PausedByPolicy**  Updates are paused by policy.
 - **RecoveredFromRS3**  Previously recovered from RS3.
@@ -5695,7 +5823,7 @@ The following fields are available:
 
 ### Microsoft.Windows.UpdateAssistant.Orchestrator.DeniedLaunchEventId
 
-The event sends basic info when a device was blocked or prevented from updating to the latest Windows 10 version.
+The event sends basic info when a device was blocked or prevented from updating to the latest Windows 10 version. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -5706,7 +5834,7 @@ The following fields are available:
 
 ### Microsoft.Windows.UpdateAssistant.Orchestrator.FailedLaunchEventId
 
-Event to mark that Update Assistant Orchestrator failed to launch Update Assistant.
+This event indicates that Update Assistant Orchestrator failed to launch Update Assistant. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -5718,7 +5846,7 @@ The following fields are available:
 
 ### Microsoft.Windows.UpdateAssistant.Orchestrator.FailedOneSettingsQueryEventId
 
-Event indicating One Settings was not queried by update assistant.
+This event indicates that One Settings was not queried by update assistant. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -5728,7 +5856,7 @@ The following fields are available:
 
 ### Microsoft.Windows.UpdateAssistant.Orchestrator.LaunchEventId
 
-This event sends basic information on whether the device should be updated to the latest Windows 10 version.
+This event sends basic information on whether the device should be updated to the latest Windows 10 version. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -5741,7 +5869,7 @@ The following fields are available:
 
 ### Microsoft.Windows.UpdateAssistant.Orchestrator.RestoreEventId
 
-The event sends basic info on whether the Windows 10 update notification has previously launched.
+The event sends basic info on whether the Windows 10 update notification has previously launched. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -5754,7 +5882,7 @@ The following fields are available:
 
 ### Update360Telemetry.Revert
 
-This event sends data relating to the Revert phase of updating Windows.
+This event sends data relating to the Revert phase of updating Windows. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -5771,7 +5899,7 @@ The following fields are available:
 
 ### Update360Telemetry.UpdateAgentCommit
 
-This event collects information regarding the commit phase of the new Unified Update Platform (UUP) update scenario, which is leveraged by both Mobile and Desktop.
+This event collects information regarding the commit phase of the new Unified Update Platform (UUP) update scenario, which is leveraged by both Mobile and Desktop. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -5787,7 +5915,7 @@ The following fields are available:
 
 ### Update360Telemetry.UpdateAgentDownloadRequest
 
-This event sends data for the download request phase of updating Windows via the new Unified Update Platform (UUP) scenario. Applicable to PC and Mobile.
+This event sends data for the download request phase of updating Windows via the new Unified Update Platform (UUP) scenario. Applicable to PC and Mobile. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -5819,7 +5947,7 @@ The following fields are available:
 
 ### Update360Telemetry.UpdateAgentExpand
 
-This event collects information regarding the expansion phase of the new Unified Update Platform (UUP) update scenario, which is leveraged by both Mobile and Desktop.
+This event collects information regarding the expansion phase of the new Unified Update Platform (UUP) update scenario, which is leveraged by both Mobile and Desktop. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -5839,7 +5967,7 @@ The following fields are available:
 
 ### Update360Telemetry.UpdateAgentFellBackToCanonical
 
-This event collects information when express could not be used and we fall back to canonical during the new Unified Update Platform (UUP) update scenario, which is leveraged by both Mobile and Desktop.
+This event collects information when express could not be used and we fall back to canonical during the new Unified Update Platform (UUP) update scenario, which is leveraged by both Mobile and Desktop. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -5855,7 +5983,7 @@ The following fields are available:
 
 ### Update360Telemetry.UpdateAgentInitialize
 
-This event sends data for the initialize phase of updating Windows via the new Unified Update Platform (UUP) scenario, which is applicable to both PCs and Mobile.
+This event sends data for the initialize phase of updating Windows via the new Unified Update Platform (UUP) scenario, which is applicable to both PCs and Mobile. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -5873,7 +6001,7 @@ The following fields are available:
 
 ### Update360Telemetry.UpdateAgentInstall
 
-This event sends data for the install phase of updating Windows.
+This event sends data for the install phase of updating Windows. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -5891,7 +6019,7 @@ The following fields are available:
 
 ### Update360Telemetry.UpdateAgentMerge
 
-The UpdateAgentMerge event sends data on the merge phase when updating Windows.
+The UpdateAgentMerge event sends data on the merge phase when updating Windows. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -5907,7 +6035,7 @@ The following fields are available:
 
 ### Update360Telemetry.UpdateAgentMitigationResult
 
-This event sends data indicating the result of each update agent mitigation.
+This event sends data indicating the result of each update agent mitigation. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -5933,7 +6061,7 @@ The following fields are available:
 
 ### Update360Telemetry.UpdateAgentMitigationSummary
 
-This event sends a summary of all the update agent mitigations available for an this update.
+This event sends a summary of all the update agent mitigations available for an this update. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -5953,7 +6081,7 @@ The following fields are available:
 
 ### Update360Telemetry.UpdateAgentModeStart
 
-This event sends data for the start of each mode during the process of updating Windows via the new Unified Update Platform (UUP) scenario. Applicable to both PCs and Mobile.
+This event sends data for the start of each mode during the process of updating Windows via the new Unified Update Platform (UUP) scenario. Applicable to both PCs and Mobile. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -5969,7 +6097,7 @@ The following fields are available:
 
 ### Update360Telemetry.UpdateAgentOneSettings
 
-This event collects information regarding the post reboot phase of the new UUP (Unified Update Platform) update scenario; which is leveraged by both Mobile and Desktop.
+This event collects information regarding the post reboot phase of the new UUP (Unified Update Platform) update scenario; which is leveraged by both Mobile and Desktop. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -5987,7 +6115,7 @@ The following fields are available:
 
 ### Update360Telemetry.UpdateAgentPostRebootResult
 
-This event collects information for both Mobile and Desktop regarding the post reboot phase of the new Unified Update Platform (UUP) update scenario.
+This event collects information for both Mobile and Desktop regarding the post reboot phase of the new Unified Update Platform (UUP) update scenario. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -6003,13 +6131,13 @@ The following fields are available:
 
 ### Update360Telemetry.UpdateAgentReboot
 
-This event sends information indicating that a request has been sent to suspend an update.
+This event sends information indicating that a request has been sent to suspend an update. The data collected with this event is used to help keep Windows secure and up to date.
 
 
 
 ### Update360Telemetry.UpdateAgentSetupBoxLaunch
 
-The UpdateAgent_SetupBoxLaunch event sends data for the launching of the setup box when updating Windows via the new Unified Update Platform (UUP) scenario. This event is only applicable to PCs.
+The UpdateAgent_SetupBoxLaunch event sends data for the launching of the setup box when updating Windows via the new Unified Update Platform (UUP) scenario. This event is only applicable to PCs. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -6032,7 +6160,7 @@ The following fields are available:
 
 ### Microsoft.Windows.UpdateNotificationPipeline.JavascriptJavascriptCriticalGenericMessage
 
-This event indicates that Javascript is reporting a schema and a set of values for critical telemetry.
+This event indicates that Javascript is reporting a schema and a set of values for critical telemetry. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -6079,7 +6207,7 @@ The following fields are available:
 
 ### Microsoft.Windows.UpdateNotificationPipeline.UNPCampaignHeartbeat
 
-This event is sent at the start of each campaign, to be used as a heartbeat.
+This event is sent at the start of each campaign, to be used as a heartbeat. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -6095,7 +6223,7 @@ The following fields are available:
 
 ### Microsoft.Windows.UpdateNotificationPipeline.UNPCampaignManagerCleaningCampaign
 
-This event indicates that the Campaign Manager is cleaning up the campaign content.
+This event indicates that the Campaign Manager is cleaning up the campaign content. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -6111,7 +6239,7 @@ The following fields are available:
 
 ### Microsoft.Windows.UpdateNotificationPipeline.UnpCampaignManagerGetIsCamppaignCompleteFailed
 
-This event is sent when a campaign completion status query fails.
+This event is sent when a campaign completion status query fails. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -6128,7 +6256,7 @@ The following fields are available:
 
 ### Microsoft.Windows.UpdateNotificationPipeline.UNPCampaignManagerHeartbeat
 
-This event is sent at the start of the CampaignManager event and is intended to be used as a heartbeat.
+This event is sent at the start of the CampaignManager event and is intended to be used as a heartbeat. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -6144,7 +6272,7 @@ The following fields are available:
 
 ### Microsoft.Windows.UpdateNotificationPipeline.UnpCampaignManagerRunCampaignFailed
 
-This event is sent when the Campaign Manager encounters an unexpected error while running the campaign.
+This event is sent when the Campaign Manager encounters an unexpected error while running the campaign. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -6177,7 +6305,7 @@ The following fields are available:
 
 ### FacilitatorTelemetry.DUDownload
 
-This event returns data about the download of supplemental packages critical to upgrading a device to the next version of Windows.
+This event returns data about the download of supplemental packages critical to upgrading a device to the next version of Windows. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -6187,7 +6315,7 @@ The following fields are available:
 
 ### FacilitatorTelemetry.InitializeDU
 
-This event determines whether devices received additional or critical supplemental content during an OS upgrade.
+This event determines whether devices received additional or critical supplemental content during an OS upgrade. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -6245,7 +6373,7 @@ The following fields are available:
 
 ### Setup360Telemetry.OsUninstall
 
-This event sends data regarding OS updates and upgrades from Windows 7, Windows 8, and Windows 10. Specifically, it indicates the outcome of an OS uninstall.
+This event sends data regarding OS updates and upgrades from Windows 7, Windows 8, and Windows 10. Specifically, it indicates the outcome of an OS uninstall. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -6409,7 +6537,7 @@ The following fields are available:
 
 ### Setup360Telemetry.Setup360MitigationResult
 
-This event sends data indicating the result of each setup mitigation.
+This event sends data indicating the result of each setup mitigation. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -6434,7 +6562,7 @@ The following fields are available:
 
 ### Setup360Telemetry.Setup360MitigationSummary
 
-This event sends a summary of all the setup mitigations available for this update.
+This event sends a summary of all the setup mitigations available for this update. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -6453,7 +6581,7 @@ The following fields are available:
 
 ### Setup360Telemetry.Setup360OneSettings
 
-This event collects information regarding the post reboot phase of the new UUP (Unified Update Platform) update scenario; which is leveraged by both Mobile and Desktop.
+This event collects information regarding the post reboot phase of the new UUP (Unified Update Platform) update scenario; which is leveraged by both Mobile and Desktop. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -6492,9 +6620,45 @@ The following fields are available:
 
 ## Windows as a Service diagnostic events
 
+### Microsoft.Windows.WaaSMedic.DetectionFailed
+
+This event is sent when WaaSMedic fails to apply the named diagnostic. The data collected with this event is used to help keep Windows secure and up to date.
+
+The following fields are available:
+
+- **diagnostic**  Parameter where the diagnostic failed.
+- **hResult**  Error code from attempting the diagnostic.
+- **isDetected**  Flag indicating whether the condition was detected.
+- **pluginName**  Name of the attempted diagnostic.
+- **versionString**  The version number of the remediation engine.
+
+
+### Microsoft.Windows.WaaSMedic.EngineFailed
+
+This event indicates failure during medic engine execution. The data collected with this event is used to help keep Windows secure and up to date.
+
+The following fields are available:
+
+- **hResult**  Error code from the execution.
+- **versionString**  Version of Medic engine.
+
+
+### Microsoft.Windows.WaaSMedic.RemediationFailed
+
+This event is sent when the WaaS Medic update stack remediation tool fails to apply a described resolution to a problem that is blocking Windows Update from operating correctly on a target device. The data collected with this event is used to help keep Windows secure and up to date.
+
+The following fields are available:
+
+- **diagnostic**  Parameter where the resolution failed.
+- **hResult**  Error code that resulted from attempting the resolution.
+- **isRemediated**  Indicates whether the condition was remediated.
+- **pluginName**  Name of the attempted resolution.
+- **versionString**  Version of the engine.
+
+
 ### Microsoft.Windows.WaaSMedic.SummaryEvent
 
-Result of the WaaSMedic operation.
+This event provides the result of the WaaSMedic operation. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -6547,7 +6711,7 @@ The following fields are available:
 
 ### Microsoft.Windows.WER.MTT.Value
 
-This event is used for differential privacy.
+This event is used for differential privacy to help keep Windows up to date.
 
 The following fields are available:
 
@@ -6953,7 +7117,7 @@ The following fields are available:
 
 ### Microsoft.Windows.UpdateCsp.ExecuteRollBackFeatureFailed
 
-This event sends basic telemetry on the failure of the Feature Rollback.
+This event sends basic telemetry on the failure of the Feature Rollback. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -6968,7 +7132,7 @@ The following fields are available:
 
 ### Microsoft.Windows.UpdateCsp.ExecuteRollBackFeatureNotApplicable
 
-This event sends basic telemetry on whether Feature Rollback (rolling back features updates) is applicable to a device.
+This event sends basic telemetry on whether Feature Rollback (rolling back features updates) is applicable to a device. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -6982,19 +7146,19 @@ The following fields are available:
 
 ### Microsoft.Windows.UpdateCsp.ExecuteRollBackFeatureStarted
 
-This event sends basic information indicating that Feature Rollback has started.
+This event sends basic information indicating that Feature Rollback has started. The data collected with this event is used to help keep Windows secure and up to date.
 
 
 
 ### Microsoft.Windows.UpdateCsp.ExecuteRollBackFeatureSucceeded
 
-This event sends basic telemetry on the success of the rollback of feature updates.
+This event sends basic telemetry on the success of the rollback of feature updates. The data collected with this event is used to help keep Windows secure and up to date.
 
 
 
 ### Microsoft.Windows.UpdateCsp.ExecuteRollBackQualityFailed
 
-This event sends basic telemetry on the failure of the rollback of the Quality/LCU builds.
+This event sends basic telemetry on the failure of the rollback of the Quality/LCU builds. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -7009,7 +7173,7 @@ The following fields are available:
 
 ### Microsoft.Windows.UpdateCsp.ExecuteRollBackQualityNotApplicable
 
-This event informs you whether a rollback of Quality updates is applicable to the devices that you are attempting to rollback.
+This event informs you whether a rollback of Quality updates is applicable to the devices that you are attempting to rollback. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -7023,13 +7187,13 @@ The following fields are available:
 
 ### Microsoft.Windows.UpdateCsp.ExecuteRollBackQualityStarted
 
-This event indicates that the Quality Rollback process has started.
+This event indicates that the Quality Rollback process has started. The data collected with this event is used to help keep Windows secure and up to date.
 
 
 
 ### Microsoft.Windows.UpdateCsp.ExecuteRollBackQualitySucceeded
 
-This event sends basic telemetry on the success of the rollback of the Quality/LCU builds.
+This event sends basic telemetry on the success of the rollback of the Quality/LCU builds. The data collected with this event is used to help keep Windows secure and up to date.
 
 
 
@@ -7037,7 +7201,7 @@ This event sends basic telemetry on the success of the rollback of the Quality/L
 
 ### Microsoft.OSG.DU.DeliveryOptClient.DownloadCanceled
 
-This event describes when a download was canceled with Delivery Optimization. It's used to understand and address problems regarding downloads.
+This event describes when a download was canceled with Delivery Optimization. It's used to understand and address problems regarding downloads. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -7069,7 +7233,7 @@ The following fields are available:
 
 ### Microsoft.OSG.DU.DeliveryOptClient.DownloadCompleted
 
-This event describes when a download has completed with Delivery Optimization. It's used to understand and address problems regarding downloads.
+This event describes when a download has completed with Delivery Optimization. It's used to understand and address problems regarding downloads. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -7118,7 +7282,7 @@ The following fields are available:
 
 ### Microsoft.OSG.DU.DeliveryOptClient.DownloadPaused
 
-This event represents a temporary suspension of a download with Delivery Optimization. It's used to understand and address problems regarding downloads.
+This event represents a temporary suspension of a download with Delivery Optimization. It's used to understand and address problems regarding downloads. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -7138,7 +7302,7 @@ The following fields are available:
 
 ### Microsoft.OSG.DU.DeliveryOptClient.DownloadStarted
 
-This event sends data describing the start of a new download to enable Delivery Optimization. It's used to understand and address problems regarding downloads.
+This event sends data describing the start of a new download to enable Delivery Optimization. It's used to understand and address problems regarding downloads. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -7177,7 +7341,7 @@ The following fields are available:
 
 ### Microsoft.OSG.DU.DeliveryOptClient.FailureCdnCommunication
 
-This event represents a failure to download from a CDN with Delivery Optimization. It's used to understand and address problems regarding downloads.
+This event represents a failure to download from a CDN with Delivery Optimization. It's used to understand and address problems regarding downloads. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -7199,7 +7363,7 @@ The following fields are available:
 
 ### Microsoft.OSG.DU.DeliveryOptClient.JobError
 
-This event represents a Windows Update job error. It allows for investigation of top errors.
+This event represents a Windows Update job error. It allows for investigation of top errors. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -7215,7 +7379,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.DeviceUpdateAgent.UpdateAgentAnalysisSummary
 
-This event collects information regarding the state of devices and drivers on the system following a reboot after the install phase of the new device manifest UUP (Unified Update Platform) update scenario which is used to install a device manifest describing a set of driver packages.
+This event collects information regarding the state of devices and drivers on the system following a reboot after the install phase of the new device manifest UUP (Unified Update Platform) update scenario which is used to install a device manifest describing a set of driver packages. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -7239,7 +7403,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.DeviceUpdateAgent.UpdateAgentCommit
 
-This event collects information regarding the final commit phase of the new device manifest UUP (Unified Update Platform) update scenario, which is used to install a device manifest describing a set of driver packages.
+This event collects information regarding the final commit phase of the new device manifest UUP (Unified Update Platform) update scenario, which is used to install a device manifest describing a set of driver packages. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -7255,7 +7419,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.DeviceUpdateAgent.UpdateAgentDownloadRequest
 
-This event collects information regarding the download request phase of the new device manifest UUP (Unified Update Platform) update scenario, which is used to install a device manifest describing a set of driver packages.
+This event collects information regarding the download request phase of the new device manifest UUP (Unified Update Platform) update scenario, which is used to install a device manifest describing a set of driver packages. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -7282,7 +7446,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.DeviceUpdateAgent.UpdateAgentInitialize
 
-This event sends data for initializing a new update session for the new device manifest UUP (Unified Update Platform) update scenario, which is used to install a device manifest describing a set of driver packages.
+This event sends data for initializing a new update session for the new device manifest UUP (Unified Update Platform) update scenario, which is used to install a device manifest describing a set of driver packages. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -7300,7 +7464,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.DeviceUpdateAgent.UpdateAgentInstall
 
-This event collects information regarding the install phase of the new device manifest UUP (Unified Update Platform) update scenario which is used to install a device manifest describing a set of driver packages.
+This event collects information regarding the install phase of the new device manifest UUP (Unified Update Platform) update scenario which is used to install a device manifest describing a set of driver packages. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -7316,7 +7480,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.DeviceUpdateAgent.UpdateAgentModeStart
 
-This event sends data for the start of each mode during the process of updating device manifest assets via the UUP (Unified Update Platform) update scenario which is used to install a device manifest describing a set of driver packages.
+This event sends data for the start of each mode during the process of updating device manifest assets via the UUP (Unified Update Platform) update scenario which is used to install a device manifest describing a set of driver packages. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -7331,7 +7495,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.NotificationUx.DialogNotificationToBeDisplayed
 
-This event indicates that a notification dialog box is about to be displayed to user.
+This event indicates that a notification dialog box is about to be displayed to user. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -7357,7 +7521,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.NotificationUx.EnhancedEngagedRebootAcceptAutoDialog
 
-This event indicates that the Enhanced Engaged restart "accept automatically" dialog box was displayed.
+This event indicates that the Enhanced Engaged restart "accept automatically" dialog box was displayed. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -7373,7 +7537,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.NotificationUx.EnhancedEngagedRebootFirstReminderDialog
 
-This event indicates that the Enhanced Engaged restart "first reminder" dialog box was displayed.
+This event indicates that the Enhanced Engaged restart "first reminder" dialog box was displayed. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -7389,7 +7553,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.NotificationUx.EnhancedEngagedRebootForcedPrecursorDialog
 
-This event indicates that the Enhanced Engaged restart "forced precursor" dialog box was displayed.
+This event indicates that the Enhanced Engaged restart "forced precursor" dialog box was displayed. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -7405,7 +7569,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.NotificationUx.EnhancedEngagedRebootForcedWarningDialog
 
-This event indicates that the Enhanced Engaged "forced warning" dialog box was displayed.
+This event indicates that the Enhanced Engaged "forced warning" dialog box was displayed. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -7421,7 +7585,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.NotificationUx.EnhancedEngagedRebootRebootFailedDialog
 
-This event indicates that the Enhanced Engaged restart "restart failed" dialog box was displayed.
+This event indicates that the Enhanced Engaged restart "restart failed" dialog box was displayed. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -7437,7 +7601,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.NotificationUx.EnhancedEngagedRebootRebootImminentDialog
 
-This event indicates that the Enhanced Engaged restart "restart imminent" dialog box was displayed..
+This event indicates that the Enhanced Engaged restart "restart imminent" dialog box was displayed. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -7453,7 +7617,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.NotificationUx.EnhancedEngagedRebootReminderDialog
 
-This event returns information relating to the Enhanced Engaged reboot reminder dialog that was displayed.
+This event returns information relating to the Enhanced Engaged reboot reminder dialog that was displayed. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -7469,7 +7633,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.NotificationUx.EnhancedEngagedRebootSecondReminderDialog
 
-This event indicates that the second reminder dialog box was displayed for Enhanced Engaged restart.
+This event indicates that the second reminder dialog box was displayed for Enhanced Engaged restart. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -7485,7 +7649,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.NotificationUx.EnhancedEngagedRebootThirdReminderDialog
 
-This event indicates that the third reminder dialog box for Enhanced Engaged restart was displayed.
+This event indicates that the third reminder dialog box for Enhanced Engaged restart was displayed. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -7507,7 +7671,7 @@ This event is sent when a second reminder dialog is displayed during Enhanced En
 
 ### Microsoft.Windows.Update.NotificationUx.RebootScheduled
 
-Indicates when a reboot is scheduled by the system or a user for a security, quality, or feature update.
+This event sends basic information for scheduling a device restart to install security updates. It's used to help keep Windows secure and up-to-date by indicating when a reboot is scheduled by the system or a user for a security, quality, or feature update.
 
 The following fields are available:
 
@@ -7526,7 +7690,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.ActivityRestrictedByActiveHoursPolicy
 
-This event indicates a policy is present that may restrict update activity to outside of active hours.
+This event indicates a policy is present that may restrict update activity to outside of active hours. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -7537,7 +7701,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.BlockedByActiveHours
 
-This event indicates that update activity was blocked because it is within the active hours window.
+This event indicates that update activity was blocked because it is within the active hours window. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -7550,7 +7714,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.BlockedByBatteryLevel
 
-This event indicates that Windows Update activity was blocked due to low battery level.
+This event indicates that Windows Update activity was blocked due to low battery level. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -7563,7 +7727,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.CommitFailed
 
-This event indicates that a device was unable to restart after an update.
+This event indicates that a device was unable to restart after an update. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -7573,7 +7737,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.DeferRestart
 
-This event indicates that a restart required for installing updates was postponed.
+This event indicates that a restart required for installing updates was postponed. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -7592,7 +7756,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.Detection
 
-This event indicates that a scan for a Windows Update occurred.
+This event sends launch data for a Windows Update scan to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -7614,7 +7778,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.DetectionResult
 
-This event runs when an update is detected. This helps ensure Windows is kept up to date.
+This event runs when an update is detected. This helps ensure Windows is secure and kept up to date.
 
 The following fields are available:
 
@@ -7627,7 +7791,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.DisplayNeeded
 
-This event indicates the reboot was postponed due to needing a display.
+This event indicates the reboot was postponed due to needing a display. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -7643,7 +7807,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.Download
 
-This event sends launch data for a Windows Update download to help keep Windows up to date.
+This event sends launch data for a Windows Update download to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -7660,7 +7824,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.DTUCompletedWhenWuFlightPendingCommit
 
-This event indicates that DTU completed installation of the electronic software delivery (ESD), when Windows Update was already in Pending Commit phase of the feature update.
+This event indicates that DTU completed installation of the electronic software delivery (ESD), when Windows Update was already in Pending Commit phase of the feature update. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -7669,7 +7833,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.DTUEnabled
 
-This event indicates that Inbox DTU functionality was enabled.
+This event indicates that Inbox DTU functionality was enabled. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -7678,7 +7842,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.DTUInitiated
 
-This event indicates that Inbox DTU functionality was intiated.
+This event indicates that Inbox DTU functionality was initiated. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -7689,7 +7853,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.Escalation
 
-This event is sent when USO takes an Escalation action on a device.
+This event is sent when USO takes an Escalation action on a device. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -7702,7 +7866,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.EscalationRiskLevels
 
-This event is sent during update scan, download, or install, and indicates that the device is at risk of being out-of-date.
+This event is sent during update scan, download, or install, and indicates that the device is at risk of being out-of-date. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -7719,7 +7883,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.EscalationsRefreshFailed
 
-USO has a set of escalation actions to prevent a device from becoming out-of-date, and the actions are triggered based on the Escalation configuration that USO obtains from OneSettings. This event is sent when USO fails to refresh the escalation configuration from OneSettings.
+USO has a set of escalation actions to prevent a device from becoming out-of-date, and the actions are triggered based on the Escalation configuration that USO obtains from OneSettings. This event is sent when USO fails to refresh the escalation configuration from OneSettings. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -7730,7 +7894,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.FlightInapplicable
 
-This event sends data on whether the update was applicable to the device, to help keep Windows up to date.
+This event sends data on whether the update was applicable to the device. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -7746,7 +7910,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.GameActive
 
-This event indicates that an enabled GameMode process prevented the device from restarting to complete an update.
+This event indicates that an enabled GameMode process prevented the device from restarting to complete an update. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -7757,7 +7921,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.InitiatingReboot
 
-This event sends data about an Orchestrator requesting a reboot from power management to help keep Windows up to date.
+This event sends data about an Orchestrator requesting a reboot from power management to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -7774,7 +7938,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.Install
 
-This event sends launch data for a Windows Update install to help keep Windows up to date.
+This event sends launch data for a Windows Update install to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -7799,7 +7963,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.LowUptimes
 
-This event is sent if a device is identified as not having sufficient uptime to reliably process updates in order to keep secure.
+This event is sent if a device is identified as not having sufficient uptime to reliably process updates in order to keep secure. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -7812,7 +7976,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.OneshotUpdateDetection
 
-This event returns data about scans initiated through settings UI, or background scans that are urgent; to help keep Windows up to date.
+This event returns data about scans initiated through settings UI, or background scans that are urgent; to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -7822,9 +7986,22 @@ The following fields are available:
 - **wuDeviceid**  The Windows Update Device GUID (Globally-Unique ID).
 
 
+### Microsoft.Windows.Update.Orchestrator.OobeUpdate
+
+This event sends data to device when Oobe Update download is in progress. The data collected with this event is used to help keep Windows secure and up to date.
+
+The following fields are available:
+
+- **flightID**  A flight ID.
+- **revisionNumber**  A revision number.
+- **updateId**  An update ID.
+- **updateScenarioType**  A type of update scenario.
+- **wuDeviceid**  A device ID associated with Windows Update.
+
+
 ### Microsoft.Windows.Update.Orchestrator.PostInstall
 
-This event sends data about lite stack devices (mobile, IOT, anything non-PC) immediately before data migration is launched to help keep Windows up to date.
+This event sends data about lite stack devices (mobile, IOT, anything non-PC) immediately before data migration is launched to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -7841,7 +8018,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.PowerMenuOptionsChanged
 
-This event is sent when the options in power menu changed, usually due to an update pending reboot, or after a update is installed.
+This event is sent when the options in power menu changed, usually due to an update pending reboot, or after a update is installed. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -7853,7 +8030,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.PreShutdownStart
 
-This event is generated before the shutdown and commit operations.
+This event is generated before the shutdown and commit operations. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -7862,7 +8039,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.Progress
 
-This event is sent when the download of a update reaches a milestone change, such as a change in network cost policy, completion of an internal phase, or change in a transient state.
+This event is sent when the download of a update reaches a milestone change, such as a change in network cost policy, completion of an internal phase, or change in a transient state. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -7880,7 +8057,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.RebootFailed
 
-This event sends information about whether an update required a reboot and reasons for failure, to help keep Windows up to date.
+This event sends information about whether an update required a reboot and reasons for failure, to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -7899,7 +8076,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.RefreshSettings
 
-This event sends basic data about the version of upgrade settings applied to the system to help keep Windows up to date.
+This event sends basic data about the version of upgrade settings applied to the system to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -7911,7 +8088,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.RestoreRebootTask
 
-This event sends data indicating that a reboot task is missing unexpectedly on a device and the task is restored because a reboot is still required, to help keep Windows up to date.
+This event sends data indicating that a reboot task is missing unexpectedly on a device and the task is restored because a reboot is still required, to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -7921,7 +8098,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.ScanTriggered
 
-This event indicates that Update Orchestrator has started a scan operation.
+This event indicates that Update Orchestrator has started a scan operation. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -7939,7 +8116,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.SeekerUpdateAvailable
 
-This event defines when an optional update is available for the device to help keep Windows up to date.
+This event defines when an optional update is available for the device to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -7952,7 +8129,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.SeekUpdate
 
-This event occurs when user initiates "seeker" scan. This helps keep Windows up to date.
+This event occurs when user initiates "seeker" scan. This helps keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -7965,7 +8142,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.SystemNeeded
 
-This event sends data about why a device is unable to reboot, to help keep Windows up to date.
+This event sends data about why a device is unable to reboot, to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -7981,7 +8158,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.TerminatedByActiveHours
 
-This event indicates that update activity was stopped due to active hours starting.
+This event indicates that update activity was stopped due to active hours starting. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -7993,7 +8170,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.TerminatedByBatteryLevel
 
-This event is sent when update activity was stopped due to a low battery level.
+This event is sent when update activity was stopped due to a low battery level. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -8003,9 +8180,20 @@ The following fields are available:
 - **wuDeviceid**  The device identifier.
 
 
+### Microsoft.Windows.Update.Orchestrator.UpdateInstallPause
+
+This event sends data when a device pauses an in-progress update, to help keep Windows secure and up to date.
+
+The following fields are available:
+
+- **updateClassificationGUID**  The classification GUID for the update that was paused.
+- **updateId**  An update ID for the update that was paused.
+- **wuDeviceid**  A unique Device ID.
+
+
 ### Microsoft.Windows.Update.Orchestrator.UpdatePolicyCacheRefresh
 
-This event sends data on whether Update Management Policies were enabled on a device, to help keep Windows up to date.
+This event sends data on whether Update Management Policies were enabled on a device, to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -8018,7 +8206,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.UpdateRebootRequired
 
-This event sends data about whether an update required a reboot to help keep Windows up to date.
+This event sends data about whether an update required a reboot to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -8033,7 +8221,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.updateSettingsFlushFailed
 
-This event sends information about an update that encountered problems and was not able to complete.
+This event sends information about an update that encountered problems and was not able to complete. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -8043,7 +8231,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.USODiagnostics
 
-This event sends data on whether the state of the update attempt, to help keep Windows up to date.
+This event sends data on whether the state of the update attempt, to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -8079,9 +8267,21 @@ The following fields are available:
 - **wuDeviceid**  Unique ID for Device
 
 
+### Microsoft.Windows.Update.Orchestrator.UUPFallBack
+
+This event sends data when UUP needs to fall back, to help keep Windows secure and up to date.
+
+The following fields are available:
+
+- **EventPublishedTime**  The current event time.
+- **UUPFallBackConfigured**  The fall back error code.
+- **UUPFallBackErrorReason**  The reason for fall back error.
+- **wuDeviceid**  A Windows Update device ID.
+
+
 ### Microsoft.Windows.Update.Ux.MusNotification.EnhancedEngagedRebootUxState
 
-This event sends information about the configuration of Enhanced Direct-to-Engaged (eDTE), which includes values for the timing of how eDTE will progress through each phase of the reboot.
+This event sends information about the configuration of Enhanced Direct-to-Engaged (eDTE), which includes values for the timing of how eDTE will progress through each phase of the reboot. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -8103,7 +8303,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Ux.MusNotification.RebootNoLongerNeeded
 
-This event is sent when a security update has successfully completed.
+This event is sent when a security update has successfully completed. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -8112,7 +8312,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Ux.MusNotification.RebootRequestReasonsToIgnore
 
-This event is sent when the reboot can be deferred based on some reasons, before reboot attempts.
+This event is sent when the reboot can be deferred based on some reasons, before reboot attempts. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -8121,7 +8321,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Ux.MusNotification.RebootScheduled
 
-This event sends basic information about scheduling an update-related reboot, to get security updates and to help keep Windows up-to-date.
+This event sends basic information about scheduling an update-related reboot, to get security updates and to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -8140,13 +8340,13 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Ux.MusNotification.UxBrokerFirstReadyToReboot
 
-This event is fired the first time when the reboot is required.
+This event is fired the first time when the reboot is required. The data collected with this event is used to help keep Windows secure and up to date.
 
 
 
 ### Microsoft.Windows.Update.Ux.MusNotification.UxBrokerScheduledTask
 
-This event is sent when MUSE broker schedules a task.
+This event is sent when MUSE broker schedules a task. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -8156,7 +8356,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Ux.MusUpdateSettings.RebootScheduled
 
-This event sends basic information for scheduling a device restart to install security updates. It's used to help keep Windows up to date.
+This event sends basic information for scheduling a device restart to install security updates. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -8177,7 +8377,7 @@ The following fields are available:
 
 ### Mitigation360Telemetry.MitigationCustom.CleanupSafeOsImages
 
-This event sends data specific to the CleanupSafeOsImages mitigation used for OS Updates.
+This event sends data specific to the CleanupSafeOsImages mitigation used for OS Updates. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -8201,7 +8401,7 @@ The following fields are available:
 
 ### Mitigation360Telemetry.MitigationCustom.FixAppXReparsePoints
 
-This event sends data specific to the FixAppXReparsePoints mitigation used for OS updates.
+This event sends data specific to the FixAppXReparsePoints mitigation used for OS updates. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -8223,7 +8423,7 @@ The following fields are available:
 
 ### Mitigation360Telemetry.MitigationCustom.FixupEditionId
 
-This event sends data specific to the FixupEditionId mitigation used for OS updates.
+This event sends data specific to the FixupEditionId mitigation used for OS updates. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -8248,37 +8448,37 @@ The following fields are available:
 
 ### Microsoft.Windows.UpdateReserveManager.CommitPendingHardReserveAdjustment
 
-This event is sent when the Update Reserve Manager commits a hard reserve adjustment that was pending.
+This event is sent when the Update Reserve Manager commits a hard reserve adjustment that was pending. The data collected with this event is used to help keep Windows secure and up to date.
 
 
 
 ### Microsoft.Windows.UpdateReserveManager.FunctionReturnedError
 
-This event is sent when the Update Reserve Manager returns an error from one of its internal functions.
+This event is sent when the Update Reserve Manager returns an error from one of its internal functions. The data collected with this event is used to help keep Windows secure and up to date.
 
 
 
 ### Microsoft.Windows.UpdateReserveManager.InitializeUpdateReserveManager
 
-This event returns data about the Update Reserve Manager, including whether it’s been initialized.
+This event returns data about the Update Reserve Manager, including whether it’s been initialized. The data collected with this event is used to help keep Windows secure and up to date.
 
 
 
 ### Microsoft.Windows.UpdateReserveManager.PrepareTIForReserveInitialization
 
-This event is sent when the Update Reserve Manager prepares the Trusted Installer to initialize reserves on the next boot.
+This event is sent when the Update Reserve Manager prepares the Trusted Installer to initialize reserves on the next boot. The data collected with this event is used to help keep Windows secure and up to date.
 
 
 
 ### Microsoft.Windows.UpdateReserveManager.RemovePendingHardReserveAdjustment
 
-This event is sent when the Update Reserve Manager removes a pending hard reserve adjustment.
+This event is sent when the Update Reserve Manager removes a pending hard reserve adjustment. The data collected with this event is used to help keep Windows secure and up to date.
 
 
 
 ### Microsoft.Windows.UpdateReserveManager.UpdatePendingHardReserveAdjustment
 
-This event is sent when the Update Reserve Manager needs to adjust the size of the hard reserve after the option content is installed.
+This event is sent when the Update Reserve Manager needs to adjust the size of the hard reserve after the option content is installed. The data collected with this event is used to help keep Windows secure and up to date.
 
 
 
diff --git a/windows/privacy/basic-level-windows-diagnostic-events-and-fields-1809.md b/windows/privacy/basic-level-windows-diagnostic-events-and-fields-1809.md
index 8be2e02435..12bf3f543c 100644
--- a/windows/privacy/basic-level-windows-diagnostic-events-and-fields-1809.md
+++ b/windows/privacy/basic-level-windows-diagnostic-events-and-fields-1809.md
@@ -13,7 +13,7 @@ manager: dansimp
 ms.collection: M365-security-compliance
 ms.topic: article
 audience: ITPro
-ms.date: 03/27/2020
+ms.date: 09/30/2020
 ms.reviewer:
 ---
 
@@ -33,7 +33,7 @@ Use this article to learn about diagnostic events, grouped by event area, and th
 
 You can learn more about Windows functional and diagnostic data through these articles:
 
-
+- [Windows 10, version 2004 and Windows 10, version 20H2 required Windows diagnostic events and fields](required-windows-diagnostic-data-events-and-fields-2004.md)
 - [Windows 10, version 1903 and Windows 10, version 1909 basic diagnostic events and fields](basic-level-windows-diagnostic-events-and-fields-1903.md)
 - [Windows 10, version 1803 basic diagnostic events and fields](basic-level-windows-diagnostic-events-and-fields-1803.md)
 - [Windows 10, version 1709 basic diagnostic events and fields](basic-level-windows-diagnostic-events-and-fields-1709.md)
@@ -303,7 +303,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.ChecksumTotalPictureCount
 
-This event lists the types of objects and how many of each exist on the client device. This allows for a quick way to ensure that the records present on the server match what is present on the client.
+This event lists the types of objects and how many of each exist on the client device. This allows for a quick way to ensure that the records present on the server match what is present on the client. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -594,7 +594,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DatasourceApplicationFileAdd
 
-Represents the basic metadata about specific application files installed on the system.
+This event represents the basic metadata about specific application files installed on the system. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -612,7 +612,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DatasourceApplicationFileRemove
 
-This event indicates that the DatasourceApplicationFile object is no longer present.
+This event indicates that the DatasourceApplicationFile object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -623,7 +623,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DatasourceApplicationFileStartSync
 
-This event indicates that a new set of DatasourceApplicationFileAdd events will be sent.
+This event indicates that a new set of DatasourceApplicationFileAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -655,7 +655,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DatasourceDevicePnpRemove
 
-This event indicates that the DatasourceDevicePnp object is no longer present.
+This event indicates that the DatasourceDevicePnp object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -666,7 +666,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DatasourceDevicePnpStartSync
 
-This event indicates that a new set of DatasourceDevicePnpAdd events will be sent.
+This event indicates that a new set of DatasourceDevicePnpAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -688,7 +688,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DatasourceDriverPackageRemove
 
-This event indicates that the DatasourceDriverPackage object is no longer present.
+This event indicates that the DatasourceDriverPackage object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -699,7 +699,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DatasourceDriverPackageStartSync
 
-This event indicates that a new set of DatasourceDriverPackageAdd events will be sent.
+This event indicates that a new set of DatasourceDriverPackageAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -722,7 +722,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DataSourceMatchingInfoBlockRemove
 
-This event indicates that the DataSourceMatchingInfoBlock object is no longer present.
+This event indicates that the DataSourceMatchingInfoBlock object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -733,7 +733,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DataSourceMatchingInfoBlockStartSync
 
-This event indicates that a full set of DataSourceMatchingInfoBlockStAdd events have been sent.
+This event indicates that a full set of DataSourceMatchingInfoBlockStAdd events has completed being sent. This event is used to make compatibility decisions about files to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -755,7 +755,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DataSourceMatchingInfoPassiveRemove
 
-This event indicates that the DataSourceMatchingInfoPassive object is no longer present.
+This event indicates that the DataSourceMatchingInfoPassive object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -766,7 +766,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DataSourceMatchingInfoPassiveStartSync
 
-This event indicates that a new set of DataSourceMatchingInfoPassiveAdd events will be sent.
+This event indicates that a new set of DataSourceMatchingInfoPassiveAdd events will be sent. This event is used to make compatibility decisions about files to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -788,7 +788,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DataSourceMatchingInfoPostUpgradeRemove
 
-This event indicates that the DataSourceMatchingInfoPostUpgrade object is no longer present.
+This event indicates that the DataSourceMatchingInfoPostUpgrade object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -799,7 +799,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DataSourceMatchingInfoPostUpgradeStartSync
 
-This event indicates that a new set of DataSourceMatchingInfoPostUpgradeAdd events will be sent.
+This event indicates that a new set of DataSourceMatchingInfoPostUpgradeAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -821,7 +821,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DatasourceSystemBiosRemove
 
-This event indicates that the DatasourceSystemBios object is no longer present.
+This event indicates that the DatasourceSystemBios object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -832,7 +832,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DatasourceSystemBiosStartSync
 
-This event indicates that a new set of DatasourceSystemBiosAdd events will be sent.
+This event indicates that a new set of DatasourceSystemBiosAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -873,7 +873,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DecisionApplicationFileRemove
 
-This event indicates that the DecisionApplicationFile object is no longer present.
+This event indicates that the DecisionApplicationFile object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -884,7 +884,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DecisionApplicationFileStartSync
 
-This event indicates that a new set of DecisionApplicationFileAdd events will be sent.
+This event indicates that a new set of DecisionApplicationFileAdd events will be sent. This event is used to make compatibility decisions about a file to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -922,7 +922,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DecisionDevicePnpRemove
 
-This event indicates that the DecisionDevicePnp object is no longer present.
+This event Indicates that the DecisionDevicePnp object represented by the objectInstanceId is no longer present. This event is used to make compatibility decisions about PNP devices to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -933,7 +933,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DecisionDevicePnpStartSync
 
-The DecisionDevicePnpStartSync event indicates that a new set of DecisionDevicePnpAdd events will be sent.
+This event indicates that a new set of DecisionDevicePnpAdd events will be sent. This event is used to make compatibility decisions about PNP devices to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -962,7 +962,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DecisionDriverPackageRemove
 
-This event indicates that the DecisionDriverPackage object is no longer present.
+This event indicates that the DecisionDriverPackage object represented by the objectInstanceId is no longer present. This event is used to make compatibility decisions about driver packages to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -973,7 +973,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DecisionDriverPackageStartSync
 
-This event indicates that a new set of DecisionDriverPackageAdd events will be sent.
+The DecisionDriverPackageStartSync event indicates that a new set of DecisionDriverPackageAdd events will be sent. This event is used to make compatibility decisions about driver packages to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1003,7 +1003,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DecisionMatchingInfoBlockRemove
 
-This event indicates that the DecisionMatchingInfoBlock object is no longer present.
+This event indicates that the DecisionMatchingInfoBlock object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1014,7 +1014,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DecisionMatchingInfoBlockStartSync
 
-This event indicates that a new set of DecisionMatchingInfoBlockAdd events will be sent.
+This event indicates that a new set of DecisionMatchingInfoBlockAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1039,7 +1039,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DecisionMatchingInfoPassiveRemove
 
-This event Indicates that the DecisionMatchingInfoPassive object is no longer present.
+This event Indicates that the DecisionMatchingInfoPassive object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1050,7 +1050,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DecisionMatchingInfoPassiveStartSync
 
-This event indicates that a new set of DecisionMatchingInfoPassiveAdd events will be sent.
+This event indicates that a new set of DecisionMatchingInfoPassiveAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1076,7 +1076,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DecisionMatchingInfoPostUpgradeRemove
 
-This event indicates that the DecisionMatchingInfoPostUpgrade object is no longer present.
+This event indicates that the DecisionMatchingInfoPostUpgrade object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1087,7 +1087,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DecisionMatchingInfoPostUpgradeStartSync
 
-This event indicates that a new set of DecisionMatchingInfoPostUpgradeAdd events will be sent.
+This event indicates that a new set of DecisionMatchingInfoPostUpgradeAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1115,7 +1115,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DecisionMediaCenterRemove
 
-This event indicates that the DecisionMediaCenter object is no longer present.
+This event indicates that the DecisionMediaCenter object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1126,7 +1126,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DecisionMediaCenterStartSync
 
-This event indicates that a new set of DecisionMediaCenterAdd events will be sent.
+This event indicates that a new set of DecisionMediaCenterAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1151,7 +1151,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DecisionSystemBiosRemove
 
-This event indicates that the DecisionSystemBios object is no longer present.
+This event indicates that the DecisionSystemBios object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1162,7 +1162,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DecisionSystemBiosStartSync
 
-This event indicates that a new set of DecisionSystemBiosAdd events will be sent.
+This event indicates that a new set of DecisionSystemBiosAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1187,7 +1187,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.InventoryApplicationFileAdd
 
-This event represents the basic metadata about a file on the system.  The file must be part of an app and either have a block in the compatibility database or be part of an antivirus program.
+This event represents the basic metadata about a file on the system.  The file must be part of an app and either have a block in the compatibility database or be part of an antivirus program. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1216,7 +1216,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.InventoryApplicationFileRemove
 
-This event indicates that the InventoryApplicationFile object is no longer present.
+This event indicates that the InventoryApplicationFile object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1227,7 +1227,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.InventoryApplicationFileStartSync
 
-This event indicates that a new set of InventoryApplicationFileAdd events will be sent.
+This event indicates that a new set of InventoryApplicationFileAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1251,7 +1251,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.InventoryLanguagePackRemove
 
-This event indicates that the InventoryLanguagePack object is no longer present.
+This event indicates that the InventoryLanguagePack object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1262,7 +1262,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.InventoryLanguagePackStartSync
 
-This event indicates that a new set of InventoryLanguagePackAdd events will be sent.
+This event indicates that a new set of InventoryLanguagePackAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1291,7 +1291,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.InventoryMediaCenterRemove
 
-This event indicates that the InventoryMediaCenter object is no longer present.
+This event indicates that the InventoryMediaCenter object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1302,7 +1302,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.InventoryMediaCenterStartSync
 
-This event indicates that a new set of InventoryMediaCenterAdd events will be sent.
+This event indicates that a new set of InventoryMediaCenterAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1313,7 +1313,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.InventorySystemBiosAdd
 
-This event sends basic metadata about the BIOS to determine whether it has a compatibility block.
+This event sends basic metadata about the BIOS to determine whether it has a compatibility block. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1332,7 +1332,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.InventorySystemBiosRemove
 
-This event indicates that the InventorySystemBios object is no longer present.
+This event indicates that the InventorySystemBios object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1343,7 +1343,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.InventorySystemBiosStartSync
 
-This event indicates that a new set of InventorySystemBiosAdd events will be sent.
+This event indicates that a new set of InventorySystemBiosAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1354,7 +1354,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.InventoryUplevelDriverPackageAdd
 
-This event is only runs during setup. It provides a listing of the uplevel driver packages that were downloaded before the upgrade. Is critical to understanding if failures in setup can be traced to not having sufficient uplevel drivers before the upgrade.
+This event runs only during setup. It provides a listing of the uplevel driver packages that were downloaded before the upgrade. It is critical in understanding if failures in setup can be traced to not having sufficient uplevel drivers before the upgrade. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1379,7 +1379,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.InventoryUplevelDriverPackageRemove
 
-This event indicates that the InventoryUplevelDriverPackage object is no longer present.
+This event indicates that the InventoryUplevelDriverPackage object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1390,7 +1390,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.InventoryUplevelDriverPackageStartSync
 
-This event indicates that a new set of InventoryUplevelDriverPackageAdd events will be sent.
+This event indicates that a new set of InventoryUplevelDriverPackageAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1401,7 +1401,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.RunContext
 
-This event indicates what should be expected in the data payload.
+This event is sent at the beginning of an appraiser run, the RunContext indicates what should be expected in the following data payload. This event is used with the other Appraiser events to make compatibility decisions to keep Windows up to date.
 
 The following fields are available:
 
@@ -1435,7 +1435,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.SystemMemoryRemove
 
-This event that the SystemMemory object is no longer present.
+This event that the SystemMemory object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1446,7 +1446,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.SystemMemoryStartSync
 
-This event indicates that a new set of SystemMemoryAdd events will be sent.
+This event indicates that a new set of SystemMemoryAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1470,7 +1470,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.SystemProcessorCompareExchangeRemove
 
-This event indicates that the SystemProcessorCompareExchange object is no longer present.
+This event indicates that the SystemProcessorCompareExchange object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1481,7 +1481,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.SystemProcessorCompareExchangeStartSync
 
-This event indicates that a new set of SystemProcessorCompareExchangeAdd events will be sent.
+This event indicates that a new set of SystemProcessorCompareExchangeAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1505,7 +1505,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.SystemProcessorLahfSahfRemove
 
-This event indicates that the SystemProcessorLahfSahf object is no longer present.
+This event indicates that the SystemProcessorLahfSahf object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1516,7 +1516,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.SystemProcessorLahfSahfStartSync
 
-This event indicates that a new set of SystemProcessorLahfSahfAdd events will be sent.
+This event indicates that a new set of SystemProcessorLahfSahfAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1541,7 +1541,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.SystemProcessorNxRemove
 
-This event indicates that the SystemProcessorNx object is no longer present.
+This event indicates that the SystemProcessorNx object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1552,7 +1552,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.SystemProcessorNxStartSync
 
-This event  indicates that a new set of SystemProcessorNxAdd events will be sent.
+This event  indicates that a new set of SystemProcessorNxAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1576,7 +1576,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.SystemProcessorPrefetchWRemove
 
-This event indicates that the SystemProcessorPrefetchW object is no longer present.
+This event indicates that the SystemProcessorPrefetchW object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1587,7 +1587,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.SystemProcessorPrefetchWStartSync
 
-This event indicates that a new set of SystemProcessorPrefetchWAdd events will be sent.
+This event indicates that a new set of SystemProcessorPrefetchWAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1611,7 +1611,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.SystemProcessorSse2Remove
 
-This event indicates that the SystemProcessorSse2 object is no longer present.
+This event indicates that the SystemProcessorSse2 object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1622,7 +1622,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.SystemProcessorSse2StartSync
 
-This event indicates that a new set of SystemProcessorSse2Add events will be sent.
+This event indicates that a new set of SystemProcessorSse2Add events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1646,7 +1646,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.SystemTouchRemove
 
-This event indicates that the SystemTouch object is no longer present.
+This event indicates that the SystemTouch object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1657,7 +1657,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.SystemTouchStartSync
 
-This event indicates that a new set of SystemTouchAdd events will be sent.
+This event indicates that a new set of SystemTouchAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1681,7 +1681,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.SystemWimRemove
 
-This event indicates that the SystemWim object is no longer present.
+This event indicates that the SystemWim object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1692,7 +1692,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.SystemWimStartSync
 
-This event indicates that a new set of SystemWimAdd events will be sent.
+This event indicates that a new set of SystemWimAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1716,7 +1716,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.SystemWindowsActivationStatusRemove
 
-This event indicates that the SystemWindowsActivationStatus object is no longer present.
+This event indicates that the SystemWindowsActivationStatus object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1727,7 +1727,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.SystemWindowsActivationStatusStartSync
 
-This event indicates that a new set of SystemWindowsActivationStatusAdd events will be sent.
+This event indicates that a new set of SystemWindowsActivationStatusAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1755,7 +1755,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.SystemWlanRemove
 
-This event indicates that the SystemWlan object is no longer present.
+This event indicates that the SystemWlan object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1766,7 +1766,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.SystemWlanStartSync
 
-This event indicates that a new set of SystemWlanAdd events will be sent.
+This event indicates that a new set of SystemWlanAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1833,7 +1833,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.WmdrmRemove
 
-This event indicates that the Wmdrm object is no longer present.
+This event indicates that the Wmdrm object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1844,7 +1844,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.WmdrmStartSync
 
-This event indicates that a new set of WmdrmAdd events will be sent.
+The WmdrmStartSync event indicates that a new set of WmdrmAdd events will be sent. This event is used to understand the usage of older digital rights management on the system, to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1857,7 +1857,7 @@ The following fields are available:
 
 ### MicArrayGeometry
 
-This event provides information about the layout of the individual microphone elements in the microphone array.
+This event provides information about the layout of the individual microphone elements in the microphone array. The data collected with this event is used to keep Windows performing properly.
 
 The following fields are available:
 
@@ -1875,7 +1875,7 @@ The following fields are available:
 
 ### MicCoords
 
-This event provides information about the location and orientation of the microphone element.
+This event provides information about the location and orientation of the microphone element. The data collected with this event is used to keep Windows performing properly.
 
 The following fields are available:
 
@@ -1889,7 +1889,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Audio.EndpointBuilder.DeviceInfo
 
-This event logs the successful enumeration of an audio endpoint (such as a microphone or speaker) and provides information about the audio endpoint.
+This event logs the successful enumeration of an audio endpoint (such as a microphone or speaker) and provides information about the audio endpoint. The data collected with this event is used to keep Windows performing properly.
 
 The following fields are available:
 
@@ -1914,7 +1914,7 @@ The following fields are available:
 
 ### Census.App
 
-This event sends version data about the Apps running on this device, to help keep Windows up to date.
+This event sends version data about the Apps running on this device. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -1932,7 +1932,7 @@ The following fields are available:
 
 ### Census.Azure
 
-This event returns data from Microsoft-internal Azure server machines (only from Microsoft-internal machines with Server SKUs). All other machines (those outside Microsoft and/or machines that are not part of the “Azure fleet”) return empty data sets.
+This event returns data from Microsoft-internal Azure server machines (only from Microsoft-internal machines with Server SKUs). All other machines (those outside Microsoft and/or machines that are not part of the “Azure fleet”) return empty data sets. The data collected with this event is used to help keep Windows secure.
 
 The following fields are available:
 
@@ -1943,7 +1943,7 @@ The following fields are available:
 
 ### Census.Battery
 
-This event sends type and capacity data about the battery on the device, as well as the number of connected standby devices in use, type to help keep Windows up to date.
+This event sends type and capacity data about the battery on the device, as well as the number of connected standby devices in use. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -1954,19 +1954,9 @@ The following fields are available:
 - **IsAlwaysOnAlwaysConnectedCapable**  Represents whether the battery enables the device to be AlwaysOnAlwaysConnected . Boolean value.
 
 
-### Census.Camera
-
-This event sends data about the resolution of cameras on the device, to help keep Windows up to date.
-
-The following fields are available:
-
-- **FrontFacingCameraResolution**  Represents the resolution of the front facing camera in megapixels. If a front facing camera does not exist, then the value is 0.
-- **RearFacingCameraResolution**  Represents the resolution of the rear facing camera in megapixels. If a rear facing camera does not exist, then the value is 0.
-
-
 ### Census.Enterprise
 
-This event sends data about Azure presence, type, and cloud domain use in order to provide an understanding of the use and integration of devices in an enterprise, cloud, and server environment.
+This event sends data about Azure presence, type, and cloud domain use in order to provide an understanding of the use and integration of devices in an enterprise, cloud, and server environment. The data collected with this event is used to help keep Windows secure.
 
 The following fields are available:
 
@@ -1985,14 +1975,14 @@ The following fields are available:
 - **IsEDPEnabled**  Represents if Enterprise data protected on the device.
 - **IsMDMEnrolled**  Whether the device has been MDM Enrolled or not.
 - **MPNId**  Returns the Partner ID/MPN ID from Regkey. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\DeployID
-- **SCCMClientId**  This ID correlate systems that send data to Compat Analytics (OMS) and other OMS based systems with systems in a Configuration Manager environment.
+- **SCCMClientId**  This ID correlate systems that send data to Compat Analytics (OMS) and other OMS based systems with systems in an Enterprise SCCM environment.
 - **ServerFeatures**  Represents the features installed on a Windows   Server. This can be used by developers and administrators who need to automate the process of determining the features installed on a set of server computers.
-- **SystemCenterID**  The Configuration Manager ID is an anonymized one-way hash of the Active Directory Organization identifier
+- **SystemCenterID**  The SCCM ID is an anonymized one-way hash of the Active Directory Organization identifier
 
 
 ### Census.Firmware
 
-This event sends data about the BIOS and startup embedded in the device, to help keep Windows up to date.
+This event sends data about the BIOS and startup embedded in the device. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -2004,7 +1994,7 @@ The following fields are available:
 
 ### Census.Flighting
 
-This event sends Windows Insider data from customers participating in improvement testing and feedback programs, to help keep Windows up to date.
+This event sends Windows Insider data from customers participating in improvement testing and feedback programs. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -2019,7 +2009,7 @@ The following fields are available:
 
 ### Census.Hardware
 
-This event sends data about the device, including hardware type, OEM brand, model line, model, telemetry level setting, and TPM support, to help keep Windows up to date.
+This event sends data about the device, including hardware type, OEM brand, model line, model, telemetry level setting, and TPM support. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -2062,7 +2052,7 @@ The following fields are available:
 
 ### Census.Memory
 
-This event sends data about the memory on the device, including ROM and RAM, to help keep Windows up to date.
+This event sends data about the memory on the device, including ROM and RAM. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -2072,7 +2062,7 @@ The following fields are available:
 
 ### Census.Network
 
-This event sends data about the mobile and cellular network used by the device (mobile service provider, network, device ID, and service cost factors), to help keep Windows up to date.
+This event sends data about the mobile and cellular network used by the device (mobile service provider, network, device ID, and service cost factors). The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -2095,7 +2085,7 @@ The following fields are available:
 
 ### Census.OS
 
-This event sends data about the operating system such as the version, locale, update service configuration, when and how it was originally installed, and whether it is a virtual device, to help keep Windows up to date.
+This event sends data about the operating system such as the version, locale, update service configuration, when and how it was originally installed, and whether it is a virtual device. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -2137,7 +2127,7 @@ The following fields are available:
 
 ### Census.PrivacySettings
 
-This event provides information about the device level privacy settings and whether device-level access was granted to these capabilities. Not all settings are applicable to all devices. Each field records the consent state for the corresponding privacy setting. The consent state is encoded as a 16-bit signed integer, where the first 8 bits represents the effective consent value, and the last 8 bits represent the authority that set the value. The effective consent (first 8 bits) is one of the following values:  -3 = unexpected consent value, -2 = value was not requested, -1 = an error occurred while attempting to retrieve the value, 0 = undefined, 1 = allow, 2 = deny, 3 = prompt. The consent authority (last 8 bits) is one of the following values: -3 = unexpected authority, -2 = value was not requested, -1 = an error occurred while attempting to retrieve the value, 0 = system, 1 = a higher authority (a gating setting, the system-wide setting, or a group policy), 2 = advertising ID group policy, 3 = advertising ID policy for child account, 4 = privacy setting provider doesn't know the actual consent authority, 5 = consent was not configured and a default set in code was used, 6 = system default, 7 = organization policy, 8 = OneSettings.
+This event provides information about the device level privacy settings and whether device-level access was granted to these capabilities. Not all settings are applicable to all devices. Each field records the consent state for the corresponding privacy setting. The consent state is encoded as a 16-bit signed integer, where the first 8 bits represents the effective consent value, and the last 8 bits represent the authority that set the value. The effective consent (first 8 bits) is one of the following values:  -3 = unexpected consent value, -2 = value was not requested, -1 = an error occurred while attempting to retrieve the value, 0 = undefined, 1 = allow, 2 = deny, 3 = prompt. The consent authority (last 8 bits) is one of the following values: -3 = unexpected authority, -2 = value was not requested, -1 = an error occurred while attempting to retrieve the value, 0 = system, 1 = a higher authority (a gating setting, the system-wide setting, or a group policy), 2 = advertising ID group policy, 3 = advertising ID policy for child account, 4 = privacy setting provider doesn't know the actual consent authority, 5 = consent was not configured and a default set in code was used, 6 = system default, 7 = organization policy, 8 = OneSettings. The data collected with this event is used to help keep Windows secure.
 
 The following fields are available:
 
@@ -2183,7 +2173,7 @@ The following fields are available:
 
 ### Census.Processor
 
-This event sends data about the processor to help keep Windows up to date.
+This event sends data about the processor. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -2206,7 +2196,7 @@ The following fields are available:
 
 ### Census.Security
 
-This event provides information on about security settings used to help keep Windows up to date and secure.
+This event provides information about security settings. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -2224,7 +2214,7 @@ The following fields are available:
 
 ### Census.Speech
 
-This event is used to gather basic speech settings on the device.
+This event is used to gather basic speech settings on the device. The data collected with this event is used to help keep Windows secure.
 
 The following fields are available:
 
@@ -2243,7 +2233,7 @@ The following fields are available:
 
 ### Census.Storage
 
-This event sends data about the total capacity of the system volume and primary disk, to help keep Windows up to date.
+This event sends data about the total capacity of the system volume and primary disk. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -2255,7 +2245,7 @@ The following fields are available:
 
 ### Census.Userdefault
 
-This event sends data about the current user's default preferences for browser and several of the most popular extensions and protocols, to help keep Windows up to date.
+This event sends data about the current user's default preferences for browser and several of the most popular extensions and protocols. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -2268,7 +2258,7 @@ The following fields are available:
 
 ### Census.UserDisplay
 
-This event sends data about the logical/physical display size, resolution and number of internal/external displays, and VRAM on the system, to help keep Windows up to date.
+This event sends data about the logical/physical display size, resolution and number of internal/external displays, and VRAM on the system. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -2289,7 +2279,7 @@ The following fields are available:
 
 ### Census.UserNLS
 
-This event sends data about the default app language, input, and display language preferences set by the user, to help keep Windows up to date.
+This event sends data about the default app language, input, and display language preferences set by the user. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -2302,7 +2292,7 @@ The following fields are available:
 
 ### Census.UserPrivacySettings
 
-This event provides information about the current users privacy settings and whether device-level access was granted to these capabilities. Not all settings are applicable to all devices. Each field records the consent state for the corresponding privacy setting. The consent state is encoded as a 16-bit signed integer, where the first 8 bits represents the effective consent value, and the last 8 bits represents the authority that set the value. The effective consent is one of the following values: -3 = unexpected consent value, -2 = value was not requested, -1 = an error occurred while attempting to retrieve the value, 0 = undefined, 1 = allow, 2 = deny, 3 = prompt. The consent authority is one of the following values: -3 = unexpected authority, -2 = value was not requested, -1 = an error occurred while attempting to retrieve the value, 0 = user, 1 = a higher authority (a gating setting, the system-wide setting, or a group policy), 2 = advertising ID group policy, 3 = advertising ID policy for child account, 4 = privacy setting provider doesn't know the actual consent authority, 5 = consent was not configured and a default set in code was used, 6 = system default, 7 = organization policy, 8 = OneSettings.
+This event provides information about the current users privacy settings and whether device-level access was granted to these capabilities. Not all settings are applicable to all devices. Each field records the consent state for the corresponding privacy setting. The consent state is encoded as a 16-bit signed integer, where the first 8 bits represents the effective consent value, and the last 8 bits represents the authority that set the value. The effective consent is one of the following values: -3 = unexpected consent value, -2 = value was not requested, -1 = an error occurred while attempting to retrieve the value, 0 = undefined, 1 = allow, 2 = deny, 3 = prompt. The consent authority is one of the following values: -3 = unexpected authority, -2 = value was not requested, -1 = an error occurred while attempting to retrieve the value, 0 = user, 1 = a higher authority (a gating setting, the system-wide setting, or a group policy), 2 = advertising ID group policy, 3 = advertising ID policy for child account, 4 = privacy setting provider doesn't know the actual consent authority, 5 = consent was not configured and a default set in code was used, 6 = system default, 7 = organization policy, 8 = OneSettings. The data collected with this event is used to help keep Windows secure.
 
 The following fields are available:
 
@@ -2348,7 +2338,7 @@ The following fields are available:
 
 ### Census.VM
 
-This event sends data indicating whether virtualization is enabled on the device, and its various characteristics, to help keep Windows up to date.
+This event sends data indicating whether virtualization is enabled on the device, and its various characteristics. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -2364,7 +2354,7 @@ The following fields are available:
 
 ### Census.WU
 
-This event sends data about the Windows update server and other App store policies, to help keep Windows up to date.
+This event sends data about the Windows update server and other App store policies. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -2470,7 +2460,6 @@ The following fields are available:
 - **ext_container**  Describes the properties of the container for events logged within a container. See [Common Data Extensions.container](#common-data-extensionscontainer).
 - **ext_cs**  Describes properties related to the schema of the event. See [Common Data Extensions.cs](#common-data-extensionscs).
 - **ext_device**  Describes the device-related fields. See [Common Data Extensions.device](#common-data-extensionsdevice).
-- **ext_m365a**  Describes the Microsoft 365-related fields. See [Common Data Extensions.m365a](#common-data-extensionsm365a).
 - **ext_os**  Describes the operating system properties that would be populated by the client. See [Common Data Extensions.os](#common-data-extensionsos).
 - **ext_sdk**  Describes the fields related to a platform library required for a specific SDK. See [Common Data Extensions.sdk](#common-data-extensionssdk).
 - **ext_user**  Describes the fields related to a user. See [Common Data Extensions.user](#common-data-extensionsuser).
@@ -2483,14 +2472,6 @@ The following fields are available:
 - **time**  Represents the event date time in Coordinated Universal Time (UTC) when the event was generated on the client. This should be in ISO 8601 format.
 - **ver**  Represents the major and minor version of the extension.
 
-### Common Data Extensions.m365a
-
-Describes the Microsoft 365-related fields.
-
-The following fields are available:
-
-- **enrolledTenantId**  The enrolled tenant ID.
-- **msp**  A bitmask that lists the active programs.
 
 ### Common Data Extensions.os
 
@@ -2570,8 +2551,7 @@ The following fields are available:
 - **uts**  A bit field, with 2 bits being assigned to each user ID listed in xid. This field is omitted if all users are retail accounts.
 - **xid**  A list of base10-encoded XBOX User IDs.
 
-
-## Common data fields
+## Common Data Fields
 
 ### Ms.Device.DeviceInventoryChange
 
@@ -2579,18 +2559,17 @@ Describes the installation state for all hardware and software components availa
 
 The following fields are available:
 
-- **action**  The change that was invoked on a device inventory object.
-- **inventoryId**  Device ID used for Compatibility testing
-- **objectInstanceId**  Object identity which is unique within the device scope.
-- **objectType**  Indicates the object type that the event applies to.
-- **syncId**  A string used to group StartSync, EndSync, Add, and Remove operations that belong together. This field is unique by Sync period and is used to disambiguate in situations where multiple agents perform overlapping inventories for the same object.
-
+- **action** The change that was invoked on a device inventory object.
+- **inventoryId** Device ID used for Compatibility testing
+- **objectInstanceId** Object identity which is unique within the device scope.
+- **objectType** Indicates the object type that the event applies to.
+- **syncId** A string used to group StartSync, EndSync, Add, and Remove operations that belong together. This field is unique by Sync period and is used to disambiguate in situations where multiple agents perform overlapping inventories for the same object.
 
 ## Compatibility events
 
 ### Microsoft.Windows.Compatibility.Apphelp.SdbFix
 
-Product instrumentation for helping debug/troubleshoot issues with inbox compatibility components.
+Product instrumentation for helping debug/troubleshoot issues with inbox compatibility components. The data collected with this event is used to keep Windows performing properly.
 
 The following fields are available:
 
@@ -2626,7 +2605,7 @@ The following fields are available:
 
 ### CbsServicingProvider.CbsCapabilitySessionFinalize
 
-This event provides information about the results of installing or uninstalling optional Windows content from Windows Update.
+This event provides information about the results of installing or uninstalling optional Windows content from Windows Update. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -2763,7 +2742,7 @@ The following fields are available:
 
 ### DeploymentTelemetry.Deployment_End
 
-This event indicates that a Deployment 360 API has completed.
+This event indicates that a Deployment 360 API has completed. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -2777,7 +2756,7 @@ The following fields are available:
 
 ### DeploymentTelemetry.Deployment_SetupBoxLaunch
 
-This event indicates that the Deployment 360 APIs have launched Setup Box.
+This event indicates that the Deployment 360 APIs have launched Setup Box. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -2790,7 +2769,7 @@ The following fields are available:
 
 ### DeploymentTelemetry.Deployment_SetupBoxResult
 
-This event indicates that the Deployment 360 APIs have received a return from Setup Box.
+This event indicates that the Deployment 360 APIs have received a return from Setup Box. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -2804,7 +2783,7 @@ The following fields are available:
 
 ### DeploymentTelemetry.Deployment_Start
 
-This event indicates that a Deployment 360 API has been called.
+This event indicates that a Deployment 360 API has been called. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -2818,7 +2797,7 @@ The following fields are available:
 
 ### TelClientSynthetic.AbnormalShutdown_0
 
-This event sends data about boot IDs for which a normal clean shutdown was not observed, to help keep Windows up to date.
+This event sends data about boot IDs for which a normal clean shutdown was not observed. The data collected with this event is used to help keep Windows up to date, secure, and performing properly.
 
 The following fields are available:
 
@@ -2887,7 +2866,7 @@ The following fields are available:
 
 ### TelClientSynthetic.AuthorizationInfo_RuntimeTransition
 
-This event sends data indicating that a device has undergone a change of telemetry opt-in level detected at UTC startup, to help keep Windows up to date. The telemetry opt-in level signals what data we are allowed to collect.
+This event is fired by UTC at state transitions to signal what data we are allowed to collect. The data collected with this event is used to help keep Windows up to date, secure, and performing properly.
 
 The following fields are available:
 
@@ -2906,7 +2885,7 @@ The following fields are available:
 
 ### TelClientSynthetic.AuthorizationInfo_Startup
 
-Fired by UTC at startup to signal what data we are allowed to collect.
+This event is fired by UTC at startup to signal what data we are allowed to collect. The data collected with this event is used to help keep Windows up to date, secure, and performing properly.
 
 The following fields are available:
 
@@ -2925,15 +2904,15 @@ The following fields are available:
 
 ### TelClientSynthetic.ConnectivityHeartBeat_0
 
-This event sends data about the connectivity status of the Connected User Experience and Telemetry component that uploads telemetry events. If an unrestricted free network (such as Wi-Fi) is available, this event updates the last successful upload time. Otherwise, it checks whether a Connectivity Heartbeat event was fired in the past 24 hours, and if not, it sends an event. A Connectivity Heartbeat event is also sent when a device recovers from costed network to free network.
+This event sends data about the connectivity status of the Connected User Experience and Telemetry component that uploads telemetry events. If an unrestricted free network (such as Wi-Fi) is available, this event updates the last successful upload time. Otherwise, it checks whether a Connectivity Heartbeat event was fired in the past 24 hours, and if not, it sends an event. A Connectivity Heartbeat event is also sent when a device recovers from costed network to free network. This event is fired by UTC during periods of no network as a heartbeat signal, to keep Windows secure and up to date.
 
 The following fields are available:
 
-- **CensusExitCode**  Returns last execution codes from census client run.
-- **CensusStartTime**  Returns timestamp corresponding to last successful census run.
-- **CensusTaskEnabled**  Returns Boolean value for the census task (Enable/Disable) on client machine.
+- **CensusExitCode**  Last exit code of the Census task.
+- **CensusStartTime**  Time of last Census run.
+- **CensusTaskEnabled**  True if Census is enabled, false otherwise.
 - **LastConnectivityLossTime**  Retrieves the last time the device lost free network.
-- **NetworkState**  Retrieves the network state: 0 = No network. 1 = Restricted network. 2 = Free network.
+- **NetworkState**  The network state of the device.
 - **NoNetworkTime**  Retrieves the time spent with no network (since the last time) in seconds.
 - **RestrictedNetworkTime**  Retrieves the time spent on a metered (cost restricted) network in seconds.
 
@@ -3089,7 +3068,7 @@ The following fields are available:
 
 ### Microsoft.Windows.DirectToUpdate.DTUCoordinatorCheckApplicability
 
-Event to indicate that the Coordinator CheckApplicability call succeeded.
+This event indicates that the Coordinator CheckApplicability call succeeded. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -3105,7 +3084,7 @@ The following fields are available:
 - **IsDeviceNetworkMetered**  Indicates whether the device is connected to a metered network.
 - **IsDeviceOobeBlocked**  Indicates whether user approval is required to install updates on the device.
 - **IsDeviceRequireUpdateApproval**  Indicates whether user approval is required to install updates on the device.
-- **IsDeviceSccmManaged**  Indicates whether the device is running the Configuration Manager client to keep the operating system and applications up to date.
+- **IsDeviceSccmManaged**  Indicates whether the device is running the Microsoft SCCM (System Center Configuration Manager) to keep the operating system and applications up to date.
 - **IsDeviceUninstallActive**  Indicates whether the OS (operating system) on the device was recently updated.
 - **IsDeviceUpdateNotificationLevel**  Indicates whether the device has a set policy to control update notifications.
 - **IsDeviceUpdateServiceManaged**  Indicates whether the device uses WSUS (Windows Server Update Services).
@@ -3116,7 +3095,7 @@ The following fields are available:
 
 ### Microsoft.Windows.DirectToUpdate.DTUCoordinatorCheckApplicabilityGenericFailure
 
-This event indicatse that we have received an unexpected error in the Direct to Update (DTU) Coordinators CheckApplicability call.
+This event indicatse that we have received an unexpected error in the Direct to Update (DTU) Coordinators CheckApplicability call. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -3129,7 +3108,7 @@ The following fields are available:
 
 ### Microsoft.Windows.DirectToUpdate.DTUCoordinatorCleanupGenericFailure
 
-This event indicates that we have received an unexpected error in the Direct to Update (DTU) Coordinator Cleanup call.
+This event indicates that we have received an unexpected error in the Direct to Update (DTU) Coordinator Cleanup call. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -3142,7 +3121,7 @@ The following fields are available:
 
 ### Microsoft.Windows.DirectToUpdate.DTUCoordinatorCleanupSuccess
 
-This event indicates that the Coordinator Cleanup call succeeded.
+This event indicates that the Coordinator Cleanup call succeeded. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -3154,7 +3133,7 @@ The following fields are available:
 
 ### Microsoft.Windows.DirectToUpdate.DTUCoordinatorCommitGenericFailure
 
-This event indicates that we have received an unexpected error in the Direct to Update (DTU) Coordinator Commit call.
+This event indicates that we have received an unexpected error in the Direct to Update (DTU) Coordinator Commit call. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -3167,7 +3146,7 @@ The following fields are available:
 
 ### Microsoft.Windows.DirectToUpdate.DTUCoordinatorCommitSuccess
 
-This event indicates that the Coordinator Commit call succeeded.
+This event indicates that the Coordinator Commit call succeeded. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -3179,7 +3158,7 @@ The following fields are available:
 
 ### Microsoft.Windows.DirectToUpdate.DTUCoordinatorDownloadGenericFailure
 
-This event indicates that we have received an unexpected error in the Direct to Update (DTU) Coordinator Download call.
+This event indicates that we have received an unexpected error in the Direct to Update (DTU) Coordinator Download call. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -3192,7 +3171,7 @@ The following fields are available:
 
 ### Microsoft.Windows.DirectToUpdate.DTUCoordinatorDownloadIgnoredFailure
 
-This event indicates that we have received an error in the Direct to Update (DTU) Coordinator Download call that will be ignored.
+This event indicates that we have received an error in the Direct to Update (DTU) Coordinator Download call that will be ignored. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -3205,7 +3184,7 @@ The following fields are available:
 
 ### Microsoft.Windows.DirectToUpdate.DTUCoordinatorDownloadSuccess
 
-This event indicates that the Coordinator Download call succeeded.
+This event indicates that the Coordinator Download call succeeded. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -3217,7 +3196,7 @@ The following fields are available:
 
 ### Microsoft.Windows.DirectToUpdate.DTUCoordinatorHandleShutdownGenericFailure
 
-This event indicates that we have received an unexpected error in the Direct to Update (DTU) Coordinator HandleShutdown call.
+This event indicates that we have received an unexpected error in the Direct to Update (DTU) Coordinator HandleShutdown call. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -3230,7 +3209,7 @@ The following fields are available:
 
 ### Microsoft.Windows.DirectToUpdate.DTUCoordinatorHandleShutdownSuccess
 
-This event indicates that the Coordinator HandleShutdown call succeeded.
+This event indicates that the Coordinator HandleShutdown call succeeded. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -3242,7 +3221,7 @@ The following fields are available:
 
 ### Microsoft.Windows.DirectToUpdate.DTUCoordinatorInitializeGenericFailure
 
-This event indicates that we have received an unexpected error in the Direct to Update (DTU) Coordinator Initialize call.
+This event indicates that we have received an unexpected error in the Direct to Update (DTU) Coordinator Initialize call. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -3255,7 +3234,7 @@ The following fields are available:
 
 ### Microsoft.Windows.DirectToUpdate.DTUCoordinatorInitializeSuccess
 
-This event indicates that the Coordinator Initialize call succeeded.
+This event indicates that the Coordinator Initialize call succeeded. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -3267,7 +3246,7 @@ The following fields are available:
 
 ### Microsoft.Windows.DirectToUpdate.DTUCoordinatorInstallGenericFailure
 
-This event indicates that we have received an unexpected error in the Direct to Update (DTU) Coordinator Install call.
+This event indicates that we have received an unexpected error in the Direct to Update (DTU) Coordinator Install call. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -3280,7 +3259,7 @@ The following fields are available:
 
 ### Microsoft.Windows.DirectToUpdate.DTUCoordinatorInstallIgnoredFailure
 
-This event indicates that we have received an error in the Direct to Update (DTU) Coordinator Install call that will be ignored.
+This event indicates that we have received an error in the Direct to Update (DTU) Coordinator Install call that will be ignored. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -3293,7 +3272,7 @@ The following fields are available:
 
 ### Microsoft.Windows.DirectToUpdate.DTUCoordinatorInstallSuccess
 
-This event indicates that the Coordinator Install call succeeded.
+This event indicates that the Coordinator Install call succeeded. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -3305,7 +3284,7 @@ The following fields are available:
 
 ### Microsoft.Windows.DirectToUpdate.DTUCoordinatorProgressCallBack
 
-This event indicates that the Coordinator's progress callback has been called.
+This event indicates that the Coordinator's progress callback has been called. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -3318,7 +3297,7 @@ The following fields are available:
 
 ### Microsoft.Windows.DirectToUpdate.DTUCoordinatorSetCommitReadySuccess
 
-This event indicates that the Coordinator SetCommitReady call succeeded.
+This event indicates that the Coordinator SetCommitReady call succeeded. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -3330,7 +3309,7 @@ The following fields are available:
 
 ### Microsoft.Windows.DirectToUpdate.DTUCoordinatorWaitForRebootUiNotShown
 
-This event indicates that the Coordinator WaitForRebootUi call succeeded.
+This event indicates that the Coordinator WaitForRebootUi call succeeded. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -3343,7 +3322,7 @@ The following fields are available:
 
 ### Microsoft.Windows.DirectToUpdate.DTUCoordinatorWaitForRebootUiSelection
 
-This event indicates that the user selected an option on the Reboot UI.
+This event indicates that the user selected an option on the Reboot UI. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -3356,7 +3335,7 @@ The following fields are available:
 
 ### Microsoft.Windows.DirectToUpdate.DTUCoordinatorWaitForRebootUiSuccess
 
-This event indicates that the Coordinator WaitForRebootUi call succeeded.
+This event indicates that the Coordinator WaitForRebootUi call succeeded. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -3368,7 +3347,7 @@ The following fields are available:
 
 ### Microsoft.Windows.DirectToUpdate.DTUHandlerCheckApplicabilityGenericFailure
 
-This event indicates that we have received an unexpected error in the Direct to Update (DTU) Handler CheckApplicability call.
+This event indicates that we have received an unexpected error in the Direct to Update (DTU) Handler CheckApplicability call. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -3382,7 +3361,7 @@ The following fields are available:
 
 ### Microsoft.Windows.DirectToUpdate.DTUHandlerCheckApplicabilityInternalGenericFailure
 
-This event indicates that we have received an unexpected error in the Direct to Update (DTU) Handler CheckApplicabilityInternal call.
+This event indicates that we have received an unexpected error in the Direct to Update (DTU) Handler CheckApplicabilityInternal call. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -3395,7 +3374,7 @@ The following fields are available:
 
 ### Microsoft.Windows.DirectToUpdate.DTUHandlerCheckApplicabilityInternalSuccess
 
-This event indicates that the Handler CheckApplicabilityInternal call succeeded.
+This event indicates that the Handler CheckApplicabilityInternal call succeeded. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -3408,7 +3387,7 @@ The following fields are available:
 
 ### Microsoft.Windows.DirectToUpdate.DTUHandlerCheckApplicabilitySuccess
 
-This event indicates that the Handler CheckApplicability call succeeded.
+This event indicates that the Handler CheckApplicability call succeeded. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -3422,7 +3401,7 @@ The following fields are available:
 
 ### Microsoft.Windows.DirectToUpdate.DTUHandlerCheckIfCoordinatorMinApplicableVersionSuccess
 
-This event indicates that the Handler CheckIfCoordinatorMinApplicableVersion call succeeded.
+This event indicates that the Handler CheckIfCoordinatorMinApplicableVersion call succeeded. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -3435,7 +3414,7 @@ The following fields are available:
 
 ### Microsoft.Windows.DirectToUpdate.DTUHandlerCommitGenericFailure
 
-This event indicates that we have received an unexpected error in the Direct to Update (DTU) Handler Commit call.
+This event indicates that we have received an unexpected error in the Direct to Update (DTU) Handler Commit call. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -3449,7 +3428,7 @@ The following fields are available:
 
 ### Microsoft.Windows.DirectToUpdate.DTUHandlerCommitSuccess
 
-This event indicates that the Handler Commit call succeeded.
+This event indicates that the Handler Commit call succeeded. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -3462,7 +3441,7 @@ The following fields are available:
 
 ### Microsoft.Windows.DirectToUpdate.DTUHandlerDownloadAndExtractCabFailure
 
-This event indicates that the Handler Download and Extract cab call failed.
+This event indicates that the Handler Download and Extract cab call failed. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -3476,7 +3455,7 @@ The following fields are available:
 
 ### Microsoft.Windows.DirectToUpdate.DTUHandlerDownloadAndExtractCabSuccess
 
-This event indicates that the Handler Download and Extract cab call succeeded.
+This event indicates that the Handler Download and Extract cab call succeeded. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -3488,7 +3467,7 @@ The following fields are available:
 
 ### Microsoft.Windows.DirectToUpdate.DTUHandlerDownloadGenericFailure
 
-This event indicates that we have received an unexpected error in the Direct to Update (DTU) Handler Download call.
+This event indicates that we have received an unexpected error in the Direct to Update (DTU) Handler Download call. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -3501,7 +3480,7 @@ The following fields are available:
 
 ### Microsoft.Windows.DirectToUpdate.DTUHandlerDownloadSuccess
 
-This event indicates that the Handler Download call succeeded.
+This event indicates that the Handler Download call succeeded. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -3513,7 +3492,7 @@ The following fields are available:
 
 ### Microsoft.Windows.DirectToUpdate.DTUHandlerInitializeGenericFailure
 
-This event indicates that we have received an unexpected error in the Direct to Update (DTU) Handler Initialize call.
+This event indicates that we have received an unexpected error in the Direct to Update (DTU) Handler Initialize call. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -3527,7 +3506,7 @@ The following fields are available:
 
 ### Microsoft.Windows.DirectToUpdate.DTUHandlerInitializeSuccess
 
-This event indicates that the Handler Initialize call succeeded.
+This event indicates that the Handler Initialize call succeeded. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -3540,7 +3519,7 @@ The following fields are available:
 
 ### Microsoft.Windows.DirectToUpdate.DTUHandlerInstallGenericFailure
 
-This event indicates that we have received an unexpected error in the Direct to Update (DTU) Handler Install call.
+This event indicates that we have received an unexpected error in the Direct to Update (DTU) Handler Install call. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -3553,7 +3532,7 @@ The following fields are available:
 
 ### Microsoft.Windows.DirectToUpdate.DTUHandlerInstallSuccess
 
-This event indicates that the Coordinator Install call succeeded.
+This event indicates that the Coordinator Install call succeeded. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -3565,7 +3544,7 @@ The following fields are available:
 
 ### Microsoft.Windows.DirectToUpdate.DTUHandlerSetCommitReadySuccess
 
-This event indicates that the Handler SetCommitReady call succeeded.
+This event indicates that the Handler SetCommitReady call succeeded. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -3577,7 +3556,7 @@ The following fields are available:
 
 ### Microsoft.Windows.DirectToUpdate.DTUHandlerWaitForRebootUiGenericFailure
 
-This event indicates that we have received an unexpected error in the Direct to Update (DTU) Handler WaitForRebootUi call.
+This event indicates that we have received an unexpected error in the Direct to Update (DTU) Handler WaitForRebootUi call. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -3590,7 +3569,7 @@ The following fields are available:
 
 ### Microsoft.Windows.DirectToUpdate.DTUHandlerWaitForRebootUiSuccess
 
-This event indicates that the Handler WaitForRebootUi call succeeded.
+This event indicates that the Handler WaitForRebootUi call succeeded. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -3602,9 +3581,83 @@ The following fields are available:
 
 ## DISM events
 
+### Microsoft.Windows.StartRep.DISMLatesInstalledLCU
+
+This event indicates that LCU is being uninstalled by DISM. The data collected with this event is used to help keep Windows up to date.
+
+The following fields are available:
+
+- **DISMInstalledLCUPackageName**  Package name of LCU that's uninstalled by using DISM
+
+
+### Microsoft.Windows.StartRep.DISMPendingInstall
+
+This event indicates that installation for the package is pending during recovery session. The data collected with this event is used to help keep Windows up to date.
+
+The following fields are available:
+
+- **DISMPendingInstallPackageName**  The name of the pending package.
+
+
+### Microsoft.Windows.StartRep.DISMRevertPendingActions
+
+This event indicates that the revert pending packages operation has been completed. The data collected with this event is used to help keep Windows up to date.
+
+The following fields are available:
+
+- **ErrorCode**  The result from the operation to revert pending packages.
+
+
+### Microsoft.Windows.StartRep.DISMUninstallLCU
+
+This event indicates the uninstall operation. The data collected with this event is used to help keep Windows up to date.
+
+The following fields are available:
+
+- **ErrorCode**  The error code that is being reported by DISM.
+
+
+### Microsoft.Windows.StartRep.SRTRepairActionEnd
+
+This event indicates that the SRT Repair has been completed. The data collected with this event is used to help keep Windows up to date.
+
+The following fields are available:
+
+- **ErrorCode**  The error code that is reported.
+- **SRTRepairAction**  The action that was taken by SRT.
+
+
+### Microsoft.Windows.StartRep.SRTRepairActionStart
+
+This event sends data when SRT repair has started. The data collected with this event is used to help keep Windows up to date.
+
+The following fields are available:
+
+- **SRTRepairAction**  The action that is being taken by SRT.
+
+
+### Microsoft.Windows.StartRep.SRTRootCauseDiagEnd
+
+This event sends data when the root cause operation has completed. The data collected with this event is used to help keep Windows up to date.
+
+The following fields are available:
+
+- **ErrorCode**  The final result code for the root cause operation.
+- **SRTRootCauseDiag**  The name of the root cause operation that ran.
+
+
+### Microsoft.Windows.StartRep.SRTRootCauseDiagStart
+
+This event indicates that a diagnostic in the recovery environment has been initiated. The data collected with this event is used to help keep Windows up to date.
+
+The following fields are available:
+
+- **SRTRootCauseDiag**  The name of a specific diagnostic.
+
+
 ### Microsoft.Windows.StartRepairCore.DISMLatestInstalledLCU
 
-The DISM Latest Installed LCU sends information to report result of search for latest installed LCU after last successful boot.
+The DISM Latest Installed LCU sends information to report result of search for latest installed LCU after last successful boot. The data collected with this event is used to help keep Windows up to date, secure, and performing properly.
 
 The following fields are available:
 
@@ -3613,16 +3666,49 @@ The following fields are available:
 
 ### Microsoft.Windows.StartRepairCore.DISMPendingInstall
 
-The DISM Pending Install event sends information to report pending package installation found.
+The DISM Pending Install event sends information to report pending package installation found. The data collected with this event is used to help keep Windows up to date, secure, and performing properly.
 
 The following fields are available:
 
 - **dismPendingInstallPackageName**  The name of the pending package.
 
 
+### Microsoft.Windows.StartRepairCore.DISMRevertPendingActions
+
+The DISM Pending Install event sends information to report pending package installation found. The data collected with this event is used to help keep Windows up to date, secure, and performing properly.
+
+The following fields are available:
+
+- **errorCode**  The result code returned by the event.
+
+
+### Microsoft.Windows.StartRepairCore.SRTRepairActionEnd
+
+The SRT Repair Action End event sends information to report repair operation ended for given plug-in. The data collected with this event is used to help keep Windows up to date, secure, and performing properly.
+
+The following fields are available:
+
+- **errorCode**  The result code returned by the event.
+- **failedUninstallCount**  The number of driver updates that failed to uninstall.
+- **failedUninstallFlightIds**  The Flight IDs (identifiers of beta releases) of driver updates that failed to uninstall.
+- **foundDriverUpdateCount**  The number of found driver updates.
+- **srtRepairAction**  The scenario name for a repair.
+- **successfulUninstallCount**  The number of successfully uninstalled driver updates.
+- **successfulUninstallFlightIds**  The Flight IDs (identifiers of beta releases) of successfully uninstalled driver updates.
+
+
+### Microsoft.Windows.StartRepairCore.SRTRepairActionStart
+
+The SRT Repair Action Start event sends information to report repair operation started for given plug-in. The data collected with this event is used to help keep Windows up to date, secure, and performing properly.
+
+The following fields are available:
+
+- **srtRepairAction**  The scenario name for a repair.
+
+
 ### Microsoft.Windows.StartRepairCore.SRTRootCauseDiagEnd
 
-The SRT Root Cause Diagnosis End event sends information to report diagnosis operation completed for given plug-in.
+The SRT Root Cause Diagnosis End event sends information to report diagnosis operation completed for given plug-in. The data collected with this event is used to help keep Windows up to date, secure, and performing properly.
 
 The following fields are available:
 
@@ -3634,7 +3720,7 @@ The following fields are available:
 
 ### Microsoft.Windows.StartRepairCore.SRTRootCauseDiagStart
 
-The SRT Root Cause Diagnosis Start event sends information to report diagnosis operation started for given plug-in.
+The SRT Root Cause Diagnosis Start event sends information to report diagnosis operation started for given plug-in. The data collected with this event is used to help keep Windows up to date, secure, and performing properly.
 
 The following fields are available:
 
@@ -3645,7 +3731,7 @@ The following fields are available:
 
 ### Microsoft.Windows.DriverInstall.DeviceInstall
 
-This critical event sends information about the driver installation that took place.
+This critical event sends information about the driver installation that took place. The data collected with this event is used to help keep Windows up to date and performing properly.
 
 The following fields are available:
 
@@ -3699,7 +3785,7 @@ The following fields are available:
 
 ### Microsoft.Windows.DriverInstall.NewDevInstallDeviceEnd
 
-This event sends data about the driver installation once it is completed.
+This event sends data about the driver installation once it is completed. The data collected with this event is used to help keep Windows up to date and performing properly.
 
 The following fields are available:
 
@@ -3718,7 +3804,7 @@ The following fields are available:
 
 ### Microsoft.Windows.DriverInstall.NewDevInstallDeviceStart
 
-This event sends data about the driver that the new driver installation is replacing.
+This event sends data about the driver that the new driver installation is replacing. The data collected with this event is used to help keep Windows up to date and performing properly.
 
 The following fields are available:
 
@@ -3910,7 +3996,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Upgrade.Uninstall.UninstallFinalizedAndRebootTriggered
 
-This event indicates that the uninstall was properly configured and that a system reboot was initiated.
+This event indicates that the uninstall was properly configured and that a system reboot was initiated. The data collected with this event is used to help keep Windows up to date and performing properly.
 
 
 
@@ -3952,7 +4038,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.AmiTelCacheChecksum
 
-This event captures basic checksum data about the device inventory items stored in the cache for use in validating data completeness for Microsoft.Windows.Inventory.Core events. The fields in this event may change over time, but they will always represent a count of a given object.
+This event captures basic checksum data about the device inventory items stored in the cache for use in validating data completeness for Microsoft.Windows.Inventory.Core events. The fields in this event may change over time, but they will always represent a count of a given object. The data collected with this event is used to keep Windows performing properly.
 
 The following fields are available:
 
@@ -4005,7 +4091,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.AmiTelCacheVersions
 
-This event sends inventory component versions for the Device Inventory data.
+This event sends inventory component versions for the Device Inventory data. The data collected with this event is used to keep Windows performing properly.
 
 The following fields are available:
 
@@ -4013,9 +4099,27 @@ The following fields are available:
 - **devinv**  The file version of the Device inventory component.
 
 
+### Microsoft.Windows.Inventory.Core.FileSigningInfoAdd
+
+This event enumerates the signatures of files, either driver packages or application executables. For driver packages, this data is collected on demand via Telecommand to limit it only to unrecognized driver packages, saving time for the client and space on the server. For applications, this data is collected for up to 10 random executables on a system. The data collected with this event is used to keep Windows performing properly.
+
+This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
+
+The following fields are available:
+
+- **CatalogSigners**  Signers from catalog. Each signer starts with Chain.
+- **DigestAlgorithm**  The pseudonymizing (hashing) algorithm used when the file or package was signed.
+- **DriverPackageStrongName**  Optional. Available only if FileSigningInfo is collected on a driver package.
+- **EmbeddedSigners**  Embedded signers. Each signer starts with Chain.
+- **FileName**  The file name of the file whose signatures are listed.
+- **FileType**  Either exe or sys, depending on if a driver package or application executable.
+- **InventoryVersion**  The version of the inventory file generating the events.
+- **Thumbprint**  Comma separated hash of the leaf node of each signer. Semicolon is used to separate CatalogSigners from EmbeddedSigners. There will always be a trailing comma.
+
+
 ### Microsoft.Windows.Inventory.Core.InventoryApplicationAdd
 
-This event sends basic metadata about an application on the system to help keep Windows up to date.
+This event sends basic metadata about an application on the system. The data collected with this event is used to keep Windows performing properly and up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -4044,7 +4148,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.InventoryApplicationDriverAdd
 
-This event represents what drivers an application installs.
+This event represents what drivers an application installs. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -4056,7 +4160,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.InventoryApplicationDriverStartSync
 
-The InventoryApplicationDriverStartSync event indicates that a new set of InventoryApplicationDriverStartAdd events will be sent.
+The InventoryApplicationDriverStartSync event indicates that a new set of InventoryApplicationDriverStartAdd events will be sent. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -4067,7 +4171,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.InventoryApplicationFrameworkAdd
 
-This event provides the basic metadata about the frameworks an application may depend on.
+This event provides the basic metadata about the frameworks an application may depend on. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -4080,7 +4184,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.InventoryApplicationFrameworkStartSync
 
-This event indicates that a new set of InventoryApplicationFrameworkAdd events will be sent.
+This event indicates that a new set of InventoryApplicationFrameworkAdd events will be sent. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -4091,7 +4195,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.InventoryApplicationRemove
 
-This event indicates that a new set of InventoryDevicePnpAdd events will be sent.
+This event indicates that a new set of InventoryDevicePnpAdd events will be sent. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -4102,7 +4206,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.InventoryApplicationStartSync
 
-This event indicates that a new set of InventoryApplicationAdd events will be sent.
+This event indicates that a new set of InventoryApplicationAdd events will be sent. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -4113,7 +4217,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.InventoryDeviceContainerAdd
 
-This event sends basic metadata about a device container (such as a monitor or printer as opposed to a Plug and Play device) to help keep Windows up to date.
+This event sends basic metadata about a device container (such as a monitor or printer as opposed to a Plug and Play device). The data collected with this event is used to help keep Windows up to date and to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -4137,7 +4241,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.InventoryDeviceContainerRemove
 
-This event indicates that the InventoryDeviceContainer object is no longer present.
+This event indicates that the InventoryDeviceContainer object is no longer present. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -4148,7 +4252,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.InventoryDeviceContainerStartSync
 
-This event indicates that a new set of InventoryDeviceContainerAdd events will be sent.
+This event indicates that a new set of InventoryDeviceContainerAdd events will be sent. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -4159,7 +4263,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.InventoryDeviceInterfaceAdd
 
-This event retrieves information about what sensor interfaces are available on the device.
+This event retrieves information about what sensor interfaces are available on the device. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -4189,7 +4293,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.InventoryDeviceInterfaceStartSync
 
-This event indicates that a new set of InventoryDeviceInterfaceAdd events will be sent.
+This event indicates that a new set of InventoryDeviceInterfaceAdd events will be sent. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -4200,7 +4304,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.InventoryDeviceMediaClassAdd
 
-This event sends additional metadata about a Plug and Play device that is specific to a particular class of devices to help keep Windows up to date while reducing overall size of data payload.
+This event sends additional metadata about a Plug and Play device that is specific to a particular class of devices. The data collected with this event is used to help keep Windows up to date and performing properly while reducing overall size of data payload.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -4215,7 +4319,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.InventoryDeviceMediaClassRemove
 
-This event indicates that the InventoryDeviceMediaClassRemove object is no longer present.
+This event indicates that the InventoryDeviceMediaClass object represented by the objectInstanceId is no longer present. This event is used to understand a PNP device that is specific to a particular class of devices. The data collected with this event is used to help keep Windows up to date and performing properly while reducing overall size of data payload.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -4226,7 +4330,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.InventoryDeviceMediaClassStartSync
 
-This event indicates that a new set of InventoryDeviceMediaClassSAdd events will be sent.
+This event indicates that a new set of InventoryDeviceMediaClassSAdd events will be sent. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -4282,7 +4386,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.InventoryDevicePnpRemove
 
-This event indicates that the InventoryDevicePnpRemove object is no longer present.
+This event indicates that the InventoryDevicePnpRemove object is no longer present. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -4293,7 +4397,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.InventoryDevicePnpStartSync
 
-This event indicates that a new set of InventoryDevicePnpAdd events will be sent.
+This event indicates that a new set of InventoryDevicePnpAdd events will be sent. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -4304,7 +4408,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.InventoryDeviceUsbHubClassAdd
 
-This event sends basic metadata about the USB hubs on the device.
+This event sends basic metadata about the USB hubs on the device. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -4317,7 +4421,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.InventoryDeviceUsbHubClassStartSync
 
-This event indicates that a new set of InventoryDeviceUsbHubClassAdd events will be sent.
+This event indicates that a new set of InventoryDeviceUsbHubClassAdd events will be sent. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -4328,7 +4432,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.InventoryDriverBinaryAdd
 
-This event sends basic metadata about driver binaries running on the system to help keep Windows up to date.
+This event sends basic metadata about driver binaries running on the system. The data collected with this event is used to help keep Windows up to date and performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -4355,7 +4459,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.InventoryDriverBinaryRemove
 
-This event indicates that the InventoryDriverBinary object is no longer present.
+This event indicates that the InventoryDriverBinary object is no longer present. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -4366,7 +4470,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.InventoryDriverBinaryStartSync
 
-This event indicates that a new set of InventoryDriverBinaryAdd events will be sent.
+This event indicates that a new set of InventoryDriverBinaryAdd events will be sent. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -4377,7 +4481,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.InventoryDriverPackageAdd
 
-This event sends basic metadata about drive packages installed on the system  to help keep Windows up to date.
+This event sends basic metadata about drive packages installed on the system. The data collected with this event is used to help keep Windows up to date and performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -4399,7 +4503,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.InventoryDriverPackageRemove
 
-This event indicates that the InventoryDriverPackageRemove object is no longer present.
+This event indicates that the InventoryDriverPackageRemove object is no longer present. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -4410,7 +4514,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.InventoryDriverPackageStartSync
 
-This event indicates that a new set of InventoryDriverPackageAdd events will be sent.
+This event indicates that a new set of InventoryDriverPackageAdd events will be sent. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -4437,21 +4541,54 @@ The following fields are available:
 - **key**  The globally unique identifier (GUID) used to identify the specific Json Trace logging session.
 
 
+### Microsoft.Windows.Inventory.General. InventoryMiscellaneousMemorySlotArrayInfoRemove
+
+This event indicates that this particular data object represented by the ObjectInstanceId is no longer present, to help keep Windows up to date.
+
+This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
+
+
+
 ### Microsoft.Windows.Inventory.General.AppHealthStaticAdd
 
-This event sends details collected for a specific application on the source device.
+This event sends details collected for a specific application on the source device. The data collected with this event is used to keep Windows performing properly.
 
 
 
 ### Microsoft.Windows.Inventory.General.AppHealthStaticStartSync
 
-This event indicates the beginning of a series of AppHealthStaticAdd events.
+This event indicates the beginning of a series of AppHealthStaticAdd events. The data collected with this event is used to keep Windows performing properly.
+
+
+
+### Microsoft.Windows.Inventory.General.InventoryMiscellaneousMemorySlotArrayInfoAdd
+
+This event provides basic information about active memory slots on the device.
+
+This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
+
+The following fields are available:
+
+- **Capacity**  Memory size in bytes
+- **Manufacturer**  Name of the DRAM manufacturer
+- **Model**  Model and sub-model of the memory
+- **Slot**  Slot to which the DRAM is plugged into the motherboard.
+- **Speed**  MHZ the memory is currently configured & used at.
+- **Type**  Reports DDR, etc. as an enumeration value as per the DMTF SMBIOS standard version 3.3.0, section 7.18.2.
+- **TypeDetails**  Reports Non-volatile, etc. as a bit flag enumeration per DMTF SMBIOS standard version 3.3.0, section 7.18.3.
+
+
+### Microsoft.Windows.Inventory.General.InventoryMiscellaneousMemorySlotArrayInfoStartSync
+
+This diagnostic event indicates a new sync is being generated for this object type.
+
+This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
 
 
 ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousOfficeAddInAdd
 
-Provides data on the installed Office Add-ins.
+This event provides data on the installed Office add-ins. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -4484,7 +4621,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousOfficeAddInRemove
 
-Indicates that this particular data object represented by the objectInstanceId is no longer present.
+This event indicates that the particular data object represented by the objectInstanceId is no longer present. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -4495,7 +4632,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousOfficeAddInStartSync
 
-This event indicates that a new sync is being generated for this object type.
+This event indicates that a new sync is being generated for this object type. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -4506,7 +4643,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousOfficeIdentifiersAdd
 
-Provides data on the Office identifiers.
+This event provides data on the Office identifiers. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -4524,7 +4661,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousOfficeIdentifiersStartSync
 
-Diagnostic event to indicate a new sync is being generated for this object type.
+This is a diagnostic event that indicates a new sync is being generated for this object type. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -4535,7 +4672,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousOfficeIESettingsAdd
 
-Provides data on Office-related Internet Explorer features.
+This event provides data on Office-related Internet Explorer features. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -4561,7 +4698,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousOfficeIESettingsStartSync
 
-Diagnostic event to indicate a new sync is being generated for this object type.
+This is a diagnostic event that indicates a new sync is being generated for this object type. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -4572,7 +4709,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousOfficeInsightsAdd
 
-This event provides insight data on the installed Office products
+This event provides insight data on the installed Office products. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -4587,7 +4724,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousOfficeInsightsRemove
 
-Indicates that this particular data object represented by the objectInstanceId is no longer present.
+This event indicates that the particular data object represented by the objectInstanceId is no longer present. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -4598,7 +4735,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousOfficeInsightsStartSync
 
-This diagnostic event indicates that a new sync is being generated for this object type.
+This diagnostic event indicates that a new sync is being generated for this object type. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -4609,7 +4746,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousOfficeProductsAdd
 
-Describes Office Products installed.
+This event describes all installed Office products. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -4624,7 +4761,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousOfficeProductsStartSync
 
-Diagnostic event to indicate a new sync is being generated for this object type.
+This is a diagnostic event that indicates a new sync is being generated for this object type. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -4635,7 +4772,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousOfficeSettingsAdd
 
-This event describes various Office settings
+This event describes various Office settings. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -4649,7 +4786,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousOfficeSettingsStartSync
 
-Indicates a new sync is being generated for this object type.
+This is a diagnostic event that indicates a new sync is being generated for this object type. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -4660,7 +4797,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousOfficeVBAAdd
 
-This event provides a summary rollup count of conditions encountered while performing a local scan of Office files, analyzing for known VBA programmability compatibility issues between legacy office version and ProPlus, and between 32 and 64-bit versions
+This event provides a summary rollup count of conditions encountered while performing a local scan of Office files, analyzing for known VBA programmability compatibility issues between legacy office version and ProPlus, and between 32 and 64-bit versions. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -4692,7 +4829,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousOfficeVBARemove
 
-Indicates that this particular data object represented by the objectInstanceId is no longer present.
+This event indicates that the particular data object represented by the objectInstanceId is no longer present. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -4703,7 +4840,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousOfficeVBARuleViolationsAdd
 
-This event provides data on Microsoft Office VBA rule violations, including a rollup count per violation type, giving an indication of remediation requirements for an organization. The event identifier is a unique GUID, associated with the validation rule
+This event provides data on Microsoft Office VBA rule violations, including a rollup count per violation type, giving an indication of remediation requirements for an organization. The event identifier is a unique GUID, associated with the validation rule. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -4715,7 +4852,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousOfficeVBARuleViolationsRemove
 
-Indicates that this particular data object represented by the objectInstanceId is no longer present.
+This event indicates that the particular data object represented by the objectInstanceId is no longer present. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -4726,7 +4863,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousOfficeVBARuleViolationsStartSync
 
-This event indicates that a new sync is being generated for this object type.
+This event indicates that a new sync is being generated for this object type. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -4737,7 +4874,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousOfficeVBAStartSync
 
-Diagnostic event to indicate a new sync is being generated for this object type.
+This diagnostic event indicates that a new sync is being generated for this object type. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -4748,7 +4885,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousUUPInfoAdd
 
-Provides data on Unified Update Platform (UUP) products and what version they are at.
+This event provides data on Unified Update Platform (UUP) products and what version they are at. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -4763,7 +4900,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousUUPInfoRemove
 
-Indicates that this particular data object represented by the objectInstanceId is no longer present.
+This event indicates that this particular data object represented by the objectInstanceId is no longer present. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -4771,7 +4908,7 @@ This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedevic
 
 ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousUUPInfoStartSync
 
-Diagnostic event to indicate a new sync is being generated for this object type.
+This is a diagnostic event that indicates a new sync is being generated for this object type. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -4779,7 +4916,7 @@ This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedevic
 
 ### Microsoft.Windows.Inventory.Indicators.Checksum
 
-This event summarizes the counts for the InventoryMiscellaneousUexIndicatorAdd events.
+This event summarizes the counts for the InventoryMiscellaneousUexIndicatorAdd events. The data collected with this event is used to keep Windows performing properly.
 
 The following fields are available:
 
@@ -4790,7 +4927,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Indicators.InventoryMiscellaneousUexIndicatorAdd
 
-These events represent the basic metadata about the OS indicators installed on the system which are used for keeping the device up to date.
+This event represents the basic metadata about the OS indicators installed on the system. The data collected with this event helps ensure the device is up to date and keeps Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -4802,7 +4939,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Indicators.InventoryMiscellaneousUexIndicatorRemove
 
-This event is a counterpart to InventoryMiscellaneousUexIndicatorAdd that indicates that the item has been removed.
+This event indicates that this particular data object represented by the objectInstanceId is no longer present. This event is used to understand the OS indicators installed on the system. The data collected with this event helps ensure the device is current and Windows is up to date and performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -4810,7 +4947,7 @@ This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedevic
 
 ### Microsoft.Windows.Inventory.Indicators.InventoryMiscellaneousUexIndicatorStartSync
 
-This event indicates that a new set of InventoryMiscellaneousUexIndicatorAdd events will be sent.
+This event indicates that this particular data object represented by the objectInstanceId is no longer present. This event is used to understand the OS indicators installed on the system. The data collected with this event helps ensure the device is current and Windows is up to date and performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -4827,10 +4964,9 @@ The following fields are available:
 - **BytesRead**  The total number of bytes read from or read by the OS upon system startup.
 - **BytesWritten**  The total number of bytes written to or written by the OS upon system startup.
 
-
 ### Microsoft.Windows.Kernel.BootEnvironment.OsLaunch
 
-OS information collected during Boot, used to evaluate the success of the upgrade process.
+This event includes basic data about the Operating System, collected during Boot and used to evaluate the success of the upgrade process. The data collected with this event is used to keep Windows performing properly.
 
 The following fields are available:
 
@@ -4861,7 +4997,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Kernel.DeviceConfig.DeviceConfig
 
-This critical device configuration event provides information about drivers for a driver installation that took place within the kernel.
+This critical device configuration event provides information about drivers for a driver installation that took place within the kernel. The data collected with this event is used to help keep Windows up to date and performing properly.
 
 The following fields are available:
 
@@ -4886,7 +5022,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Kernel.PnP.AggregateClearDevNodeProblem
 
-This event is sent when a problem code is cleared from a device.
+This event is sent when a problem code is cleared from a device. The data collected with this event is used to help keep Windows up to date and performing properly.
 
 The following fields are available:
 
@@ -4901,7 +5037,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Kernel.PnP.AggregateSetDevNodeProblem
 
-This event is sent when a new problem code is assigned to a device.
+This event is sent when a new problem code is assigned to a device. The data collected with this event is used to help keep Windows up to date and performing properly.
 
 The following fields are available:
 
@@ -4949,6 +5085,7 @@ This config event sends basic device connectivity and configuration information
 
 The following fields are available:
 
+- **app_sample_rate**  A number representing how often the client sends telemetry, expressed as a percentage. Low values indicate that said client sends more events and high values indicate that said client sends fewer events.
 - **app_version**  The internal Edge build version string, taken from the UMA metrics field system_profile.app_version.
 - **appConsentState**  Bit flags describing consent for data collection on the machine or zero if the state was not retrieved. The following are true when the associated bit is set: consent was granted (0x1), consent was communicated at install (0x2), diagnostic data consent granted (0x20000), browsing data consent granted (0x40000).
 - **Channel**  An integer indicating the channel of the installation (Canary or Dev).
@@ -4974,6 +5111,7 @@ This config event sends basic device connectivity and configuration information
 
 The following fields are available:
 
+- **app_sample_rate**  A number representing how often the client sends telemetry, expressed as a percentage. Low values indicate that said client sends more events and high values indicate that said client sends fewer events.
 - **app_version**  The internal Edge build version string, taken from the UMA metrics field system_profile.app_version.
 - **appConsentState**  Bit flags describing consent for data collection on the machine or zero if the state was not retrieved. The following are true when the associated bit is set: consent was granted (0x1), consent was communicated at install (0x2), diagnostic data consent granted (0x20000), browsing data consent granted (0x40000).
 - **Channel**  An integer indicating the channel of the installation (Canary or Dev).
@@ -5021,24 +5159,24 @@ The following fields are available:
 
 ### Aria.af397ef28e484961ba48646a5d38cf54.Microsoft.WebBrowser.Installer.EdgeUpdate.Ping
 
-This event sends hardware and software inventory information about the Microsoft Edge Update service, Microsoft Edge applications, and the current system environment, including app configuration, update configuration, and hardware capabilities. It's  used to measure the reliability and performance of the EdgeUpdate service and if Microsoft Edge applications are up to date.
+This Ping event sends a detailed inventory of software and hardware information about the EdgeUpdate service, Edge applications, and the current system environment including app configuration, update configuration, and hardware capabilities. This event contains Device Connectivity and Configuration, Product and Service Performance, and Software Setup and Inventory data. One or more events is sent each time any installation, update, or uninstallation occurs with the EdgeUpdate service or with Edge applications. This event is used to measure the reliability and performance of the EdgeUpdate service and if Edge applications are up to date. This is an indication that the event is designed to keep Windows secure and up to date.
 
 The following fields are available:
 
-- **appAp**  Microsoft Edge Update parameters, including channel, architecture, platform, and additional parameters identifying the release of Microsoft Edge to update and how to install it. Example: 'beta-arch_x64-full'. Default: ''.
-- **appAppId**  The GUID that identifies the product channels such as Edge Canary, Dev, Beta, Stable, and Edge Update.
-- **appBrandCode**  The 4-digit brand code under which the the product was installed, if any. Possible values: 'GGLS' (default), 'GCEU' (enterprise install), and '' (unknown).
-- **appChannel**  An integer indicating the channel of the installation (e.g. Canary or Dev).
-- **appClientId** A generalized form of the brand code that can accept a wider range of values and is used for similar purposes. Default: ''.
-- **appCohort**  A machine-readable string identifying the release channel that the app belongs to. Limited to ASCII characters 32 to 127 (inclusive) and a maximum length of 1024 characters. Default: ''.
-- **appCohortHint**  A machine-readable enum indicating that the client has a desire to switch to a different release cohort. Limited to ASCII characters 32 to 127 (inclusive) and a maximum length of 1024 characters. Default: ''.
-- **appCohortName**  A stable non-localized human-readable enum indicating which (if any) set of messages the app should display to the user. For example, an app with a cohort name of 'beta' might display beta-specific branding to the user. Limited to ASCII characters 32 to 127 (inclusive) and a maximum length of 1024 characters. Default: ''.
+- **appAp**  Any additional parameters for the specified application. Default: ''.
+- **appAppId**  The GUID that identifies the product. Compatible clients must transmit this attribute. Please see the wiki for additional information. Default: undefined.
+- **appBrandCode**  The brand code under which the product was installed, if any. A brand code is a short (4-character) string used to identify installations that took place as a result of partner deals or website promotions. Default: ''.
+- **appChannel**  An integer indicating the channel of the installation (i.e. Canary or Dev).
+- **appClientId**  A generalized form of the brand code that can accept a wider range of values and is used for similar purposes. Default: ''.
+- **appCohort**  A machine-readable string identifying the release cohort (channel) that the app belongs to. Limited to ASCII characters 32 to 127 (inclusive) and a maximum length of 1024 characters. Default: ''.
+- **appCohortHint**  A machine-readable enum indicating that the client has a desire to switch to a different release cohort. The exact legal values are app-specific and should be shared between the server and app implementations. Limited to ASCII characters 32 to 127 (inclusive) and a maximum length of 1024 characters. Default: ''.
+- **appCohortName**  A stable non-localized human-readable enum indicating which (if any) set of messages the app should display to the user. For example, an app with a cohort Name of 'beta' might display beta-specific branding to the user. Limited to ASCII characters 32 to 127 (inclusive) and a maximum length of 1024 characters. Default: ''.
 - **appConsentState**  Bit flags describing the diagnostic data disclosure and response flow where 1 indicates the affirmative and 0 indicates the negative or unspecified data. Bit 1 indicates consent was given, bit 2 indicates data originated from the download page, bit 18 indicates choice for sending data about how the browser is used, and bit 19 indicates choice for sending data about websites visited.
-- **appDayOfInstall**  The date-based counting equivalent of appInstallTimeDiffSec (the numeric calendar day that the app was installed on). This value is provided by the server in the response to the first request in the installation flow. Default: '-2' (Unknown).
-- **appExperiments**  A semicolon-delimited key/value list of experiment identifiers and treatment groups. This field is unused and always empty in Edge Update. Default: ''.
+- **appDayOfInstall**  The date-based counting equivalent of appInstallTimeDiffSec (the numeric calendar day that the app was installed on). This value is provided by the server in the response to the first request in the installation flow. The client MAY fuzz this value to the week granularity (e.g. send '0' for 0 through 6, '7' for 7 through 13, etc.). The first communication to the server should use a special value of '-1'. A value of '-2' indicates that this value is not known. Please see the wiki for additional information. Default: '-2'.
+- **appExperiments**  A key/value list of experiment identifiers. Experiment labels are used to track membership in different experimental groups, and may be set at install or update time. The experiments string is formatted as a semicolon-delimited concatenation of experiment label strings. An experiment label string is an experiment Name, followed by the '=' character, followed by an experimental label value. For example: 'crdiff=got_bsdiff;optimized=O3'. The client should not transmit the expiration date of any experiments it has, even if the server previously specified a specific expiration date. Default: ''.
 - **appInstallTimeDiffSec**  The difference between the current time and the install date in seconds. '0' if unknown. Default: '-1'.
 - **appLang**  The language of the product install, in IETF BCP 47 representation. Default: ''.
-- **appNextVersion**  The version of the app that the update attempted to reach, regardless of the success or failure of the update operation. Default: '0.0.0.0'.
+- **appNextVersion**  The version of the app that the update flow to which this event belongs attempted to reach, regardless of the success or failure of the update operation. Please see the wiki for additional information. Default: '0.0.0.0'.
 - **appPingEventAppSize**  The total number of bytes of all downloaded packages. Default: '0'.
 - **appPingEventDownloadMetricsDownloadedBytes**  For events representing a download, the number of bytes expected to be downloaded. For events representing an entire update flow, the sum of all such expected bytes over the course of the update flow. Default: '0'.
 - **appPingEventDownloadMetricsDownloader**  A string identifying the download algorithm and/or stack. Example values include: 'bits', 'direct', 'winhttp', 'p2p'. Sent in events that have an event type of '14' only. Default: ''.
@@ -5046,24 +5184,24 @@ The following fields are available:
 - **appPingEventDownloadMetricsError**  The error code (if any) of the operation, encoded as a signed base-10 integer. Default: '0'.
 - **appPingEventDownloadMetricsServerIpHint**  For events representing a download, the CDN Host IP address that corresponds to the update file server. The CDN host is controlled by Microsoft servers and always maps to IP addresses hosting *.delivery.mp.microsoft.com or msedgesetup.azureedge.net. Default: ''.
 - **appPingEventDownloadMetricsTotalBytes**  For events representing a download, the number of bytes expected to be downloaded. For events representing an entire update flow, the sum of all such expected bytes over the course of the update flow. Default: '0'.
-- **appPingEventDownloadMetricsUrl** For events representing a download, the CDN URL provided by the update server for the client to download the update, the URL is controlled by Microsoft servers and always maps back to either *.delivery.mp.microsoft.com or msedgesetup.azureedge.net. Default: ''.
+- **appPingEventDownloadMetricsUrl**  For events representing a download, the CDN URL provided by the update server for the client to download the update, the URL is controlled by Microsoft servers and always maps back to either *.delivery.mp.microsoft.com or msedgesetup.azureedge.net. Default: ''.
 - **appPingEventDownloadTimeMs**  For events representing a download, the time elapsed between the start of the download and the end of the download, in milliseconds. For events representing an entire update flow, the sum of all such download times over the course of the update flow. Sent in events that have an event type of '1', '2', '3', and '14' only. Default: '0'.
 - **appPingEventErrorCode**  The error code (if any) of the operation, encoded as a signed, base-10 integer. Default: '0'.
-- **appPingEventEventResult**  An enumeration indicating the result of the event. Common values are '0' (Error) and '1' (Success). Default: '0' (Error).
-- **appPingEventEventType**  An enumeration indicating the type of the event and the event stage. Default: '0' (Unknown).
+- **appPingEventEventResult**  An enum indicating the result of the event. Please see the wiki for additional information. Default: '0'.
+- **appPingEventEventType**  An enum indicating the type of the event. Compatible clients MUST transmit this attribute. Please see the wiki for additional information.
 - **appPingEventExtraCode1**  Additional numeric information about the operation's result, encoded as a signed, base-10 integer. Default: '0'.
 - **appPingEventInstallTimeMs**  For events representing an install, the time elapsed between the start of the install and the end of the install, in milliseconds. For events representing an entire update flow, the sum of all such durations. Sent in events that have an event type of '2' and '3' only. Default: '0'.
 - **appPingEventNumBytesDownloaded**  The number of bytes downloaded for the specified application. Default: '0'.
-- **appPingEventSequenceId**  An ID that uniquely identifies particular events within one requestId. Since a request can contain multiple ping events, this field is necessary to uniquely identify each possible event.
-- **appPingEventSourceUrlIndex**  For events representing a download, the position of the download URL in the list of URLs supplied by the server in a <urls> tag.
-- **appPingEventUpdateCheckTimeMs**	For events representing an entire update flow, the time elapsed between the start of the update check and the end of the update check, in milliseconds. Sent in events that have an event type of '2' and '3' only. Default: '0'.
+- **appPingEventSequenceId**  An id that uniquely identifies particular events within one requestId. Since a request can contain multiple ping events, this field is necessary to uniquely identify each possible event.
+- **appPingEventSourceUrlIndex**  For events representing a download, the position of the download URL in the list of URLs supplied by the server in a "urls" tag.
+- **appPingEventUpdateCheckTimeMs**  For events representing an entire update flow, the time elapsed between the start of the update check and the end of the update check, in milliseconds. Sent in events that have an event type of '2' and '3' only. Default: '0'.
 - **appUpdateCheckIsUpdateDisabled**  The state of whether app updates are restricted by group policy. True if updates have been restricted by group policy or false if they have not.
-- **appUpdateCheckTargetVersionPrefix**  A component-wise prefix of a version number, or a complete version number suffixed with the $ character. The prefix is interpreted a dotted-tuple that specifies the exactly-matching elements; it is not a lexical prefix (for example, '1.2.3' MUST match '1.2.3.4' but MUST NOT match '1.2.34'). Default: ''.
-- **appUpdateCheckTtToken**  An opaque access token that can be used to identify the requesting client as a member of a trusted-tester group. If non-empty, the request is sent over SSL or another secure protocol. This field is unused by Edge Update and always empty. Default: ''.
-- **appVersion**  The version of the product install. Default: '0.0.0.0'.
+- **appUpdateCheckTargetVersionPrefix**  A component-wise prefix of a version number, or a complete version number suffixed with the $ character. The server should not return an update instruction to a version number that does not match the prefix or complete version number. The prefix is interpreted a dotted-tuple that specifies the exactly-matching elements; it is not a lexical prefix (for example, '1.2.3' must match '1.2.3.4' but must not match '1.2.34'). Default: ''.
+- **appUpdateCheckTtToken**  An opaque access token that can be used to identify the requesting client as a member of a trusted-tester group. If non-empty, the request should be sent over SSL or another secure protocol. Default: ''.
+- **appVersion**  The version of the product install. Please see the wiki for additional information. Default: '0.0.0.0'.
 - **EventInfo.Level**  The minimum Windows diagnostic data level required for the event where 1 is basic, 2 is enhanced, and 3 is full.
-- **eventType**  A string representation of appPingEventEventType indicating the type of the event.
-- **hwHasAvx**  '1' if the client's hardware supports the SSE instruction set. '0' if the client's hardware does not support the SSE instruction set. '-1' if unknown. Default: '-1'.
+- **eventType**  A string indicating the type of the event. Please see the wiki for additional information.
+- **hwHasAvx**  '1' if the client's hardware supports the AVX instruction set. '0' if the client's hardware does not support the AVX instruction set. '-1' if unknown. Default: '-1'.
 - **hwHasSse**  '1' if the client's hardware supports the SSE instruction set. '0' if the client's hardware does not support the SSE instruction set. '-1' if unknown. Default: '-1'.
 - **hwHasSse2**  '1' if the client's hardware supports the SSE2 instruction set. '0' if the client's hardware does not support the SSE2 instruction set. '-1' if unknown. Default: '-1'.
 - **hwHasSse3**  '1' if the client's hardware supports the SSE3 instruction set. '0' if the client's hardware does not support the SSE3 instruction set. '-1' if unknown. Default: '-1'.
@@ -5073,26 +5211,52 @@ The following fields are available:
 - **hwPhysmemory**  The physical memory available to the client, truncated down to the nearest gibibyte. '-1' if unknown. This value is intended to reflect the maximum theoretical storage capacity of the client, not including any hard drive or paging to a hard drive or peripheral. Default: '-1'.
 - **isMsftDomainJoined**  '1' if the client is a member of a Microsoft domain. '0' otherwise. Default: '0'.
 - **osArch**  The architecture of the operating system (e.g. 'x86', 'x64', 'arm'). '' if unknown. Default: ''.
-- **osPlatform**  The operating system family that the within which the Omaha client is running (e.g. 'win', 'mac', 'linux', 'ios', 'android'). '' if unknown. The operating system name should be transmitted in lowercase with minimal formatting. Default: ''.
+- **osPlatform**  The operating system family that the within which the Omaha client is running (e.g. 'win', 'mac', 'linux', 'ios', 'android'). '' if unknown. The operating system Name should be transmitted in lowercase with minimal formatting. Default: ''.
 - **osServicePack**  The secondary version of the operating system. '' if unknown. Default: ''.
 - **osVersion**  The primary version of the operating system. '' if unknown. Default: ''.
 - **requestCheckPeriodSec**  The update interval in seconds. The value is read from the registry. Default: '-1'.
 - **requestDlpref**  A comma-separated list of values specifying the preferred download URL behavior. The first value is the highest priority, further values reflect secondary, tertiary, et cetera priorities. Legal values are '' (in which case the entire list must be empty, indicating unknown or no-preference) or 'cacheable' (the server should prioritize sending URLs that are easily cacheable). Default: ''.
-- **requestDomainJoined**  '1' if the device is part of a managed enterprise domain. Otherwise '0'.
+- **requestDomainJoined**  '1' if the machine is part of a managed enterprise domain. Otherwise '0'.
 - **requestInstallSource**  A string specifying the cause of the update flow. For example: 'ondemand', or 'scheduledtask'. Default: ''.
 - **requestIsMachine**  '1' if the client is known to be installed with system-level or administrator privileges. '0' otherwise. Default: '0'.
 - **requestOmahaShellVersion**  The version of the Omaha installation folder. Default: ''.
 - **requestOmahaVersion**  The version of the Omaha updater itself (the entity sending this request). Default: '0.0.0.0'.
-- **requestProtocolVersion**  The version of the Omaha protocol. Compatible clients MUST provide a value of '3.0'. Compatible clients MUST always transmit this attribute. Default: undefined.
-- **requestRequestId**  A randomly-generated (uniformly distributed) GUID, corresponding to the Omaha request. Default: ''.
+- **requestProtocolVersion**  The version of the Omaha protocol. Compatible clients MUST provide a value of '3.0'. Compatible clients must always transmit this attribute. Default: undefined.
+- **requestRequestId**  A randomly-generated (uniformly distributed) GUID, corresponding to the Omaha request. Each request attempt should have (with high probability) a unique request id. Default: ''.
 - **requestSessionCorrelationVectorBase**  A client generated random MS Correlation Vector base code used to correlate the update session with update and CDN servers. Default: ''.
-- **requestSessionId**  A randomly-generated (uniformly distributed) GUID. Each single update flow (e.g. update check, update application, event ping sequence) should have (with high probability) a single unique sessionid. Default: ''.
+- **requestSessionId**  A randomly-generated (uniformly distributed) GUID. Each single update flow (e.g. update check, update application, event ping sequence) should have (with high probability) a single unique session ID. Default: ''.
 - **requestTestSource**  Either '', 'dev', 'qa', 'prober', 'auto', or 'ossdev'. Any value except '' indicates that the request is a test and should not be counted toward normal metrics. Default: ''.
-- **requestUid**  A randomly-generated (uniformly distributed) GUID, corresponding to the Omaha user. Each request attempt should have (with high probability) a unique request id. Default: ''.
+- **requestUid**  A randomly-generated (uniformly distributed) GUID, corresponding to the Omaha user. Each request attempt SHOULD have (with high probability) a unique request id. Default: ''.
+
+
+### Aria.f4a7d46e472049dfba756e11bdbbc08f.Microsoft.WebBrowser.SystemInfo.Config
+
+This config event sends basic device connectivity and configuration information from Microsoft Edge about the current data collection consent, app version, and installation state to keep Microsoft Edge up to date and secure.
+
+The following fields are available:
+
+- **app_sample_rate**  A number representing how often the client sends telemetry, expressed as a percentage. Low values indicate that said client sends more events and high values indicate that said client sends fewer events.
+- **app_version**  The internal Edge build version string, taken from the UMA metrics field system_profile.app_version.
+- **appConsentState**  Bit flags describing consent for data collection on the machine or zero if the state was not retrieved. The following are true when the associated bit is set: consent was granted (0x1), consent was communicated at install (0x2), diagnostic data consent granted (0x20000), browsing data consent granted (0x40000).
+- **Channel**  An integer indicating the channel of the installation (Canary or Dev).
+- **client_id**  A unique identifier with which all other diagnostic client data is associated, taken from the UMA metrics provider. This ID is effectively unique per device, per OS user profile, per release channel (e.g. Canary/Dev/Beta/Stable). client_id is not durable, based on user preferences. client_id is initialized on the first application launch under each OS user profile. client_id is linkable, but not unique across devices or OS user profiles. client_id is reset whenever UMA data collection is disabled, or when the application is uninstalled.
+- **ConnectionType**  The first reported type of network connection currently connected. This can be one of Unknown, Ethernet, WiFi, 2G, 3G, 4G, None, or Bluetooth.
+- **Etag**  Etag is an identifier representing all service applied configurations and experiments for the current browser session. This field is left empty when Windows diagnostic level is set to Basic or lower or when consent for diagnostic data has been denied.
+- **EventInfo.Level**  The minimum Windows diagnostic data level required for the event where 1 is basic, 2 is enhanced, and 3 is full.
+- **install_date**  The date and time of the most recent installation in seconds since midnight on January 1, 1970 UTC, rounded down to the nearest hour.
+- **installSource**  An enumeration representing the source of this installation: source was not retrieved (0), unspecified source (1), website installer (2), enterprise MSI (3), Windows update (4), Edge updater (5), scheduled or timed task (6, 7), uninstall (8), Edge about page (9), self-repair (10), other install command line (11), reserved (12), unknown source (13).
+- **PayloadClass**  The base class used to serialize and deserialize the Protobuf binary payload.
+- **PayloadGUID**  A random identifier generated for each original monolithic Protobuf payload, before the payload is potentially broken up into manageably-sized chunks for transmission.
+- **PayloadLogType**  The log type for the event correlating with 0 for unknown, 1 for stability, 2 for on-going, 3 for independent, 4 for UKM, or 5 for instance level.
+- **pop_sample**  A value indicating how the device's data is being sampled.
+- **reconsentConfigs**  A comma separated list of all reconsent configurations the current installation has received. Each configuration follows a well-defined format: 2DigitMonth-2DigitYear-3LetterKeyword.
+- **session_id**  An identifier that is incremented each time the user launches the application, irrespective of any client_id changes. session_id is seeded during the initial installation of the application. session_id is effectively unique per client_id value. Several other internal identifier values, such as window or tab IDs, are only meaningful within a particular session. The session_id value is forgotten when the application is uninstalled, but not during an upgrade.
+- **utc_flags**  Event Tracing for Windows (ETW) flags required for the event as part of the data collection process.
+
 
 ### Microsoft.WebBrowser.Installer.EdgeUpdate.Ping
 
-This event sends hardware and software inventory information about the Microsoft Edge Update service, Microsoft Edge applications, and the current system environment, including app configuration, update configuration, and hardware capabilities. It's used to measure the reliability and performance of the EdgeUpdate service and if Microsoft Edge applications are up to date
+This event sends hardware and software inventory information about the Microsoft Edge Update service, Microsoft Edge applications, and the current system environment, including app configuration, update configuration, and hardware capabilities. It's used to measure the reliability and performance of the EdgeUpdate service and if Microsoft Edge applications are up to date. This is an indication that the event is designed to keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -5166,7 +5330,7 @@ The following fields are available:
 
 ### Microsoft.Windows.MigrationCore.MigObjectCountDLUsr
 
-This event returns data to track the count of the migration objects across various phases during feature update.
+This event returns data to track the count of the migration objects across various phases during feature update. The data collected with this event is used to help keep Windows secure and to track data loss scenarios.
 
 The following fields are available:
 
@@ -5178,7 +5342,7 @@ The following fields are available:
 
 ### Microsoft.Windows.MigrationCore.MigObjectCountKFSys
 
-This event returns data about the count of the migration objects across various phases during feature update.
+This event returns data about the count of the migration objects across various phases during feature update. The data collected with this event is used to help keep Windows secure and to track data loss scenarios.
 
 The following fields are available:
 
@@ -5189,7 +5353,7 @@ The following fields are available:
 
 ### Microsoft.Windows.MigrationCore.MigObjectCountKFUsr
 
-This event returns data to track the count of the migration objects across various phases during feature update.
+This event returns data to track the count of the migration objects across various phases during feature update. The data collected with this event is used to help keep Windows secure and to track data loss scenarios.
 
 The following fields are available:
 
@@ -5203,7 +5367,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Cast.Miracast.MiracastSessionEnd
 
-This event sends data at the end of a Miracast session that helps determine RTSP related Miracast failures along with some statistics about the session
+This event sends data at the end of a Miracast session that helps determine RTSP related Miracast failures along with some statistics about the session. The data collected with this event is used to keep Windows performing properly.
 
 The following fields are available:
 
@@ -5277,7 +5441,7 @@ The following fields are available:
 
 ### Microsoft.OneDrive.Sync.Setup.APIOperation
 
-This event includes basic data about install and uninstall OneDrive API operations.
+This event includes basic data about install and uninstall OneDrive API operations. The data collected with this event is used to help keep Windows up to date, secure, and performing properly.
 
 The following fields are available:
 
@@ -5290,7 +5454,7 @@ The following fields are available:
 
 ### Microsoft.OneDrive.Sync.Setup.EndExperience
 
-This event includes a success or failure summary of the installation.
+This event includes a success or failure summary of the installation. The data collected with this event is used to help keep Windows up to date, secure, and performing properly.
 
 The following fields are available:
 
@@ -5302,7 +5466,7 @@ The following fields are available:
 
 ### Microsoft.OneDrive.Sync.Setup.OSUpgradeInstallationOperation
 
-This event is related to the OS version when the OS is upgraded with OneDrive installed.
+This event is related to the OS version when the OS is upgraded with OneDrive installed. The data collected with this event is used to help keep Windows up to date, secure, and performing properly.
 
 The following fields are available:
 
@@ -5318,7 +5482,7 @@ The following fields are available:
 
 ### Microsoft.OneDrive.Sync.Setup.RegisterStandaloneUpdaterAPIOperation
 
-This event is related to registering or unregistering the OneDrive update task.
+This event is related to registering or unregistering the OneDrive update task. The data collected with this event is used to help keep Windows up to date, secure, and performing properly.
 
 The following fields are available:
 
@@ -5331,7 +5495,7 @@ The following fields are available:
 
 ### Microsoft.OneDrive.Sync.Updater.ComponentInstallState
 
-This event includes basic data about the installation state of dependent OneDrive components.
+This event includes basic data about the installation state of dependent OneDrive components. The data collected with this event is used to help keep Windows up to date, secure, and performing properly.
 
 The following fields are available:
 
@@ -5341,7 +5505,7 @@ The following fields are available:
 
 ### Microsoft.OneDrive.Sync.Updater.OverlayIconStatus
 
-This event indicates if the OneDrive overlay icon is working correctly. 0 = healthy; 1 = can be fixed; 2 = broken
+This event indicates if the OneDrive overlay icon is working correctly. 0 = healthy; 1 = can be fixed; 2 = broken. The data collected with this event is used to help keep Windows up to date, secure, and performing properly.
 
 The following fields are available:
 
@@ -5351,7 +5515,7 @@ The following fields are available:
 
 ### Microsoft.OneDrive.Sync.Updater.UpdateOverallResult
 
-This event sends information describing the result of the update.
+This event sends information describing the result of the update. The data collected with this event is used to help keep Windows up to date, secure, and performing properly.
 
 The following fields are available:
 
@@ -5362,7 +5526,7 @@ The following fields are available:
 
 ### Microsoft.OneDrive.Sync.Updater.UpdateXmlDownloadHResult
 
-This event determines the status when downloading the OneDrive update configuration file.
+This event determines the status when downloading the OneDrive update configuration file. The data collected with this event is used to help keep Windows up to date, secure, and performing properly.
 
 The following fields are available:
 
@@ -5371,7 +5535,7 @@ The following fields are available:
 
 ### Microsoft.OneDrive.Sync.Updater.WebConnectionStatus
 
-This event determines the error code that was returned when verifying Internet connectivity.
+This event determines the error code that was returned when verifying Internet connectivity. The data collected with this event is used to help keep Windows up to date, secure, and performing properly.
 
 The following fields are available:
 
@@ -5379,11 +5543,38 @@ The following fields are available:
 - **winInetError**  The HResult of the operation.
 
 
+## ONNX runtime events
+
+### Microsoft.ML.ONNXRuntime.ProcessInfo
+
+This event collects information when an application loads ONNXRuntime.dll. The data collected with this event is used to keep Windows product and service performing properly.
+
+The following fields are available:
+
+- **AppSessionGuid**  An identifier of a particular application session starting at process creation time and persisting until process end.
+- **isRedist**  Indicates if the ONNXRuntime usage is from redistributable package or inbox.
+- **runtimeVersion**  The version number of ONNXRuntime.
+- **schemaVersion**  Blueprint version of how the database is constructed.
+
+
+### Microsoft.ML.ONNXRuntime.RuntimePerf
+
+This event collects information about ONNXRuntime performance. The data collected with this event is used to keep Windows performing properly.
+
+The following fields are available:
+
+- **AppSessionGuid**  An identifier of a particular application session starting at process creation time and persisting until process end.
+- **schemaVersion**  Blueprint version of how the database is constructed.
+- **sessionId**  Identifier for each created session.
+- **totalRunDuration**  Total running/evaluation time from last time.
+- **totalRuns**  Total number of running/evaluation from last time.
+
+
 ## Privacy consent logging events
 
 ### Microsoft.Windows.Shell.PrivacyConsentLogging.PrivacyConsentCompleted
 
-This event is used to determine whether the user successfully completed the privacy consent experience.
+This event is used to determine whether the user successfully completed the privacy consent experience. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -5395,7 +5586,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Shell.PrivacyConsentLogging.PrivacyConsentStatus
 
-Event tells us effectiveness of new privacy experience.
+This event provides the effectiveness of new privacy experience. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -5409,26 +5600,11 @@ The following fields are available:
 
 ### wilActivity
 
-This event provides a Windows Internal Library context used for Product and Service diagnostics.
+This event provides a Windows Internal Library context used for Product and Service diagnostics. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
-- **callContext**  The function where the failure occurred.
-- **currentContextId**  The ID of the current call context where the failure occurred.
-- **currentContextMessage**  The message of the current call context where the failure occurred.
-- **currentContextName**  The name of the current call context where the failure occurred.
-- **failureCount**  The number of failures for this failure ID.
-- **failureId**  The ID of the failure that occurred.
-- **failureType**  The type of the failure that occurred.
-- **fileName**  The file name where the failure occurred.
-- **function**  The function where the failure occurred.
 - **hresult**  The HResult of the overall activity.
-- **lineNumber**  The line number where the failure occurred.
-- **message**  The message of the failure that occurred.
-- **module**  The module where the failure occurred.
-- **originatingContextId**  The ID of the originating call context that resulted in the failure.
-- **originatingContextMessage**  The message of the originating call context that resulted in the failure.
-- **originatingContextName**  The name of the originating call context that resulted in the failure.
 - **threadId**  The ID of the thread on which the activity is executing.
 
 
@@ -5436,7 +5612,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Shell.PrivacyNotifierLogging.PrivacyNotifierCompleted
 
-This event returns data to report the efficacy of a single-use tool to inform users impacted by a known issue and to take corrective action to address the issue.
+This event returns data to report the efficacy of a single-use tool to inform users impacted by a known issue and to take corrective action to address the issue. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -5453,7 +5629,7 @@ The following fields are available:
 
 ### Microsoft.Windows.QualityUpdateAssistant.Applicability
 
-This event sends basic info on whether the device should be updated to the latest cumulative update.
+This event sends basic info on whether the device should be updated to the latest cumulative update. The data collected with this event is used to help keep Windows up to date and secure.
 
 The following fields are available:
 
@@ -5470,7 +5646,7 @@ The following fields are available:
 
 ### Microsoft.Windows.QualityUpdateAssistant.DeviceReadinessCheck
 
-This event sends basic info on whether the device is ready to download the latest cumulative update.
+This event sends basic info on whether the device is ready to download the latest cumulative update. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -5487,7 +5663,7 @@ The following fields are available:
 
 ### Microsoft.Windows.QualityUpdateAssistant.Download
 
-This event sends basic info when download of the latest cumulative update begins.
+This event sends basic info when download of the latest cumulative update begins. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -5507,7 +5683,7 @@ The following fields are available:
 
 ### Microsoft.Windows.QualityUpdateAssistant.Install
 
-This event sends basic info on the result of the installation of the latest cumulative update.
+This event sends basic info on the result of the installation of the latest cumulative update. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -5662,7 +5838,7 @@ The following fields are available:
 - **RemediationShellDeviceNewOS**  TRUE if the device has a recently installed OS.
 - **RemediationShellDeviceProSku**  Indicates whether a Windows 10 Professional edition is detected.
 - **RemediationShellDeviceQualityUpdatesPaused**  Indicates whether Quality Updates are paused on the device.
-- **RemediationShellDeviceSccm**  TRUE if the device is managed by Configuration Manager.
+- **RemediationShellDeviceSccm**  TRUE if the device is managed by SCCM (Microsoft System Center Configuration Manager).
 - **RemediationShellDeviceSedimentMutexInUse**  Indicates whether the Sediment Pack mutual exclusion object (mutex) is in use.
 - **RemediationShellDeviceSetupMutexInUse**  Indicates whether device setup is in progress.
 - **RemediationShellDeviceWuRegistryBlocked**  Indicates whether the Windows Update is blocked on the device via the registry.
@@ -5874,7 +6050,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Sediment.Info.DetailedState
 
-This event is sent when detailed state information is needed from an update trial run.
+This event is sent when detailed state information is needed from an update trial run. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -5912,7 +6088,7 @@ The following fields are available:
 
 ### Microsoft.Windows.SedimentLauncher.Applicable
 
-This event is sent when the Windows Update sediment remediations launcher finds that an applicable plug-in to address issues that may be preventing the sediment device from receiving OS updates.  A sediment device is one that has been on a previous OS version for an extended period.
+This event is sent when the Windows Update sediment remediations launcher finds that an applicable plug-in to address issues that may be preventing the sediment device from receiving OS updates.  A sediment device is one that has been on a previous OS version for an extended period. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -5930,7 +6106,7 @@ The following fields are available:
 
 ### Microsoft.Windows.SedimentLauncher.Completed
 
-This event is sent when the Windows Update sediment remediations launcher finishes running a plug-in to address issues that may be preventing the sediment device from receiving OS updates.  A sediment device is one that has been on a previous OS version for an extended period.
+This event is sent when the Windows Update sediment remediations launcher finishes running a plug-in to address issues that may be preventing the sediment device from receiving OS updates.  A sediment device is one that has been on a previous OS version for an extended period. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -5945,7 +6121,7 @@ The following fields are available:
 
 ### Microsoft.Windows.SedimentLauncher.Started
 
-This event is sent when the Windows Update sediment remediations launcher starts running a plug-in to address issues that may be preventing the sediment device from receiving OS updates.  A sediment device is one that has been on a previous OS version for an extended period.
+This event is sent when the Windows Update sediment remediations launcher starts running a plug-in to address issues that may be preventing the sediment device from receiving OS updates.  A sediment device is one that has been on a previous OS version for an extended period. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -5958,7 +6134,7 @@ The following fields are available:
 
 ### Microsoft.Windows.SedimentService.Applicable
 
-This event is sent when the Windows Update sediment remediations service finds that an applicable plug-in to address issues that may be preventing the sediment device from receiving OS updates.  A sediment device is one that has been on a previous OS version for an extended period.
+This event is sent when the Windows Update sediment remediations service finds that an applicable plug-in to address issues that may be preventing the sediment device from receiving OS updates.  A sediment device is one that has been on a previous OS version for an extended period. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -5976,7 +6152,7 @@ The following fields are available:
 
 ### Microsoft.Windows.SedimentService.Completed
 
-This event is sent when the Windows Update sediment remediations service finishes running a plug-in to address issues that may be preventing the sediment device from receiving OS updates.  A sediment device is one that has been on a previous OS version for an extended period.
+This event is sent when the Windows Update sediment remediations service finishes running a plug-in to address issues that may be preventing the sediment device from receiving OS updates.  A sediment device is one that has been on a previous OS version for an extended period. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -6000,7 +6176,7 @@ The following fields are available:
 
 ### Microsoft.Windows.SedimentService.Started
 
-This event is sent when the Windows Update sediment remediations service starts running a plug-in to address issues that may be preventing the sediment device from receiving OS updates.  A sediment device is one that has been on a previous OS version for an extended period.
+This event is sent when the Windows Update sediment remediations service starts running a plug-in to address issues that may be preventing the sediment device from receiving OS updates.  A sediment device is one that has been on a previous OS version for an extended period. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -6021,6 +6197,7 @@ The following fields are available:
 
 - **FieldName**  Retrieves the event name/data point. Examples: InstallStartTime, InstallEndtime, OverallResult etc.
 - **GroupName**  Retrieves the groupname the event belongs to. Example: Install Information, DU Information, Disk Space Information etc.
+- **InstanceID**  This is a unique GUID to track individual instances of SetupPlatform that will help us tie events from a single instance together.
 - **Value**  Value associated with the corresponding event name. For example, time-related events will include the system time
 
 
@@ -6054,7 +6231,7 @@ The following fields are available:
 
 ### SIHEngineTelemetry.EvalApplicability
 
-This event is sent when targeting logic is evaluated to determine if a device is eligible for a given action.
+This event is sent when targeting logic is evaluated to determine if a device is eligible for a given action. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -6078,7 +6255,7 @@ The following fields are available:
 
 ### SIHEngineTelemetry.ExecuteAction
 
-This event is triggered with SIH attempts to execute (e.g. install) the update or action in question. Includes important information like if the update required a reboot.
+This event is triggered with SIH attempts to execute (e.g. install) the update or action in question. Includes important information like if the update required a reboot. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -6098,7 +6275,7 @@ The following fields are available:
 
 ### SIHEngineTelemetry.PostRebootReport
 
-This event reports the status of an action following a reboot, should one have been required.
+This event reports the status of an action following a reboot, should one have been required. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -6119,7 +6296,7 @@ The following fields are available:
 
 ### SoftwareUpdateClientTelemetry.CheckForUpdates
 
-Scan process event on Windows Update client. See the EventScenario field for specifics (started/failed/succeeded).
+This event sends tracking data about the software distribution client check for content that is applicable to a device, to help keep Windows up to date.
 
 The following fields are available:
 
@@ -6204,7 +6381,7 @@ The following fields are available:
 
 ### SoftwareUpdateClientTelemetry.Commit
 
-This event tracks the commit process post the update installation when software update client is trying to update the device.
+This event sends data on whether the Update Service has been called to execute an upgrade, to help keep Windows up to date.
 
 The following fields are available:
 
@@ -6235,7 +6412,7 @@ The following fields are available:
 
 ### SoftwareUpdateClientTelemetry.Download
 
-Download process event for target update on Windows Update client. See the EventScenario field for specifics (started/failed/succeeded).
+This event sends tracking data about the software distribution client download of the content for that update, to help keep Windows up to date.
 
 The following fields are available:
 
@@ -6326,7 +6503,7 @@ The following fields are available:
 
 ### SoftwareUpdateClientTelemetry.DownloadCheckpoint
 
-This event provides a checkpoint between each of the Windows Update download phases for UUP content
+This event provides a checkpoint between each of the Windows Update download phases for UUP content. The data collected with this event is used to help keep Windows up to date, secure, and performing properly.
 
 The following fields are available:
 
@@ -6348,7 +6525,7 @@ The following fields are available:
 
 ### SoftwareUpdateClientTelemetry.DownloadHeartbeat
 
-This event allows tracking of ongoing downloads and contains data to explain the current state of the download
+This event allows tracking of ongoing downloads and contains data to explain the current state of the download. The data collected with this event is used to help keep Windows up to date, secure, and performing properly.
 
 The following fields are available:
 
@@ -6423,6 +6600,7 @@ The following fields are available:
 - **IsSuccessFailurePostReboot**  Indicates whether the update succeeded and then failed after a restart.
 - **IsWUfBDualScanEnabled**  Indicates whether Windows Update for Business dual scan is enabled on the device.
 - **IsWUfBEnabled**  Indicates whether Windows Update for Business is enabled on the device.
+- **IsWUfBTargetVersionEnabled**  Flag that indicates if the WU-for-Business target version policy is enabled on the device.
 - **MergedUpdate**  Indicates whether the OS update and a BSP update merged for installation.
 - **MsiAction**  The stage of MSI installation where it failed.
 - **MsiProductCode**  The unique identifier of the MSI installer.
@@ -6452,7 +6630,7 @@ The following fields are available:
 
 ### SoftwareUpdateClientTelemetry.Revert
 
-Revert event for target update on Windows Update Client. See EventScenario field for specifics (for example, Started/Failed/Succeeded).
+This is a revert event for target update on Windows Update Client. See EventScenario field for specifics (for example, Started/Failed/Succeeded). The data collected with this event is used to help keep Windows up to date, secure, and performing properly.
 
 The following fields are available:
 
@@ -6479,6 +6657,7 @@ The following fields are available:
 - **IsSuccessFailurePostReboot**  Indicates whether an initial success was a failure after a reboot.
 - **IsWUfBDualScanEnabled**  Flag indicating whether WU-for-Business dual scan is enabled on the device.
 - **IsWUfBEnabled**  Flag indicating whether WU-for-Business is enabled on the device.
+- **IsWUfBTargetVersionEnabled**  Flag that indicates if the WU-for-Business target version policy is enabled on the device.
 - **MergedUpdate**  Indicates whether an OS update and a BSP update were merged for install.
 - **ProcessName**  Process name of the caller who initiated API calls into the software distribution client.
 - **QualityUpdatePause**  Indicates whether quality OS updates are paused on the device.
@@ -6497,7 +6676,7 @@ The following fields are available:
 
 ### SoftwareUpdateClientTelemetry.TaskRun
 
-Start event for Server Initiated Healing client. See EventScenario field for specifics (for example, started/completed).
+This is a start event for Server Initiated Healing client. See EventScenario field for specifics (for example, started/completed). The data collected with this event is used to help keep Windows up to date, secure, and performing properly.
 
 The following fields are available:
 
@@ -6513,7 +6692,7 @@ The following fields are available:
 
 ### SoftwareUpdateClientTelemetry.Uninstall
 
-Uninstall event for target update on Windows Update Client. See EventScenario field for specifics (for example, Started/Failed/Succeeded).
+This is an uninstall event for target update on Windows Update Client. See EventScenario field for specifics (for example, Started/Failed/Succeeded). The data collected with this event is used to help keep Windows up to date, secure, and performing properly.
 
 The following fields are available:
 
@@ -6557,7 +6736,7 @@ The following fields are available:
 
 ### SoftwareUpdateClientTelemetry.UpdateDetected
 
-This event sends data about an AppX app that has been updated from the Microsoft Store, including what app needs an update and what version/architecture is required, in order to understand and address problems with apps getting required updates.
+This event sends data about an AppX app that has been updated from the Microsoft Store, including what app needs an update and what version/architecture is required, in order to understand and address problems with apps getting required updates. The data collected with this event is used to help keep Windows up to date, secure, and performing properly.
 
 The following fields are available:
 
@@ -6572,7 +6751,7 @@ The following fields are available:
 
 ### SoftwareUpdateClientTelemetry.UpdateMetadataIntegrity
 
-Ensures Windows Updates are secure and complete. Event helps to identify whether update content has been tampered with and protects against man-in-the-middle attack.
+This event helps to identify whether update content has been tampered with and protects against man-in-the-middle attack. The data collected with this event is used to help keep Windows up to date, secure, and performing properly.
 
 The following fields are available:
 
@@ -6633,7 +6812,7 @@ The following fields are available:
 
 ### Update360Telemetry.Revert
 
-This event sends data relating to the Revert phase of updating Windows.
+This event sends data relating to the Revert phase of updating Windows. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -6651,7 +6830,7 @@ The following fields are available:
 
 ### Update360Telemetry.UpdateAgentCommit
 
-This event collects information regarding the commit phase of the new Unified Update Platform (UUP) update scenario, which is leveraged by both Mobile and Desktop.
+This event collects information regarding the commit phase of the new Unified Update Platform (UUP) update scenario, which is leveraged by both Mobile and Desktop. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -6667,7 +6846,7 @@ The following fields are available:
 
 ### Update360Telemetry.UpdateAgentDownloadRequest
 
-This event sends data for the download request phase of updating Windows via the new Unified Update Platform (UUP) scenario. Applicable to PC and Mobile.
+This event sends data for the download request phase of updating Windows via the new Unified Update Platform (UUP) scenario. Applicable to PC and Mobile. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -6704,7 +6883,7 @@ The following fields are available:
 
 ### Update360Telemetry.UpdateAgentExpand
 
-This event collects information regarding the expansion phase of the new Unified Update Platform (UUP) update scenario, which is leveraged by both Mobile and Desktop.
+This event collects information regarding the expansion phase of the new Unified Update Platform (UUP) update scenario, which is leveraged by both Mobile and Desktop. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -6724,7 +6903,7 @@ The following fields are available:
 
 ### Update360Telemetry.UpdateAgentFellBackToCanonical
 
-This event collects information when express could not be used and we fall back to canonical during the new Unified Update Platform (UUP) update scenario, which is leveraged by both Mobile and Desktop.
+This event collects information when express could not be used and we fall back to canonical during the new Unified Update Platform (UUP) update scenario, which is leveraged by both Mobile and Desktop. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -6740,7 +6919,7 @@ The following fields are available:
 
 ### Update360Telemetry.UpdateAgentInitialize
 
-This event sends data for the initialize phase of updating Windows via the new Unified Update Platform (UUP) scenario, which is applicable to both PCs and Mobile.
+This event sends data for the initialize phase of updating Windows via the new Unified Update Platform (UUP) scenario, which is applicable to both PCs and Mobile. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -6758,7 +6937,7 @@ The following fields are available:
 
 ### Update360Telemetry.UpdateAgentInstall
 
-This event sends data for the install phase of updating Windows.
+This event sends data for the install phase of updating Windows. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -6776,7 +6955,7 @@ The following fields are available:
 
 ### Update360Telemetry.UpdateAgentMerge
 
-The UpdateAgentMerge event sends data on the merge phase when updating Windows.
+The UpdateAgentMerge event sends data on the merge phase when updating Windows. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -6793,7 +6972,7 @@ The following fields are available:
 
 ### Update360Telemetry.UpdateAgentMitigationResult
 
-This event sends data indicating the result of each update agent mitigation.
+This event sends data indicating the result of each update agent mitigation. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -6819,7 +6998,7 @@ The following fields are available:
 
 ### Update360Telemetry.UpdateAgentMitigationSummary
 
-This event sends a summary of all the update agent mitigations available for an this update.
+This event sends a summary of all the update agent mitigations available for an this update. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -6839,7 +7018,7 @@ The following fields are available:
 
 ### Update360Telemetry.UpdateAgentModeStart
 
-This event sends data for the start of each mode during the process of updating Windows via the new Unified Update Platform (UUP) scenario. Applicable to both PCs and Mobile.
+This event sends data for the start of each mode during the process of updating Windows via the new Unified Update Platform (UUP) scenario. Applicable to both PCs and Mobile. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -6855,7 +7034,7 @@ The following fields are available:
 
 ### Update360Telemetry.UpdateAgentOneSettings
 
-This event collects information regarding the post reboot phase of the new UUP (Unified Update Platform) update scenario; which is leveraged by both Mobile and Desktop.
+This event collects information regarding the post reboot phase of the new UUP (Unified Update Platform) update scenario; which is leveraged by both Mobile and Desktop. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -6873,7 +7052,7 @@ The following fields are available:
 
 ### Update360Telemetry.UpdateAgentPostRebootResult
 
-This event collects information for both Mobile and Desktop regarding the post reboot phase of the new Unified Update Platform (UUP) update scenario.
+This event collects information for both Mobile and Desktop regarding the post reboot phase of the new Unified Update Platform (UUP) update scenario. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -6882,14 +7061,16 @@ The following fields are available:
 - **ObjectId**  Unique value for each Update Agent mode.
 - **PostRebootResult**  Indicates the Hresult.
 - **RelatedCV**  Correlation vector value generated from the latest USO scan.
+- **RollbackFailureReason**  Indicates the cause of the rollback.
 - **ScenarioId**  The scenario ID. Example: MobileUpdate, DesktopLanguagePack, DesktopFeatureOnDemand, or DesktopDriverUpdate.
 - **SessionId**  Unique value for each update attempt.
 - **UpdateId**  Unique ID for each update.
+- **UpdateOutputState**  A numeric value indicating the state of the update at the time of reboot.
 
 
 ### Update360Telemetry.UpdateAgentReboot
 
-This event sends information indicating that a request has been sent to suspend an update.
+This event sends information indicating that a request has been sent to suspend an update. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -6908,7 +7089,7 @@ The following fields are available:
 
 ### Update360Telemetry.UpdateAgentSetupBoxLaunch
 
-The UpdateAgent_SetupBoxLaunch event sends data for the launching of the setup box when updating Windows via the new Unified Update Platform (UUP) scenario. This event is only applicable to PCs.
+The UpdateAgent_SetupBoxLaunch event sends data for the launching of the setup box when updating Windows via the new Unified Update Platform (UUP) scenario. This event is only applicable to PCs. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -6932,7 +7113,7 @@ The following fields are available:
 
 ### Microsoft.Windows.UpdateNotificationPipeline.UNPCampaignHeartbeat
 
-This event is sent at the start of each campaign, to be used as a heartbeat.
+This event is sent at the start of each campaign, to be used as a heartbeat. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -6948,7 +7129,7 @@ The following fields are available:
 
 ### Microsoft.Windows.UpdateNotificationPipeline.UNPCampaignManagerHeartbeat
 
-This event is sent at the start of the CampaignManager event and is intended to be used as a heartbeat.
+This event is sent at the start of the CampaignManager event and is intended to be used as a heartbeat. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -6964,7 +7145,7 @@ The following fields are available:
 
 ### Microsoft.Windows.UpdateNotificationPipeline.UnpCampaignManagerRunCampaignFailed
 
-This event is sent when the Campaign Manager encounters an unexpected error while running the campaign.
+This event is sent when the Campaign Manager encounters an unexpected error while running the campaign. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -6998,7 +7179,7 @@ The following fields are available:
 
 ### FacilitatorTelemetry.DUDownload
 
-This event returns data about the download of supplemental packages critical to upgrading a device to the next version of Windows.
+This event returns data about the download of supplemental packages critical to upgrading a device to the next version of Windows. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -7008,7 +7189,7 @@ The following fields are available:
 
 ### FacilitatorTelemetry.InitializeDU
 
-This event determines whether devices received additional or critical supplemental content during an OS upgrade.
+This event determines whether devices received additional or critical supplemental content during an OS upgrade. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -7066,7 +7247,7 @@ The following fields are available:
 
 ### Setup360Telemetry.OsUninstall
 
-This event sends data regarding OS updates and upgrades from Windows 7, Windows 8, and Windows 10. Specifically, it indicates the outcome of an OS uninstall.
+This event sends data regarding OS updates and upgrades from Windows 7, Windows 8, and Windows 10. Specifically, it indicates the outcome of an OS uninstall. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -7230,7 +7411,7 @@ The following fields are available:
 
 ### Setup360Telemetry.Setup360MitigationResult
 
-This event sends data indicating the result of each setup mitigation.
+This event sends data indicating the result of each setup mitigation. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -7255,7 +7436,7 @@ The following fields are available:
 
 ### Setup360Telemetry.Setup360MitigationSummary
 
-This event sends a summary of all the setup mitigations available for this update.
+This event sends a summary of all the setup mitigations available for this update. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -7274,7 +7455,7 @@ The following fields are available:
 
 ### Setup360Telemetry.Setup360OneSettings
 
-This event collects information regarding the post reboot phase of the new UUP (Unified Update Platform) update scenario; which is leveraged by both Mobile and Desktop.
+This event collects information regarding the post reboot phase of the new UUP (Unified Update Platform) update scenario; which is leveraged by both Mobile and Desktop. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -7313,9 +7494,65 @@ The following fields are available:
 
 ## Windows as a Service diagnostic events
 
+### Microsoft.Windows.WaaSMedic.DetectionFailed
+
+This event is sent when WaaSMedic fails to apply the named diagnostic. The data collected with this event is used to help keep Windows secure and up to date.
+
+The following fields are available:
+
+- **diagnostic**  Parameter where the diagnostic failed.
+- **hResult**  Error code from attempting the diagnostic.
+- **isDetected**  Flag indicating whether the condition was detected.
+- **pluginName**  Name of the attempted diagnostic.
+- **versionString**  The version number of the remediation engine.
+
+
+### Microsoft.Windows.WaaSMedic.DetectionsOnlyFailed
+
+Failed to apply the named diagnostic.
+
+The following fields are available:
+
+- **hResult**  The error code from attempting the diagnostic.
+- **versionString**  The version number of the remediation engine.
+
+
+### Microsoft.Windows.WaaSMedic.EngineFailed
+
+This event indicates failure during medic engine execution. The data collected with this event is used to help keep Windows secure and up to date.
+
+The following fields are available:
+
+- **hResult**  Error code from the execution.
+- **versionString**  Version of Medic engine.
+
+
+### Microsoft.Windows.WaaSMedic.RemediationFailed
+
+This event is sent when the WaaS Medic update stack remediation tool fails to apply a described resolution to a problem that is blocking Windows Update from operating correctly on a target device. The data collected with this event is used to help keep Windows secure and up to date.
+
+The following fields are available:
+
+- **diagnostic**  Parameter where the resolution failed.
+- **hResult**  Error code that resulted from attempting the resolution.
+- **isRemediated**  Indicates whether the condition was remediated.
+- **pluginName**  Name of the attempted resolution.
+- **versionString**  Version of the engine.
+
+
+### Microsoft.Windows.WaaSMedic.RemediationsOnlyFailed
+
+This event indicates that some plugins failed to complete remediation. This data collected with this event is used to help keep Windows secure.
+
+The following fields are available:
+
+- **hResult**  A resulting error code.
+- **versionString**  The string for which plugins failed.
+
+
 ### Microsoft.Windows.WaaSMedic.SummaryEvent
 
-Result of the WaaSMedic operation.
+This event provides the result of the WaaSMedic operation. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -7776,7 +8013,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Kits.WSK.WskImageCreate
 
-This event sends simple Product and Service usage data when a user is using the Windows System Kit to create new OS “images”. The data includes the version of the Windows System Kit and the state of the event and is used to help investigate “image” creation failures.
+This event sends data when the Windows System Kit is used to create new OS “images”. The data includes the version of the Windows System Kit and the state of the event and is used to help investigate “image” creation failures. The data collected with this event is used to keep Windows performing properly.
 
 The following fields are available:
 
@@ -7791,7 +8028,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Kits.WSK.WskImageCustomization
 
-This event sends simple Product and Service usage data when a user is using the Windows System Kit to create/modify configuration files allowing the customization of a new OS image with Apps or Drivers. The data includes the version of the Windows System Kit, the state of the event, the customization type (drivers or apps) and the mode (new or updating) and is used to help investigate configuration file creation failures.
+This event sends data when the Windows System Kit is used to create/modify configuration files allowing the customization of a new OS image with Apps or Drivers. The data includes the version of the Windows System Kit, the state of the event, the customization type (drivers or apps) and the mode (new or updating) and is used to help investigate configuration file creation failures. The data collected with this event is used to keep Windows performing properly.
 
 The following fields are available:
 
@@ -7807,7 +8044,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Kits.WSK.WskWorkspaceCreate
 
-This event sends simple Product and Service usage data when a user is using the Windows System Kit to create new workspace for generating OS “images”. The data includes the version of the Windows System Kit and the state of the event and is used to help investigate workspace creation failures.
+This event sends data when the Windows System Kit is used to create new workspace for generating OS “images”. The data includes the version of the Windows System Kit and the state of the event and is used to help investigate workspace creation failures. The data collected with this event is used to keep Windows performing properly.
 
 The following fields are available:
 
@@ -7825,15 +8062,29 @@ The following fields are available:
 
 ### Microsoft.Windows.UpdateCsp.ExecuteRollBackFeatureStarted
 
-This event sends basic information indicating that Feature Rollback has started.
+This event sends basic information indicating that Feature Rollback has started. The data collected with this event is used to help keep Windows secure and up to date.
 
 
 
+### Microsoft.Windows.UpdateCsp.ExecuteRollBackQualityNotApplicable
+
+This event informs you whether a rollback of Quality updates is applicable to the devices that you are attempting to rollback. The data collected with this event is used to help keep Windows secure and up to date.
+
+The following fields are available:
+
+- **current**  Result of currency check.
+- **dismOperationSucceeded**  Dism uninstall operation status.
+- **oSVersion**  Build number of the device.
+- **paused**  Indicates whether the device is paused.
+- **rebootRequestSucceeded**  Reboot Configuration Service Provider (CSP) call success status.
+- **wUfBConnected**  Result of WUfB connection check.
+
+
 ## Windows Update Delivery Optimization events
 
 ### Microsoft.OSG.DU.DeliveryOptClient.DownloadCanceled
 
-This event describes when a download was canceled with Delivery Optimization. It's used to understand and address problems regarding downloads.
+This event describes when a download was canceled with Delivery Optimization. It's used to understand and address problems regarding downloads. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -7867,7 +8118,7 @@ The following fields are available:
 
 ### Microsoft.OSG.DU.DeliveryOptClient.DownloadCompleted
 
-This event describes when a download has completed with Delivery Optimization. It's used to understand and address problems regarding downloads.
+This event describes when a download has completed with Delivery Optimization. It's used to understand and address problems regarding downloads. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -7922,7 +8173,7 @@ The following fields are available:
 
 ### Microsoft.OSG.DU.DeliveryOptClient.DownloadPaused
 
-This event represents a temporary suspension of a download with Delivery Optimization. It's used to understand and address problems regarding downloads.
+This event represents a temporary suspension of a download with Delivery Optimization. It's used to understand and address problems regarding downloads. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -7942,7 +8193,7 @@ The following fields are available:
 
 ### Microsoft.OSG.DU.DeliveryOptClient.DownloadStarted
 
-This event sends data describing the start of a new download to enable Delivery Optimization. It's used to understand and address problems regarding downloads.
+This event sends data describing the start of a new download to enable Delivery Optimization. It's used to understand and address problems regarding downloads. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -7978,7 +8229,7 @@ The following fields are available:
 
 ### Microsoft.OSG.DU.DeliveryOptClient.FailureCdnCommunication
 
-This event represents a failure to download from a CDN with Delivery Optimization. It's used to understand and address problems regarding downloads.
+This event represents a failure to download from a CDN with Delivery Optimization. It's used to understand and address problems regarding downloads. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -8000,7 +8251,7 @@ The following fields are available:
 
 ### Microsoft.OSG.DU.DeliveryOptClient.JobError
 
-This event represents a Windows Update job error. It allows for investigation of top errors.
+This event represents a Windows Update job error. It allows for investigation of top errors. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -8016,7 +8267,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.DeviceUpdateAgent.UpdateAgentAnalysisSummary
 
-This event collects information regarding the state of devices and drivers on the system following a reboot after the install phase of the new device manifest UUP (Unified Update Platform) update scenario which is used to install a device manifest describing a set of driver packages.
+This event collects information regarding the state of devices and drivers on the system following a reboot after the install phase of the new device manifest UUP (Unified Update Platform) update scenario which is used to install a device manifest describing a set of driver packages. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -8040,7 +8291,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.DeviceUpdateAgent.UpdateAgentCommit
 
-This event collects information regarding the final commit phase of the new device manifest UUP (Unified Update Platform) update scenario, which is used to install a device manifest describing a set of driver packages.
+This event collects information regarding the final commit phase of the new device manifest UUP (Unified Update Platform) update scenario, which is used to install a device manifest describing a set of driver packages. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -8056,7 +8307,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.DeviceUpdateAgent.UpdateAgentDownloadRequest
 
-This event collects information regarding the download request phase of the new device manifest UUP (Unified Update Platform) update scenario, which is used to install a device manifest describing a set of driver packages.
+This event collects information regarding the download request phase of the new device manifest UUP (Unified Update Platform) update scenario, which is used to install a device manifest describing a set of driver packages. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -8083,7 +8334,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.DeviceUpdateAgent.UpdateAgentInitialize
 
-This event sends data for initializing a new update session for the new device manifest UUP (Unified Update Platform) update scenario, which is used to install a device manifest describing a set of driver packages.
+This event sends data for initializing a new update session for the new device manifest UUP (Unified Update Platform) update scenario, which is used to install a device manifest describing a set of driver packages. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -8101,7 +8352,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.DeviceUpdateAgent.UpdateAgentInstall
 
-This event collects information regarding the install phase of the new device manifest UUP (Unified Update Platform) update scenario, which is used to install a device manifest describing a set of driver packages.
+This event collects information regarding the install phase of the new device manifest UUP (Unified Update Platform) update scenario, which is used to install a device manifest describing a set of driver packages. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -8117,7 +8368,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.DeviceUpdateAgent.UpdateAgentModeStart
 
-This event sends data for the start of each mode during the process of updating device manifest assets via the UUP (Unified Update Platform) update scenario, which is used to install a device manifest describing a set of driver packages.
+This event sends data for the start of each mode during the process of updating device manifest assets via the UUP (Unified Update Platform) update scenario, which is used to install a device manifest describing a set of driver packages. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -8132,7 +8383,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.NotificationUx.DialogNotificationToBeDisplayed
 
-This event indicates that a notification dialog box is about to be displayed to user.
+This event indicates that a notification dialog box is about to be displayed to user. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -8158,7 +8409,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.NotificationUx.EnhancedEngagedRebootAcceptAutoDialog
 
-This event indicates that the Enhanced Engaged restart "accept automatically" dialog box was displayed.
+This event indicates that the Enhanced Engaged restart "accept automatically" dialog box was displayed. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -8174,7 +8425,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.NotificationUx.EnhancedEngagedRebootFirstReminderDialog
 
-This event indicates that the Enhanced Engaged restart "first reminder" dialog box was displayed..
+This event indicates that the Enhanced Engaged restart "first reminder" dialog box was displayed. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -8190,7 +8441,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.NotificationUx.EnhancedEngagedRebootRebootFailedDialog
 
-This event indicates that the Enhanced Engaged restart "restart failed" dialog box was displayed.
+This event indicates that the Enhanced Engaged restart "restart failed" dialog box was displayed. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -8206,7 +8457,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.NotificationUx.EnhancedEngagedRebootRebootImminentDialog
 
-This event indicates that the Enhanced Engaged restart "restart imminent" dialog box was displayed.
+This event indicates that the Enhanced Engaged restart "restart imminent" dialog box was displayed. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -8222,7 +8473,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.NotificationUx.EnhancedEngagedRebootReminderDialog
 
-This event returns information relating to the Enhanced Engaged reboot reminder dialog that was displayed.
+This event returns information relating to the Enhanced Engaged reboot reminder dialog that was displayed. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -8238,7 +8489,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.NotificationUx.EnhancedEngagedRebootReminderToast
 
-This event indicates that the Enhanced Engaged restart reminder pop-up banner was displayed.
+This event indicates that the Enhanced Engaged restart reminder pop-up banner was displayed. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -8254,7 +8505,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.NotificationUx.RebootScheduled
 
-Indicates when a reboot is scheduled by the system or a user for a security, quality, or feature update.
+This event sends basic information for scheduling a device restart to install security updates. It's used to help keep Windows secure and up-to-date by indicating when a reboot is scheduled by the system or a user for a security, quality, or feature update.
 
 The following fields are available:
 
@@ -8272,9 +8523,18 @@ The following fields are available:
 - **wuDeviceid**  Unique device ID used by Windows Update.
 
 
+### Microsoft.Windows.Update.Orchestrator.ActivityError
+
+This event measures overall health of UpdateOrchestrator. The data collected with this event is used to help keep Windows secure and up to date.
+
+The following fields are available:
+
+- **wilActivity**  This struct provides a Windows Internal Library context used for Product and Service diagnostics. See [wilActivity](#wilactivity).
+
+
 ### Microsoft.Windows.Update.Orchestrator.ActivityRestrictedByActiveHoursPolicy
 
-This event indicates a policy is present that may restrict update activity to outside of active hours.
+This event indicates a policy is present that may restrict update activity to outside of active hours. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -8283,9 +8543,19 @@ The following fields are available:
 - **wuDeviceid**  Unique device ID used by Windows Update.
 
 
+### Microsoft.Windows.Update.Orchestrator.AttemptImmediateReboot
+
+This event sends data when the Windows Update Orchestrator is set to reboot immediately after installing the update. The data collected with this event is used to help keep Windows secure and up to date.
+
+The following fields are available:
+
+- **isOnAC**  The power source for AC or battery power.
+- **scanTriggerSource**  The source of a triggered scan.
+
+
 ### Microsoft.Windows.Update.Orchestrator.BlockedByActiveHours
 
-This event indicates that update activity was blocked because it is within the active hours window.
+This event indicates that update activity was blocked because it is within the active hours window. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -8297,7 +8567,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.BlockedByBatteryLevel
 
-This event indicates that Windows Update activity was blocked due to low battery level.
+This event indicates that Windows Update activity was blocked due to low battery level. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -8309,7 +8579,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.CommitFailed
 
-This event indicates that a device was unable to restart after an update.
+This event indicates that a device was unable to restart after an update. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -8319,7 +8589,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.DeferRestart
 
-This event indicates that a restart required for installing updates was postponed.
+This event indicates that a restart required for installing updates was postponed. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -8338,7 +8608,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.Detection
 
-This event indicates that a scan for a Windows Update occurred.
+This event sends launch data for a Windows Update scan to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -8380,7 +8650,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.DetectionResult
 
-This event runs when an update is detected. This helps ensure Windows is kept up to date.
+This event runs when an update is detected. This helps ensure Windows is secure and kept up to date.
 
 The following fields are available:
 
@@ -8393,7 +8663,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.DisplayNeeded
 
-This event indicates the reboot was postponed due to needing a display.
+This event indicates the reboot was postponed due to needing a display. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -8409,7 +8679,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.Download
 
-This event sends launch data for a Windows Update download to help keep Windows up to date.
+This event sends launch data for a Windows Update download to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -8426,7 +8696,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.DTUCompletedWhenWuFlightPendingCommit
 
-This event indicates that DTU completed installation of the electronic software delivery (ESD), when Windows Update was already in Pending Commit phase of the feature update.
+This event indicates that DTU completed installation of the electronic software delivery (ESD), when Windows Update was already in Pending Commit phase of the feature update. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -8435,7 +8705,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.DTUEnabled
 
-This event indicates that Inbox DTU functionality was enabled.
+This event indicates that Inbox DTU functionality was enabled. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -8444,7 +8714,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.DTUInitiated
 
-This event indicates that Inbox DTU functionality was intiated.
+This event indicates that Inbox DTU functionality was initiated. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -8455,7 +8725,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.EscalationRiskLevels
 
-This event is sent during update scan, download, or install, and indicates that the device is at risk of being out-of-date.
+This event is sent during update scan, download, or install, and indicates that the device is at risk of being out-of-date. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -8472,7 +8742,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.FailedToAddTimeTriggerToScanTask
 
-This event indicated that USO failed to add a trigger time to a task.
+This event indicated that USO failed to add a trigger time to a task. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -8482,7 +8752,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.FlightInapplicable
 
-This event sends data on whether the update was applicable to the device, to help keep Windows up to date.
+This event sends data on whether the update was applicable to the device. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -8499,7 +8769,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.InitiatingReboot
 
-This event sends data about an Orchestrator requesting a reboot from power management to help keep Windows up to date.
+This event sends data about an Orchestrator requesting a reboot from power management to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -8516,7 +8786,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.Install
 
-This event sends launch data for a Windows Update install to help keep Windows up to date.
+This event sends launch data for a Windows Update install to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -8542,7 +8812,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.LowUptimes
 
-This event is sent if a device is identified as not having sufficient uptime to reliably process updates in order to keep secure.
+This event is sent if a device is identified as not having sufficient uptime to reliably process updates in order to keep secure. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -8556,7 +8826,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.OneshotUpdateDetection
 
-This event returns data about scans initiated through settings UI, or background scans that are urgent; to help keep Windows up to date.
+This event returns data about scans initiated through settings UI, or background scans that are urgent; to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -8566,9 +8836,22 @@ The following fields are available:
 - **wuDeviceid**  The Windows Update Device GUID (Globally-Unique ID).
 
 
+### Microsoft.Windows.Update.Orchestrator.OobeUpdate
+
+This event sends data when Oobe Update download is in progress, to help keep Windows secure and up to date.
+
+The following fields are available:
+
+- **flightID**  A flight ID.
+- **revisionNumber**  A revision number.
+- **updateId**  An ID associated with an update.
+- **updateScenarioType**  A type of USO session.
+- **wuDeviceid**  A device Id associated with Windows Update.
+
+
 ### Microsoft.Windows.Update.Orchestrator.PostInstall
 
-This event sends data about lite stack devices (mobile, IOT, anything non-PC) immediately before data migration is launched to help keep Windows up to date.
+This event sends data about lite stack devices (mobile, IOT, anything non-PC) immediately before data migration is launched to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -8585,7 +8868,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.PreShutdownStart
 
-This event is generated before the shutdown and commit operations.
+This event is generated before the shutdown and commit operations. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -8594,7 +8877,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.RebootFailed
 
-This event sends information about whether an update required a reboot and reasons for failure, to help keep Windows up to date.
+This event sends information about whether an update required a reboot and reasons for failure, to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -8613,7 +8896,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.RefreshSettings
 
-This event sends basic data about the version of upgrade settings applied to the system to help keep Windows up to date.
+This event sends basic data about the version of upgrade settings applied to the system to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -8625,7 +8908,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.RestoreRebootTask
 
-This event sends data indicating that a reboot task is missing unexpectedly on a device and the task is restored because a reboot is still required, to help keep Windows up to date.
+This event sends data indicating that a reboot task is missing unexpectedly on a device and the task is restored because a reboot is still required, to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -8637,7 +8920,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.ScanTriggered
 
-This event indicates that Update Orchestrator has started a scan operation.
+This event indicates that Update Orchestrator has started a scan operation. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -8656,7 +8939,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.SeekerUpdateAvailable
 
-This event defines when an optional update is available for the device to help keep Windows up to date.
+This event defines when an optional update is available for the device to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -8669,7 +8952,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.SeekUpdate
 
-This event occurs when user initiates "seeker" scan. This helps keep Windows up to date.
+This event occurs when user initiates "seeker" scan. This helps keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -8682,7 +8965,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.StickUpdate
 
-This event is sent when the update service orchestrator (USO) indicates the update cannot be superseded by a newer update.
+This event is sent when the update service orchestrator (USO) indicates the update cannot be superseded by a newer update. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -8692,7 +8975,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.SystemNeeded
 
-This event sends data about why a device is unable to reboot, to help keep Windows up to date.
+This event sends data about why a device is unable to reboot, to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -8708,7 +8991,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.TerminatedByActiveHours
 
-This event indicates that update activity was stopped due to active hours starting.
+This event indicates that update activity was stopped due to active hours starting. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -8720,7 +9003,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.TerminatedByBatteryLevel
 
-This event is sent when update activity was stopped due to a low battery level.
+This event is sent when update activity was stopped due to a low battery level. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -8732,7 +9015,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.UnstickUpdate
 
-This event is sent when the update service orchestrator (USO) indicates that the update can be superseded by a newer update.
+This event is sent when the update service orchestrator (USO) indicates that the update can be superseded by a newer update. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -8742,7 +9025,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.UpdatePolicyCacheRefresh
 
-This event sends data on whether Update Management Policies were enabled on a device, to help keep Windows up to date.
+This event sends data on whether Update Management Policies were enabled on a device, to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -8755,7 +9038,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.UpdateRebootRequired
 
-This event sends data about whether an update required a reboot to help keep Windows up to date.
+This event sends data about whether an update required a reboot to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -8770,7 +9053,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.updateSettingsFlushFailed
 
-This event sends information about an update that encountered problems and was not able to complete.
+This event sends information about an update that encountered problems and was not able to complete. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -8780,7 +9063,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.UsoSession
 
-This event represents the state of the USO service at start and completion.
+This event represents the state of the USO service at start and completion. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -8796,7 +9079,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Ux.MusNotification.EnhancedEngagedRebootUxState
 
-This event sends information about the configuration of Enhanced Direct-to-Engaged (eDTE), which includes values for the timing of how eDTE will progress through each phase of the reboot.
+This event sends information about the configuration of Enhanced Direct-to-Engaged (eDTE), which includes values for the timing of how eDTE will progress through each phase of the reboot. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -8818,7 +9101,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Ux.MusNotification.RebootNoLongerNeeded
 
-This event is sent when a security update has successfully completed.
+This event is sent when a security update has successfully completed. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -8827,7 +9110,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Ux.MusNotification.RebootScheduled
 
-This event sends basic information about scheduling an update-related reboot, to get security updates and to help keep Windows up-to-date.
+This event sends basic information about scheduling an update-related reboot, to get security updates and to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -8847,7 +9130,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Ux.MusNotification.UxBrokerScheduledTask
 
-This event is sent when MUSE broker schedules a task.
+This event is sent when MUSE broker schedules a task. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -8857,7 +9140,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Ux.MusUpdateSettings.RebootScheduled
 
-This event sends basic information for scheduling a device restart to install security updates. It's used to help keep Windows up to date.
+This event sends basic information for scheduling a device restart to install security updates. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -8875,9 +9158,192 @@ The following fields are available:
 - **wuDeviceid**  The Windows Update device GUID.
 
 
+### Microsoft.Windows.UpdateHealthTools.ExpediteBlocked
+
+This event indicates that updates have been blocked requiring intervention. The data collected with this event is used to help keep Windows secure and up to date.
+
+The following fields are available:
+
+- **CV**  A correlation vector.
+- **ExpeditePolicyId**  The policy id of the expedite request.
+- **ExpediteUpdatesInProgress**  A list of update IDs in progress.
+- **GlobalEventCounter**  Counts the number of events for this provider.
+- **PackageVersion**  The package version of the label.
+
+
+### Microsoft.Windows.UpdateHealthTools.ExpediteCompleted
+
+This event indicates that the update has been completed. The data collected with this event is used to help keep Windows secure and up to date.
+
+The following fields are available:
+
+- **CV**  A correlation vector.
+- **ExpeditePolicyId**  The policy Id of the expedite request.
+- **ExpediteUpdatesInProgress**  The list of update IDs in progress.
+- **GlobalEventCounter**  Counts the number of events for this provider.
+- **PackageVersion**  The package version of the label.
+
+
+### Microsoft.Windows.UpdateHealthTools.ExpediteUpdaterAlreadyExpectedUbr
+
+This event indicates that the device is already on the required UBR. The data collected with this event is used to help keep Windows secure and up to date.
+
+The following fields are available:
+
+- **CV**  Correlation vector.
+- **ExpediteErrorBitMap**  Bit map value for any error code.
+- **ExpediteResult**  Boolean value for success or failure.
+- **ExpediteUpdaterCurrentUbr**  The ubr of the device.
+- **ExpediteUpdaterExpectedUbr**  The expected ubr of the device.
+- **ExpediteUpdaterPolicyRestoreResult**  HRESULT of the policy restore.
+- **GlobalEventCounter**  Counts the number of events for this provider.
+- **PackageVersion**  The package version label.
+
+
+### Microsoft.Windows.UpdateHealthTools.ExpediteUpdaterRebootComplete
+
+This event indicates that the device has completed the reboot after installing expected update. The data collected with this event is used to help keep Windows secure and up to date.
+
+The following fields are available:
+
+- **CV**  Correlation vector.
+- **ExpeditePolicyId**  The policy id of the expedite request.
+- **ExpediteResult**  Boolean value for success or failure.
+- **ExpediteUpdaterCurrentUbr**  The ubr of the device.
+- **ExpediteUpdaterOfferedUpdateId**  Update Id of the LCU expected to be expedited.
+- **ExpediteUpdaterPolicyRestoreResult**  HRESULT of the policy restore.
+- **GlobalEventCounter**  Counts the number of events for this provider.
+- **PackageVersion**  The package version label.
+
+
+### Microsoft.Windows.UpdateHealthTools.ExpediteUpdaterScanCompleted
+
+This event sends results of the expedite USO scan. The data collected with this event is used to help keep Windows secure and up to date.
+
+The following fields are available:
+
+- **CV**  Correlation vector.
+- **ExpediteErrorBitMap**  Bit map value for any error code.
+- **ExpediteResult**  Boolean value for success or failure.
+- **ExpediteUpdaterCurrentUbr**  The UBR of the device.
+- **ExpediteUpdaterExpectedUbr**  The expected UBR of the device.
+- **ExpediteUpdaterMonitorResult**  HRESULT of the USO monitoring.
+- **ExpediteUpdaterScanResult**  HRESULT of the expedite USO scan.
+- **ExpediteUpdaterUsoResult**  HRESULT of the USO initialization and resume API calls.
+- **GlobalEventCounter**  Counts the number of events for this provider.
+- **PackageVersion**  The package version label.
+- **UsoFrequencyKey**  Indicates whether the USO frequency key was found on the device (true/false).
+
+
+### Microsoft.Windows.UpdateHealthTools.ExpediteUpdaterScanStarted
+
+This event sends telemetry that USO scan has been started. The data collected with this event is used to help keep Windows secure and up to date.
+
+The following fields are available:
+
+- **CV**  Correlation vector.
+- **ExpediteErrorBitMap**  Bit map value for any error code.
+- **ExpediteResult**  Boolean value for success or failure.
+- **ExpediteUpdaterCurrentUbr**  The UBR of the device.
+- **ExpediteUpdaterExpectedUbr**  The expected UBR of the device.
+- **GlobalEventCounter**  Counts the number of events for this provider.
+- **PackageVersion**  The package version label.
+- **UsoFrequencyKey**  Indicates whether the USO frequency key was found on the device (true/false).
+
+
+### Microsoft.Windows.UpdateHealthTools.UnifiedInstallerEnd
+
+This event indicates that the unified installer has completed. The data collected with this event is used to help keep Windows secure and up to date.
+
+The following fields are available:
+
+- **CV**  Correlation vector.
+- **GlobalEventCounter**  The event counter for telemetry events on the device for currency tools.
+- **PackageVersion**  The package version label for currency tools.
+- **UnifiedInstallerInstallResult**  The final result code for the unified installer.
+- **UnifiedInstallerPlatformResult**  The result code from determination of the platform type.
+- **UnifiedInstallerPlatformType**  The enum indicating the platform type.
+
+
+### Microsoft.Windows.UpdateHealthTools.UnifiedInstallerStart
+
+This event indicates that the installation has started for the unified installer. The data collected with this event is used to help keep Windows secure and up to date.
+
+The following fields are available:
+
+- **CV**  The correlation vector.
+- **GlobalEventCounter**  Counts the events at the global level for telemetry.
+- **PackageVersion**  The package version for currency tools.
+- **UnifiedInstallerDeviceAADJoinedHresult**  The result code after checking if device is AAD joined.
+- **UnifiedInstallerDeviceInDssPolicy**  Boolean indicating whether the device is found to be in a DSS policy.
+- **UnifiedInstallerDeviceInDssPolicyHresult**  The result code for checking whether the device is found to be in a DSS policy.
+- **UnifiedInstallerDeviceIsAADJoined**  Boolean indicating whether a device is AADJ.
+- **UnifiedInstallerDeviceIsAdJoined**  Boolean indicating whether a device is AD joined.
+- **UnifiedInstallerDeviceIsAdJoinedHresult**  The result code for checking whether a device is AD joined.
+- **UnifiedInstallerDeviceIsEducationSku**  Boolean indicating whether a device is Education SKU.
+- **UnifiedInstallerDeviceIsEducationSkuHresult**  The result code from checking whether a device is Education SKU.
+- **UnifiedInstallerDeviceIsEnterpriseSku**  Boolean indicating whether a device is Enterprise SKU.
+- **UnifiedInstallerDeviceIsEnterpriseSkuHresult**  The result code from checking whether a device is Enterprise SKU.
+- **UnifiedInstallerDeviceIsHomeSku**  Boolean indicating whether a device is Home SKU.
+- **UnifiedInstallerDeviceIsMdmManaged**  Boolean indicating whether a device is MDM managed.
+- **UnifiedInstallerDeviceIsMdmManagedHresult**  The result code from checking whether a device is MDM managed.
+- **UnifiedInstallerDeviceIsProSku**  Boolean indicating whether a device is Pro SKU.
+- **UnifiedInstallerDeviceIsProSkuHresult**  The result code from checking whether a device is Pro SKU.
+- **UnifiedInstallerDeviceIsSccmManaged**  Boolean indicating whether a device is SCCM managed.
+- **UnifiedInstallerDeviceIsSccmManagedHresult**  The result code from checking whether a device is SCCM managed.
+- **UnifiedInstallerDeviceWufbManaged**  Boolean indicating whether a device is Wufb managed.
+- **UnifiedInstallerDeviceWufbManagedHresult**  The result code from checking whether a device is Wufb managed.
+- **UnifiedInstallerPlatformResult**  The result code from checking what platform type the device is.
+- **UnifiedInstallerPlatformType**  The enum indicating the type of platform detected.
+- **UnifiedInstUnifiedInstallerDeviceIsHomeSkuHresultllerDeviceIsHomeSku**  The result code from checking whether a device is Home SKU.
+
+
+### Microsoft.Windows.UpdateHealthTools.UpdateHealthToolsDeviceInformationUploaded
+
+This event is received when the UpdateHealthTools service uploads device information. The data collected with this event is used to help keep Windows secure and up to date.
+
+The following fields are available:
+
+- **CV**  Correlation vector.
+- **GlobalEventCounter**  Client side counter which indicates ordering of events sent by this user.
+- **PackageVersion**  Current package version of remediation.
+- **UpdateHealthToolsDeviceUbrChanged**  1 if the Ubr just changed, 0 otherwise.
+- **UpdateHealthToolsDeviceUri**  The URI to be used for push notifications on this device.
+
+
+### Microsoft.Windows.UpdateHealthTools.UpdateHealthToolsPushNotificationCompleted
+
+This event is received when a push notification has been completed by the UpdateHealthTools service. The data collected with this event is used to help keep Windows secure and up to date.
+
+The following fields are available:
+
+- **CV**  Correlation vector.
+- **GlobalEventCounter**  Client side counter which indicates ordering of events sent by this user.
+- **PackageVersion**  Current package version of UpdateHealthTools.
+- **UpdateHealthToolsEnterpriseActionResult**  The HRESULT return by the enterprise action.
+- **UpdateHealthToolsEnterpriseActionType**  Enum describing the type of action requested by the push.
+
+
+### Microsoft.Windows.UpdateHealthTools.UpdateHealthToolsPushNotificationReceived
+
+This event is received when the UpdateHealthTools service receives a push notification. The data collected with this event is used to help keep Windows secure and up to date.
+
+The following fields are available:
+
+- **CV**  Correlation vector.
+- **GlobalEventCounter**  Client side counter which indicates ordering of events sent by this user.
+- **PackageVersion**  Current package version of UpdateHealthTools.
+- **UpdateHealthToolsDeviceUri**  The URI to be used for push notifications on this device.
+- **UpdateHealthToolsEnterpriseActionType**  Enum describing the type of action requested by the push.
+- **UpdateHealthToolsPushCurrentChannel**  The channel used to receive notification.
+- **UpdateHealthToolsPushCurrentRequestId**  The request ID for the push.
+- **UpdateHealthToolsPushCurrentResults**  The results from the push request.
+- **UpdateHealthToolsPushCurrentStep**  The current step for the push notification.
+
+
 ### Microsoft.Windows.UpdateHealthTools.UpdateHealthToolsPushNotificationStatus
 
-This event is received when there is status on a push notification.
+This event is received when there is status on a push notification. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -8891,11 +9357,33 @@ The following fields are available:
 - **UpdateHealthToolsPushCurrentStep**  The current step for the push notification
 
 
+### Microsoft.Windows.UpdateHealthTools.UpdateHealthToolsServiceBlockedByNoAADJoin
+
+This event indicates that the device is not AAD joined so service stops. The data collected with this event is used to help keep Windows secure and up to date.
+
+The following fields are available:
+
+- **CV**  Correlation vector.
+- **GlobalEventCounter**  Client side counter which indicates ordering of events sent by this user.
+- **PackageVersion**  Current package version of UpdateHealthTools.
+
+
+### Microsoft.Windows.UpdateHealthTools.UpdateHealthToolsServiceStarted
+
+This event is sent when the service first starts. It is a heartbeat indicating that the service is available on the device. The data collected with this event is used to help keep Windows secure and up to date.
+
+The following fields are available:
+
+- **CV**  Correlation vector.
+- **GlobalEventCounter**  Client side counter which indicates ordering of events sent by this user.
+- **PackageVersion**  Current package version of remediation.
+
+
 ## Windows Update mitigation events
 
 ### Mitigation360Telemetry.MitigationCustom.CleanupSafeOsImages
 
-This event sends data specific to the CleanupSafeOsImages mitigation used for OS Updates.
+This event sends data specific to the CleanupSafeOsImages mitigation used for OS Updates. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -8919,7 +9407,7 @@ The following fields are available:
 
 ### Mitigation360Telemetry.MitigationCustom.FixAppXReparsePoints
 
-This event sends data specific to the FixAppXReparsePoints mitigation used for OS updates.
+This event sends data specific to the FixAppXReparsePoints mitigation used for OS updates. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -8941,7 +9429,7 @@ The following fields are available:
 
 ### Mitigation360Telemetry.MitigationCustom.FixupEditionId
 
-This event sends data specific to the FixupEditionId mitigation used for OS updates.
+This event sends data specific to the FixupEditionId mitigation used for OS updates. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -8962,11 +9450,32 @@ The following fields are available:
 - **WuId**  Unique ID for the Windows Update client.
 
 
+### Mitigation360Telemetry.MitigationCustom.FixupWimmountSysPath
+
+This event sends data specific to the FixupWimmountSysPath mitigation used for OS Updates. The data collected with this event is used to help keep Windows up to date.
+
+The following fields are available:
+
+- **ClientId**  In the WU scenario, this will be the WU client ID that is passed to Setup. In Media setup, default value is Media360, but can be overwritten by the caller to a unique value.
+- **FlightId**  Unique identifier for each flight.
+- **ImagePathDefault**  Default path to wimmount.sys driver defined in the system registry.
+- **ImagePathFixedup**  Boolean indicating whether the wimmount.sys driver path was fixed by this mitigation.
+- **InstanceId**  Unique GUID that identifies each instances of setuphost.exe.
+- **MitigationScenario**  The update scenario in which the mitigations were attempted.
+- **RelatedCV**  Correlation vector value.
+- **Result**  HResult of this operation.
+- **ScenarioId**  Setup360 flow type.
+- **ScenarioSupported**  Whether the updated scenario that was passed in was supported.
+- **SessionId**  The UpdateAgent “SessionId” value.
+- **UpdateId**  Unique identifier for the Update.
+- **WuId**  Unique identifier for the Windows Update client.
+
+
 ## Windows Update Reserve Manager events
 
 ### Microsoft.Windows.UpdateReserveManager.CommitPendingHardReserveAdjustment
 
-This event is sent when the Update Reserve Manager commits a hard reserve adjustment that was pending.
+This event is sent when the Update Reserve Manager commits a hard reserve adjustment that was pending. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -8976,7 +9485,7 @@ The following fields are available:
 
 ### Microsoft.Windows.UpdateReserveManager.FunctionReturnedError
 
-This event is sent when the Update Reserve Manager returns an error from one of its internal functions.
+This event is sent when the Update Reserve Manager returns an error from one of its internal functions. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -8989,7 +9498,7 @@ The following fields are available:
 
 ### Microsoft.Windows.UpdateReserveManager.InitializeUpdateReserveManager
 
-This event returns data about the Update Reserve Manager, including whether it’s been initialized.
+This event returns data about the Update Reserve Manager, including whether it’s been initialized. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -9004,7 +9513,7 @@ The following fields are available:
 
 ### Microsoft.Windows.UpdateReserveManager.PrepareTIForReserveInitialization
 
-This event is sent when the Update Reserve Manager prepares the Trusted Installer to initialize reserves on the next boot.
+This event is sent when the Update Reserve Manager prepares the Trusted Installer to initialize reserves on the next boot. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -9014,13 +9523,13 @@ The following fields are available:
 
 ### Microsoft.Windows.UpdateReserveManager.RemovePendingHardReserveAdjustment
 
-This event is sent when the Update Reserve Manager removes a pending hard reserve adjustment.
+This event is sent when the Update Reserve Manager removes a pending hard reserve adjustment. The data collected with this event is used to help keep Windows secure and up to date.
 
 
 
 ### Microsoft.Windows.UpdateReserveManager.UpdatePendingHardReserveAdjustment
 
-This event is sent when the Update Reserve Manager needs to adjust the size of the hard reserve after the option content is installed.
+This event is sent when the Update Reserve Manager needs to adjust the size of the hard reserve after the option content is installed. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
diff --git a/windows/privacy/basic-level-windows-diagnostic-events-and-fields-1903.md b/windows/privacy/basic-level-windows-diagnostic-events-and-fields-1903.md
index adb454d3a2..1623bf2d24 100644
--- a/windows/privacy/basic-level-windows-diagnostic-events-and-fields-1903.md
+++ b/windows/privacy/basic-level-windows-diagnostic-events-and-fields-1903.md
@@ -13,7 +13,7 @@ manager: dansimp
 ms.collection: M365-security-compliance
 ms.topic: article
 audience: ITPro
-ms.date: 03/27/2020
+ms.date: 09/30/2020
 ---
 
 
@@ -38,7 +38,7 @@ Use this article to learn about diagnostic events, grouped by event area, and th
 
 You can learn more about Windows functional and diagnostic data through these articles:
 
-
+- [Windows 10, version 2004 and Windows 10, version 20H2 required Windows diagnostic events and fields](required-windows-diagnostic-data-events-and-fields-2004.md)
 - [Windows 10, version 1809 basic diagnostic events and fields](basic-level-windows-diagnostic-events-and-fields-1809.md)
 - [Windows 10, version 1803 basic diagnostic events and fields](basic-level-windows-diagnostic-events-and-fields-1803.md)
 - [Windows 10, version 1709 basic diagnostic events and fields](basic-level-windows-diagnostic-events-and-fields-1709.md)
@@ -266,7 +266,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.ChecksumTotalPictureCount
 
-This event lists the types of objects and how many of each exist on the client device. This allows for a quick way to ensure that the records present on the server match what is present on the client.
+This event lists the types of objects and how many of each exist on the client device. This allows for a quick way to ensure that the records present on the server match what is present on the client. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -486,6 +486,7 @@ The following fields are available:
 - **DecisionSystemBios_TH1**  The count of the number of this particular object type present on this device.
 - **DecisionSystemBios_TH2**  The count of the number of this particular object type present on this device.
 - **DecisionSystemProcessor_RS2**  The count of the number of this particular object type present on this device.
+- **DecisionTest_20H1**  The count of the number of this particular object type present on this device.
 - **DecisionTest_20H1Setup**  The count of the number of this particular object type present on this device.
 - **DecisionTest_21H1**  The count of the number of this particular object type present on this device.
 - **DecisionTest_21H1Setup**  The count of the number of this particular object type present on this device.
@@ -530,7 +531,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DatasourceApplicationFileAdd
 
-Represents the basic metadata about specific application files installed on the system.
+This event represents the basic metadata about specific application files installed on the system. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -548,7 +549,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DatasourceApplicationFileRemove
 
-This event indicates that the DatasourceApplicationFile object is no longer present.
+This event indicates that the DatasourceApplicationFile object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -559,7 +560,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DatasourceApplicationFileStartSync
 
-This event indicates that a new set of DatasourceApplicationFileAdd events will be sent.
+This event indicates that a new set of DatasourceApplicationFileAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -578,12 +579,7 @@ The following fields are available:
 
 - **ActiveNetworkConnection**  Indicates whether the device is an active network device.
 - **AppraiserVersion**  The version of the appraiser file generating the events.
-- **CosDeviceRating**  An enumeration that indicates if there is a driver on the target operating system.
-- **CosDeviceSolution**  An enumeration that indicates how a driver on the target operating system is available.
-- **CosDeviceSolutionUrl**  Microsoft.Windows.Appraiser.General.DatasourceDevicePnpAdd . Empty string
-- **CosPopulatedFromId**  The expected uplevel driver matching ID based on driver coverage data.
 - **IsBootCritical**  Indicates whether the device boot is critical.
-- **UplevelInboxDriver**  Indicates whether there is a driver uplevel for this device.
 - **WuDriverCoverage**  Indicates whether there is a driver uplevel for this device, according to Windows Update.
 - **WuDriverUpdateId**  The Windows Update ID of the applicable uplevel driver.
 - **WuPopulatedFromId**  The expected uplevel driver matching ID based on driver coverage from Windows Update.
@@ -591,7 +587,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DatasourceDevicePnpRemove
 
-This event indicates that the DatasourceDevicePnp object is no longer present.
+This event indicates that the DatasourceDevicePnp object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -602,7 +598,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DatasourceDevicePnpStartSync
 
-This event indicates that a new set of DatasourceDevicePnpAdd events will be sent.
+This event indicates that a new set of DatasourceDevicePnpAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -624,7 +620,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DatasourceDriverPackageRemove
 
-This event indicates that the DatasourceDriverPackage object is no longer present.
+This event indicates that the DatasourceDriverPackage object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -635,7 +631,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DatasourceDriverPackageStartSync
 
-This event indicates that a new set of DatasourceDriverPackageAdd events will be sent.
+This event indicates that a new set of DatasourceDriverPackageAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -656,9 +652,20 @@ The following fields are available:
 - **ResolveAttempted**  This will always be an empty string when sending diagnostic data.
 
 
+### Microsoft.Windows.Appraiser.General.DataSourceMatchingInfoBlockRemove
+
+This event indicates that the DataSourceMatchingInfoBlock object is no longer present. The data collected with this event is used to help keep Windows up to date.
+
+This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
+
+The following fields are available:
+
+- **AppraiserVersion**  The version of the Appraiser file that is generating the events.
+
+
 ### Microsoft.Windows.Appraiser.General.DataSourceMatchingInfoBlockStartSync
 
-This event indicates that a full set of DataSourceMatchingInfoBlockStAdd events have been sent.
+This event indicates that a full set of DataSourceMatchingInfoBlockStAdd events has completed being sent. This event is used to make compatibility decisions about files to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -678,9 +685,20 @@ The following fields are available:
 - **AppraiserVersion**  The version of the appraiser file generating the events.
 
 
+### Microsoft.Windows.Appraiser.General.DataSourceMatchingInfoPassiveRemove
+
+This event indicates that the DataSourceMatchingInfoPassive object is no longer present. The data collected with this event is used to help keep Windows up to date.
+
+This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
+
+The following fields are available:
+
+- **AppraiserVersion**  The version of the Appraiser file that is generating the events.
+
+
 ### Microsoft.Windows.Appraiser.General.DataSourceMatchingInfoPassiveStartSync
 
-This event indicates that a new set of DataSourceMatchingInfoPassiveAdd events will be sent.
+This event indicates that a new set of DataSourceMatchingInfoPassiveAdd events will be sent. This event is used to make compatibility decisions about files to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -700,9 +718,20 @@ The following fields are available:
 - **AppraiserVersion**  The version of the appraiser file generating the events.
 
 
+### Microsoft.Windows.Appraiser.General.DataSourceMatchingInfoPostUpgradeRemove
+
+This event indicates that the DataSourceMatchingInfoPostUpgrade object is no longer present. The data collected with this event is used to help keep Windows up to date.
+
+This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
+
+The following fields are available:
+
+- **AppraiserVersion**  The version of the Appraiser file that is generating the events.
+
+
 ### Microsoft.Windows.Appraiser.General.DataSourceMatchingInfoPostUpgradeStartSync
 
-This event indicates that a new set of DataSourceMatchingInfoPostUpgradeAdd events will be sent.
+This event indicates that a new set of DataSourceMatchingInfoPostUpgradeAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -722,9 +751,20 @@ The following fields are available:
 - **AppraiserVersion**  The version of the Appraiser file generating the events.
 
 
+### Microsoft.Windows.Appraiser.General.DatasourceSystemBiosRemove
+
+This event indicates that the DatasourceSystemBios object is no longer present. The data collected with this event is used to help keep Windows up to date.
+
+This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
+
+The following fields are available:
+
+- **AppraiserVersion**  The version of the Appraiser file that is generating the events.
+
+
 ### Microsoft.Windows.Appraiser.General.DatasourceSystemBiosStartSync
 
-This event indicates that a new set of DatasourceSystemBiosAdd events will be sent.
+This event indicates that a new set of DatasourceSystemBiosAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -765,7 +805,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DecisionApplicationFileRemove
 
-This event indicates that the DecisionApplicationFile object is no longer present.
+This event indicates that the DecisionApplicationFile object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -776,7 +816,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DecisionApplicationFileStartSync
 
-This event indicates that a new set of DecisionApplicationFileAdd events will be sent.
+This event indicates that a new set of DecisionApplicationFileAdd events will be sent. This event is used to make compatibility decisions about a file to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -814,7 +854,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DecisionDevicePnpRemove
 
-This event indicates that the DecisionDevicePnp object is no longer present.
+This event Indicates that the DecisionDevicePnp object represented by the objectInstanceId is no longer present. This event is used to make compatibility decisions about PNP devices to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -825,7 +865,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DecisionDevicePnpStartSync
 
-The DecisionDevicePnpStartSync event indicates that a new set of DecisionDevicePnpAdd events will be sent.
+This event indicates that a new set of DecisionDevicePnpAdd events will be sent. This event is used to make compatibility decisions about PNP devices to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -847,14 +887,13 @@ The following fields are available:
 - **DriverBlockOverridden**  Does the driver package have an SDB block that blocks it from migrating, but that block has been overridden?
 - **DriverIsDeviceBlocked**  Was the driver package was blocked because of a device block?
 - **DriverIsDriverBlocked**  Is the driver package blocked because of a driver block?
-- **DriverIsTroubleshooterBlocked**  Indicates whether the driver package is blocked because of a troubleshooter block.
 - **DriverShouldNotMigrate**  Should the driver package be migrated during upgrade?
 - **SdbDriverBlockOverridden**  Does the driver package have an SDB block that blocks it from migrating, but that block has been overridden?
 
 
 ### Microsoft.Windows.Appraiser.General.DecisionDriverPackageRemove
 
-This event indicates that the DecisionDriverPackage object is no longer present.
+This event indicates that the DecisionDriverPackage object represented by the objectInstanceId is no longer present. This event is used to make compatibility decisions about driver packages to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -865,7 +904,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DecisionDriverPackageStartSync
 
-This event indicates that a new set of DecisionDriverPackageAdd events will be sent.
+The DecisionDriverPackageStartSync event indicates that a new set of DecisionDriverPackageAdd events will be sent. This event is used to make compatibility decisions about driver packages to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -893,9 +932,20 @@ The following fields are available:
 - **SdbReinstallUpgradeWarn**  The file is tagged as needing to be reinstalled after upgrade with a warning in the SDB. It does not block upgrade.
 
 
+### Microsoft.Windows.Appraiser.General.DecisionMatchingInfoBlockRemove
+
+This event indicates that the DecisionMatchingInfoBlock object is no longer present. The data collected with this event is used to help keep Windows up to date.
+
+This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
+
+The following fields are available:
+
+- **AppraiserVersion**  The version of the Appraiser file that is generating the events.
+
+
 ### Microsoft.Windows.Appraiser.General.DecisionMatchingInfoBlockStartSync
 
-This event indicates that a new set of DecisionMatchingInfoBlockAdd events will be sent.
+This event indicates that a new set of DecisionMatchingInfoBlockAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -920,7 +970,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DecisionMatchingInfoPassiveStartSync
 
-This event indicates that a new set of DecisionMatchingInfoPassiveAdd events will be sent.
+This event indicates that a new set of DecisionMatchingInfoPassiveAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -944,9 +994,20 @@ The following fields are available:
 - **SdbReinstallUpgrade**  The file is tagged as needing to be reinstalled after upgrade in the compatibility database (but is not blocking upgrade).
 
 
+### Microsoft.Windows.Appraiser.General.DecisionMatchingInfoPostUpgradeRemove
+
+This event indicates that the DecisionMatchingInfoPostUpgrade object is no longer present. The data collected with this event is used to help keep Windows up to date.
+
+This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
+
+The following fields are available:
+
+- **AppraiserVersion**  The version of the Appraiser file that is generating the events.
+
+
 ### Microsoft.Windows.Appraiser.General.DecisionMatchingInfoPostUpgradeStartSync
 
-This event indicates that a new set of DecisionMatchingInfoPostUpgradeAdd events will be sent.
+This event indicates that a new set of DecisionMatchingInfoPostUpgradeAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -972,9 +1033,20 @@ The following fields are available:
 - **NeedsDismissAction**  Are there any actions that can be dismissed coming from Windows Media Center?
 
 
+### Microsoft.Windows.Appraiser.General.DecisionMediaCenterRemove
+
+This event indicates that the DecisionMediaCenter object is no longer present. The data collected with this event is used to help keep Windows up to date.
+
+This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
+
+The following fields are available:
+
+- **AppraiserVersion**  The version of the Appraiser file that is generating the events.
+
+
 ### Microsoft.Windows.Appraiser.General.DecisionMediaCenterStartSync
 
-This event indicates that a new set of DecisionMediaCenterAdd events will be sent.
+This event indicates that a new set of DecisionMediaCenterAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -997,9 +1069,9 @@ The following fields are available:
 - **HasBiosBlock**  Does the device have a BIOS block?
 
 
-### Microsoft.Windows.Appraiser.General.DecisionSystemBiosStartSync
+### Microsoft.Windows.Appraiser.General.DecisionSystemBiosRemove
 
-This event indicates that a new set of DecisionSystemBiosAdd events will be sent.
+This event indicates that the DecisionSystemBios object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1008,6 +1080,30 @@ The following fields are available:
 - **AppraiserVersion**  The version of the Appraiser file that is generating the events.
 
 
+### Microsoft.Windows.Appraiser.General.DecisionSystemBiosStartSync
+
+This event indicates that a new set of DecisionSystemBiosAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
+
+This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
+
+The following fields are available:
+
+- **AppraiserVersion**  The version of the Appraiser file that is generating the events.
+
+
+### Microsoft.Windows.Appraiser.General.DecisionTestAdd
+
+This event provides diagnostic data for testing decision add events. The data collected with this event is used to help keep Windows up to date.
+
+This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
+
+The following fields are available:
+
+- **AppraiserVersion**  The version of the appraiser binary generating the events.
+- **TestDecisionDataPoint1**  Test data point 1.
+- **TestDecisionDataPoint2**  Test data point 2.
+
+
 ### Microsoft.Windows.Appraiser.General.DecisionTestRemove
 
 This event provides data that allows testing of “Remove” decisions to help keep Windows up to date.
@@ -1046,7 +1142,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.InventoryApplicationFileAdd
 
-This event represents the basic metadata about a file on the system.  The file must be part of an app and either have a block in the compatibility database or be part of an antivirus program.
+This event represents the basic metadata about a file on the system.  The file must be part of an app and either have a block in the compatibility database or be part of an antivirus program. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1075,7 +1171,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.InventoryApplicationFileRemove
 
-This event indicates that the InventoryApplicationFile object is no longer present.
+This event indicates that the InventoryApplicationFile object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1086,7 +1182,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.InventoryApplicationFileStartSync
 
-This event indicates that a new set of InventoryApplicationFileAdd events will be sent.
+This event indicates that a new set of InventoryApplicationFileAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1110,7 +1206,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.InventoryLanguagePackRemove
 
-This event indicates that the InventoryLanguagePack object is no longer present.
+This event indicates that the InventoryLanguagePack object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1121,7 +1217,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.InventoryLanguagePackStartSync
 
-This event indicates that a new set of InventoryLanguagePackAdd events will be sent.
+This event indicates that a new set of InventoryLanguagePackAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1150,7 +1246,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.InventoryMediaCenterRemove
 
-This event indicates that the InventoryMediaCenter object is no longer present.
+This event indicates that the InventoryMediaCenter object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1161,7 +1257,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.InventoryMediaCenterStartSync
 
-This event indicates that a new set of InventoryMediaCenterAdd events will be sent.
+This event indicates that a new set of InventoryMediaCenterAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1172,7 +1268,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.InventorySystemBiosAdd
 
-This event sends basic metadata about the BIOS to determine whether it has a compatibility block.
+This event sends basic metadata about the BIOS to determine whether it has a compatibility block. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1185,9 +1281,20 @@ The following fields are available:
 - **Model**  The model field from Win32_ComputerSystem.
 
 
+### Microsoft.Windows.Appraiser.General.InventorySystemBiosRemove
+
+This event indicates that the InventorySystemBios object is no longer present. The data collected with this event is used to help keep Windows up to date.
+
+This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
+
+The following fields are available:
+
+- **AppraiserVersion**  The version of the Appraiser file that is generating the events.
+
+
 ### Microsoft.Windows.Appraiser.General.InventorySystemBiosStartSync
 
-This event indicates that a new set of InventorySystemBiosAdd events will be sent.
+This event indicates that a new set of InventorySystemBiosAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1198,7 +1305,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.InventorySystemProcessorEndSync
 
-This event indicates that a full set of InventorySystemProcessorAdd events has been sent.
+This event indicates that a full set of InventorySystemProcessorAdd events has been sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1209,7 +1316,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.InventorySystemProcessorStartSync
 
-This event indicates that a new set of InventorySystemProcessorAdd events will be sent.
+This event indicates that a new set of InventorySystemProcessorAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1218,6 +1325,19 @@ The following fields are available:
 - **AppraiserVersion**  The version of the Appraiser binary (executable) generating the events.
 
 
+### Microsoft.Windows.Appraiser.General.InventoryTestAdd
+
+This event provides diagnostic data for testing event adds.
+
+This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
+
+The following fields are available:
+
+- **AppraiserVersion**  The version of the component sending the data.
+- **TestInvDataPoint1**  Test inventory data point 1.
+- **TestInvDataPoint2**  Test inventory data point 2.
+
+
 ### Microsoft.Windows.Appraiser.General.InventoryTestRemove
 
 This event provides data that allows testing of “Remove” decisions to help keep Windows up to date.
@@ -1242,7 +1362,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.InventoryUplevelDriverPackageAdd
 
-This event is only runs during setup. It provides a listing of the uplevel driver packages that were downloaded before the upgrade. Is critical to understanding if failures in setup can be traced to not having sufficient uplevel drivers before the upgrade.
+This event runs only during setup. It provides a listing of the uplevel driver packages that were downloaded before the upgrade. It is critical in understanding if failures in setup can be traced to not having sufficient uplevel drivers before the upgrade. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1267,7 +1387,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.InventoryUplevelDriverPackageRemove
 
-This event indicates that the InventoryUplevelDriverPackage object is no longer present.
+This event indicates that the InventoryUplevelDriverPackage object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1278,7 +1398,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.InventoryUplevelDriverPackageStartSync
 
-This event indicates that a new set of InventoryUplevelDriverPackageAdd events will be sent.
+This event indicates that a new set of InventoryUplevelDriverPackageAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1289,7 +1409,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.RunContext
 
-This event indicates what should be expected in the data payload.
+This event is sent at the beginning of an appraiser run, the RunContext indicates what should be expected in the following data payload. This event is used with the other Appraiser events to make compatibility decisions to keep Windows up to date.
 
 The following fields are available:
 
@@ -1321,9 +1441,20 @@ The following fields are available:
 - **virtualKB**  The amount of virtual memory (in KB).
 
 
+### Microsoft.Windows.Appraiser.General.SystemMemoryRemove
+
+This event that the SystemMemory object is no longer present. The data collected with this event is used to help keep Windows up to date.
+
+This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
+
+The following fields are available:
+
+- **AppraiserVersion**  The version of the Appraiser file that is generating the events.
+
+
 ### Microsoft.Windows.Appraiser.General.SystemMemoryStartSync
 
-This event indicates that a new set of SystemMemoryAdd events will be sent.
+This event indicates that a new set of SystemMemoryAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1345,9 +1476,20 @@ The following fields are available:
 - **CompareExchange128Support**  Does the CPU support CompareExchange128?
 
 
+### Microsoft.Windows.Appraiser.General.SystemProcessorCompareExchangeRemove
+
+This event indicates that the SystemProcessorCompareExchange object is no longer present. The data collected with this event is used to help keep Windows up to date.
+
+This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
+
+The following fields are available:
+
+- **AppraiserVersion**  The version of the Appraiser file that is generating the events.
+
+
 ### Microsoft.Windows.Appraiser.General.SystemProcessorCompareExchangeStartSync
 
-This event indicates that a new set of SystemProcessorCompareExchangeAdd events will be sent.
+This event indicates that a new set of SystemProcessorCompareExchangeAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1369,9 +1511,20 @@ The following fields are available:
 - **LahfSahfSupport**  Does the CPU support LAHF/SAHF?
 
 
+### Microsoft.Windows.Appraiser.General.SystemProcessorLahfSahfRemove
+
+This event indicates that the SystemProcessorLahfSahf object is no longer present. The data collected with this event is used to help keep Windows up to date.
+
+This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
+
+The following fields are available:
+
+- **AppraiserVersion**  The version of the Appraiser file that is generating the events.
+
+
 ### Microsoft.Windows.Appraiser.General.SystemProcessorLahfSahfStartSync
 
-This event indicates that a new set of SystemProcessorLahfSahfAdd events will be sent.
+This event indicates that a new set of SystemProcessorLahfSahfAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1394,9 +1547,20 @@ The following fields are available:
 - **NXProcessorSupport**  Does the processor support NX?
 
 
+### Microsoft.Windows.Appraiser.General.SystemProcessorNxRemove
+
+This event indicates that the SystemProcessorNx object is no longer present. The data collected with this event is used to help keep Windows up to date.
+
+This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
+
+The following fields are available:
+
+- **AppraiserVersion**  The version of the Appraiser file that is generating the events.
+
+
 ### Microsoft.Windows.Appraiser.General.SystemProcessorNxStartSync
 
-This event  indicates that a new set of SystemProcessorNxAdd events will be sent.
+This event  indicates that a new set of SystemProcessorNxAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1418,9 +1582,20 @@ The following fields are available:
 - **PrefetchWSupport**  Does the processor support PrefetchW?
 
 
+### Microsoft.Windows.Appraiser.General.SystemProcessorPrefetchWRemove
+
+This event indicates that the SystemProcessorPrefetchW object is no longer present. The data collected with this event is used to help keep Windows up to date.
+
+This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
+
+The following fields are available:
+
+- **AppraiserVersion**  The version of the Appraiser file that is generating the events.
+
+
 ### Microsoft.Windows.Appraiser.General.SystemProcessorPrefetchWStartSync
 
-This event indicates that a new set of SystemProcessorPrefetchWAdd events will be sent.
+This event indicates that a new set of SystemProcessorPrefetchWAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1442,9 +1617,20 @@ The following fields are available:
 - **SSE2ProcessorSupport**  Does the processor support SSE2?
 
 
+### Microsoft.Windows.Appraiser.General.SystemProcessorSse2Remove
+
+This event indicates that the SystemProcessorSse2 object is no longer present. The data collected with this event is used to help keep Windows up to date.
+
+This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
+
+The following fields are available:
+
+- **AppraiserVersion**  The version of the Appraiser file that is generating the events.
+
+
 ### Microsoft.Windows.Appraiser.General.SystemProcessorSse2StartSync
 
-This event indicates that a new set of SystemProcessorSse2Add events will be sent.
+This event indicates that a new set of SystemProcessorSse2Add events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1466,9 +1652,20 @@ The following fields are available:
 - **MaximumTouches**  The maximum number of touch points supported by the device hardware.
 
 
+### Microsoft.Windows.Appraiser.General.SystemTouchRemove
+
+This event indicates that the SystemTouch object is no longer present. The data collected with this event is used to help keep Windows up to date.
+
+This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
+
+The following fields are available:
+
+- **AppraiserVersion**  The version of the Appraiser file that is generating the events.
+
+
 ### Microsoft.Windows.Appraiser.General.SystemTouchStartSync
 
-This event indicates that a new set of SystemTouchAdd events will be sent.
+This event indicates that a new set of SystemTouchAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1490,9 +1687,20 @@ The following fields are available:
 - **RegistryWimBootValue**  The raw value from the registry that is used to indicate if the device is running from a WIM.
 
 
+### Microsoft.Windows.Appraiser.General.SystemWimRemove
+
+This event indicates that the SystemWim object is no longer present. The data collected with this event is used to help keep Windows up to date.
+
+This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
+
+The following fields are available:
+
+- **AppraiserVersion**  The version of the Appraiser file that is generating the events.
+
+
 ### Microsoft.Windows.Appraiser.General.SystemWimStartSync
 
-This event indicates that a new set of SystemWimAdd events will be sent.
+This event indicates that a new set of SystemWimAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1516,7 +1724,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.SystemWindowsActivationStatusRemove
 
-This event indicates that the SystemWindowsActivationStatus object is no longer present.
+This event indicates that the SystemWindowsActivationStatus object is no longer present. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1527,7 +1735,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.SystemWindowsActivationStatusStartSync
 
-This event indicates that a new set of SystemWindowsActivationStatusAdd events will be sent.
+This event indicates that a new set of SystemWindowsActivationStatusAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1553,9 +1761,20 @@ The following fields are available:
 - **WlanNativeDriver**  Does the device have a non-emulated WLAN driver?
 
 
+### Microsoft.Windows.Appraiser.General.SystemWlanRemove
+
+This event indicates that the SystemWlan object is no longer present. The data collected with this event is used to help keep Windows up to date.
+
+This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
+
+The following fields are available:
+
+- **AppraiserVersion**  The version of the Appraiser file that is generating the events.
+
+
 ### Microsoft.Windows.Appraiser.General.SystemWlanStartSync
 
-This event indicates that a new set of SystemWlanAdd events will be sent.
+This event indicates that a new set of SystemWlanAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1576,6 +1795,8 @@ The following fields are available:
 - **AppraiserVersion**  The file version (major, minor and build) of the Appraiser DLL, concatenated without dots.
 - **AuxFinal**  Obsolete, always set to false.
 - **AuxInitial**  Obsolete, indicates if Appraiser is writing data files to be read by the Get Windows 10 app.
+- **CountCustomSdbs**  The number of custom Sdbs used by Appraiser.
+- **CustomSdbGuids**  Guids of the custom Sdbs used by Appraiser; Semicolon delimited list.
 - **DeadlineDate**  A timestamp representing the deadline date, which is the time until which appraiser will wait to do a full scan.
 - **EnterpriseRun**  Indicates whether the diagnostic data run is an enterprise run, which means appraiser was run from the command line with an extra enterprise parameter.
 - **FullSync**  Indicates if Appraiser is performing a full sync, which means that full set of events representing the state of the machine are sent. Otherwise, only the changes from the previous run are sent.
@@ -1619,9 +1840,20 @@ The following fields are available:
 - **WmdrmPurchased**  Indicates if the system has any files with permanent licenses.
 
 
+### Microsoft.Windows.Appraiser.General.WmdrmRemove
+
+This event indicates that the Wmdrm object is no longer present. The data collected with this event is used to help keep Windows up to date.
+
+This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
+
+The following fields are available:
+
+- **AppraiserVersion**  The version of the Appraiser file that is generating the events.
+
+
 ### Microsoft.Windows.Appraiser.General.WmdrmStartSync
 
-This event indicates that a new set of WmdrmAdd events will be sent.
+The WmdrmStartSync event indicates that a new set of WmdrmAdd events will be sent. This event is used to understand the usage of older digital rights management on the system, to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1634,7 +1866,7 @@ The following fields are available:
 
 ### MicArrayGeometry
 
-This event provides information about the layout of the individual microphone elements in the microphone array.
+This event provides information about the layout of the individual microphone elements in the microphone array. The data collected with this event is used to keep Windows performing properly.
 
 The following fields are available:
 
@@ -1652,7 +1884,7 @@ The following fields are available:
 
 ### MicCoords
 
-This event provides information about the location and orientation of the microphone element.
+This event provides information about the location and orientation of the microphone element. The data collected with this event is used to keep Windows performing properly.
 
 The following fields are available:
 
@@ -1666,7 +1898,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Audio.EndpointBuilder.DeviceInfo
 
-This event logs the successful enumeration of an audio endpoint (such as a microphone or speaker) and provides information about the audio endpoint.
+This event logs the successful enumeration of an audio endpoint (such as a microphone or speaker) and provides information about the audio endpoint. The data collected with this event is used to keep Windows performing properly.
 
 The following fields are available:
 
@@ -1702,7 +1934,7 @@ The following fields are available:
 
 ### Census.App
 
-This event sends version data about the Apps running on this device, to help keep Windows up to date.
+This event sends version data about the Apps running on this device. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -1720,7 +1952,7 @@ The following fields are available:
 
 ### Census.Azure
 
-This event returns data from Microsoft-internal Azure server machines (only from Microsoft-internal machines with Server SKUs). All other machines (those outside Microsoft and/or machines that are not part of the “Azure fleet”) return empty data sets.
+This event returns data from Microsoft-internal Azure server machines (only from Microsoft-internal machines with Server SKUs). All other machines (those outside Microsoft and/or machines that are not part of the “Azure fleet”) return empty data sets. The data collected with this event is used to help keep Windows secure.
 
 The following fields are available:
 
@@ -1731,7 +1963,7 @@ The following fields are available:
 
 ### Census.Battery
 
-This event sends type and capacity data about the battery on the device, as well as the number of connected standby devices in use, type to help keep Windows up to date.
+This event sends type and capacity data about the battery on the device, as well as the number of connected standby devices in use. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -1742,19 +1974,9 @@ The following fields are available:
 - **IsAlwaysOnAlwaysConnectedCapable**  Represents whether the battery enables the device to be AlwaysOnAlwaysConnected . Boolean value.
 
 
-### Census.Camera
-
-This event sends data about the resolution of cameras on the device, to help keep Windows up to date.
-
-The following fields are available:
-
-- **FrontFacingCameraResolution**  Represents the resolution of the front facing camera in megapixels. If a front facing camera does not exist, then the value is 0.
-- **RearFacingCameraResolution**  Represents the resolution of the rear facing camera in megapixels. If a rear facing camera does not exist, then the value is 0.
-
-
 ### Census.Enterprise
 
-This event sends data about Azure presence, type, and cloud domain use in order to provide an understanding of the use and integration of devices in an enterprise, cloud, and server environment.
+This event sends data about Azure presence, type, and cloud domain use in order to provide an understanding of the use and integration of devices in an enterprise, cloud, and server environment. The data collected with this event is used to help keep Windows secure.
 
 The following fields are available:
 
@@ -1774,14 +1996,14 @@ The following fields are available:
 - **IsMDMEnrolled**  Whether the device has been MDM Enrolled or not.
 - **MDMServiceProvider**  A hash of the specific MDM authority, such as Microsoft Intune, that is managing the device.
 - **MPNId**  Returns the Partner ID/MPN ID from Regkey. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\DeployID
-- **SCCMClientId**  This ID correlate systems that send data to Compat Analytics (OMS) and other OMS based systems with systems in a Configuration Manager environment.
-- **ServerFeatures**  Represents the features installed on a Windows Server. This can be used by developers and administrators who need to automate the process of determining the features installed on a set of server computers.
-- **SystemCenterID**  The Configuration Manager ID is an anonymized one-way hash of the Active Directory Organization identifier
+- **SCCMClientId**  This ID correlate systems that send data to Compat Analytics (OMS) and other OMS based systems with systems in an Enterprise SCCM environment.
+- **ServerFeatures**  Represents the features installed on a Windows   Server. This can be used by developers and administrators who need to automate the process of determining the features installed on a set of server computers.
+- **SystemCenterID**  The SCCM ID is an anonymized one-way hash of the Active Directory Organization identifier
 
 
 ### Census.Firmware
 
-This event sends data about the BIOS and startup embedded in the device, to help keep Windows up to date.
+This event sends data about the BIOS and startup embedded in the device. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -1793,7 +2015,7 @@ The following fields are available:
 
 ### Census.Flighting
 
-This event sends Windows Insider data from customers participating in improvement testing and feedback programs, to help keep Windows up to date.
+This event sends Windows Insider data from customers participating in improvement testing and feedback programs. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -1809,7 +2031,7 @@ The following fields are available:
 
 ### Census.Hardware
 
-This event sends data about the device, including hardware type, OEM brand, model line, model, telemetry level setting, and TPM support, to help keep Windows up to date.
+This event sends data about the device, including hardware type, OEM brand, model line, model, telemetry level setting, and TPM support. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -1853,7 +2075,7 @@ The following fields are available:
 
 ### Census.Memory
 
-This event sends data about the memory on the device, including ROM and RAM, to help keep Windows up to date.
+This event sends data about the memory on the device, including ROM and RAM. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -1863,7 +2085,7 @@ The following fields are available:
 
 ### Census.Network
 
-This event sends data about the mobile and cellular network used by the device (mobile service provider, network, device ID, and service cost factors), to help keep Windows up to date.
+This event sends data about the mobile and cellular network used by the device (mobile service provider, network, device ID, and service cost factors). The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -1886,7 +2108,7 @@ The following fields are available:
 
 ### Census.OS
 
-This event sends data about the operating system such as the version, locale, update service configuration, when and how it was originally installed, and whether it is a virtual device, to help keep Windows up to date.
+This event sends data about the operating system such as the version, locale, update service configuration, when and how it was originally installed, and whether it is a virtual device. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -1928,7 +2150,7 @@ The following fields are available:
 
 ### Census.PrivacySettings
 
-This event provides information about the device level privacy settings and whether device-level access was granted to these capabilities. Not all settings are applicable to all devices. Each field records the consent state for the corresponding privacy setting. The consent state is encoded as a 16-bit signed integer, where the first 8 bits represents the effective consent value, and the last 8 bits represent the authority that set the value. The effective consent (first 8 bits) is one of the following values:  -3 = unexpected consent value, -2 = value was not requested, -1 = an error occurred while attempting to retrieve the value, 0 = undefined, 1 = allow, 2 = deny, 3 = prompt. The consent authority (last 8 bits) is one of the following values: -3 = unexpected authority, -2 = value was not requested, -1 = an error occurred while attempting to retrieve the value, 0 = system, 1 = a higher authority (a gating setting, the system-wide setting, or a group policy), 2 = advertising ID group policy, 3 = advertising ID policy for child account, 4 = privacy setting provider doesn't know the actual consent authority, 5 = consent was not configured and a default set in code was used, 6 = system default, 7 = organization policy, 8 = OneSettings.
+This event provides information about the device level privacy settings and whether device-level access was granted to these capabilities. Not all settings are applicable to all devices. Each field records the consent state for the corresponding privacy setting. The consent state is encoded as a 16-bit signed integer, where the first 8 bits represents the effective consent value, and the last 8 bits represent the authority that set the value. The effective consent (first 8 bits) is one of the following values:  -3 = unexpected consent value, -2 = value was not requested, -1 = an error occurred while attempting to retrieve the value, 0 = undefined, 1 = allow, 2 = deny, 3 = prompt. The consent authority (last 8 bits) is one of the following values: -3 = unexpected authority, -2 = value was not requested, -1 = an error occurred while attempting to retrieve the value, 0 = system, 1 = a higher authority (a gating setting, the system-wide setting, or a group policy), 2 = advertising ID group policy, 3 = advertising ID policy for child account, 4 = privacy setting provider doesn't know the actual consent authority, 5 = consent was not configured and a default set in code was used, 6 = system default, 7 = organization policy, 8 = OneSettings. The data collected with this event is used to help keep Windows secure.
 
 The following fields are available:
 
@@ -1974,7 +2196,7 @@ The following fields are available:
 
 ### Census.Processor
 
-This event sends data about the processor to help keep Windows up to date.
+This event sends data about the processor. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -1997,7 +2219,7 @@ The following fields are available:
 
 ### Census.Security
 
-This event provides information on about security settings used to help keep Windows up to date and secure.
+This event provides information about security settings. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -2010,6 +2232,7 @@ The following fields are available:
 - **IsWdagFeatureEnabled**  Indicates whether Windows Defender Application Guard is enabled.
 - **RequiredSecurityProperties**  Describes the required security properties to enable virtualization-based security.
 - **SecureBootCapable**  Systems that support Secure Boot can have the feature turned off via BIOS. This field tells if the system is capable of running Secure Boot, regardless of the BIOS setting.
+- **ShadowStack**  The bit fields of SYSTEM_SHADOW_STACK_INFORMATION representing the state of the Intel CET (Control Enforcement Technology) hardware security feature.
 - **SModeState**  The Windows S mode trail state.
 - **SystemGuardState**  Indicates the SystemGuard state. NotCapable (0), Capable (1), Enabled (2), Error (0xFF).
 - **TpmReadyState**  Indicates the TPM ready state. NotReady (0), ReadyForStorage (1), ReadyForAttestation (2), Error (0xFF).
@@ -2019,7 +2242,7 @@ The following fields are available:
 
 ### Census.Speech
 
-This event is used to gather basic speech settings on the device.
+This event is used to gather basic speech settings on the device. The data collected with this event is used to help keep Windows secure.
 
 The following fields are available:
 
@@ -2038,7 +2261,7 @@ The following fields are available:
 
 ### Census.Storage
 
-This event sends data about the total capacity of the system volume and primary disk, to help keep Windows up to date.
+This event sends data about the total capacity of the system volume and primary disk. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -2050,7 +2273,7 @@ The following fields are available:
 
 ### Census.Userdefault
 
-This event sends data about the current user's default preferences for browser and several of the most popular extensions and protocols, to help keep Windows up to date.
+This event sends data about the current user's default preferences for browser and several of the most popular extensions and protocols. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -2064,7 +2287,7 @@ The following fields are available:
 
 ### Census.UserDisplay
 
-This event sends data about the logical/physical display size, resolution and number of internal/external displays, and VRAM on the system, to help keep Windows up to date.
+This event sends data about the logical/physical display size, resolution and number of internal/external displays, and VRAM on the system. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -2085,7 +2308,7 @@ The following fields are available:
 
 ### Census.UserNLS
 
-This event sends data about the default app language, input, and display language preferences set by the user, to help keep Windows up to date.
+This event sends data about the default app language, input, and display language preferences set by the user. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -2098,7 +2321,7 @@ The following fields are available:
 
 ### Census.UserPrivacySettings
 
-This event provides information about the current users privacy settings and whether device-level access was granted to these capabilities. Not all settings are applicable to all devices. Each field records the consent state for the corresponding privacy setting. The consent state is encoded as a 16-bit signed integer, where the first 8 bits represents the effective consent value, and the last 8 bits represents the authority that set the value. The effective consent is one of the following values: -3 = unexpected consent value, -2 = value was not requested, -1 = an error occurred while attempting to retrieve the value, 0 = undefined, 1 = allow, 2 = deny, 3 = prompt. The consent authority is one of the following values: -3 = unexpected authority, -2 = value was not requested, -1 = an error occurred while attempting to retrieve the value, 0 = user, 1 = a higher authority (a gating setting, the system-wide setting, or a group policy), 2 = advertising ID group policy, 3 = advertising ID policy for child account, 4 = privacy setting provider doesn't know the actual consent authority, 5 = consent was not configured and a default set in code was used, 6 = system default, 7 = organization policy, 8 = OneSettings.
+This event provides information about the current users privacy settings and whether device-level access was granted to these capabilities. Not all settings are applicable to all devices. Each field records the consent state for the corresponding privacy setting. The consent state is encoded as a 16-bit signed integer, where the first 8 bits represents the effective consent value, and the last 8 bits represents the authority that set the value. The effective consent is one of the following values: -3 = unexpected consent value, -2 = value was not requested, -1 = an error occurred while attempting to retrieve the value, 0 = undefined, 1 = allow, 2 = deny, 3 = prompt. The consent authority is one of the following values: -3 = unexpected authority, -2 = value was not requested, -1 = an error occurred while attempting to retrieve the value, 0 = user, 1 = a higher authority (a gating setting, the system-wide setting, or a group policy), 2 = advertising ID group policy, 3 = advertising ID policy for child account, 4 = privacy setting provider doesn't know the actual consent authority, 5 = consent was not configured and a default set in code was used, 6 = system default, 7 = organization policy, 8 = OneSettings. The data collected with this event is used to help keep Windows secure.
 
 The following fields are available:
 
@@ -2144,7 +2367,7 @@ The following fields are available:
 
 ### Census.VM
 
-This event sends data indicating whether virtualization is enabled on the device, and its various characteristics, to help keep Windows up to date.
+This event sends data indicating whether virtualization is enabled on the device, and its various characteristics. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -2153,14 +2376,16 @@ The following fields are available:
 - **IOMMUPresent**  Represents if an input/output memory management unit (IOMMU) is present.
 - **IsVDI**  Is the device using Virtual Desktop Infrastructure?
 - **IsVirtualDevice**  Retrieves that when the Hypervisor is Microsoft's Hyper-V Hypervisor or other Hv#1 Hypervisor, this field will be set to FALSE for the Hyper-V host OS and TRUE for any guest OS's. This field should not be relied upon for non-Hv#1 Hypervisors.
+- **IsWVDSessionHost**  Indicates if this is a Windows Virtual Device session host.
 - **SLATSupported**  Represents whether Second Level Address Translation (SLAT) is supported by the hardware.
 - **VirtualizationFirmwareEnabled**  Represents whether virtualization is enabled in the firmware.
 - **VMId**  A string that identifies a virtual machine.
+- **WVDEnvironment**  Represents the WVD service environment to which this session host has been joined.
 
 
 ### Census.WU
 
-This event sends data about the Windows update server and other App store policies, to help keep Windows up to date.
+This event sends data about the Windows update server and other App store policies. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -2169,6 +2394,7 @@ The following fields are available:
 - **AppStoreAutoUpdateMDM**  Retrieves the App Auto Update value for MDM: 0 - Disallowed. 1 - Allowed. 2 - Not configured. Default: [2] Not configured
 - **AppStoreAutoUpdatePolicy**  Retrieves the Microsoft Store App Auto Update group policy setting
 - **DelayUpgrade**  Retrieves the Windows upgrade flag for delaying upgrades.
+- **IsHotPatchEnrolled**  Represents the current state of the device in relation to enrollment in the hotpatch program.
 - **OSAssessmentFeatureOutOfDate**  How many days has it been since a the last feature update was released but the device did not install it?
 - **OSAssessmentForFeatureUpdate**  Is the device is on the latest feature update?
 - **OSAssessmentForQualityUpdate**  Is the device on the latest quality update?
@@ -2185,6 +2411,7 @@ The following fields are available:
 - **WUDeferUpdatePeriod**  Retrieves if deferral is set for Updates.
 - **WUDeferUpgradePeriod**  Retrieves if deferral is set for Upgrades.
 - **WUDODownloadMode**  Retrieves whether DO is turned on and how to acquire/distribute updates Delivery Optimization (DO) allows users to deploy previously downloaded WU updates to other devices on the same network.
+- **WULCUVersion**  Version of the LCU Installed on the machine.
 - **WUMachineId**  Retrieves the Windows Update (WU) Machine Identifier.
 - **WUPauseState**  Retrieves WU setting to determine if updates are paused.
 - **WUServer**  Retrieves the HTTP(S) URL of the WSUS server that is used by Automatic Updates and API callers (by default).
@@ -2243,7 +2470,6 @@ The following fields are available:
 - **ext_app**  Describes the properties of the running application. This extension could be populated by either a client app or a web app. See [Common Data Extensions.app](#common-data-extensionsapp).
 - **ext_container**  Describes the properties of the container for events logged within a container. See [Common Data Extensions.container](#common-data-extensionscontainer).
 - **ext_device**  Describes the device-related fields. See [Common Data Extensions.device](#common-data-extensionsdevice).
-- **ext_m365a**  Describes the Microsoft 365-related fields. See [Common Data Extensions.m365a](#common-data-extensionsm365a).
 - **ext_mscv**  Describes the correlation vector-related fields. See [Common Data Extensions.mscv](#common-data-extensionsmscv).
 - **ext_os**  Describes the operating system properties that would be populated by the client. See [Common Data Extensions.os](#common-data-extensionsos).
 - **ext_sdk**  Describes the fields related to a platform library required for a specific SDK. See [Common Data Extensions.sdk](#common-data-extensionssdk).
@@ -2255,14 +2481,6 @@ The following fields are available:
 - **time**  Represents the event date time in Coordinated Universal Time (UTC) when the event was generated on the client. This should be in ISO 8601 format.
 - **ver**  Represents the major and minor version of the extension.
 
-### Common Data Extensions.m365a
-
-Describes the Microsoft 365-related fields.
-
-The following fields are available:
-
-- **enrolledTenantId**  The enrolled tenant ID.
-- **msp**  A bitmask that lists the active programs.
 
 ### Common Data Extensions.mscv
 
@@ -2403,7 +2621,7 @@ The following fields are available:
 
 ### CbsServicingProvider.CbsCapabilitySessionFinalize
 
-This event provides information about the results of installing or uninstalling optional Windows content from Windows Update.
+This event provides information about the results of installing or uninstalling optional Windows content from Windows Update. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -2546,7 +2764,7 @@ This event reports the results of deferring Windows Content to keep Windows up t
 
 ### TelClientSynthetic.AbnormalShutdown_0
 
-This event sends data about boot IDs for which a normal clean shutdown was not observed, to help keep Windows up to date.
+This event sends data about boot IDs for which a normal clean shutdown was not observed. The data collected with this event is used to help keep Windows up to date, secure, and performing properly.
 
 The following fields are available:
 
@@ -2617,7 +2835,7 @@ The following fields are available:
 
 ### TelClientSynthetic.AuthorizationInfo_RuntimeTransition
 
-This event sends data indicating that a device has undergone a change of telemetry opt-in level detected at UTC startup, to help keep Windows up to date. The telemetry opt-in level signals what data we are allowed to collect.
+This event is fired by UTC at state transitions to signal what data we are allowed to collect. The data collected with this event is used to help keep Windows up to date, secure, and performing properly.
 
 The following fields are available:
 
@@ -2635,7 +2853,7 @@ The following fields are available:
 
 ### TelClientSynthetic.AuthorizationInfo_Startup
 
-Fired by UTC at startup to signal what data we are allowed to collect.
+This event is fired by UTC at startup to signal what data we are allowed to collect. The data collected with this event is used to help keep Windows up to date, secure, and performing properly.
 
 The following fields are available:
 
@@ -2653,15 +2871,15 @@ The following fields are available:
 
 ### TelClientSynthetic.ConnectivityHeartBeat_0
 
-This event sends data about the connectivity status of the Connected User Experience and Telemetry component that uploads telemetry events. If an unrestricted free network (such as Wi-Fi) is available, this event updates the last successful upload time. Otherwise, it checks whether a Connectivity Heartbeat event was fired in the past 24 hours, and if not, it sends an event. A Connectivity Heartbeat event is also sent when a device recovers from costed network to free network.
+This event sends data about the connectivity status of the Connected User Experience and Telemetry component that uploads telemetry events. If an unrestricted free network (such as Wi-Fi) is available, this event updates the last successful upload time. Otherwise, it checks whether a Connectivity Heartbeat event was fired in the past 24 hours, and if not, it sends an event. A Connectivity Heartbeat event is also sent when a device recovers from costed network to free network. This event is fired by UTC during periods of no network as a heartbeat signal, to keep Windows secure and up to date.
 
 The following fields are available:
 
-- **CensusExitCode**  Returns last execution codes from census client run.
-- **CensusStartTime**  Returns timestamp corresponding to last successful census run.
-- **CensusTaskEnabled**  Returns Boolean value for the census task (Enable/Disable) on client machine.
+- **CensusExitCode**  Last exit code of the Census task.
+- **CensusStartTime**  Time of last Census run.
+- **CensusTaskEnabled**  True if Census is enabled, false otherwise.
 - **LastConnectivityLossTime**  Retrieves the last time the device lost free network.
-- **NetworkState**  Retrieves the network state: 0 = No network. 1 = Restricted network. 2 = Free network.
+- **NetworkState**  The network state of the device.
 - **NoNetworkTime**  Retrieves the time spent with no network (since the last time) in seconds.
 - **RestrictedNetworkTime**  Retrieves the time spent on a metered (cost restricted) network in seconds.
 
@@ -2885,7 +3103,7 @@ This event is a low latency health alert that is part of the 4Nines device healt
 
 ### Microsoft.Windows.DirectToUpdate.DTUHandlerCheckApplicabilityGenericFailure
 
-This event indicates that we have received an unexpected error in the Direct to Update (DTU) Handler CheckApplicability call.
+This event indicates that we have received an unexpected error in the Direct to Update (DTU) Handler CheckApplicability call. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -2901,7 +3119,7 @@ The following fields are available:
 
 ### Microsoft.Windows.StartRepairCore.DISMLatestInstalledLCU
 
-The DISM Latest Installed LCU sends information to report result of search for latest installed LCU after last successful boot.
+The DISM Latest Installed LCU sends information to report result of search for latest installed LCU after last successful boot. The data collected with this event is used to help keep Windows up to date, secure, and performing properly.
 
 The following fields are available:
 
@@ -2910,7 +3128,7 @@ The following fields are available:
 
 ### Microsoft.Windows.StartRepairCore.DISMPendingInstall
 
-The DISM Pending Install event sends information to report pending package installation found.
+The DISM Pending Install event sends information to report pending package installation found. The data collected with this event is used to help keep Windows up to date, secure, and performing properly.
 
 The following fields are available:
 
@@ -2919,7 +3137,7 @@ The following fields are available:
 
 ### Microsoft.Windows.StartRepairCore.DISMRevertPendingActions
 
-The DISM Pending Install event sends information to report pending package installation found.
+The DISM Pending Install event sends information to report pending package installation found. The data collected with this event is used to help keep Windows up to date, secure, and performing properly.
 
 The following fields are available:
 
@@ -2928,7 +3146,7 @@ The following fields are available:
 
 ### Microsoft.Windows.StartRepairCore.DISMUninstallLCU
 
-The DISM Uninstall LCU sends information to report result of uninstall attempt for found LCU.
+The DISM Uninstall LCU sends information to report result of uninstall attempt for found LCU. The data collected with this event is used to help keep Windows up to date, secure, and performing properly.
 
 The following fields are available:
 
@@ -2937,7 +3155,7 @@ The following fields are available:
 
 ### Microsoft.Windows.StartRepairCore.SRTRepairActionEnd
 
-The DISM Uninstall LCU sends information to report result of uninstall attempt for found LCU.
+The SRT Repair Action End event sends information to report repair operation ended for given plug-in. The data collected with this event is used to help keep Windows up to date, secure, and performing properly.
 
 The following fields are available:
 
@@ -2952,7 +3170,7 @@ The following fields are available:
 
 ### Microsoft.Windows.StartRepairCore.SRTRepairActionStart
 
-The SRT Repair Action Start event sends information to report repair operation started for given plug-in.
+The SRT Repair Action Start event sends information to report repair operation started for given plug-in. The data collected with this event is used to help keep Windows up to date, secure, and performing properly.
 
 The following fields are available:
 
@@ -2961,7 +3179,7 @@ The following fields are available:
 
 ### Microsoft.Windows.StartRepairCore.SRTRootCauseDiagEnd
 
-The SRT Root Cause Diagnosis End event sends information to report diagnosis operation completed for given plug-in.
+The SRT Root Cause Diagnosis End event sends information to report diagnosis operation completed for given plug-in. The data collected with this event is used to help keep Windows up to date, secure, and performing properly.
 
 The following fields are available:
 
@@ -2973,7 +3191,7 @@ The following fields are available:
 
 ### Microsoft.Windows.StartRepairCore.SRTRootCauseDiagStart
 
-The SRT Root Cause Diagnosis Start event sends information to report diagnosis operation started for given plug-in.
+The SRT Root Cause Diagnosis Start event sends information to report diagnosis operation started for given plug-in. The data collected with this event is used to help keep Windows up to date, secure, and performing properly.
 
 The following fields are available:
 
@@ -2984,7 +3202,7 @@ The following fields are available:
 
 ### Microsoft.Windows.DriverInstall.DeviceInstall
 
-This critical event sends information about the driver installation that took place.
+This critical event sends information about the driver installation that took place. The data collected with this event is used to help keep Windows up to date and performing properly.
 
 The following fields are available:
 
@@ -3041,7 +3259,7 @@ The following fields are available:
 
 ### Microsoft.Windows.DriverInstall.NewDevInstallDeviceEnd
 
-This event sends data about the driver installation once it is completed.
+This event sends data about the driver installation once it is completed. The data collected with this event is used to help keep Windows up to date and performing properly.
 
 The following fields are available:
 
@@ -3060,7 +3278,7 @@ The following fields are available:
 
 ### Microsoft.Windows.DriverInstall.NewDevInstallDeviceStart
 
-This event sends data about the driver that the new driver installation is replacing.
+This event sends data about the driver that the new driver installation is replacing. The data collected with this event is used to help keep Windows up to date and performing properly.
 
 The following fields are available:
 
@@ -3247,7 +3465,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Upgrade.Uninstall.UninstallFailed
 
-This event sends diagnostic data about failures when uninstalling a feature update, to help resolve any issues preventing customers from reverting to a known state.
+This event sends diagnostic data about failures when uninstalling a feature update, to help resolve any issues preventing customers from reverting to a known state. The data collected with this event is used to help keep Windows up to date and performing properly.
 
 The following fields are available:
 
@@ -3257,7 +3475,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Upgrade.Uninstall.UninstallFinalizedAndRebootTriggered
 
-This event indicates that the uninstall was properly configured and that a system reboot was initiated.
+This event indicates that the uninstall was properly configured and that a system reboot was initiated. The data collected with this event is used to help keep Windows up to date and performing properly.
 
 
 
@@ -3293,7 +3511,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Holographic.Coordinator.HoloShellStateUpdated
 
-This event indicates Windows Mixed Reality HoloShell State. This event is also used to count WMR device.
+This event indicates Windows Mixed Reality HoloShell State. This event is also used to count WMR device. The data collected with this event is used to keep Windows performing properly.
 
 The following fields are available:
 
@@ -3305,7 +3523,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Shell.HolographicFirstRun.AppActivated
 
-This event indicates Windows Mixed Reality Portal app activation state. This event also used to count WMR device.
+This event indicates Windows Mixed Reality Portal app activation state. This event also used to count WMR device. The data collected with this event is used to keep Windows performing properly.
 
 The following fields are available:
 
@@ -3318,13 +3536,13 @@ The following fields are available:
 
 ### Microsoft.Windows.Shell.HolographicFirstRun.AppLifecycleService_Resuming
 
-This event indicates Windows Mixed Reality Portal app resuming. This event is also used to count WMR device.
+This event indicates Windows Mixed Reality Portal app resuming. This event is also used to count WMR device. The data collected with this event is used to keep Windows performing properly.
 
 
 
 ### TraceLoggingOasisUsbHostApiProvider.DeviceInformation
 
-This event provides Windows Mixed Reality device information. This event is also used to count WMR device and device type.
+This event provides Windows Mixed Reality device information. This event is also used to count WMR device and device type. The data collected with this event is used to keep Windows performing properly.
 
 The following fields are available:
 
@@ -3366,7 +3584,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.AmiTelCacheChecksum
 
-This event captures basic checksum data about the device inventory items stored in the cache for use in validating data completeness for Microsoft.Windows.Inventory.Core events. The fields in this event may change over time, but they will always represent a count of a given object.
+This event captures basic checksum data about the device inventory items stored in the cache for use in validating data completeness for Microsoft.Windows.Inventory.Core events. The fields in this event may change over time, but they will always represent a count of a given object. The data collected with this event is used to keep Windows performing properly.
 
 The following fields are available:
 
@@ -3407,7 +3625,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.AmiTelCacheVersions
 
-This event sends inventory component versions for the Device Inventory data.
+This event sends inventory component versions for the Device Inventory data. The data collected with this event is used to keep Windows performing properly.
 
 The following fields are available:
 
@@ -3417,7 +3635,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.FileSigningInfoAdd
 
-This event enumerates the signatures of files, either driver packages or application executables. For driver packages, this data is collected on demand via Telecommand to limit it only to unrecognized driver packages, saving time for the client and space on the server. For applications, this data is collected for up to 10 random executables on a system.
+This event enumerates the signatures of files, either driver packages or application executables. For driver packages, this data is collected on demand via Telecommand to limit it only to unrecognized driver packages, saving time for the client and space on the server. For applications, this data is collected for up to 10 random executables on a system. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -3435,7 +3653,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.InventoryApplicationAdd
 
-This event sends basic metadata about an application on the system to help keep Windows up to date.
+This event sends basic metadata about an application on the system. The data collected with this event is used to keep Windows performing properly and up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -3448,6 +3666,7 @@ The following fields are available:
 - **InstallDateMsi**  The install date if the application was installed via Microsoft Installer (MSI). Passed as an array.
 - **InventoryVersion**  The version of the inventory file generating the events.
 - **Language**  The language code of the program.
+- **MsiInstallDate**  The install date recorded in the program's MSI package.
 - **MsiPackageCode**  A GUID that describes the MSI Package. Multiple 'Products' (apps) can make up an MsiPackage.
 - **MsiProductCode**  A GUID that describe the MSI Product.
 - **Name**  The name of the application.
@@ -3464,7 +3683,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.InventoryApplicationDriverAdd
 
-This event represents what drivers an application installs.
+This event represents what drivers an application installs. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -3476,7 +3695,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.InventoryApplicationDriverStartSync
 
-The InventoryApplicationDriverStartSync event indicates that a new set of InventoryApplicationDriverStartAdd events will be sent.
+The InventoryApplicationDriverStartSync event indicates that a new set of InventoryApplicationDriverStartAdd events will be sent. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -3513,7 +3732,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.InventoryApplicationFrameworkAdd
 
-This event provides the basic metadata about the frameworks an application may depend on.
+This event provides the basic metadata about the frameworks an application may depend on. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -3526,7 +3745,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.InventoryApplicationFrameworkStartSync
 
-This event indicates that a new set of InventoryApplicationFrameworkAdd events will be sent.
+This event indicates that a new set of InventoryApplicationFrameworkAdd events will be sent. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -3537,7 +3756,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.InventoryApplicationRemove
 
-This event indicates that a new set of InventoryDevicePnpAdd events will be sent.
+This event indicates that a new set of InventoryDevicePnpAdd events will be sent. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -3548,9 +3767,9 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.InventoryApplicationStartSync
 
-This event indicates that a new set of InventoryApplicationAdd events will be sent.
+This event indicates that a new set of InventoryApplicationAdd events will be sent. The data collected with this event is used to keep Windows performing properly.
 
-This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
+This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange)
 
 The following fields are available:
 
@@ -3559,7 +3778,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.InventoryDeviceContainerAdd
 
-This event sends basic metadata about a device container (such as a monitor or printer as opposed to a Plug and Play device) to help keep Windows up to date.
+This event sends basic metadata about a device container (such as a monitor or printer as opposed to a Plug and Play device). The data collected with this event is used to help keep Windows up to date and to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -3583,7 +3802,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.InventoryDeviceContainerRemove
 
-This event indicates that the InventoryDeviceContainer object is no longer present.
+This event indicates that the InventoryDeviceContainer object is no longer present. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -3594,7 +3813,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.InventoryDeviceContainerStartSync
 
-This event indicates that a new set of InventoryDeviceContainerAdd events will be sent.
+This event indicates that a new set of InventoryDeviceContainerAdd events will be sent. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -3605,7 +3824,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.InventoryDeviceInterfaceAdd
 
-This event retrieves information about what sensor interfaces are available on the device.
+This event retrieves information about what sensor interfaces are available on the device. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -3635,7 +3854,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.InventoryDeviceInterfaceStartSync
 
-This event indicates that a new set of InventoryDeviceInterfaceAdd events will be sent.
+This event indicates that a new set of InventoryDeviceInterfaceAdd events will be sent. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -3646,7 +3865,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.InventoryDeviceMediaClassAdd
 
-This event sends additional metadata about a Plug and Play device that is specific to a particular class of devices to help keep Windows up to date while reducing overall size of data payload.
+This event sends additional metadata about a Plug and Play device that is specific to a particular class of devices. The data collected with this event is used to help keep Windows up to date and performing properly while reducing overall size of data payload.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -3661,7 +3880,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.InventoryDeviceMediaClassRemove
 
-This event indicates that the InventoryDeviceMediaClassRemove object is no longer present.
+This event indicates that the InventoryDeviceMediaClass object represented by the objectInstanceId is no longer present. This event is used to understand a PNP device that is specific to a particular class of devices. The data collected with this event is used to help keep Windows up to date and performing properly while reducing overall size of data payload.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -3672,7 +3891,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.InventoryDeviceMediaClassStartSync
 
-This event indicates that a new set of InventoryDeviceMediaClassSAdd events will be sent.
+This event indicates that a new set of InventoryDeviceMediaClassSAdd events will be sent. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -3728,7 +3947,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.InventoryDevicePnpRemove
 
-This event indicates that the InventoryDevicePnpRemove object is no longer present.
+This event indicates that the InventoryDevicePnpRemove object is no longer present. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -3739,7 +3958,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.InventoryDevicePnpStartSync
 
-This event indicates that a new set of InventoryDevicePnpAdd events will be sent.
+This event indicates that a new set of InventoryDevicePnpAdd events will be sent. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -3750,7 +3969,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.InventoryDeviceUsbHubClassAdd
 
-This event sends basic metadata about the USB hubs on the device.
+This event sends basic metadata about the USB hubs on the device. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -3763,7 +3982,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.InventoryDeviceUsbHubClassStartSync
 
-This event indicates that a new set of InventoryDeviceUsbHubClassAdd events will be sent.
+This event indicates that a new set of InventoryDeviceUsbHubClassAdd events will be sent. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -3774,7 +3993,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.InventoryDriverBinaryAdd
 
-This event sends basic metadata about driver binaries running on the system to help keep Windows up to date.
+This event sends basic metadata about driver binaries running on the system. The data collected with this event is used to help keep Windows up to date and performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -3801,7 +4020,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.InventoryDriverBinaryRemove
 
-This event indicates that the InventoryDriverBinary object is no longer present.
+This event indicates that the InventoryDriverBinary object is no longer present. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -3812,7 +4031,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.InventoryDriverBinaryStartSync
 
-This event indicates that a new set of InventoryDriverBinaryAdd events will be sent.
+This event indicates that a new set of InventoryDriverBinaryAdd events will be sent. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -3823,7 +4042,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.InventoryDriverPackageAdd
 
-This event sends basic metadata about drive packages installed on the system  to help keep Windows up to date.
+This event sends basic metadata about drive packages installed on the system. The data collected with this event is used to help keep Windows up to date and performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -3845,7 +4064,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.InventoryDriverPackageRemove
 
-This event indicates that the InventoryDriverPackageRemove object is no longer present.
+This event indicates that the InventoryDriverPackageRemove object is no longer present. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -3856,7 +4075,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.InventoryDriverPackageStartSync
 
-This event indicates that a new set of InventoryDriverPackageAdd events will be sent.
+This event indicates that a new set of InventoryDriverPackageAdd events will be sent. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -3883,9 +4102,54 @@ The following fields are available:
 - **key**  The globally unique identifier (GUID) used to identify the specific Json Trace logging session.
 
 
+### Microsoft.Windows.Inventory.General.AppHealthStaticAdd
+
+This event sends details collected for a specific application on the source device. The data collected with this event is used to keep Windows performing properly.
+
+
+
+### Microsoft.Windows.Inventory.General.AppHealthStaticStartSync
+
+This event indicates the beginning of a series of AppHealthStaticAdd events. The data collected with this event is used to keep Windows performing properly.
+
+
+
+### Microsoft.Windows.Inventory.General.InventoryMiscellaneousMemorySlotArrayInfoAdd
+
+This event provides basic information about active memory slots on the device.
+
+This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
+
+The following fields are available:
+
+- **Capacity**  Memory size in bytes
+- **Manufacturer**  Name of the DRAM manufacturer
+- **Model**  Model and sub-model of the memory
+- **Slot**  Slot to which the DRAM is plugged into the motherboard.
+- **Speed**  MHZ the memory is currently configured & used at.
+- **Type**  Reports DDR, etc. as an enumeration value as per the DMTF SMBIOS standard version 3.3.0, section 7.18.2.
+- **TypeDetails**  Reports Non-volatile, etc. as a bit flag enumeration according to the DMTF SMBIOS standard version 3.3.0, section 7.18.3.
+
+
+### Microsoft.Windows.Inventory.General.InventoryMiscellaneousMemorySlotArrayInfoRemove
+
+This event indicates that this particular data object represented by the objectInstanceId is no longer present.
+
+This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
+
+
+
+### Microsoft.Windows.Inventory.General.InventoryMiscellaneousMemorySlotArrayInfoStartSync
+
+This diagnostic event indicates a new sync is being generated for this object type.
+
+This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
+
+
+
 ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousOfficeAddInAdd
 
-Provides data on the installed Office Add-ins.
+This event provides data on the installed Office add-ins. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -3918,7 +4182,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousOfficeAddInRemove
 
-Indicates that this particular data object represented by the objectInstanceId is no longer present.
+This event indicates that the particular data object represented by the objectInstanceId is no longer present. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -3929,7 +4193,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousOfficeAddInStartSync
 
-This event indicates that a new sync is being generated for this object type.
+This event indicates that a new sync is being generated for this object type. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -3940,7 +4204,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousOfficeIdentifiersAdd
 
-Provides data on the Office identifiers.
+This event provides data on the Office identifiers. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -3958,7 +4222,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousOfficeIdentifiersStartSync
 
-Diagnostic event to indicate a new sync is being generated for this object type.
+This is a diagnostic event that indicates a new sync is being generated for this object type. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -3969,7 +4233,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousOfficeIESettingsAdd
 
-Provides data on Office-related Internet Explorer features.
+This event provides data on Office-related Internet Explorer features. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -3995,7 +4259,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousOfficeIESettingsStartSync
 
-Diagnostic event to indicate a new sync is being generated for this object type.
+This is a diagnostic event that indicates a new sync is being generated for this object type. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -4006,7 +4270,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousOfficeInsightsAdd
 
-This event provides insight data on the installed Office products
+This event provides insight data on the installed Office products. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -4021,7 +4285,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousOfficeInsightsRemove
 
-Indicates that this particular data object represented by the objectInstanceId is no longer present.
+This event indicates that the particular data object represented by the objectInstanceId is no longer present. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -4032,7 +4296,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousOfficeInsightsStartSync
 
-This diagnostic event indicates that a new sync is being generated for this object type.
+This diagnostic event indicates that a new sync is being generated for this object type. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -4043,7 +4307,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousOfficeProductsAdd
 
-Describes Office Products installed.
+This event describes all installed Office products. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -4058,7 +4322,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousOfficeProductsStartSync
 
-Diagnostic event to indicate a new sync is being generated for this object type.
+This is a diagnostic event that indicates a new sync is being generated for this object type. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -4069,7 +4333,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousOfficeSettingsAdd
 
-This event describes various Office settings
+This event describes various Office settings. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -4083,7 +4347,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousOfficeSettingsStartSync
 
-Indicates a new sync is being generated for this object type.
+This is a diagnostic event that indicates a new sync is being generated for this object type. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -4094,7 +4358,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousOfficeVBAAdd
 
-This event provides a summary rollup count of conditions encountered while performing a local scan of Office files, analyzing for known VBA programmability compatibility issues between legacy office version and ProPlus, and between 32 and 64-bit versions
+This event provides a summary rollup count of conditions encountered while performing a local scan of Office files, analyzing for known VBA programmability compatibility issues between legacy office version and ProPlus, and between 32 and 64-bit versions. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -4126,7 +4390,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousOfficeVBARemove
 
-Indicates that this particular data object represented by the objectInstanceId is no longer present.
+This event indicates that the particular data object represented by the objectInstanceId is no longer present. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -4137,7 +4401,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousOfficeVBARuleViolationsAdd
 
-This event provides data on Microsoft Office VBA rule violations, including a rollup count per violation type, giving an indication of remediation requirements for an organization. The event identifier is a unique GUID, associated with the validation rule
+This event provides data on Microsoft Office VBA rule violations, including a rollup count per violation type, giving an indication of remediation requirements for an organization. The event identifier is a unique GUID, associated with the validation rule. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -4149,7 +4413,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousOfficeVBARuleViolationsRemove
 
-Indicates that this particular data object represented by the objectInstanceId is no longer present.
+This event indicates that the particular data object represented by the objectInstanceId is no longer present. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -4160,7 +4424,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousOfficeVBARuleViolationsStartSync
 
-This event indicates that a new sync is being generated for this object type.
+This event indicates that a new sync is being generated for this object type. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -4171,7 +4435,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousOfficeVBAStartSync
 
-Diagnostic event to indicate a new sync is being generated for this object type.
+This diagnostic event indicates that a new sync is being generated for this object type. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -4182,7 +4446,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousUUPInfoAdd
 
-Provides data on Unified Update Platform (UUP) products and what version they are at.
+This event provides data on Unified Update Platform (UUP) products and what version they are at. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -4197,7 +4461,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousUUPInfoRemove
 
-Indicates that this particular data object represented by the objectInstanceId is no longer present.
+This event indicates that this particular data object represented by the objectInstanceId is no longer present. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -4205,7 +4469,7 @@ This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedevic
 
 ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousUUPInfoStartSync
 
-Diagnostic event to indicate a new sync is being generated for this object type.
+This is a diagnostic event that indicates a new sync is being generated for this object type. The data collected with this event is used to keep Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -4213,7 +4477,7 @@ This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedevic
 
 ### Microsoft.Windows.Inventory.Indicators.Checksum
 
-This event summarizes the counts for the InventoryMiscellaneousUexIndicatorAdd events.
+This event summarizes the counts for the InventoryMiscellaneousUexIndicatorAdd events. The data collected with this event is used to keep Windows performing properly.
 
 The following fields are available:
 
@@ -4224,7 +4488,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Indicators.InventoryMiscellaneousUexIndicatorAdd
 
-These events represent the basic metadata about the OS indicators installed on the system which are used for keeping the device up to date.
+This event represents the basic metadata about the OS indicators installed on the system. The data collected with this event helps ensure the device is up to date and keeps Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -4235,7 +4499,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Indicators.InventoryMiscellaneousUexIndicatorEndSync
 
-This event indicates that a new set of InventoryMiscellaneousUexIndicatorAdd events has been sent. This data helps ensure the device is up to date.
+This event indicates that a new set of InventoryMiscellaneousUexIndicatorAdd events has been sent. The data collected with this event helps ensure the device is up to date and keeps Windows performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -4243,7 +4507,7 @@ This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedevic
 
 ### Microsoft.Windows.Inventory.Indicators.InventoryMiscellaneousUexIndicatorRemove
 
-This event is a counterpart to InventoryMiscellaneousUexIndicatorAdd that indicates that the item has been removed.
+This event indicates that this particular data object represented by the objectInstanceId is no longer present. This event is used to understand the OS indicators installed on the system. The data collected with this event helps ensure the device is current and Windows is up to date and performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -4251,7 +4515,7 @@ This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedevic
 
 ### Microsoft.Windows.Inventory.Indicators.InventoryMiscellaneousUexIndicatorStartSync
 
-This event indicates that a new set of InventoryMiscellaneousUexIndicatorAdd events will be sent.
+This event indicates that this particular data object represented by the objectInstanceId is no longer present. This event is used to understand the OS indicators installed on the system. The data collected with this event helps ensure the device is current and Windows is up to date and performing properly.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -4261,7 +4525,7 @@ This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedevic
 
 ### Microsoft.Windows.IoT.Client.CEPAL.MonitorStarted
 
-This event identifies Windows Internet of Things (IoT) devices which are running the CE PAL subsystem by sending data during CE PAL startup.
+This event identifies Windows Internet of Things (IoT) devices which are running the CE PAL subsystem by sending data during CE PAL startup. The data collected with this event is used to keep Windows performing properly.
 
 
 
@@ -4279,7 +4543,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Kernel.BootEnvironment.OsLaunch
 
-OS information collected during Boot, used to evaluate the success of the upgrade process.
+This event includes basic data about the Operating System, collected during Boot and used to evaluate the success of the upgrade process. The data collected with this event is used to keep Windows performing properly.
 
 The following fields are available:
 
@@ -4310,7 +4574,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Kernel.DeviceConfig.DeviceConfig
 
-This critical device configuration event provides information about drivers for a driver installation that took place within the kernel.
+This critical device configuration event provides information about drivers for a driver installation that took place within the kernel. The data collected with this event is used to help keep Windows up to date and performing properly.
 
 The following fields are available:
 
@@ -4335,7 +4599,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Kernel.PnP.AggregateClearDevNodeProblem
 
-This event is sent when a problem code is cleared from a device.
+This event is sent when a problem code is cleared from a device. The data collected with this event is used to help keep Windows up to date and performing properly.
 
 The following fields are available:
 
@@ -4348,7 +4612,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Kernel.PnP.AggregateSetDevNodeProblem
 
-This event is sent when a new problem code is assigned to a device.
+This event is sent when a new problem code is assigned to a device. The data collected with this event is used to help keep Windows up to date and performing properly.
 
 The following fields are available:
 
@@ -4363,7 +4627,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Kernel.Power.PreviousShutdownWasThermalShutdown
 
-This event sends Product and Service Performance data on which area of the device exceeded safe temperature limits and caused the device to shutdown. This information is used to ensure devices are behaving as they are expected to.
+This event sends Product and Service Performance data on which area of the device exceeded safe temperature limits and caused the device to shutdown. This information is used to ensure devices are behaving as they are expected to. The data collected with this event is used to keep Windows performing properly.
 
 The following fields are available:
 
@@ -4484,7 +4748,7 @@ The following fields are available:
 
 ### Aria.af397ef28e484961ba48646a5d38cf54.Microsoft.WebBrowser.Installer.EdgeUpdate.Ping
 
-This event sends hardware and software inventory information about the Microsoft Edge Update service, Microsoft Edge applications, and the current system environment, including app configuration, update configuration, and hardware capabilities. It's  used to measure the reliability and performance of the EdgeUpdate service and if Microsoft Edge applications are up to date.
+This Ping event sends a detailed inventory of software and hardware information about the EdgeUpdate service, Edge applications, and the current system environment including app configuration, update configuration, and hardware capabilities. This event contains Device Connectivity and Configuration, Product and Service Performance, and Software Setup and Inventory data. One or more events is sent each time any installation, update, or uninstallation occurs with the EdgeUpdate service or with Edge applications. This event is used to measure the reliability and performance of the EdgeUpdate service and if Edge applications are up to date. This is an indication that the event is designed to keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -4584,7 +4848,7 @@ The following fields are available:
 
 ### Microsoft.WebBrowser.Installer.EdgeUpdate.Ping
 
-This event sends hardware and software inventory information about the Microsoft Edge Update service, Microsoft Edge applications, and the current system environment, including app configuration, update configuration, and hardware capabilities. It's used to measure the reliability and performance of the EdgeUpdate service and if Microsoft Edge applications are up to date
+This event sends hardware and software inventory information about the Microsoft Edge Update service, Microsoft Edge applications, and the current system environment, including app configuration, update configuration, and hardware capabilities. It's used to measure the reliability and performance of the EdgeUpdate service and if Microsoft Edge applications are up to date. This is an indication that the event is designed to keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -4651,36 +4915,14 @@ The following fields are available:
 - **requestSessionCorrelationVectorBase**  A client generated random MS Correlation Vector base code used to correlate the update session with update and CDN servers. Default: ''.
 - **requestSessionId**  A randomly-generated (uniformly distributed) GUID. Each single update flow (e.g. update check, update application, event ping sequence) SHOULD have (with high probability) a single unique session ID. Default: ''.
 - **requestTestSource**  Either '', 'dev', 'qa', 'prober', 'auto', or 'ossdev'. Any value except '' indicates that the request is a test and should not be counted toward normal metrics. Default: ''.
-- **requestUid**  A randomly-generated (uniformly distributed) GUID, corresponding to the Omaha user. Each request attempt should have (with high probability) a unique request id. Default: ''.
+- **requestUid**  A randomly-generated (uniformly distributed) GUID, corresponding to the Omaha user. Each request attempt SHOULD have (with high probability) a unique request id. Default: ''.
 
 
-### Aria.f4a7d46e472049dfba756e11bdbbc08f.Microsoft.WebBrowser.SystemInfo.Config
-
-This config event sends basic device connectivity and configuration information from Microsoft Edge about the current data collection consent, app version, and installation state to keep Microsoft Edge up to date and secure.
-
-The following fields are available:
-
-- **app_version**  The internal Microsoft Edge build version string.
-- **appConsentState**  Bit flags that describe the consent for data collection on the device, or zero if the state was not retrieved. The following are true when the associated bit is set: consent was granted (0x1), consent was communicated at install (0x2), diagnostic data consent granted (0x20000), browsing data consent granted (0x40000).
-- **Channel**  An integer indicating the channel of the installation (Canary or Dev).
-- **client_id**  A non-durable unique identifier with which all other diagnostic client data is associated. This value is reset whenever UMA data collection is disabled, or when the application is uninstalled.
-- **ConnectionType**  The first reported type of network connection currently connected. Possible values: Unknown, Ethernet, WiFi, 2G, 3G, 4G, None, or Bluetooth
-- **container_client_id**  The client ID of the container if the device is in Windows Defender Application Guard mode.
-- **container_session_id**  The session ID of the container if the device is in Windows Defender Application Guard mode.
-- **Etag**  Etag is an identifier representing all service applied configurations and experiments for the current browser session. There is not value in this field is the device is at the Basic diagnostic data level.
-- **EventInfo.Level**  The minimum Windows diagnostic data level required for the event. Possible values: 1 -- Basic, 2 -- Enhanced, 3 -- Full
-- **install_date**  The date and time of the most recent installation in seconds since midnight on January 1, 1970 UTC, rounded down to the nearest hour.
-- **installSource**  An enumeration representing the source of this installation. Possible values: source was not retrieved (0), unspecified source (1), website installer (2), enterprise MSI (3), Windows update (4), Edge updater (5), scheduled or timed task (6, 7), uninstall (8), Edge about page (9), self-repair (10), other install command line (11), reserved (12), unknown source (13).
-- **PayloadClass**  The base class used to serialize and deserialize the Protobuf binary payload.
-- **PayloadGUID**  A random identifier generated for each original monolithic Protobuf payload, before the payload is potentially broken up into manageably-sized chunks for transmission.
-- **PayloadLogType**  The log type for the event correlating with. Possible values: 0 -- Unknown, 1 -- Stability, 2 -- On-going, 3 -- Independent, 4 -- UKM, or 5 -- Instance level
-- **session_id** An ordered identifier that is guaranteed to be greater than the previous session identifier each time the user launches the application, reset on subsequent launch after client_id changes. session_id is seeded during the initial installation of the application. session_id is effectively unique per client_id value. Several other internal identifier values, such as window or tab IDs, are only meaningful within a particular session. The session_id value is forgotten when the application is uninstalled, but not during an upgrade.
-
 ## Migration events
 
 ### Microsoft.Windows.MigrationCore.MigObjectCountDLUsr
 
-This event returns data to track the count of the migration objects across various phases during feature update.
+This event returns data to track the count of the migration objects across various phases during feature update. The data collected with this event is used to help keep Windows secure and to track data loss scenarios.
 
 The following fields are available:
 
@@ -4692,7 +4934,7 @@ The following fields are available:
 
 ### Microsoft.Windows.MigrationCore.MigObjectCountKFSys
 
-This event returns data about the count of the migration objects across various phases during feature update.
+This event returns data about the count of the migration objects across various phases during feature update. The data collected with this event is used to help keep Windows secure and to track data loss scenarios.
 
 The following fields are available:
 
@@ -4703,7 +4945,7 @@ The following fields are available:
 
 ### Microsoft.Windows.MigrationCore.MigObjectCountKFUsr
 
-This event returns data to track the count of the migration objects across various phases during feature update.
+This event returns data to track the count of the migration objects across various phases during feature update. The data collected with this event is used to help keep Windows secure and to track data loss scenarios.
 
 The following fields are available:
 
@@ -4717,7 +4959,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Cast.Miracast.MiracastSessionEnd
 
-This event sends data at the end of a Miracast session that helps determine RTSP related Miracast failures along with some statistics about the session
+This event sends data at the end of a Miracast session that helps determine RTSP related Miracast failures along with some statistics about the session. The data collected with this event is used to keep Windows performing properly.
 
 The following fields are available:
 
@@ -4791,7 +5033,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Analog.Spectrum.TelemetryHolographicDeviceAdded
 
-This event indicates Windows Mixed Reality device state. This event is also used to count WMR device.
+This event indicates Windows Mixed Reality device state. This event is also used to count WMR device. The data collected with this event is used to keep Windows performing properly.
 
 The following fields are available:
 
@@ -4809,7 +5051,7 @@ The following fields are available:
 
 ### Microsoft.OneDrive.Sync.Setup.OSUpgradeInstallationOperation
 
-This event is related to the OS version when the OS is upgraded with OneDrive installed.
+This event is related to the OS version when the OS is upgraded with OneDrive installed. The data collected with this event is used to help keep Windows up to date, secure, and performing properly.
 
 The following fields are available:
 
@@ -4823,11 +5065,386 @@ The following fields are available:
 - **SourceOSVersion**  The source version of the operating system.
 
 
+## ONNX runtime events
+
+### Microsoft.ML.ONNXRuntime.ProcessInfo
+
+This event collects information when an application loads ONNXRuntime.dll. The data collected with this event is used to keep Windows product and service performing properly.
+
+The following fields are available:
+
+- **AppSessionGuid**  An identifier of a particular application session starting at process creation time and persisting until process end.
+- **isRedist**  Indicates if the ONNXRuntime usage is from redistributable package or inbox.
+- **runtimeVersion**  The version number of ONNXRuntime.
+- **schemaVersion**  Blueprint version of how the database is constructed.
+
+
+### Microsoft.ML.ONNXRuntime.RuntimePerf
+
+This event collects information about ONNXRuntime performance. The data collected with this event is used to keep Windows performing properly.
+
+The following fields are available:
+
+- **AppSessionGuid**  An identifier of a particular application session starting at process creation time and persisting until process end.
+- **schemaVersion**  Blueprint version of how the database is constructed.
+- **sessionId**  Identifier for each created session.
+- **totalRunDuration**  Total running/evaluation time from last time.
+- **totalRuns**  Total number of running/evaluation from last time.
+
+
+## Surface events
+
+### Microsoft.Surface.Health.Binary.Prod.McuHealthLog
+
+This event collects information to keep track of health indicator of the built-in micro controller. For example, the number of abnormal shutdowns due to power issues during boot sequence, type of display panel attached to base, thermal indicator, throttling data in hardware etc. The data collected with this event is used to help keep Windows secure and performing properly.
+
+The following fields are available:
+
+- **CUtility::GetTargetNameA(Target)**  Sub component name.
+- **HealthLog**  Health indicator log.
+- **healthLogSize**  4KB.
+- **productId**  Identifier for product model.
+
+## Update health events
+
+### Microsoft.Windows.UpdateHealthTools.ExpediteBlocked
+
+This event indicates that an update detection has occurred and the targeted install has been blocked. The data collected with this event is used to help keep Windows secure and up to date.
+
+The following fields are available:
+
+- **CV**  A correlation vector.
+- **ExpeditePolicyId**  The policy id of the expedite request.
+- **ExpediteUpdaterOfferedUpdateId**  An Update Id of the LCU expected to be expedited
+- **ExpediteUpdatesInProgress**  A list of update IDs in progress.
+- **ExpediteUsoCorrelationVector**  The correlation vector for the current USO session.
+- **ExpediteUsoLastError**  The last error returned by USO
+- **GlobalEventCounter**  Counts the number of events for this provider.
+- **PackageVersion**  The package version of the label.
+
+
+### Microsoft.Windows.UpdateHealthTools.ExpediteCompleted
+
+This event indicates that the update has been completed. The data collected with this event is used to help keep Windows secure and up to date.
+
+The following fields are available:
+
+- **CV**  A correlation vector.
+- **ExpeditePolicyId**  The policy Id of the expedite request.
+- **ExpediteUpdaterOfferedUpdateId**  The Update Id of the LCU expected to be expedited.
+- **ExpediteUpdatesInProgress**  The list of update IDs in progress.
+- **ExpediteUsoCorrelationVector**  The correlation vector for the current USO session.
+- **ExpediteUsoLastError**  The last error returned by USO.
+- **GlobalEventCounter**  Counts the number of events for this provider.
+- **PackageVersion**  The package version of the label.
+
+
+### Microsoft.Windows.UpdateHealthTools.ExpediteDetectionStarted
+
+This event indicates that the detection phase of USO has started. The data collected with this event is used to help keep Windows secure and up to date.
+
+The following fields are available:
+
+- **CV**  Correlation vector.
+- **ExpeditePolicyId**  The policy ID of the expedite request.
+- **ExpediteUpdaterOfferedUpdateId**  UpdateId of the LCU expected to be expedited.
+- **ExpediteUpdatesInProgress**  List of update IDs in progress.
+- **ExpediteUsoCorrelationVector**  The correlation vector for the current USO session.
+- **ExpediteUsoLastError**  The last error returned by USO.
+- **GlobalEventCounter**  Counts the number of events for this provider.
+- **PackageVersion**  The package version label.
+
+
+### Microsoft.Windows.UpdateHealthTools.ExpediteDownloadStarted
+
+This event indicates that the download phase of USO has started. The data collected with this event is used to help keep Windows secure and up to date.
+
+The following fields are available:
+
+- **CV**  A correlation vector.
+- **ExpeditePolicyId**  The policy Id of the expedite request.
+- **ExpediteUpdaterOfferedUpdateId**  Update Id of the LCU expected to be expedited.
+- **ExpediteUpdatesInProgress**  A list of update IDs in progress.
+- **ExpediteUsoCorrelationVector**  The correlation vector for the current USO session.
+- **ExpediteUsoLastError**  The last error returned by USO.
+- **GlobalEventCounter**  Counts the number of events for this provider.
+- **PackageVersion**  The package version label.
+
+
+### Microsoft.Windows.UpdateHealthTools.ExpediteInstallStarted
+
+This event indicates that the install phase of USO has started. The data collected with this event is used to help keep Windows secure and up to date.
+
+The following fields are available:
+
+- **CV**  Correlation vector.
+- **ExpeditePolicyId**  The policy ID of the expedite request.
+- **ExpediteUpdaterOfferedUpdateId**  UpdateId of the LCU expected to be expedited.
+- **ExpediteUpdatesInProgress**  List of update IDs in progress.
+- **ExpediteUsoCorrelationVector**  The correlation vector for the current USO session.
+- **ExpediteUsoLastError**  The last error returned by USO.
+- **GlobalEventCounter**  Counts the number of events for this provider.
+- **PackageVersion**  The package version label.
+
+
+### Microsoft.Windows.UpdateHealthTools.ExpediteUpdaterAlreadyExpectedUbr
+
+This event indicates that the device is already on the expected UBR. The data collected with this event is used to help keep Windows secure and up to date.
+
+The following fields are available:
+
+- **CV**  Correlation vector.
+- **ExpediteErrorBitMap**  Bit map value for any error code.
+- **ExpeditePolicyId**  The policy id of the expedite request.
+- **ExpediteResult**  Boolean value for success or failure.
+- **ExpediteUpdaterCurrentUbr**  The ubr of the device.
+- **ExpediteUpdaterExpectedUbr**  The expected ubr of the device.
+- **ExpediteUpdaterOfferedUpdateId**  Update Id of the LCU expected to be expedited.
+- **ExpediteUpdaterPolicyRestoreResult**  HRESULT of the policy restore.
+- **GlobalEventCounter**  Counts the number of events for this provider.
+- **PackageVersion**  The package version label.
+
+
+### Microsoft.Windows.UpdateHealthTools.ExpediteUpdaterFailedToUpdateToExpectedUbr
+
+This event indicates the expected UBR of the device. The data collected with this event is used to help keep Windows secure and up to date.
+
+The following fields are available:
+
+- **CV**  Correlation vector.
+- **ExpediteErrorBitMap**  Bit map value for any error code.
+- **ExpeditePolicyId**  The policy ID of the expedite request.
+- **ExpediteResult**  Boolean value for success or failure.
+- **ExpediteUpdaterOfferedUpdateId**  UpdateId of the LCU expected to be expedited.
+- **ExpediteUpdaterPolicyRestoreResult**  HRESULT of the policy restore.
+- **GlobalEventCounter**  Counts the number of events for this provider.
+- **PackageVersion**  The package version label.
+
+
+### Microsoft.Windows.UpdateHealthTools.ExpediteUpdaterRebootComplete
+
+This event indicates that the expedite update is completed with reboot. The data collected with this event is used to help keep Windows secure and up to date.
+
+The following fields are available:
+
+- **CV**  Correlation vector.
+- **ExpeditePolicyId**  The policy id of the expedite request.
+- **ExpediteResult**  Boolean value for success or failure.
+- **ExpediteUpdaterCurrentUbr**  The ubr of the device.
+- **ExpediteUpdaterOfferedUpdateId**  Update Id of the LCU expected to be expedited.
+- **ExpediteUpdaterPolicyRestoreResult**  HRESULT of the policy restore.
+- **GlobalEventCounter**  Counts the number of events for this provider.
+- **PackageVersion**  The package version label.
+
+
+### Microsoft.Windows.UpdateHealthTools.ExpediteUpdaterRebootRequired
+
+This event indicates that the device has finished servicing and a reboot is required. The data collected with this event is used to help keep Windows secure and up to date.
+
+The following fields are available:
+
+- **CV**  Correlation vector.
+- **ExpeditePolicyId**  The policy ID of the expedite request.
+- **ExpediteUpdaterOfferedUpdateId**  UpdateId of the LCU expected to be expedited.
+- **ExpediteUpdatesInProgress**  Comma delimited list of update IDs currently being offered.
+- **ExpediteUsoCorrelationVector**  The correlation vector from the USO session.
+- **ExpediteUsoLastError**  Last HResult from the current USO session.
+- **GlobalEventCounter**  Client side counter which indicates ordering of events sent by this user.
+- **PackageVersion**  Current package version of UpdateHealthTools.
+
+
+### Microsoft.Windows.UpdateHealthTools.ExpediteUpdaterScanCompleted
+
+This event sends results of the expedite USO scan. The data collected with this event is used to help keep Windows secure and up to date.
+
+The following fields are available:
+
+- **CV**  Correlation vector.
+- **ExpediteErrorBitMap**  Bit map value for any error code.
+- **ExpeditePolicyId**  The policy ID of the expedite request.
+- **ExpediteResult**  Boolean value for success or failure.
+- **ExpediteScheduledTaskCreated**  Indicates whether the scheduled task was created (true/false).
+- **ExpediteScheduledTaskHresult**  HRESULT for scheduled task creation.
+- **ExpediteUpdaterCurrentUbr**  The UBR of the device.
+- **ExpediteUpdaterExpectedUbr**  The expected UBR of the device.
+- **ExpediteUpdaterMonitorResult**  HRESULT of the USO monitoring.
+- **ExpediteUpdaterOfferedUpdateId**  UpdateId of the LCU expected to be expedited.
+- **ExpediteUpdaterScanResult**  HRESULT of the expedite USO scan.
+- **ExpediteUpdaterUsoResult**  HRESULT of the USO initialization and resume API calls.
+- **ExpediteUsoCorrelationVector**  The correlation vector for the current USO session.
+- **ExpediteUsoLastError**  The last error returned by USO.
+- **GlobalEventCounter**  Counts the number of events for this provider.
+- **PackageVersion**  The package version label.
+- **UsoFrequencyKey**  Indicates whether the USO frequency key was found on the device (true/false).
+
+
+### Microsoft.Windows.UpdateHealthTools.ExpediteUpdaterScanStarted
+
+This event sends telemetry that USO scan has been started. The data collected with this event is used to help keep Windows secure and up to date.
+
+The following fields are available:
+
+- **CV**  Correlation vector.
+- **ExpediteErrorBitMap**  Bit map value for any error code.
+- **ExpeditePolicyId**  The policy Id of the expedite request.
+- **ExpediteResult**  Boolean value for success or failure.
+- **ExpediteUpdaterCurrentUbr**  The UBR of the device.
+- **ExpediteUpdaterExpectedUbr**  The expected UBR of the device.
+- **ExpediteUpdaterOfferedUpdateId**  UpdateId of the LCU expected to be expedited.
+- **ExpediteUpdaterUsoIntiatedScan**  True when USO scan has been called.
+- **ExpediteUsoCorrelationVector**  The correlation vector for the current USO session.
+- **ExpediteUsoLastError**  The last error returned by USO.
+- **GlobalEventCounter**  Counts the number of events for this provider.
+- **PackageVersion**  The package version label.
+- **UsoFrequencyKey**  Indicates whether the USO frequency key was found on the device (true/false).
+
+
+### Microsoft.Windows.UpdateHealthTools.UnifiedInstallerEnd
+
+This event indicates that the unified installer has completed. The data collected with this event is used to help keep Windows secure and up to date.
+
+The following fields are available:
+
+- **CV**  Correlation vector.
+- **GlobalEventCounter**  The event counter for telemetry events on the device for currency tools.
+- **PackageVersion**  The package version label for currency tools.
+- **UnifiedInstallerInstallResult**  The final result code for the unified installer.
+- **UnifiedInstallerPlatformResult**  The result code from determination of the platform type.
+- **UnifiedInstallerPlatformType**  The enum indicating the platform type.
+
+
+### Microsoft.Windows.UpdateHealthTools.UnifiedInstallerStart
+
+This event indicates that the installation has started for the unified installer. The data collected with this event is used to help keep Windows secure and up to date.
+
+The following fields are available:
+
+- **CV**  The correlation vector.
+- **GlobalEventCounter**  Counts the events at the global level for telemetry.
+- **PackageVersion**  The package version for currency tools.
+- **UnifiedInstallerDeviceAADJoinedHresult**  The result code after checking if device is AAD joined.
+- **UnifiedInstallerDeviceInDssPolicy**  Boolean indicating whether the device is found to be in a DSS policy.
+- **UnifiedInstallerDeviceInDssPolicyHresult**  The result code for checking whether the device is found to be in a DSS policy.
+- **UnifiedInstallerDeviceIsAADJoined**  Boolean indicating whether a device is AADJ.
+- **UnifiedInstallerDeviceIsAdJoined**  Boolean indicating whether a device is AD joined.
+- **UnifiedInstallerDeviceIsAdJoinedHresult**  The result code for checking whether a device is AD joined.
+- **UnifiedInstallerDeviceIsEducationSku**  Boolean indicating whether a device is Education SKU.
+- **UnifiedInstallerDeviceIsEducationSkuHresult**  The result code from checking whether a device is Education SKU.
+- **UnifiedInstallerDeviceIsEnterpriseSku**  Boolean indicating whether a device is Enterprise SKU.
+- **UnifiedInstallerDeviceIsEnterpriseSkuHresult**  The result code from checking whether a device is Enterprise SKU.
+- **UnifiedInstallerDeviceIsHomeSku**  Boolean indicating whether a device is Home SKU.
+- **UnifiedInstallerDeviceIsHomeSkuHresult**  The result code from checking whether device is Home SKU.
+- **UnifiedInstallerDeviceIsMdmManaged**  Boolean indicating whether a device is MDM managed.
+- **UnifiedInstallerDeviceIsMdmManagedHresult**  The result code from checking whether a device is MDM managed.
+- **UnifiedInstallerDeviceIsProSku**  Boolean indicating whether a device is Pro SKU.
+- **UnifiedInstallerDeviceIsProSkuHresult**  The result code from checking whether a device is Pro SKU.
+- **UnifiedInstallerDeviceIsSccmManaged**  Boolean indicating whether a device is SCCM managed.
+- **UnifiedInstallerDeviceIsSccmManagedHresult**  The result code from checking whether a device is SCCM managed.
+- **UnifiedInstallerDeviceWufbManaged**  Boolean indicating whether a device is Wufb managed.
+- **UnifiedInstallerDeviceWufbManagedHresult**  The result code from checking whether a device is Wufb managed.
+- **UnifiedInstallerPlatformResult**  The result code from checking what platform type the device is.
+- **UnifiedInstallerPlatformType**  The enum indicating the type of platform detected.
+- **UnifiedInstUnifiedInstallerDeviceIsHomeSkuHresultllerDeviceIsHomeSku**  The result code from checking whether a device is Home SKU.
+
+
+### Microsoft.Windows.UpdateHealthTools.UpdateHealthToolsDeviceInformationUploaded
+
+This event is received when the UpdateHealthTools service uploads device information. The data collected with this event is used to help keep Windows secure and up to date.
+
+The following fields are available:
+
+- **CV**  Correlation vector.
+- **GlobalEventCounter**  Client side counter which indicates ordering of events sent by this user.
+- **PackageVersion**  Current package version of remediation.
+- **UpdateHealthToolsDeviceUbrChanged**  1 if the Ubr just changed, 0 otherwise.
+- **UpdateHealthToolsDeviceUri**  The URI to be used for push notifications on this device.
+
+
+### Microsoft.Windows.UpdateHealthTools.UpdateHealthToolsDeviceInformationUploadFailed
+
+This event provides information for device which failed to upload the details. The data collected with this event is used to help keep Windows secure and up to date.
+
+The following fields are available:
+
+- **CV**  Correlation vector.
+- **GlobalEventCounter**  Telemetry event counter.
+- **PackageVersion**  Version label of the package sending telemetry.
+- **UpdateHealthToolsEnterpriseActionResult**  Result of running the tool expressed as an HRESULT.
+
+
+### Microsoft.Windows.UpdateHealthTools.UpdateHealthToolsPushNotificationCompleted
+
+This event is received when a push notification has been completed by the UpdateHealthTools service. The data collected with this event is used to help keep Windows secure and up to date.
+
+The following fields are available:
+
+- **CV**  Correlation vector.
+- **GlobalEventCounter**  Client side counter which indicates ordering of events sent by this user.
+- **PackageVersion**  Current package version of UpdateHealthTools.
+- **UpdateHealthToolsEnterpriseActionResult**  The HRESULT return by the enterprise action.
+- **UpdateHealthToolsEnterpriseActionType**  Enum describing the type of action requested by the push.
+
+
+### Microsoft.Windows.UpdateHealthTools.UpdateHealthToolsPushNotificationReceived
+
+This event is received when the UpdateHealthTools service receives a push notification. The data collected with this event is used to help keep Windows secure and up to date.
+
+The following fields are available:
+
+- **CV**  Correlation vector.
+- **GlobalEventCounter**  Client side counter which indicates ordering of events sent by this user.
+- **PackageVersion**  Current package version of UpdateHealthTools.
+- **UpdateHealthToolsDeviceUri**  The URI to be used for push notifications on this device.
+- **UpdateHealthToolsEnterpriseActionType**  Enum describing the type of action requested by the push.
+- **UpdateHealthToolsPushCurrentChannel**  The channel used to receive notification.
+- **UpdateHealthToolsPushCurrentRequestId**  The request ID for the push.
+- **UpdateHealthToolsPushCurrentResults**  The results from the push request.
+- **UpdateHealthToolsPushCurrentStep**  The current step for the push notification.
+
+
+### Microsoft.Windows.UpdateHealthTools.UpdateHealthToolsPushNotificationStatus
+
+This event is received when there is status on a push notification. The data collected with this event is used to help keep Windows secure and up to date.
+
+The following fields are available:
+
+- **CV**  Correlation vector.
+- **GlobalEventCounter**  Client side counter which indicates ordering of events sent by this user.
+- **PackageVersion**  Current package version of UpdateHealthTools.
+- **UpdateHealthToolsDeviceUri**  The URI to be used for push notifications on this device.
+- **UpdateHealthToolsEnterpriseActionType**  Enum describing the type of action requested by the push.
+- **UpdateHealthToolsPushCurrentRequestId**  The request ID for the push.
+- **UpdateHealthToolsPushCurrentResults**  The results from the push request.
+- **UpdateHealthToolsPushCurrentStep**  The current step for the push notification
+
+
+### Microsoft.Windows.UpdateHealthTools.UpdateHealthToolsServiceBlockedByNoAADJoin
+
+This event indicates that the device is not AAD joined so service stops. The data collected with this event is used to help keep Windows secure and up to date.
+
+The following fields are available:
+
+- **CV**  Correlation vector.
+- **GlobalEventCounter**  Client side counter which indicates ordering of events sent by this user.
+- **PackageVersion**  Current package version of UpdateHealthTools.
+
+
+### Microsoft.Windows.UpdateHealthTools.UpdateHealthToolsServiceStarted
+
+This event is sent when the service first starts. It is a heartbeat indicating that the service is available on the device. The data collected with this event is used to help keep Windows secure and up to date.
+
+The following fields are available:
+
+- **CV**  Correlation vector.
+- **GlobalEventCounter**  Client side counter which indicates ordering of events sent by this user.
+- **PackageVersion**  Current package version of remediation.
+
+
 ## Privacy consent logging events
 
 ### Microsoft.Windows.Shell.PrivacyConsentLogging.PrivacyConsentCompleted
 
-This event is used to determine whether the user successfully completed the privacy consent experience.
+This event is used to determine whether the user successfully completed the privacy consent experience. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -4839,7 +5456,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Shell.PrivacyConsentLogging.PrivacyConsentStatus
 
-Event tells us effectiveness of new privacy experience.
+This event provides the effectiveness of new privacy experience. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -4851,672 +5468,11 @@ The following fields are available:
 - **userRegionCode**  The current user's region setting
 
 
-## Push Button Reset events
-
-### Microsoft.Windows.PBR.BitLockerWipeFinished
-
-This event sends error data after the BitLocker wipe finishes if there were any issues during the wipe.
-
-The following fields are available:
-
-- **error**  The error code if there were any issues during the BitLocker wipe.
-- **sessionID**  This is the session ID.
-- **succeeded**  Indicates the BitLocker wipe successful completed.
-- **timestamp**  Time the event occurred.
-
-
-### Microsoft.Windows.PBR.BootState
-
-This event sends data on the Windows Recovery Environment (WinRE) boot, which can be used to determine whether the boot was successful.
-
-The following fields are available:
-
-- **BsdSummaryInfo**  Summary of the last boot.
-- **sessionID**  The ID of the push-button reset session.
-- **timestamp**  The timestamp of the boot state.
-
-
-### Microsoft.Windows.PBR.ClearTPMStarted
-
-This event sends basic data about the recovery operation on the device to allow investigation.
-
-The following fields are available:
-
-- **sessionID**  The ID for this push-button restart session.
-- **timestamp**  The time when the Trusted Platform Module will be erased.
-
-
-### Microsoft.Windows.PBR.ClientInfo
-
-This event indicates whether push-button reset (PBR) was initiated while the device was online or offline.
-
-The following fields are available:
-
-- **name**  Name of the user interface entry point.
-- **sessionID**  The ID of this push-button reset session.
-- **timestamp**  The time when this event occurred.
-
-
-### Microsoft.Windows.PBR.Completed
-
-This event sends data about the recovery operation on the device to allow for investigation.
-
-The following fields are available:
-
-- **sessionID**  The ID of the push-button reset session.
-- **timestamp**  Timestamp of this push-button reset event.
-
-
-### Microsoft.Windows.PBR.DataVolumeCount
-
-This event provides the number of additional data volumes that the push-button reset operation has detected.
-
-The following fields are available:
-
-- **count**  The number of attached data drives.
-- **sessionID**  The ID of this push-button reset session.
-- **timestamp**  Time the event occurred.
-
-
-### Microsoft.Windows.PBR.DiskSpaceRequired
-
-This event sends the peak disk usage required for the push-button reset operation.
-
-The following fields are available:
-
-- **numBytes**  The number of bytes required for the reset operation.
-- **sessionID**  The ID of this push-button reset session.
-- **timestamp**  Time the event occurred.
-
-
-### Microsoft.Windows.PBR.EnterAPI
-
-This event is sent at the beginning of each push-button reset (PRB) operation.
-
-The following fields are available:
-
-- **apiName**  Name of the API command that is about to execute.
-- **sessionID**  The session ID.
-- **timestamp**  Timestamp of this push-button reset event.
-
-
-### Microsoft.Windows.PBR.EnteredOOBE
-
-This event is sent when the push-button reset (PRB) process enters the Out Of Box Experience (OOBE).
-
-The following fields are available:
-
-- **sessionID**  The ID of this push-button reset session.
-- **timestamp**  Timestamp of this push-button reset event.
-
-
-### Microsoft.Windows.PBR.LeaveAPI
-
-This event is sent when the push-button reset operation is complete.
-
-The following fields are available:
-
-- **apiName**  Name of the API command that completed.
-- **errorCode**  Error code if an error occurred during the API call.
-- **sessionID**  The ID of this push-button reset session.
-- **succeeded**  Indicates whether the operation is successfully completed.
-- **success**  Indicates whether the API call was successful.
-- **timestamp**  Timestamp of this push-button reset event.
-
-
-### Microsoft.Windows.PBR.OEMExtensionFinished
-
-This event is sent when the OEM extensibility scripts have completed.
-
-The following fields are available:
-
-- **exitCode**  The exit code from OEM extensibility scripts to push-button reset.
-- **param**  Parameters used for the OEM extensibility script.
-- **phase**  Name of the OEM extensibility script phase.
-- **script**  The path to the OEM extensibility script.
-- **sessionID**  The ID of this push-button reset session.
-- **succeeded**  Indicates whether the OEM extensibility script executed successfully.
-- **timedOut**  Indicates whether the OEM extensibility script timed out.
-- **timestamp**  Timestamp of this push-button reset event.
-
-
-### Microsoft.Windows.PBR.OEMExtensionStarted
-
-This event is sent when the OEM extensibility scripts start to execute.
-
-The following fields are available:
-
-- **param**  The parameters used by the OEM extensibility script.
-- **phase**  The name of the OEM extensibility script phase.
-- **script**  The path to the OEM extensibility script.
-- **sessionID**  The ID of this push-button reset session.
-- **timestamp**  Timestamp of this push-button reset event.
-
-
-### Microsoft.Windows.PBR.OperationExecuteFinished
-
-This event is sent at the end of a push-button reset (PBR) operation.
-
-The following fields are available:
-
-- **error**  Indicates the result code of the event.
-- **index**  The operation index.
-- **operation**  The name of the operation.
-- **phase**  The name of the operation phase.
-- **sessionID**  The ID of this push-button reset session.
-- **succeeded**  Indicates whether the operation successfully completed.
-- **timestamp**  Timestamp of this push-button reset event.
-
-
-### Microsoft.Windows.PBR.OperationExecuteStarted
-
-This event is sent at the beginning of a push-button reset operation.
-
-The following fields are available:
-
-- **index**  The index of this operation.
-- **operation**  The name of this operation.
-- **phase**  The phase of this operation.
-- **sessionID**  The ID of this push-button reset session.
-- **timestamp**  Timestamp of this push-button reset event.
-- **weight**  The weight of the operation used to distribute the change in percentage.
-
-
-### Microsoft.Windows.PBR.OperationQueueConstructFinished
-
-This event is sent when construction of the operation queue for push-button reset is finished.
-
-The following fields are available:
-
-- **error**  The result code for operation queue construction.
-- **errorCode**  Represents any error code during the API call.
-- **sessionID**  The ID of this push-button reset session.
-- **succeeded**  Indicates whether the operation successfully completed.
-- **timestamp**  Timestamp of this push-button reset event.
-
-
-### Microsoft.Windows.PBR.OperationQueueConstructStarted
-
-This event is sent when construction of the operation queue for push-button reset is started.
-
-The following fields are available:
-
-- **sessionID**  The ID of this push-button reset session.
-- **timestamp**  Timestamp of this push-button reset event.
-
-
-### Microsoft.Windows.PBR.PBRClearTPMFailed
-
-This event is sent when there was a failure while clearing the Trusted Platform Module (TPM).
-
-The following fields are available:
-
-- **SessionID**  The ID of this push-button reset session.
-
-
-### Microsoft.Windows.PBR.PBRCreateNewSystemReconstructionFailed
-
-This event is sent when the push-button reset operation fails to construct a new copy of the operating system.
-
-The following fields are available:
-
-- **HRESULT**  Indicates the result code of the event.
-- **PBRType**  The type of push-button reset.
-- **SessionID**  The ID of this push-button reset session.
-- **SPErrorCode**  The error code for the Setup Platform operation.
-- **SPOperation**  The last Setup Platform operation.
-- **SPPhase**  The last phase of the Setup Platform operation.
-
-
-### Microsoft.Windows.PBR.PBRCreateNewSystemReconstructionSucceed
-
-This event is sent when the push-button reset operation succeeds in constructing a new copy of the operating system.
-
-The following fields are available:
-
-- **CBSPackageCount**  The Component Based Servicing package count.
-- **CustomizationPackageCount**  The Customization package count.
-- **PBRType**  The type of push-button reset.
-- **SessionID**  The ID of this push-button reset session.
-
-
-### Microsoft.Windows.PBR.PBRFailed
-
-This event is sent when the push-button reset operation fails and rolls back to the previous state.
-
-The following fields are available:
-
-- **ErrorType**  The result code for the push-button reset error.
-- **PBRType**  The type of push-button reset.
-- **SessionID**  The ID of this push-button reset session.
-
-
-### Microsoft.Windows.PBR.PBRFinalUserSelection
-
-This event is sent when the user makes the final selection in the user interface.
-
-The following fields are available:
-
-- **PBREraseData**  Indicates whether the option to erase data is selected.
-- **PBRRecoveryStrategy**  The recovery strategy for the push-button reset operation.
-- **PBRRepartitionDisk**  Indicates whether the user has selected the option to repartition the disk.
-- **PBRVariation**  Indicates the push-button reset type.
-- **PBRWipeDataDrives**  Indicates whether the option to wipe the data drives is selected.
-- **SessionID**  The ID of this push-button reset session.
-
-
-### Microsoft.Windows.PBR.PBRFormatOSVolumeSucceed
-
-This event is sent when the operation to format the operating system volume succeeds during push-button reset (PBR).
-
-The following fields are available:
-
-- **JustDeleteFiles**  Indicates whether disk formatting was skipped.
-- **SessionID**  The ID of this push-button reset session.
-
-
-### Microsoft.Windows.PBR.PBRIOCTLErasureSucceed
-
-This event is sent when the erasure operation succeeds during push-button reset (PBR).
-
-The following fields are available:
-
-- **SessionID**  The ID of this push-button reset session.
-
-
-### Microsoft.Windows.PBR.PBRLayoutImageFailed
-
-This event is sent when push-button reset fails to create a new image of Windows.
-
-The following fields are available:
-
-- **SessionID**  The ID of this push-button reset session.
-
-
-### Microsoft.Windows.PBR.PBROEM1Failed
-
-This event is sent when the first OEM extensibility operation is successfully completed.
-
-The following fields are available:
-
-- **HRESULT**  The result error code from the OEM extensibility script.
-- **Parameters**  The parameters that were passed to the OEM extensibility script.
-- **PBRType**  The type of push-button reset.
-- **ScriptName**  The path to the OEM extensibility script.
-- **SessionID**  The ID of this push-button reset session.
-
-
-### Microsoft.Windows.PBR.PBRReachedOOBE
-
-This event returns data when the PBR (Push Button Reset) process reaches the OOBE (Out of Box Experience).
-
-The following fields are available:
-
-- **SessionID**  The ID of this push-button reset session.
-
-
-### Microsoft.Windows.PBR.PBRReconstructionInitiated
-
-This event returns data when a PBR (Push Button Reset) reconstruction operation begins.
-
-The following fields are available:
-
-- **SessionID**  The ID of this push-button reset session.
-
-
-### Microsoft.Windows.PBR.PBRRequirementChecks
-
-This event returns data when PBR (Push Button Reset) requirement checks begin.
-
-The following fields are available:
-
-- **DeploymentType**  The type of deployment.
-- **InstallType**  The type of installation.
-- **PBRType**  The type of push-button reset.
-- **SessionID**  The ID for this push-button reset session.
-
-
-### Microsoft.Windows.PBR.PBRRequirementChecksFailed
-
-This event returns data when PBR (Push Button Reset) requirement checks fail.
-
-The following fields are available:
-
-- **DiskSpaceAvailable**  The disk space available for the push-button reset.
-- **DiskSpaceRequired**  The disk space required for the push-button reset.
-- **ErrorType**  The type of error that occurred during the requirement checks phase of the push-button reset operation.
-- **PBRImageVersion**  The image version of the push-button reset tool.
-- **PBRRecoveryStrategy**  The recovery strategy for this phase of push-button reset.
-- **PBRStartedFrom**  Identifies the push-button reset entry point.
-- **PBRType**  The type of push-button reset specified by the user interface.
-- **SessionID**  The ID of this push-button reset session.
-
-
-### Microsoft.Windows.PBR.PBRRequirementChecksPassed
-
-This event returns data when PBR (Push Button Reset) requirement checks are passed.
-
-The following fields are available:
-
-- **OSVersion**  The OS version installed on the device.
-- **PBRImageType**  The push-button reset image type.
-- **PBRImageVersion**  The version of the push-button reset image.
-- **PBRRecoveryStrategy**  The push-button reset recovery strategy.
-- **PBRStartedFrom**  Identifies the push-button reset entry point.
-- **SessionID**  The ID of this push-button reset session.
-
-
-### Microsoft.Windows.PBR.PBRSucceed
-
-This event returns data when PBR (Push Button Reset) succeeds.
-
-The following fields are available:
-
-- **OSVersion**  The OS version installed on the device.
-- **PBRType**  The type of push-button reset.
-- **SessionID**  The ID of this push-button reset session.
-
-
-### Microsoft.Windows.PBR.PhaseFinished
-
-This event returns data when a phase of PBR (Push Button Reset) has completed.
-
-The following fields are available:
-
-- **error**  The result code for this phase of push-button reset.
-- **phase**  The name of this push-button reset phase.
-- **sessionID**  The ID of this push-button reset session.
-- **succeeded**  Indicates whether this phase of push-button reset executed successfully.
-- **timestamp**  The timestamp for this push-button reset event.
-
-
-### Microsoft.Windows.PBR.PhaseStarted
-
-This event is sent when a phase of the push-button reset (PBR) operation starts.
-
-The following fields are available:
-
-- **phase**  The name of this phase of push-button reset.
-- **sessionID**  The ID of this push-button reset session.
-- **timestamp**  The timestamp for this push-button reset event.
-
-
-### Microsoft.Windows.PBR.ReconstructionInfo
-
-This event returns data about the PBR (Push Button Reset) reconstruction.
-
-The following fields are available:
-
-- **numPackagesAbandoned**  The number of packages that were abandoned during the reconstruction operation of push-button reset.
-- **numPackagesFailed**  The number of packages that failed during the reconstruction operation of push-button reset.
-- **sessionID**  The ID of this push-button reset session.
-- **slowMode**  The mode of reconstruction.
-- **targetVersion**  The target version of the OS for the reconstruction.
-- **timestamp**  The timestamp of this push-button reset event.
-
-
-### Microsoft.Windows.PBR.ResetOptions
-
-This event returns data about the PBR (Push Button Reset) reset options selected by the user.
-
-The following fields are available:
-
-- **overwriteSpace**  Indicates whether the option was selected to erase data during push-button reset.
-- **preserveWorkplace**  Indicates whether the option was selected to reserve the workplace during push-button reset.
-- **scenario**  The selected scenario for the push-button on reset operation.
-- **sessionID**  The ID of this push-button on reset session.
-- **timestamp**  The timestamp of this push-button on reset event.
-- **usePayload**  Indicates whether Cloud PBR or Reconstruction was used.
-- **wipeData**  Indicates whether the option was selected to wipe additional drives during push-button reset.
-
-
-### Microsoft.Windows.PBR.RetryQueued
-
-This event returns data about the retry count when PBR (Push Button Reset) is restarted due to a reboot.
-
-The following fields are available:
-
-- **attempt**  The number of retry attempts that were made
-- **sessionID**  The ID of this push-button reset session.
-- **timestamp**  The timestamp of this push-button reset event.
-
-
-### Microsoft.Windows.PBR.ReturnedToOldOS
-
-This event returns data after PBR (Push Button Reset) has completed the rollback.
-
-The following fields are available:
-
-- **sessionID**  The ID of this push-button reset session.
-- **timestamp**  The timestamp  of this push-button reset event.
-
-
-### Microsoft.Windows.PBR.ReturnTaskSchedulingFailed
-
-This event returns data when there is a failure scheduling a boot into WinRE (Windows Recovery).
-
-The following fields are available:
-
-- **errorCode**  The error that occurred while scheduling the task.
-- **sessionID**  The ID of this push-button reset session.
-- **taskName**  The name of the task.
-- **timestamp**  The ID of this push-button reset event.
-
-
-### Microsoft.Windows.PBR.RollbackFinished
-
-This event returns data when the PBR (Push Button Reset) rollback completes.
-
-The following fields are available:
-
-- **error**  Any errors that occurred during rollback to the old operating system.
-- **sessionID**  The ID of this push-button reset session.
-- **succeeded**  Indicates whether the rollback succeeded.
-- **timestamp**  The timestamp of this push-button reset event.
-
-
-### Microsoft.Windows.PBR.RollbackStarted
-
-This event returns data when the PBR (Push Button Reset) rollback begins.
-
-The following fields are available:
-
-- **sessionID**  The ID of this push-button reset session.
-- **timestamp**  The timestamp of this push-button reset event.
-
-
-### Microsoft.Windows.PBR.ScenarioNotSupported
-
-This event returns data when the PBR (Push Button Reset) scenario selected is not supported on the device.
-
-The following fields are available:
-
-- **errorCode**  The error that occurred.
-- **reason**  The reason why this push-button reset scenario is not supported.
-- **sessionID**  The ID for this push-button reset session.
-- **timestamp**  The timestamp of this push-button reset event.
-
-
-### Microsoft.Windows.PBR.SessionCreated
-
-This event returns data when the PRB (Push Button Reset) session is created at the beginning of the UI (user interface) process.
-
-The following fields are available:
-
-- **sessionID**  The ID of this push-button reset session.
-- **timestamp**  The timestamp of this push-button reset event.
-
-
-### Microsoft.Windows.PBR.SessionResumed
-
-This event returns data when the PRB (Push Button Reset) session is resumed after reboots.
-
-The following fields are available:
-
-- **sessionID**  The ID of this push-button reset session.
-- **timestamp**  The timestamp of this push-button reset event.
-
-
-### Microsoft.Windows.PBR.SessionSaved
-
-This event returns data when the PRB (Push Button Reset) session is suspended between reboots.
-
-The following fields are available:
-
-- **sessionID**  The ID of this push-button reset session.
-- **timestamp**  The timestamp of this push-button reset event.
-
-
-### Microsoft.Windows.PBR.SetupExecuteFinished
-
-This event returns data when the PBR (Push Button Reset) setup finishes.
-
-The following fields are available:
-
-- **sessionID**  The ID of this push-button reset session.
-- **systemState**  Information about the system state of the Setup Platform operation.
-- **timestamp**  The timestamp of this push-button reset event.
-
-
-### Microsoft.Windows.PBR.SetupExecuteStarted
-
-This event returns data when the PBR (Push Button Reset) setup starts.
-
-The following fields are available:
-
-- **sessionID**  The ID of this push-button reset session.
-- **timestamp**  The timestamp for this push-button reset event.
-
-
-### Microsoft.Windows.PBR.SetupFinalizeStarted
-
-This event returns data when the Finalize operation is completed by setup during PBR (Push Button Reset).
-
-The following fields are available:
-
-- **sessionID**  The ID of this push-button reset session.
-- **timestamp**  The timestamp for this push-button reset event.
-
-
-### Microsoft.Windows.PBR.SetupOperationFailed
-
-This event returns data when a PRB (Push Button Reset) setup operation fails.
-
-The following fields are available:
-
-- **errorCode**  An error that occurred during the setup phase of push-button reset.
-- **sessionID**  The ID of this push-button reset session.
-- **setupExecutionOperation**  The name of the Setup Platform operation.
-- **setupExecutionPhase**  The phase of the setup operation that failed.
-- **timestamp**  The timestamp of this push-button reset event.
-
-
-### Microsoft.Windows.PBR.SystemInfoField
-
-This event returns data about the device when the user initiates the PBR UI (Push Button Reset User Interface), to ensure the appropriate reset options are shown to the user.
-
-The following fields are available:
-
-- **name**  Name of the system information field.
-- **sessionID**  The ID of this push-button reset session.
-- **timestamp**  The timestamp of this push-button reset event.
-- **value**  The system information field value.
-
-
-### Microsoft.Windows.PBR.SystemInfoListItem
-
-This event returns data about the device when the user initiates the PBR UI (Push Button Reset User Interface), to ensure the appropriate options can be shown to the user.
-
-The following fields are available:
-
-- **index**  The index number associated with the system information item.
-- **name**  The name of the list of system information items.
-- **sessionID**  The ID of this push-button reset session.
-- **timestamp**  The timestamp for this push-button reset event.
-- **value**  The value of the system information item.
-
-
-### Microsoft.Windows.PBR.SystemInfoSenseFinished
-
-This event returns data when System Info Sense is finished.
-
-The following fields are available:
-
-- **error**  The error code if an error occurred while querying for system information.
-- **errorCode**  Represents any error code during the API call.
-- **sessionID**  The ID of this push-button reset session.
-- **succeeded**  Indicates whether the query for system information was successful.
-- **timestamp**  The timestamp of this push-button reset event.
-
-
-### Microsoft.Windows.PBR.SystemInfoSenseStarted
-
-This event returns data when System Info Sense is started.
-
-The following fields are available:
-
-- **sessionID**  The ID of this push-button reset event.
-- **timestamp**  The timestamp of this push-button reset event.
-
-
-### Microsoft.Windows.PBR.UserAcknowledgeCleanupWarning
-
-This event returns data when the user acknowledges the cleanup warning pop-up after PRB (Push Button Reset) is complete.
-
-The following fields are available:
-
-- **sessionID**  The ID of this push-button reset session.
-- **timestamp**  The timestamp for this push-button reset event.
-
-
-### Microsoft.Windows.PBR.UserCancel
-
-This event returns data when the user confirms they wish to cancel PBR (Push Button Reset) from the user interface.
-
-The following fields are available:
-
-- **pageID**  The page ID for the page the user canceled.
-- **sessionID**  The ID of this push-button reset session.
-- **timestamp**  The timestamp for this push-button reset event.
-
-
-### Microsoft.Windows.PBR.UserConfirmStart
-
-This event returns data when the user confirms they wish to reset their device and PBR (Push Button Reset) begins.
-
-The following fields are available:
-
-- **sessionID**  The ID of this push-button reset session.
-- **timestamp**  The timestamp for this push-button reset event.
-
-
-### Microsoft.Windows.PBR.WinREInstallFinished
-
-This event returns data when WinRE (Windows Recovery) installation is complete.
-
-The following fields are available:
-
-- **errorCode**  Any error that occurred during the Windows Recovery Environment (WinRE) installation.
-- **sessionID**  The ID of this push-button reset session.
-- **success**  Indicates whether the Windows Recovery Environment (WinRE) installation successfully completed.
-- **timestamp**  The timestamp for this push-button reset event.
-
-
-### Microsoft.Windows.PBR.WinREInstallStarted
-
-This event returns data when WinRE (Windows Recovery) installation starts.
-
-The following fields are available:
-
-- **sessionID**  The ID of this push-button reset session.
-- **timestamp**  The timestamp for this push-button reset event.
-
-
 ## Quality Update Assistant events
 
 ### Microsoft.Windows.QualityUpdateAssistant.Applicability
 
-This event sends basic info on whether the device should be updated to the latest cumulative update.
+This event sends basic info on whether the device should be updated to the latest cumulative update. The data collected with this event is used to help keep Windows up to date and secure.
 
 The following fields are available:
 
@@ -5532,7 +5488,7 @@ The following fields are available:
 
 ### Microsoft.Windows.QualityUpdateAssistant.DeviceReadinessCheck
 
-This event sends basic info on whether the device is ready to download the latest cumulative update.
+This event sends basic info on whether the device is ready to download the latest cumulative update. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -5547,7 +5503,7 @@ The following fields are available:
 
 ### Microsoft.Windows.QualityUpdateAssistant.Download
 
-This event sends basic info when download of the latest cumulative update begins.
+This event sends basic info when download of the latest cumulative update begins. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -5566,7 +5522,7 @@ The following fields are available:
 
 ### Microsoft.Windows.QualityUpdateAssistant.Install
 
-This event sends basic info on the result of the installation of the latest cumulative update.
+This event sends basic info on the result of the installation of the latest cumulative update. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -5591,7 +5547,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Sediment.Info.DetailedState
 
-This event is sent when detailed state information is needed from an update trial run.
+This event is sent when detailed state information is needed from an update trial run. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -5623,6 +5579,7 @@ The following fields are available:
 
 - **FieldName**  Retrieves the event name/data point. Examples: InstallStartTime, InstallEndtime, OverallResult etc.
 - **GroupName**  Retrieves the groupname the event belongs to. Example: Install Information, DU Information, Disk Space Information etc.
+- **InstanceID**  This is a unique GUID to track individual instances of SetupPlatform that will help us tie events from a single instance together.
 - **Value**  Value associated with the corresponding event name. For example, time-related events will include the system time
 
 
@@ -5649,6 +5606,7 @@ The following fields are available:
 
 - **FieldName**  Retrieves the event name/data point. Examples: InstallStartTime, InstallEndtime, OverallResult etc.
 - **GroupName**  Retrieves the groupname the event belongs to. Example: Install Information, DU Information, Disk Space Information etc.
+- **InstanceID**  This is a unique GUID to track individual instances of SetupPlatform that will help us tie events from a single instance together.
 - **Value**  Retrieves the value associated with the corresponding event name (Field Name). For example: For time related events this will include the system time.
 
 
@@ -5656,7 +5614,7 @@ The following fields are available:
 
 ### SoftwareUpdateClientTelemetry.CheckForUpdates
 
-Scan process event on Windows Update client. See the EventScenario field for specifics (started/failed/succeeded).
+This event sends tracking data about the software distribution client check for content that is applicable to a device, to help keep Windows up to date.
 
 The following fields are available:
 
@@ -5743,7 +5701,7 @@ The following fields are available:
 
 ### SoftwareUpdateClientTelemetry.Commit
 
-This event tracks the commit process post the update installation when software update client is trying to update the device.
+This event sends data on whether the Update Service has been called to execute an upgrade, to help keep Windows up to date.
 
 The following fields are available:
 
@@ -5774,7 +5732,7 @@ The following fields are available:
 
 ### SoftwareUpdateClientTelemetry.Download
 
-Download process event for target update on Windows Update client. See the EventScenario field for specifics (started/failed/succeeded).
+This event sends tracking data about the software distribution client download of the content for that update, to help keep Windows up to date.
 
 The following fields are available:
 
@@ -5865,7 +5823,7 @@ The following fields are available:
 
 ### SoftwareUpdateClientTelemetry.DownloadCheckpoint
 
-This event provides a checkpoint between each of the Windows Update download phases for UUP content
+This event provides a checkpoint between each of the Windows Update download phases for UUP content. The data collected with this event is used to help keep Windows up to date, secure, and performing properly.
 
 The following fields are available:
 
@@ -5887,7 +5845,7 @@ The following fields are available:
 
 ### SoftwareUpdateClientTelemetry.DownloadHeartbeat
 
-This event allows tracking of ongoing downloads and contains data to explain the current state of the download
+This event allows tracking of ongoing downloads and contains data to explain the current state of the download. The data collected with this event is used to help keep Windows up to date, secure, and performing properly.
 
 The following fields are available:
 
@@ -5990,7 +5948,7 @@ The following fields are available:
 
 ### SoftwareUpdateClientTelemetry.Revert
 
-Revert event for target update on Windows Update Client. See EventScenario field for specifics (for example, Started/Failed/Succeeded).
+This is a revert event for target update on Windows Update Client. See EventScenario field for specifics (for example, Started/Failed/Succeeded). The data collected with this event is used to help keep Windows up to date, secure, and performing properly.
 
 The following fields are available:
 
@@ -6037,7 +5995,7 @@ The following fields are available:
 
 ### SoftwareUpdateClientTelemetry.TaskRun
 
-Start event for Server Initiated Healing client. See EventScenario field for specifics (for example, started/completed).
+This is a start event for Server Initiated Healing client. See EventScenario field for specifics (for example, started/completed). The data collected with this event is used to help keep Windows up to date, secure, and performing properly.
 
 The following fields are available:
 
@@ -6053,7 +6011,7 @@ The following fields are available:
 
 ### SoftwareUpdateClientTelemetry.Uninstall
 
-Uninstall event for target update on Windows Update Client. See EventScenario field for specifics (for example, Started/Failed/Succeeded).
+This is an uninstall event for target update on Windows Update Client. See EventScenario field for specifics (for example, Started/Failed/Succeeded). The data collected with this event is used to help keep Windows up to date, secure, and performing properly.
 
 The following fields are available:
 
@@ -6080,6 +6038,7 @@ The following fields are available:
 - **IsSuccessFailurePostReboot**  Indicates whether an initial success was then a failure after a reboot.
 - **IsWUfBDualScanEnabled**  Flag indicating whether WU-for-Business dual scan is enabled on the device.
 - **IsWUfBEnabled**  Flag indicating whether WU-for-Business is enabled on the device.
+- **IsWUfBTargetVersionEnabled**  Flag that indicates if the WU-for-Business target version policy is enabled on the device.
 - **MergedUpdate**  Indicates whether an OS update and a BSP update were merged for install.
 - **ProcessName**  Process name of the caller who initiated API calls into the software distribution client.
 - **QualityUpdatePause**  Indicates whether quality OS updates are paused on the device.
@@ -6098,7 +6057,7 @@ The following fields are available:
 
 ### SoftwareUpdateClientTelemetry.UpdateDetected
 
-This event sends data about an AppX app that has been updated from the Microsoft Store, including what app needs an update and what version/architecture is required, in order to understand and address problems with apps getting required updates.
+This event sends data about an AppX app that has been updated from the Microsoft Store, including what app needs an update and what version/architecture is required, in order to understand and address problems with apps getting required updates. The data collected with this event is used to help keep Windows up to date, secure, and performing properly.
 
 The following fields are available:
 
@@ -6113,7 +6072,7 @@ The following fields are available:
 
 ### SoftwareUpdateClientTelemetry.UpdateMetadataIntegrity
 
-Ensures Windows Updates are secure and complete. Event helps to identify whether update content has been tampered with and protects against man-in-the-middle attack.
+This event helps to identify whether update content has been tampered with and protects against man-in-the-middle attack. The data collected with this event is used to help keep Windows up to date, secure, and performing properly.
 
 The following fields are available:
 
@@ -6146,13 +6105,13 @@ The following fields are available:
 
 ### Microsoft.Windows.SysReset.FlightUninstallCancel
 
-This event indicates the customer has cancelled uninstallation of Windows.
+This event indicates the customer has cancelled uninstallation of Windows. The data collected with this event is used to keep Windows performing properly and helps with tracking the health of recovery and OSUninstall scenarios.
 
 
 
 ### Microsoft.Windows.SysReset.FlightUninstallError
 
-This event sends an error code when the Windows uninstallation fails.
+This event sends an error code when the Windows uninstallation fails. The data collected with this event is used to keep Windows performing properly and helps with tracking the health of recovery and OSUninstall scenarios.
 
 The following fields are available:
 
@@ -6161,19 +6120,19 @@ The following fields are available:
 
 ### Microsoft.Windows.SysReset.FlightUninstallReboot
 
-This event is sent to signal an upcoming reboot during uninstallation of Windows.
+This event is sent to signal an upcoming reboot during uninstallation of Windows. The data collected with this event is used to keep Windows performing properly and helps with tracking the health of recovery and OSUninstall scenarios.
 
 
 
 ### Microsoft.Windows.SysReset.FlightUninstallStart
 
-This event indicates that the Windows uninstallation has started.
+This event indicates that the Windows uninstallation has started. The data collected with this event is used to keep Windows performing properly and helps with tracking the health of recovery and OSUninstall scenarios.
 
 
 
 ### Microsoft.Windows.SysReset.FlightUninstallUnavailable
 
-This event sends diagnostic data when the Windows uninstallation is not available.
+This event sends diagnostic data when the Windows uninstallation is not available. The data collected with this event is used to keep Windows performing properly and helps with tracking the health of recovery and OSUninstall scenarios.
 
 The following fields are available:
 
@@ -6185,13 +6144,13 @@ The following fields are available:
 
 ### Microsoft.Windows.SysReset.HasPendingActions
 
-This event is sent when users have actions that will block the uninstall of the latest quality update.
+This event is sent when users have actions that will block the uninstall of the latest quality update. The data collected with this event is used to keep Windows performing properly and helps with tracking the health of recovery and OSUninstall scenarios.
 
 
 
 ### Microsoft.Windows.SysReset.IndicateLCUWasUninstalled
 
-This event is sent when the registry indicates that the latest cumulative Windows update package has finished uninstalling.
+This event is sent when the registry indicates that the latest cumulative Windows update package has finished uninstalling. The data collected with this event is used to keep Windows performing properly and helps with tracking the health of recovery and OSUninstall scenarios.
 
 The following fields are available:
 
@@ -6200,7 +6159,7 @@ The following fields are available:
 
 ### Microsoft.Windows.SysReset.LCUUninstall
 
-This event is sent when the latest cumulative Windows update was uninstalled on a device.
+This event is sent when the latest cumulative Windows update was uninstalled on a device. The data collected with this event is used to keep Windows performing properly and helps with tracking the health of recovery and OSUninstall scenarios.
 
 The following fields are available:
 
@@ -6211,7 +6170,7 @@ The following fields are available:
 
 ### Microsoft.Windows.SysReset.PBRBlockedByPolicy
 
-This event is sent when a push-button reset operation is blocked by the System Administrator.
+This event is sent when a push-button reset operation is blocked by the System Administrator. The data collected with this event is used to keep Windows performing properly and helps with tracking the health of recovery and OSUninstall scenarios.
 
 The following fields are available:
 
@@ -6221,7 +6180,7 @@ The following fields are available:
 
 ### Microsoft.Windows.SysReset.PBREngineInitFailed
 
-This event signals a failed handoff between two recovery binaries.
+This event signals a failed handoff between two recovery binaries. The data collected with this event is used to keep Windows performing properly and helps with tracking the health of recovery and OSUninstall scenarios.
 
 The following fields are available:
 
@@ -6230,7 +6189,7 @@ The following fields are available:
 
 ### Microsoft.Windows.SysReset.PBREngineInitSucceed
 
-This event signals successful handoff between two recovery binaries.
+This event signals successful handoff between two recovery binaries. The data collected with this event is used to keep Windows performing properly and helps with tracking the health of recovery and OSUninstall scenarios.
 
 The following fields are available:
 
@@ -6239,7 +6198,7 @@ The following fields are available:
 
 ### Microsoft.Windows.SysReset.PBRFailedOffline
 
-This event reports the error code when recovery fails.
+This event reports the error code when recovery fails. The data collected with this event is used to keep Windows performing properly and helps with tracking the health of recovery and OSUninstall scenarios.
 
 The following fields are available:
 
@@ -6250,7 +6209,7 @@ The following fields are available:
 
 ### Microsoft.Windows.SystemReset.EsimPresentCheck
 
-This event is sent when a device is checked to see whether it has an embedded SIM (eSIM).
+This event is sent when a device is checked to see whether it has an embedded SIM (eSIM). The data collected with this event is used to keep Windows performing properly and helps with tracking the health of recovery and OSUninstall scenarios.
 
 The following fields are available:
 
@@ -6261,7 +6220,7 @@ The following fields are available:
 
 ### Microsoft.Windows.SystemReset.PBRCorruptionRepairOption
 
-This event sends corruption repair diagnostic data when the PBRCorruptionRepairOption encounters a corruption error.
+This event sends corruption repair diagnostic data when the PBRCorruptionRepairOption encounters a corruption error. The data collected with this event is used to keep Windows performing properly and helps with tracking the health of recovery and OSUninstall scenarios.
 
 The following fields are available:
 
@@ -6273,7 +6232,7 @@ The following fields are available:
 
 ### Microsoft.Windows.SystemReset.RepairNeeded
 
-This event provides information about whether a system reset needs repair.
+This event provides information about whether a system reset needs repair. The data collected with this event is used to keep Windows performing properly and helps with tracking the health of recovery and OSUninstall scenarios.
 
 The following fields are available:
 
@@ -6285,7 +6244,7 @@ The following fields are available:
 
 ### Microsoft.Windows.UEFI.ESRT
 
-This event sends basic data during boot about the firmware loaded or recently installed on the machine. This helps to keep Windows up to date.
+This event sends basic data during boot about the firmware loaded or recently installed on the machine. The data collected with this event is used to help keep Windows up to date and performing properly.
 
 The following fields are available:
 
@@ -6313,7 +6272,7 @@ The following fields are available:
 
 ### Update360Telemetry.Revert
 
-This event sends data relating to the Revert phase of updating Windows.
+This event sends data relating to the Revert phase of updating Windows. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -6331,10 +6290,11 @@ The following fields are available:
 
 ### Update360Telemetry.UpdateAgentCommit
 
-This event collects information regarding the commit phase of the new Unified Update Platform (UUP) update scenario, which is leveraged by both Mobile and Desktop.
+This event collects information regarding the commit phase of the new Unified Update Platform (UUP) update scenario, which is leveraged by both Mobile and Desktop. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
+- **CancelRequested**  Boolean that indicates whether cancel was requested.
 - **ErrorCode**  The error code returned for the current install phase.
 - **FlightId**  Unique ID for each flight.
 - **ObjectId**  Unique value for each Update Agent mode.
@@ -6347,13 +6307,18 @@ The following fields are available:
 
 ### Update360Telemetry.UpdateAgentDownloadRequest
 
-This event sends data for the download request phase of updating Windows via the new Unified Update Platform (UUP) scenario. Applicable to PC and Mobile.
+This event sends data for the download request phase of updating Windows via the new Unified Update Platform (UUP) scenario. Applicable to PC and Mobile. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
+- **CancelRequested**  Boolean indicating whether a cancel was requested.
 - **ContainsSafeOSDUPackage**  Boolean indicating whether Safe DU packages are part of the payload.
 - **DeletedCorruptFiles**  Boolean indicating whether corrupt payload was deleted.
 - **DownloadComplete**  Indicates if the download is complete.
+- **DownloadedSizeCanonical**  Cumulative size (in bytes) of downloaded canonical content.
+- **DownloadedSizeDiff**  Cumulative size (in bytes) of downloaded diff content.
+- **DownloadedSizeExpress**  Cumulative size (in bytes) of downloaded express content.
+- **DownloadedSizePSFX**  Cumulative size (in bytes) of downloaded PSFX content.
 - **DownloadRequests**  Number of times a download was retried.
 - **ErrorCode**  The error code returned for the current download request phase.
 - **ExtensionName**  Indicates whether the payload is related to Operating System content or a plugin.
@@ -6384,10 +6349,11 @@ The following fields are available:
 
 ### Update360Telemetry.UpdateAgentExpand
 
-This event collects information regarding the expansion phase of the new Unified Update Platform (UUP) update scenario, which is leveraged by both Mobile and Desktop.
+This event collects information regarding the expansion phase of the new Unified Update Platform (UUP) update scenario, which is leveraged by both Mobile and Desktop. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
+- **CancelRequested**  Boolean that indicates whether a cancel was requested.
 - **CanonicalRequestedOnError**  Indicates if an error caused a reversion to a different type of compressed update (TRUE or FALSE).
 - **ElapsedTickCount**  Time taken for expand phase.
 - **EndFreeSpace**  Free space after expand phase.
@@ -6405,7 +6371,7 @@ The following fields are available:
 
 ### Update360Telemetry.UpdateAgentInitialize
 
-This event sends data for the initialize phase of updating Windows via the new Unified Update Platform (UUP) scenario, which is applicable to both PCs and Mobile.
+This event sends data for the initialize phase of updating Windows via the new Unified Update Platform (UUP) scenario, which is applicable to both PCs and Mobile. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -6423,10 +6389,11 @@ The following fields are available:
 
 ### Update360Telemetry.UpdateAgentInstall
 
-This event sends data for the install phase of updating Windows.
+This event sends data for the install phase of updating Windows. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
+- **CancelRequested**  Boolean to indicate whether a cancel was requested.
 - **ErrorCode**  The error code returned for the current install phase.
 - **ExtensionName**  Indicates whether the payload is related to Operating System content or a plugin.
 - **FlightId**  Unique value for each Update Agent mode (same concept as InstanceId for Setup360).
@@ -6441,7 +6408,7 @@ The following fields are available:
 
 ### Update360Telemetry.UpdateAgentMerge
 
-The UpdateAgentMerge event sends data on the merge phase when updating Windows.
+The UpdateAgentMerge event sends data on the merge phase when updating Windows. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -6458,7 +6425,7 @@ The following fields are available:
 
 ### Update360Telemetry.UpdateAgentMitigationResult
 
-This event sends data indicating the result of each update agent mitigation.
+This event sends data indicating the result of each update agent mitigation. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -6484,7 +6451,7 @@ The following fields are available:
 
 ### Update360Telemetry.UpdateAgentMitigationSummary
 
-This event sends a summary of all the update agent mitigations available for an this update.
+This event sends a summary of all the update agent mitigations available for an this update. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -6504,7 +6471,7 @@ The following fields are available:
 
 ### Update360Telemetry.UpdateAgentModeStart
 
-This event sends data for the start of each mode during the process of updating Windows via the new Unified Update Platform (UUP) scenario. Applicable to both PCs and Mobile.
+This event sends data for the start of each mode during the process of updating Windows via the new Unified Update Platform (UUP) scenario. Applicable to both PCs and Mobile. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -6520,7 +6487,7 @@ The following fields are available:
 
 ### Update360Telemetry.UpdateAgentOneSettings
 
-This event collects information regarding the post reboot phase of the new UUP (Unified Update Platform) update scenario; which is leveraged by both Mobile and Desktop.
+This event collects information regarding the post reboot phase of the new UUP (Unified Update Platform) update scenario; which is leveraged by both Mobile and Desktop. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -6538,7 +6505,7 @@ The following fields are available:
 
 ### Update360Telemetry.UpdateAgentPostRebootResult
 
-This event collects information for both Mobile and Desktop regarding the post reboot phase of the new Unified Update Platform (UUP) update scenario.
+This event collects information for both Mobile and Desktop regarding the post reboot phase of the new Unified Update Platform (UUP) update scenario. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -6547,14 +6514,16 @@ The following fields are available:
 - **ObjectId**  Unique value for each Update Agent mode.
 - **PostRebootResult**  Indicates the Hresult.
 - **RelatedCV**  Correlation vector value generated from the latest USO scan.
+- **RollbackFailureReason**  Indicates the cause of the rollback.
 - **ScenarioId**  The scenario ID. Example: MobileUpdate, DesktopLanguagePack, DesktopFeatureOnDemand, or DesktopDriverUpdate.
 - **SessionId**  Unique value for each update attempt.
 - **UpdateId**  Unique ID for each update.
+- **UpdateOutputState**  A numeric value indicating the state of the update at the time of reboot.
 
 
 ### Update360Telemetry.UpdateAgentReboot
 
-This event sends information indicating that a request has been sent to suspend an update.
+This event sends information indicating that a request has been sent to suspend an update. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -6573,7 +6542,7 @@ The following fields are available:
 
 ### Update360Telemetry.UpdateAgentSetupBoxLaunch
 
-The UpdateAgent_SetupBoxLaunch event sends data for the launching of the setup box when updating Windows via the new Unified Update Platform (UUP) scenario. This event is only applicable to PCs.
+The UpdateAgent_SetupBoxLaunch event sends data for the launching of the setup box when updating Windows via the new Unified Update Platform (UUP) scenario. This event is only applicable to PCs. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -6596,7 +6565,7 @@ The following fields are available:
 
 ### Microsoft.Windows.UpdateNotificationPipeline.UNPCampaignManagerHeartbeat
 
-This event is sent at the start of the CampaignManager event and is intended to be used as a heartbeat.
+This event is sent at the start of the CampaignManager event and is intended to be used as a heartbeat. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -6629,7 +6598,7 @@ The following fields are available:
 
 ### FacilitatorTelemetry.DUDownload
 
-This event returns data about the download of supplemental packages critical to upgrading a device to the next version of Windows.
+This event returns data about the download of supplemental packages critical to upgrading a device to the next version of Windows. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -6639,7 +6608,7 @@ The following fields are available:
 
 ### FacilitatorTelemetry.InitializeDU
 
-This event determines whether devices received additional or critical supplemental content during an OS upgrade.
+This event determines whether devices received additional or critical supplemental content during an OS upgrade. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -6697,7 +6666,7 @@ The following fields are available:
 
 ### Setup360Telemetry.OsUninstall
 
-This event sends data regarding OS updates and upgrades from Windows 7, Windows 8, and Windows 10. Specifically, it indicates the outcome of an OS uninstall.
+This event sends data regarding OS updates and upgrades from Windows 7, Windows 8, and Windows 10. Specifically, it indicates the outcome of an OS uninstall. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -6861,7 +6830,7 @@ The following fields are available:
 
 ### Setup360Telemetry.Setup360MitigationResult
 
-This event sends data indicating the result of each setup mitigation.
+This event sends data indicating the result of each setup mitigation. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -6886,7 +6855,7 @@ The following fields are available:
 
 ### Setup360Telemetry.Setup360MitigationSummary
 
-This event sends a summary of all the setup mitigations available for this update.
+This event sends a summary of all the setup mitigations available for this update. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -6905,7 +6874,7 @@ The following fields are available:
 
 ### Setup360Telemetry.Setup360OneSettings
 
-This event collects information regarding the post reboot phase of the new UUP (Unified Update Platform) update scenario; which is leveraged by both Mobile and Desktop.
+This event collects information regarding the post reboot phase of the new UUP (Unified Update Platform) update scenario; which is leveraged by both Mobile and Desktop. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -6944,9 +6913,35 @@ The following fields are available:
 
 ## Windows as a Service diagnostic events
 
+### Microsoft.Windows.WaaSMedic.DetectionFailed
+
+This event is sent when WaaSMedic fails to apply the named diagnostic. The data collected with this event is used to help keep Windows secure and up to date.
+
+The following fields are available:
+
+- **diagnostic**  Parameter where the diagnostic failed.
+- **hResult**  Error code from attempting the diagnostic.
+- **isDetected**  Flag indicating whether the condition was detected.
+- **pluginName**  Name of the attempted diagnostic.
+- **versionString**  The version number of the remediation engine.
+
+
+### Microsoft.Windows.WaaSMedic.RemediationFailed
+
+This event is sent when the WaaS Medic update stack remediation tool fails to apply a described resolution to a problem that is blocking Windows Update from operating correctly on a target device. The data collected with this event is used to help keep Windows secure and up to date.
+
+The following fields are available:
+
+- **diagnostic**  Parameter where the resolution failed.
+- **hResult**  Error code that resulted from attempting the resolution.
+- **isRemediated**  Indicates whether the condition was remediated.
+- **pluginName**  Name of the attempted resolution.
+- **versionString**  Version of the engine.
+
+
 ### Microsoft.Windows.WaaSMedic.SummaryEvent
 
-Result of the WaaSMedic operation.
+This event provides the result of the WaaSMedic operation. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -6997,7 +6992,7 @@ The following fields are available:
 
 ### Value
 
-This event returns data about Mean Time to Failure (MTTF) for Windows devices. It is the primary means of estimating reliability problems in Basic Diagnostic reporting with very strong privacy guarantees. Since Basic Diagnostic reporting does not include system up-time, and since that information is important to ensuring the safe and stable operation of Windows, the data provided by this event provides that data in a manner which does not threaten a user’s privacy.
+This event returns data about Mean Time to Failure (MTTF) for Windows devices. It is the primary means of estimating reliability problems in Basic Diagnostic reporting with very strong privacy guarantees. Since Basic Diagnostic reporting does not include system up-time, and since that information is important to ensuring the safe and stable operation of Windows, the data provided by this event provides that data in a manner which does not threaten a user’s privacy. The data collected with this event is used to keep Windows performing properly.
 
 The following fields are available:
 
@@ -7024,7 +7019,7 @@ The following fields are available:
 
 ### WheaProvider.WheaErrorRecord
 
-This event collects data about common platform hardware error recorded by the Windows Hardware Error Architecture (WHEA) mechanism.
+This event collects data about common platform hardware error recorded by the Windows Hardware Error Architecture (WHEA) mechanism. The data collected with this event is used to help keep Windows up to date and performing properly.
 
 The following fields are available:
 
@@ -7045,7 +7040,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Security.WSC.DatastoreMigratedVersion
 
-This event provides information about the datastore migration and whether it was successful.
+This event provides information about the datastore migration and whether it was successful. The data collected with this event is used to keep Windows performing properly.
 
 The following fields are available:
 
@@ -7056,7 +7051,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Security.WSC.GetCallerViaWdsp
 
-This event returns data if the registering product EXE (executable file) does not allow COM (Component Object Model) impersonation.
+This event returns data if the registering product EXE (executable file) does not allow COM (Component Object Model) impersonation. The data collected with this event is used to help keep Windows secure and performing properly.
 
 The following fields are available:
 
@@ -7466,7 +7461,7 @@ The following fields are available:
 
 ### Microsoft.Windows.UpdateCsp.ExecuteRollBackFeatureFailed
 
-This event sends basic telemetry on the failure of the Feature Rollback.
+This event sends basic telemetry on the failure of the Feature Rollback. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -7482,7 +7477,7 @@ The following fields are available:
 
 ### Microsoft.Windows.UpdateCsp.ExecuteRollBackFeatureNotApplicable
 
-This event sends basic telemetry on whether Feature Rollback (rolling back features updates) is applicable to a device.
+This event sends basic telemetry on whether Feature Rollback (rolling back features updates) is applicable to a device. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -7497,7 +7492,44 @@ The following fields are available:
 
 ### Microsoft.Windows.UpdateCsp.ExecuteRollBackFeatureStarted
 
-This event sends basic information indicating that Feature Rollback has started.
+This event sends basic information indicating that Feature Rollback has started. The data collected with this event is used to help keep Windows secure and up to date.
+
+
+
+### Microsoft.Windows.UpdateCsp.ExecuteRollBackQualityFailed
+
+This event sends basic telemetry on the failure of the rollback of the Quality/LCU builds. The data collected with this event is used to help keep Windows secure and up to date.
+
+The following fields are available:
+
+- **current**  Result of currency check.
+- **dismOperationSucceeded**  Dism uninstall operation status.
+- **hResult**  Failure Error code.
+- **oSVersion**  Build number of the device.
+- **paused**  Indicates whether the device is paused.
+- **rebootRequestSucceeded**  Reboot Configuration Service Provider (CSP) call success status.
+- **sacDevice**  Release Channel.
+- **wUfBConnected**  Result of Windows Update for Business connection check.
+
+
+### Microsoft.Windows.UpdateCsp.ExecuteRollBackQualityNotApplicable
+
+This event informs you whether a rollback of Quality updates is applicable to the devices that you are attempting to rollback. The data collected with this event is used to help keep Windows secure and up to date.
+
+The following fields are available:
+
+- **current**  Result of currency check.
+- **dismOperationSucceeded**  Dism uninstall operation status.
+- **oSVersion**  Build number of the device.
+- **paused**  Indicates whether the device is paused.
+- **rebootRequestSucceeded**  Reboot Configuration Service Provider (CSP) call success status.
+- **sacDevice**  Device in the semi-annual channel.
+- **wUfBConnected**  Result of WUfB connection check.
+
+
+### Microsoft.Windows.UpdateCsp.ExecuteRollBackQualityStarted
+
+This event indicates that the Quality Rollback process has started. The data collected with this event is used to help keep Windows secure and up to date.
 
 
 
@@ -7505,7 +7537,7 @@ This event sends basic information indicating that Feature Rollback has started.
 
 ### Microsoft.OSG.DU.DeliveryOptClient.DownloadCanceled
 
-This event describes when a download was canceled with Delivery Optimization. It's used to understand and address problems regarding downloads.
+This event describes when a download was canceled with Delivery Optimization. It's used to understand and address problems regarding downloads. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -7539,7 +7571,7 @@ The following fields are available:
 
 ### Microsoft.OSG.DU.DeliveryOptClient.DownloadCompleted
 
-This event describes when a download has completed with Delivery Optimization. It's used to understand and address problems regarding downloads.
+This event describes when a download has completed with Delivery Optimization. It's used to understand and address problems regarding downloads. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -7595,7 +7627,7 @@ The following fields are available:
 
 ### Microsoft.OSG.DU.DeliveryOptClient.DownloadPaused
 
-This event represents a temporary suspension of a download with Delivery Optimization. It's used to understand and address problems regarding downloads.
+This event represents a temporary suspension of a download with Delivery Optimization. It's used to understand and address problems regarding downloads. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -7615,7 +7647,7 @@ The following fields are available:
 
 ### Microsoft.OSG.DU.DeliveryOptClient.DownloadStarted
 
-This event sends data describing the start of a new download to enable Delivery Optimization. It's used to understand and address problems regarding downloads.
+This event sends data describing the start of a new download to enable Delivery Optimization. It's used to understand and address problems regarding downloads. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -7652,7 +7684,7 @@ The following fields are available:
 
 ### Microsoft.OSG.DU.DeliveryOptClient.FailureCdnCommunication
 
-This event represents a failure to download from a CDN with Delivery Optimization. It's used to understand and address problems regarding downloads.
+This event represents a failure to download from a CDN with Delivery Optimization. It's used to understand and address problems regarding downloads. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -7674,7 +7706,7 @@ The following fields are available:
 
 ### Microsoft.OSG.DU.DeliveryOptClient.JobError
 
-This event represents a Windows Update job error. It allows for investigation of top errors.
+This event represents a Windows Update job error. It allows for investigation of top errors. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -7690,7 +7722,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.DeviceUpdateAgent.UpdateAgentAnalysisSummary
 
-This event collects information regarding the state of devices and drivers on the system following a reboot after the install phase of the new device manifest UUP (Unified Update Platform) update scenario which is used to install a device manifest describing a set of driver packages.
+This event collects information regarding the state of devices and drivers on the system following a reboot after the install phase of the new device manifest UUP (Unified Update Platform) update scenario which is used to install a device manifest describing a set of driver packages. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -7714,7 +7746,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.DeviceUpdateAgent.UpdateAgentCommit
 
-This event collects information regarding the final commit phase of the new device manifest UUP (Unified Update Platform) update scenario, which is used to install a device manifest describing a set of driver packages.
+This event collects information regarding the final commit phase of the new device manifest UUP (Unified Update Platform) update scenario, which is used to install a device manifest describing a set of driver packages. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -7730,7 +7762,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.DeviceUpdateAgent.UpdateAgentDownloadRequest
 
-This event collects information regarding the download request phase of the new device manifest UUP (Unified Update Platform) update scenario, which is used to install a device manifest describing a set of driver packages.
+This event collects information regarding the download request phase of the new device manifest UUP (Unified Update Platform) update scenario, which is used to install a device manifest describing a set of driver packages. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -7757,7 +7789,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.DeviceUpdateAgent.UpdateAgentInitialize
 
-This event sends data for initializing a new update session for the new device manifest UUP (Unified Update Platform) update scenario, which is used to install a device manifest describing a set of driver packages.
+This event sends data for initializing a new update session for the new device manifest UUP (Unified Update Platform) update scenario, which is used to install a device manifest describing a set of driver packages. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -7775,7 +7807,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.DeviceUpdateAgent.UpdateAgentInstall
 
-This event collects information regarding the install phase of the new device manifest UUP (Unified Update Platform) update scenario, which is used to install a device manifest describing a set of driver packages.
+This event collects information regarding the install phase of the new device manifest UUP (Unified Update Platform) update scenario, which is used to install a device manifest describing a set of driver packages. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -7791,7 +7823,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.DeviceUpdateAgent.UpdateAgentModeStart
 
-This event sends data for the start of each mode during the process of updating device manifest assets via the UUP (Unified Update Platform) update scenario, which is used to install a device manifest describing a set of driver packages.
+This event sends data for the start of each mode during the process of updating device manifest assets via the UUP (Unified Update Platform) update scenario, which is used to install a device manifest describing a set of driver packages. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -7806,7 +7838,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.NotificationUx.DialogNotificationToBeDisplayed
 
-This event indicates that a notification dialog box is about to be displayed to user.
+This event indicates that a notification dialog box is about to be displayed to user. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -7832,7 +7864,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.NotificationUx.EnhancedEngagedRebootAcceptAutoDialog
 
-This event indicates that the Enhanced Engaged restart "accept automatically" dialog box was displayed.
+This event indicates that the Enhanced Engaged restart "accept automatically" dialog box was displayed. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -7849,7 +7881,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.NotificationUx.EnhancedEngagedRebootRebootFailedDialog
 
-This event indicates that the Enhanced Engaged restart "restart failed" dialog box was displayed.
+This event indicates that the Enhanced Engaged restart "restart failed" dialog box was displayed. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -7866,7 +7898,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.NotificationUx.EnhancedEngagedRebootRebootImminentDialog
 
-This event indicates that the Enhanced Engaged restart "restart imminent" dialog box was displayed.
+This event indicates that the Enhanced Engaged restart "restart imminent" dialog box was displayed. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -7883,7 +7915,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.NotificationUx.EnhancedEngagedRebootReminderDialog
 
-This event returns information relating to the Enhanced Engaged reboot reminder dialog that was displayed.
+This event returns information relating to the Enhanced Engaged reboot reminder dialog that was displayed. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -7900,7 +7932,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.NotificationUx.RebootScheduled
 
-Indicates when a reboot is scheduled by the system or a user for a security, quality, or feature update.
+This event sends basic information for scheduling a device restart to install security updates. It's used to help keep Windows secure and up-to-date by indicating when a reboot is scheduled by the system or a user for a security, quality, or feature update.
 
 The following fields are available:
 
@@ -7918,9 +7950,36 @@ The following fields are available:
 - **wuDeviceid**  Unique device ID used by Windows Update.
 
 
+### Microsoft.Windows.Update.Orchestrator.ActivityError
+
+This event measures overall health of UpdateOrchestrator. The data collected with this event is used to help keep Windows secure and up to date.
+
+The following fields are available:
+
+- **callContext**  List of telemetry activities containing this error.
+- **currentContextId**  Identifier for the newest telemetry activity containing this error.
+- **currentContextMessage**  Custom message associated with the newest telemetry activity containing this error (if any).
+- **currentContextName**  Name of the newest telemetry activity containing this error.
+- **failureCount**  Number of failures.
+- **failureId**  Id of the failure.
+- **failureType**  Indicates what type of failure was observed (exception, returned error, logged error or fail fast).
+- **fileName**  Source code file name where the error occurred.
+- **function**  Function where the failure occurred.
+- **hresult**  Failure error code.
+- **lineNumber**  Line number within the source code file where the error occurred.
+- **message**  Custom message associated with the failure (if any).
+- **module**  Name of the binary where the error occurred.
+- **originatingContextId**  Identifier for the oldest telemetry activity containing this error
+- **originatingContextMessage**  Custom message associated with the oldest telemetry activity containing this error (if any).
+- **originatingContextName**  Name of the oldest telemetry activity containing this error.
+- **PartA_PrivTags**  Privacy tags.
+- **threadId**  Identifier of the thread the error occurred on.
+- **wilActivity**  This struct provides a Windows Internal Library context used for Product and Service diagnostics. See [wilActivity](#wilactivity).
+
+
 ### Microsoft.Windows.Update.Orchestrator.ActivityRestrictedByActiveHoursPolicy
 
-This event indicates a policy is present that may restrict update activity to outside of active hours.
+This event indicates a policy is present that may restrict update activity to outside of active hours. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -7931,7 +7990,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.BlockedByActiveHours
 
-This event indicates that update activity was blocked because it is within the active hours window.
+This event indicates that update activity was blocked because it is within the active hours window. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -7943,7 +8002,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.BlockedByBatteryLevel
 
-This event indicates that Windows Update activity was blocked due to low battery level.
+This event indicates that Windows Update activity was blocked due to low battery level. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -7955,7 +8014,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.DeferRestart
 
-This event indicates that a restart required for installing updates was postponed.
+This event indicates that a restart required for installing updates was postponed. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -7974,7 +8033,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.Detection
 
-This event indicates that a scan for a Windows Update occurred.
+This event sends launch data for a Windows Update scan to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -8016,7 +8075,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.DisplayNeeded
 
-This event indicates the reboot was postponed due to needing a display.
+This event indicates the reboot was postponed due to needing a display. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -8032,7 +8091,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.Download
 
-This event sends launch data for a Windows Update download to help keep Windows up to date.
+This event sends launch data for a Windows Update download to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -8047,9 +8106,30 @@ The following fields are available:
 - **wuDeviceid**  Unique device ID used by Windows Update.
 
 
+### Microsoft.Windows.Update.Orchestrator.DTUEnabled
+
+This event indicates that Inbox DTU functionality was enabled. The data collected with this event is used to help keep Windows secure and up to date.
+
+The following fields are available:
+
+- **wuDeviceid**  Device ID used by Windows Update.
+
+
+### Microsoft.Windows.Update.Orchestrator.DTUInitiated
+
+This event indicates that Inbox DTU functionality was initiated. The data collected with this event is used to help keep Windows secure and up to date.
+
+The following fields are available:
+
+- **dtuErrorCode**  Return code from creating the DTU Com Server.
+- **isDtuApplicable**  Determination of whether DTU is applicable to the machine it is running on.
+- **utilizeDtuOverWu**  Whether DTU should be utilized over Windows Update.
+- **wuDeviceid**  Device ID used by Windows Update.
+
+
 ### Microsoft.Windows.Update.Orchestrator.EscalationRiskLevels
 
-This event is sent during update scan, download, or install, and indicates that the device is at risk of being out-of-date.
+This event is sent during update scan, download, or install, and indicates that the device is at risk of being out-of-date. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -8066,7 +8146,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.FailedToAddTimeTriggerToScanTask
 
-This event indicated that USO failed to add a trigger time to a task.
+This event indicated that USO failed to add a trigger time to a task. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -8076,7 +8156,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.FlightInapplicable
 
-This event sends data on whether the update was applicable to the device, to help keep Windows up to date.
+This event sends data on whether the update was applicable to the device. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -8093,7 +8173,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.InitiatingReboot
 
-This event sends data about an Orchestrator requesting a reboot from power management to help keep Windows up to date.
+This event sends data about an Orchestrator requesting a reboot from power management to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -8110,7 +8190,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.Install
 
-This event sends launch data for a Windows Update install to help keep Windows up to date.
+This event sends launch data for a Windows Update install to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -8136,7 +8216,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.LowUptimes
 
-This event is sent if a device is identified as not having sufficient uptime to reliably process updates in order to keep secure.
+This event is sent if a device is identified as not having sufficient uptime to reliably process updates in order to keep secure. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -8150,7 +8230,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.OneshotUpdateDetection
 
-This event returns data about scans initiated through settings UI, or background scans that are urgent; to help keep Windows up to date.
+This event returns data about scans initiated through settings UI, or background scans that are urgent; to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -8162,7 +8242,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.PreShutdownStart
 
-This event is generated before the shutdown and commit operations.
+This event is generated before the shutdown and commit operations. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -8171,7 +8251,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.RebootFailed
 
-This event sends information about whether an update required a reboot and reasons for failure, to help keep Windows up to date.
+This event sends information about whether an update required a reboot and reasons for failure, to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -8190,7 +8270,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.RefreshSettings
 
-This event sends basic data about the version of upgrade settings applied to the system to help keep Windows up to date.
+This event sends basic data about the version of upgrade settings applied to the system to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -8202,7 +8282,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.RestoreRebootTask
 
-This event sends data indicating that a reboot task is missing unexpectedly on a device and the task is restored because a reboot is still required, to help keep Windows up to date.
+This event sends data indicating that a reboot task is missing unexpectedly on a device and the task is restored because a reboot is still required, to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -8214,7 +8294,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.ScanTriggered
 
-This event indicates that Update Orchestrator has started a scan operation.
+This event indicates that Update Orchestrator has started a scan operation. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -8231,7 +8311,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.SeekerUpdateAvailable
 
-This event defines when an optional update is available for the device to help keep Windows up to date.
+This event defines when an optional update is available for the device to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -8244,7 +8324,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.SeekUpdate
 
-This event occurs when user initiates "seeker" scan. This helps keep Windows up to date.
+This event occurs when user initiates "seeker" scan. This helps keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -8257,7 +8337,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.StickUpdate
 
-This event is sent when the update service orchestrator (USO) indicates the update cannot be superseded by a newer update.
+This event is sent when the update service orchestrator (USO) indicates the update cannot be superseded by a newer update. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -8267,7 +8347,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.SystemNeeded
 
-This event sends data about why a device is unable to reboot, to help keep Windows up to date.
+This event sends data about why a device is unable to reboot, to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -8283,7 +8363,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.TerminatedByActiveHours
 
-This event indicates that update activity was stopped due to active hours starting.
+This event indicates that update activity was stopped due to active hours starting. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -8293,9 +8373,21 @@ The following fields are available:
 - **wuDeviceid**  The device identifier.
 
 
+### Microsoft.Windows.Update.Orchestrator.TerminatedByBatteryLevel
+
+This event is sent when update activity was stopped due to a low battery level. The data collected with this event is used to help keep Windows secure and up to date.
+
+The following fields are available:
+
+- **batteryLevel**  The current battery charge capacity.
+- **batteryLevelThreshold**  The battery capacity threshold to stop update activity.
+- **updatePhase**  The current state of the update process.
+- **wuDeviceid**  The device identifier.
+
+
 ### Microsoft.Windows.Update.Orchestrator.UniversalOrchestratorInvalidSignature
 
-This event is sent when an updater has attempted to register a binary that is not signed by Microsoft.
+This event is sent when an updater has attempted to register a binary that is not signed by Microsoft. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -8306,7 +8398,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.UniversalOrchestratorScheduleWorkInvalidCmd
 
-This event indicates a critical error with the callback binary requested by the updater.
+This event indicates a critical error with the callback binary requested by the updater. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -8317,7 +8409,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.UnstickUpdate
 
-This event is sent when the update service orchestrator (USO) indicates that the update can be superseded by a newer update.
+This event is sent when the update service orchestrator (USO) indicates that the update can be superseded by a newer update. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -8337,7 +8429,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.UpdatePolicyCacheRefresh
 
-This event sends data on whether Update Management Policies were enabled on a device, to help keep Windows up to date.
+This event sends data on whether Update Management Policies were enabled on a device, to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -8350,7 +8442,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.UpdaterCallbackFailed
 
-This event is sent when an updater failed to execute the registered callback.
+This event is sent when an updater failed to execute the registered callback. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -8362,7 +8454,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.UpdateRebootRequired
 
-This event sends data about whether an update required a reboot to help keep Windows up to date.
+This event sends data about whether an update required a reboot to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -8388,7 +8480,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.updateSettingsFlushFailed
 
-This event sends information about an update that encountered problems and was not able to complete.
+This event sends information about an update that encountered problems and was not able to complete. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -8398,7 +8490,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Orchestrator.UsoSession
 
-This event represents the state of the USO service at start and completion.
+This event represents the state of the USO service at start and completion. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -8414,7 +8506,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Ux.MusNotification.EnhancedEngagedRebootUxState
 
-This event sends information about the configuration of Enhanced Direct-to-Engaged (eDTE), which includes values for the timing of how eDTE will progress through each phase of the reboot.
+This event sends information about the configuration of Enhanced Direct-to-Engaged (eDTE), which includes values for the timing of how eDTE will progress through each phase of the reboot. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -8436,7 +8528,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Ux.MusNotification.RebootNoLongerNeeded
 
-This event is sent when a security update has successfully completed.
+This event is sent when a security update has successfully completed. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -8445,7 +8537,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Ux.MusNotification.RebootScheduled
 
-This event sends basic information about scheduling an update-related reboot, to get security updates and to help keep Windows up-to-date.
+This event sends basic information about scheduling an update-related reboot, to get security updates and to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -8465,7 +8557,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Update.Ux.MusUpdateSettings.RebootScheduled
 
-This event sends basic information for scheduling a device restart to install security updates. It's used to help keep Windows up-to-date
+This event sends basic information for scheduling a device restart to install security updates. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -8485,7 +8577,7 @@ The following fields are available:
 
 ### wilActivity
 
-This event provides a Windows Internal Library context used for Product and Service diagnostics.
+This event provides a Windows Internal Library context used for Product and Service diagnostics. The data collected with this event is used to help keep Windows up to date.
 
 The following fields are available:
 
@@ -8512,7 +8604,7 @@ The following fields are available:
 
 ### Mitigation360Telemetry.MitigationCustom.CleanupSafeOsImages
 
-This event sends data specific to the CleanupSafeOsImages mitigation used for OS Updates.
+This event sends data specific to the CleanupSafeOsImages mitigation used for OS Updates. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -8536,7 +8628,7 @@ The following fields are available:
 
 ### Mitigation360Telemetry.MitigationCustom.FixAppXReparsePoints
 
-This event sends data specific to the FixAppXReparsePoints mitigation used for OS updates.
+This event sends data specific to the FixAppXReparsePoints mitigation used for OS updates. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -8558,7 +8650,7 @@ The following fields are available:
 
 ### Mitigation360Telemetry.MitigationCustom.FixupEditionId
 
-This event sends data specific to the FixupEditionId mitigation used for OS updates.
+This event sends data specific to the FixupEditionId mitigation used for OS updates. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -8579,11 +8671,32 @@ The following fields are available:
 - **WuId**  Unique ID for the Windows Update client.
 
 
+### Mitigation360Telemetry.MitigationCustom.FixupWimmountSysPath
+
+This event sends data specific to the FixupWimmountSysPath mitigation used for OS Updates. The data collected with this event is used to help keep Windows up to date.
+
+The following fields are available:
+
+- **ClientId**  In the WU scenario, this will be the WU client ID that is passed to Setup. In Media setup, default value is Media360, but can be overwritten by the caller to a unique value.
+- **FlightId**  Unique identifier for each flight.
+- **ImagePathDefault**  Default path to wimmount.sys driver defined in the system registry.
+- **ImagePathFixedup**  Boolean indicating whether the wimmount.sys driver path was fixed by this mitigation.
+- **InstanceId**  Unique GUID that identifies each instances of setuphost.exe.
+- **MitigationScenario**  The update scenario in which the mitigations were attempted.
+- **RelatedCV**  Correlation vector value.
+- **Result**  HResult of this operation.
+- **ScenarioId**  Setup360 flow type.
+- **ScenarioSupported**  Whether the updated scenario that was passed in was supported.
+- **SessionId**  The UpdateAgent “SessionId” value.
+- **UpdateId**  Unique identifier for the Update.
+- **WuId**  Unique identifier for the Windows Update client.
+
+
 ## Windows Update Reserve Manager events
 
 ### Microsoft.Windows.UpdateReserveManager.BeginScenario
 
-This event is sent when the Update Reserve Manager is called to begin a scenario.
+This event is sent when the Update Reserve Manager is called to begin a scenario. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -8599,7 +8712,7 @@ The following fields are available:
 
 ### Microsoft.Windows.UpdateReserveManager.ClearReserve
 
-This event is sent when the Update Reserve Manager clears one of the reserves.
+This event is sent when the Update Reserve Manager clears one of the reserves. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -8610,7 +8723,7 @@ The following fields are available:
 
 ### Microsoft.Windows.UpdateReserveManager.CommitPendingHardReserveAdjustment
 
-This event is sent when the Update Reserve Manager commits a hard reserve adjustment that was pending.
+This event is sent when the Update Reserve Manager commits a hard reserve adjustment that was pending. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -8620,7 +8733,7 @@ The following fields are available:
 
 ### Microsoft.Windows.UpdateReserveManager.EndScenario
 
-This event is sent when the Update Reserve Manager ends an active scenario.
+This event is sent when the Update Reserve Manager ends an active scenario. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -8636,7 +8749,7 @@ The following fields are available:
 
 ### Microsoft.Windows.UpdateReserveManager.FunctionReturnedError
 
-This event is sent when the Update Reserve Manager returns an error from one of its internal functions.
+This event is sent when the Update Reserve Manager returns an error from one of its internal functions. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -8649,7 +8762,7 @@ The following fields are available:
 
 ### Microsoft.Windows.UpdateReserveManager.InitializeReserves
 
-This event is sent when reserves are initialized on the device.
+This event is sent when reserves are initialized on the device. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -8678,7 +8791,7 @@ The following fields are available:
 
 ### Microsoft.Windows.UpdateReserveManager.InitializeUpdateReserveManager
 
-This event returns data about the Update Reserve Manager, including whether it’s been initialized.
+This event returns data about the Update Reserve Manager, including whether it’s been initialized. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -8693,7 +8806,7 @@ The following fields are available:
 
 ### Microsoft.Windows.UpdateReserveManager.PrepareTIForReserveInitialization
 
-This event is sent when the Update Reserve Manager prepares the Trusted Installer to initialize reserves on the next boot.
+This event is sent when the Update Reserve Manager prepares the Trusted Installer to initialize reserves on the next boot. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -8703,7 +8816,7 @@ The following fields are available:
 
 ### Microsoft.Windows.UpdateReserveManager.ReevaluatePolicy
 
-This event is sent when the Update Reserve Manager reevaluates policy to determine reserve usage.
+This event is sent when the Update Reserve Manager reevaluates policy to determine reserve usage. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -8714,13 +8827,13 @@ The following fields are available:
 
 ### Microsoft.Windows.UpdateReserveManager.RemovePendingHardReserveAdjustment
 
-This event is sent when the Update Reserve Manager removes a pending hard reserve adjustment.
+This event is sent when the Update Reserve Manager removes a pending hard reserve adjustment. The data collected with this event is used to help keep Windows secure and up to date.
 
 
 
 ### Microsoft.Windows.UpdateReserveManager.TurnOffReserves
 
-This event is sent when the Update Reserve Manager turns off reserve functionality for certain operations.
+This event is sent when the Update Reserve Manager turns off reserve functionality for certain operations. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
@@ -8735,7 +8848,7 @@ The following fields are available:
 
 ### Microsoft.Windows.UpdateReserveManager.UpdatePendingHardReserveAdjustment
 
-This event is sent when the Update Reserve Manager needs to adjust the size of the hard reserve after the option content is installed.
+This event is sent when the Update Reserve Manager needs to adjust the size of the hard reserve after the option content is installed. The data collected with this event is used to help keep Windows secure and up to date.
 
 The following fields are available:
 
diff --git a/windows/privacy/manage-windows-2004-endpoints.md b/windows/privacy/manage-windows-2004-endpoints.md
index 5c4ad7c28d..df3f9bb1e9 100644
--- a/windows/privacy/manage-windows-2004-endpoints.md
+++ b/windows/privacy/manage-windows-2004-endpoints.md
@@ -12,7 +12,7 @@ ms.author: obezeajo
 manager: robsize
 ms.collection: M365-security-compliance
 ms.topic: article
-ms.date: 6/9/2020
+ms.date: 10/22/2020
 ---
 # Manage connection endpoints for Windows 10 Enterprise, version 2004
 
@@ -60,9 +60,8 @@ The following methodology was used to derive these network endpoints:
 ||The following endpoints are related to Cortana and Live Tiles. If you turn off traffic for this endpoint, you will block updates to Cortana greetings, tips, and Live Tiles.|TLSv1.2|www.bing.com*|
 |Device metadata|||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#4-device-metadata-retrieval)|
 ||The following endpoint is used to retrieve device metadata. If you  turn off traffic for this endpoint, metadata will not be updated for the device.|HTTPS|dmd.metaservices.microsoft.com|
-|Diagnostic Data|The following endpoints are used by the Connected User Experiences and Telemetry component and connects to the Microsoft Data Management service. If you turn off traffic for this endpoint, diagnostic and usage information, which helps Microsoft find and fix problems and improve our products and services, will not be sent back to Microsoft. ||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-priv-feedback)|
+|Diagnostic Data|The following endpoints are used by the Windows Diagnostic Data, Connected User Experiences and Telemetry component and connects to the Microsoft Data Management service. If you turn off traffic for this endpoint, diagnostic and usage information, which helps Microsoft improve our products and services, will not be sent back to Microsoft. ||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-priv-feedback)|
 |||TLSv1.2|v10.events.data.microsoft.com|
-|||TLSv1.2|v20.events.data.microsoft.com|
 ||The following endpoints are used by Windows Error Reporting. To turn off traffic for these endpoints, enable the following Group Policy: Administrative Templates > Windows Components > Windows Error Reporting > Disable Windows Error Reporting. This means error reporting information will not be sent back to Microsoft.|HTTPS|*.telecommand.telemetry.microsoft.com|
 |||TLS v1.2|watson.*.microsoft.com|
 |Font Streaming|||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#6-font-streaming)|
diff --git a/windows/privacy/required-windows-diagnostic-data-events-and-fields-2004.md b/windows/privacy/required-windows-diagnostic-data-events-and-fields-2004.md
index da656fd6ef..a1832d8486 100644
--- a/windows/privacy/required-windows-diagnostic-data-events-and-fields-2004.md
+++ b/windows/privacy/required-windows-diagnostic-data-events-and-fields-2004.md
@@ -1,6 +1,6 @@
 ---
 description: Use this article to learn more about what required Windows diagnostic data is gathered.
-title: Windows 10, version 2004 required diagnostic events and fields (Windows 10)
+title: Windows 10, version 20H2 and Windows 10, version 2004 required diagnostic events and fields (Windows 10)
 keywords: privacy, telemetry
 ms.prod: w10
 ms.mktglfcycl: manage
@@ -13,11 +13,11 @@ manager: dansimp
 ms.collection: M365-security-compliance
 ms.topic: article
 audience: ITPro
-ms.date: 08/31/2020
+ms.date: 09/30/2020
 ---
 
 
-# Windows 10, version 2004 required Windows diagnostic events and fields
+# Windows 10, version 20H2 and Windows 10, version 2004 required Windows diagnostic events and fields
 
 
 > [!IMPORTANT]  
@@ -26,6 +26,7 @@ ms.date: 08/31/2020
 
  **Applies to**
 
+- Windows 10, version 20H2
 - Windows 10, version 2004
 
 
@@ -37,7 +38,6 @@ Use this article to learn about diagnostic events, grouped by event area, and th
 
 You can learn more about Windows functional and diagnostic data through these articles:
 
-
 - [Windows 10, version 1903 and Windows 10, version 1909 basic diagnostic events and fields](basic-level-windows-diagnostic-events-and-fields-1903.md)
 - [Windows 10, version 1809 basic diagnostic events and fields](basic-level-windows-diagnostic-events-and-fields-1809.md)
 - [Windows 10, version 1803 basic diagnostic events and fields](basic-level-windows-diagnostic-events-and-fields-1803.md)
@@ -1166,14 +1166,6 @@ The following fields are available:
 - **PrefetchWSupport**  Does the processor support PrefetchW?
 
 
-### Microsoft.Windows.Appraiser.General.SystemProcessorPrefetchWEndSync
-
-Deprecated in RS3. This event indicates that a full set of SystemProcessorPrefetchWAdd events has been sent. The data collected with this event is used to help keep Windows up to date.
-
-This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
-
-
-
 ### Microsoft.Windows.Appraiser.General.SystemProcessorPrefetchWStartSync
 
 This event indicates that a new set of SystemProcessorPrefetchWAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
@@ -1257,14 +1249,6 @@ The following fields are available:
 - **RegistryWimBootValue**  The raw value from the registry that is used to indicate if the device is running from a WIM.
 
 
-### Microsoft.Windows.Appraiser.General.SystemWimEndSync
-
-Deprecated in RS3. This event indicates that a full set of SystemWimAdd events has been sent. The data collected with this event is used to help keep Windows up to date.
-
-This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
-
-
-
 ### Microsoft.Windows.Appraiser.General.SystemWimStartSync
 
 This event indicates that a new set of SystemWimAdd events will be sent. The data collected with this event is used to help keep Windows up to date.
@@ -1411,7 +1395,7 @@ The following fields are available:
 
 ### MicArrayGeometry
 
-This event provides information about the layout of the individual microphone elements in the microphone array.
+This event provides information about the layout of the individual microphone elements in the microphone array. The data collected with this event is used to keep Windows performing properly.
 
 The following fields are available:
 
@@ -2005,7 +1989,6 @@ The following fields are available:
 - **ext_app**  Describes the properties of the running application. This extension could be populated by either a client app or a web app. See [Common Data Extensions.app](#common-data-extensionsapp).
 - **ext_container**  Describes the properties of the container for events logged within a container. See [Common Data Extensions.container](#common-data-extensionscontainer).
 - **ext_device**  Describes the device-related fields. See [Common Data Extensions.device](#common-data-extensionsdevice).
-- **ext_m365a**  Describes the Microsoft 365-related fields. See [Common Data Extensions.m365a](#common-data-extensionsm365a).
 - **ext_mscv**  Describes the correlation vector-related fields. See [Common Data Extensions.mscv](#common-data-extensionsmscv).
 - **ext_os**  Describes the operating system properties that would be populated by the client. See [Common Data Extensions.os](#common-data-extensionsos).
 - **ext_sdk**  Describes the fields related to a platform library required for a specific SDK. See [Common Data Extensions.sdk](#common-data-extensionssdk).
@@ -2017,14 +2000,6 @@ The following fields are available:
 - **time**  Represents the event date time in Coordinated Universal Time (UTC) when the event was generated on the client. This should be in ISO 8601 format.
 - **ver**  Represents the major and minor version of the extension.
 
-### Common Data Extensions.m365a
-
-Describes the Microsoft 365-related fields.
-
-The following fields are available:
-
-- **enrolledTenantId**  The enrolled tenant ID.
-- **msp**  A bitmask that lists the active programs.
 
 ### Common Data Extensions.mscv
 
@@ -2123,7 +2098,7 @@ The following fields are available:
 - **uts**  A bit field, with 2 bits being assigned to each user ID listed in xid. This field is omitted if all users are retail accounts.
 - **xid**  A list of base10-encoded XBOX User IDs.
 
-## Common Data Fields
+## Common data fields
 
 ### Ms.Device.DeviceInventoryChange
 
@@ -2131,11 +2106,10 @@ Describes the installation state for all hardware and software components availa
 
 The following fields are available:
 
-- **action** The change that was invoked on a device inventory object.
-- **inventoryId** Device ID used for Compatibility testing
-- **objectInstanceId** Object identity which is unique within the device scope.
-- **objectType** Indicates the object type that the event applies to.
-- **syncId** A string used to group StartSync, EndSync, Add, and Remove operations that belong together. This field is unique by Sync period and is used to disambiguate in situations where multiple agents perform overlapping inventories for the same object.
+- **action**  The change that was invoked on a device inventory object.
+- **inventoryId**  Device ID used for Compatibility testing
+- **objectInstanceId**  Object identity which is unique within the device scope.
+- **objectType**  Indicates the object type that the event applies to.
 
 ## Component-based servicing events
 
@@ -3167,6 +3141,7 @@ The following fields are available:
 - **Categories**  A comma separated list of functional categories in which the container belongs.
 - **DiscoveryMethod**  The discovery method for the device container.
 - **FriendlyName**  The name of the device container.
+- **Icon**  Deprecated in RS3. The path or index to the icon file.
 - **InventoryVersion**  The version of the inventory file generating the events.
 - **IsActive**  Is the device connected, or has it been seen in the last 14 days?
 - **IsConnected**  For a physically attached device, this value is the same as IsPresent. For wireless a device, this value represents a communication link.
@@ -3851,6 +3826,14 @@ The following fields are available:
 - **IndicatorValue**  The indicator value.
 
 
+### Microsoft.Windows.Inventory.Indicators.InventoryMiscellaneousUexIndicatorRemove
+
+This event indicates that this particular data object represented by the objectInstanceId is no longer present. This event is used to understand the OS indicators installed on the system. The data collected with this event helps ensure the device is current and Windows is up to date and performing properly.
+
+This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
+
+
+
 ### Microsoft.Windows.Inventory.Indicators.InventoryMiscellaneousUexIndicatorStartSync
 
 This event indicates that this particular data object represented by the objectInstanceId is no longer present. This event is used to understand the OS indicators installed on the system. The data collected with this event helps ensure the device is current and Windows is up to date and performing properly.
@@ -4378,32 +4361,6 @@ The following fields are available:
 - **totalRuns**  Total number of running/evaluation from last time.
 
 
-## Windows Admin Center events
-
-### Microsoft.ServerManagementExperience.Gateway.Service.GatewayStatus
-
-A periodic event that describes Windows Admin Center gateway app's version and other inventory and configuration parameters.
-
-The following fields are available:
-
-- **activeNodesByNodeId**  A count of how many active nodes are on this gateway, deduplicated by Node ID.
-- **activeNodesByUuid**  A count of how many active nodes are on this gateway, deduplicated by UUID.
-- **AvailableMemoryMByte**  A snapshot of the available physical memory on the OS.
-- **azureADAppRegistered**  If the gateway is registered with an Azure Active Directory.
-- **azureADAuthEnabled**  If the gateway has enabled authentication using Azure Active Directory.
-- **friendlyOsName**  A user-friendly name describing the OS version.
-- **gatewayCpuUtilizationPercent**  A snapshot of CPU usage on the OS.
-- **gatewayVersion**  The version string for this currently running Gateway application.
-- **gatewayWorkingSetMByte**  A snapshot of the working set size of the gateway process.
-- **installationType**  Identifies if the gateway was installed as a VM extension.
-- **installedDate**  The date on which this gateway was installed.
-- **logicalProcessorCount**  A snapshot of the how many logical processors the machine running this gateway has.
-- **otherProperties**  This is an empty string, but may be used for another purpose in the future.
-- **registeredNodesByNodeId**  A count of how many nodes are registered with this gateway, deduplicated by Node ID.
-- **registeredNodesByUuid**  A count of how many nodes are registered with this gateway, deduplicated by UUID..
-- **totalCpuUtilizationPercent**  A snapshot of the total CPU utilization of the machine running this gateway.
-
-
 ## Privacy consent logging events
 
 ### Microsoft.Windows.Shell.PrivacyConsentLogging.PrivacyConsentCompleted
@@ -5238,6 +5195,18 @@ The following fields are available:
 - **UnifiedInstUnifiedInstallerDeviceIsHomeSkuHresultllerDeviceIsHomeSku**  The result code from checking whether a device is Home SKU.
 
 
+### Microsoft.Windows.UpdateHealthTools.UpdateHealthToolsCachedNotificationRetrieved
+
+This event is sent when a notification is received. The data collected with this event is used to help keep Windows secure and up to date.
+
+The following fields are available:
+
+- **CV**  A correlation vector.
+- **GlobalEventCounter**  This is a client side counter that indicates ordering of events sent by the user.
+- **PackageVersion**  The package version of the label.
+- **UpdateHealthToolsBlobNotificationNotEmpty**  A boolean that is true if the blob notification has valid content.
+
+
 ### Microsoft.Windows.UpdateHealthTools.UpdateHealthToolsDeviceInformationUploaded
 
 This event is received when the UpdateHealthTools service uploads device information. The data collected with this event is used to help keep Windows secure and up to date.
@@ -5308,6 +5277,24 @@ The following fields are available:
 - **UpdateHealthToolsPushCurrentStep**  The current step for the push notification
 
 
+### Microsoft.Windows.UpdateHealthTools.UpdateHealthToolsServiceBlobDocumentDetails
+
+The event indicates the details about the blob used for update health tools. The data collected with this event is used to help keep Windows secure and up to date.
+
+The following fields are available:
+
+- **CV**  A correlation vector.
+- **GlobalEventCounter**  This is a client side counter which indicates ordering of events sent by the user.
+- **PackageVersion**  The package version of the label.
+- **UpdateHealthToolsDevicePolicyFileName**  The default name of the policy blob file.
+- **UpdateHealthToolsDssDeviceApiSegment**  The URI segment for reading the DSS device pointer.
+- **UpdateHealthToolsDssDeviceId**  The AAD ID of the device used to create the device ID hash.
+- **UpdateHealthToolsDssDevicePolicyApiSegment**  The segment of the device policy API pointer.
+- **UpdateHealthToolsDssTenantId**  The tenant id of the device used to create the tenant id hash.
+- **UpdateHealthToolsHashedDeviceId**  The SHA256 hash of the device id.
+- **UpdateHealthToolsHashedTenantId**  The SHA256 hash of the device tenant id.
+
+
 ### Microsoft.Windows.UpdateHealthTools.UpdateHealthToolsServiceBlockedByNoAADJoin
 
 This event indicates that the device is not AAD joined so service stops. The data collected with this event is used to help keep Windows secure and up to date.
@@ -5319,6 +5306,17 @@ The following fields are available:
 - **PackageVersion**  Current package version of UpdateHealthTools.
 
 
+### Microsoft.Windows.UpdateHealthTools.UpdateHealthToolsServiceIsDSSJoin
+
+This event is sent when a device has been detected as DSS device. The data collected with this event is used to help keep Windows secure and up to date.
+
+The following fields are available:
+
+- **CV**  A correlation vector.
+- **GlobalEventCounter**  This is a client side counter which indicates ordering of events sent by this user.
+- **PackageVersion**  The package version of the label.
+
+
 ### Microsoft.Windows.UpdateHealthTools.UpdateHealthToolsServiceStarted
 
 This event is sent when the service first starts. It is a heartbeat indicating that the service is available on the device. The data collected with this event is used to help keep Windows secure and up to date.
@@ -5955,6 +5953,32 @@ The following fields are available:
 - **WuId**  This is the Windows Update Client ID. With Windows Update, this is the same as the clientId.
 
 
+## Windows Admin Center events
+
+### Microsoft.ServerManagementExperience.Gateway.Service.GatewayStatus
+
+A periodic event that describes Windows Admin Center gateway app's version and other inventory and configuration parameters.
+
+The following fields are available:
+
+- **activeNodesByNodeId**  A count of how many active nodes are on this gateway, deduplicated by Node ID.
+- **activeNodesByUuid**  A count of how many active nodes are on this gateway, deduplicated by UUID.
+- **AvailableMemoryMByte**  A snapshot of the available physical memory on the OS.
+- **azureADAppRegistered**  If the gateway is registered with an Azure Active Directory.
+- **azureADAuthEnabled**  If the gateway has enabled authentication using Azure Active Directory.
+- **friendlyOsName**  A user-friendly name describing the OS version.
+- **gatewayCpuUtilizationPercent**  A snapshot of CPU usage on the OS.
+- **gatewayVersion**  The version string for this currently running Gateway application.
+- **gatewayWorkingSetMByte**  A snapshot of the working set size of the gateway process.
+- **installationType**  Identifies if the gateway was installed as a VM extension.
+- **installedDate**  The date on which this gateway was installed.
+- **logicalProcessorCount**  A snapshot of the how many logical processors the machine running this gateway has.
+- **otherProperties**  This is an empty string, but may be used for another purpose in the future.
+- **registeredNodesByNodeId**  A count of how many nodes are registered with this gateway, deduplicated by Node ID.
+- **registeredNodesByUuid**  A count of how many nodes are registered with this gateway, deduplicated by UUID.
+- **totalCpuUtilizationPercent**  A snapshot of the total CPU utilization of the machine running this gateway.
+
+
 ## Windows as a Service diagnostic events
 
 ### Microsoft.Windows.WaaSMedic.DetectionFailed
@@ -6929,29 +6953,6 @@ The following fields are available:
 - **updateId**  ID of the update that is getting installed with this restart.
 - **wuDeviceid**  Unique device ID used by Windows Update.
 
-### wilActivity
-
-This event provides a Windows Internal Library context used for Product and Service diagnostics.
-
-The following fields are available:
-
-- **callContext**  The function where the failure occurred.
-- **currentContextId**  The ID of the current call context where the failure occurred.
-- **currentContextMessage**  The message of the current call context where the failure occurred.
-- **currentContextName**  The name of the current call context where the failure occurred.
-- **failureCount**  The number of failures for this failure ID.
-- **failureId**  The ID of the failure that occurred.
-- **failureType**  The type of the failure that occurred.
-- **fileName**  The file name where the failure occurred.
-- **function**  The function where the failure occurred.
-- **hresult**  The HResult of the overall activity.
-- **lineNumber**  The line number where the failure occurred.
-- **message**  The message of the failure that occurred.
-- **module**  The module where the failure occurred.
-- **originatingContextId**  The ID of the originating call context that resulted in the failure.
-- **originatingContextMessage**  The message of the originating call context that resulted in the failure.
-- **originatingContextName**  The name of the originating call context that resulted in the failure.
-- **threadId**  The ID of the thread on which the activity is executing.
 
 ### Microsoft.Windows.Update.Orchestrator.ActivityError
 
@@ -7358,6 +7359,29 @@ The following fields are available:
 - **UpdateId**  Unique ID for each Update.
 - **WuId**  Unique ID for the Windows Update client.
 
+### wilActivity
+
+This event provides a Windows Internal Library context used for Product and Service diagnostics. The data collected with this event is used to help keep Windows up to date.
+
+The following fields are available:
+
+- **callContext**  The function where the failure occurred.
+- **currentContextId**  The ID of the current call context where the failure occurred.
+- **currentContextMessage**  The message of the current call context where the failure occurred.
+- **currentContextName**  The name of the current call context where the failure occurred.
+- **failureCount**  The number of failures for this failure ID.
+- **failureId**  The ID of the failure that occurred.
+- **failureType**  The type of the failure that occurred.
+- **fileName**  The file name where the failure occurred.
+- **function**  The function where the failure occurred.
+- **hresult**  The HResult of the overall activity.
+- **lineNumber**  The line number where the failure occurred.
+- **message**  The message of the failure that occurred.
+- **module**  The module where the failure occurred.
+- **originatingContextId**  The ID of the originating call context that resulted in the failure.
+- **originatingContextMessage**  The message of the originating call context that resulted in the failure.
+- **originatingContextName**  The name of the originating call context that resulted in the failure.
+- **threadId**  The ID of the thread on which the activity is executing.
 
 ## Windows Update Reserve Manager events
 
@@ -7532,8 +7556,6 @@ The following fields are available:
 
 This event signals the completion of the setup process. It happens only once during the first logon.
 
-
-
 ## XDE events
 
 ### Microsoft.Emulator.Xde.RunTime.SystemReady
@@ -7584,3 +7606,6 @@ The following fields are available:
 - **virtualMachineName**  VM name.
 - **waitForClientConnection**  True if we should wait for client connection.
 - **wp81NetworkStackDisabled**  WP 8.1 networking stack disabled.
+
+
+
diff --git a/windows/privacy/toc.yml b/windows/privacy/toc.yml
index 6d801ea292..60bf83c118 100644
--- a/windows/privacy/toc.yml
+++ b/windows/privacy/toc.yml
@@ -15,9 +15,9 @@
           href: Microsoft-DiagnosticDataViewer.md
     - name: Required Windows diagnostic data events and fields
       items: 
-        - name: Windows 10, version 2004 required Windows diagnostic data events and fields
+        - name: Windows 10, version 20H2 and Windows 10, version 2004 required Windows diagnostic data events and fields
           href: required-windows-diagnostic-data-events-and-fields-2004.md
-        - name: Windows 10, version 1903 and Windows 10, version 1909 required level Windows diagnostic events and fields
+        - name: Windows 10, version 1909 and Windows 10, version 1903 required level Windows diagnostic events and fields
           href: basic-level-windows-diagnostic-events-and-fields-1903.md
         - name: Windows 10, version 1809 required Windows diagnostic events and fields
           href: basic-level-windows-diagnostic-events-and-fields-1809.md
diff --git a/windows/privacy/windows-diagnostic-data.md b/windows/privacy/windows-diagnostic-data.md
index 153c7ca114..150b4905bd 100644
--- a/windows/privacy/windows-diagnostic-data.md
+++ b/windows/privacy/windows-diagnostic-data.md
@@ -12,20 +12,21 @@ ms.author: dansimp
 manager: dansimp
 ms.collection: M365-security-compliance
 ms.topic: article
-ms.date: 12/04/2019
 ms.reviewer: 
 ---
 
 # Windows 10, version 1709 and newer optional diagnostic data
 
 Applies to:
+- Windows 10, version 20H2
+- Windows 10, version 2004
 - Windows 10, version 1909
 - Windows 10, version 1903
 - Windows 10, version 1809
 - Windows 10, version 1803
 - Windows 10, version 1709
 
-Microsoft uses Windows diagnostic data to keep Windows secure and up-to-date, troubleshoot problems, and make product improvements. For users who have turned on "Tailored experiences", it can also be used to offer you personalized tips, ads, and recommendations to enhance Microsoft products and services for your needs. This article describes all types of diagnostic data collected by Windows at the Full level (inclusive of data collected at Basic), with comprehensive examples of data we collect per each type. For additional, detailed technical descriptions of Basic data items, see [Windows 10, version 2004 required diagnostic events and fields](https://docs.microsoft.com/windows/configuration/basic-level-windows-diagnostic-events-and-fields).
+Microsoft uses Windows diagnostic data to keep Windows secure and up-to-date, troubleshoot problems, and make product improvements. For users who have turned on "Tailored experiences", it can also be used to offer you personalized tips, ads, and recommendations to enhance Microsoft products and services for your needs. This article describes all types of diagnostic data collected by Windows at the Full level (inclusive of data collected at Basic), with comprehensive examples of data we collect per each type. For additional, detailed technical descriptions of Basic data items, see [Windows 10, version 20H2 required diagnostic events and fields](https://docs.microsoft.com/windows/configuration/basic-level-windows-diagnostic-events-and-fields).
 
 In addition, this article provides references to equivalent definitions for the data types and examples from [ISO/IEC 19944:2017 Information technology -- Cloud computing -- Cloud services and devices: Data flow, data categories and data use](https://www.iso.org/standard/66674.html). Each data type also has a Data Use statement, for diagnostics and for Tailored experiences on the device, using the terms as defined by the standard. These Data Use statements define the purposes for which Microsoft processes each type of Windows diagnostic data, using a uniform set of definitions referenced at the end of this document and based on the ISO standard. Reference to the ISO standard provides additional clarity about the information collected, and allows easy comparison with other services or guidance that also references the standard.
 
diff --git a/windows/privacy/windows-endpoints-1909-non-enterprise-editions.md b/windows/privacy/windows-endpoints-1909-non-enterprise-editions.md
index d0d7ff467f..90ab13ce23 100644
--- a/windows/privacy/windows-endpoints-1909-non-enterprise-editions.md
+++ b/windows/privacy/windows-endpoints-1909-non-enterprise-editions.md
@@ -95,6 +95,8 @@ The following methodology was used to derive the network endpoints:
 |wdcp.microsoft.com|HTTPS|Used for Windows Defender when Cloud-based Protection is enabled
 |activity.windows.com|TLSV1.2|Used by Activity Feed Service which enables multiple cross-device data roaming scenarios on Windows
 |adl.windows.com|HTTP|Used for compatibility database updates for Windows
+|spclient.wg.spotify.com|TLSV1.2|Used for Spotify Live Tile
+|cs.dds.microsoft.com|TLSV1.2|Used by Device Directory Service to keep track of user-device associations and storing metadata about the devices.
 
 ## Windows 10 Pro
 
@@ -159,6 +161,8 @@ The following methodology was used to derive the network endpoints:
 |windows.policies.live.net|HTTP|OneDrive
 |activity.windows.com|TLSV1.2|Used by Activity Feed Service which enables multiple cross-device data roaming scenarios on Windows
 |adl.windows.com|HTTP|Used for compatibility database updates for Windows
+|spclient.wg.spotify.com|TLSV1.2|Used for Spotify Live Tile
+|cs.dds.microsoft.com|TLSV1.2|Used by Device Directory Service to keep track of user-device associations and storing metadata about the devices.
 
 ## Windows 10 Education
 
diff --git a/windows/security/identity-protection/credential-guard/credential-guard-manage.md b/windows/security/identity-protection/credential-guard/credential-guard-manage.md
index 32bf1aabaf..742dd80951 100644
--- a/windows/security/identity-protection/credential-guard/credential-guard-manage.md
+++ b/windows/security/identity-protection/credential-guard/credential-guard-manage.md
@@ -21,8 +21,7 @@ ms.custom:
 # Manage Windows Defender Credential Guard
 
 **Applies to**
--   Windows 10 <=1903 Enterprise and Education SKUs
--   Windows 10 >=1909
+-   Windows 10 Enterprise or Education SKUs
 -   Windows Server 2016
 -   Windows Server 2019
 
@@ -119,12 +118,15 @@ You can do this by using either the Control Panel or the Deployment Image Servic
 2.  Enable virtualization-based security:
 
     -   Go to HKEY\_LOCAL\_MACHINE\\System\\CurrentControlSet\\Control\\DeviceGuard.
+    
     -   Add a new DWORD value named **EnableVirtualizationBasedSecurity**. Set the value of this registry setting to 1 to enable virtualization-based security and set it to 0 to disable it.
+    
     -   Add a new DWORD value named **RequirePlatformSecurityFeatures**. Set the value of this registry setting to 1 to use **Secure Boot** only or set it to 3 to use **Secure Boot and DMA protection**.
 
 3.  Enable Windows Defender Credential Guard:
 
     -   Go to HKEY\_LOCAL\_MACHINE\\System\\CurrentControlSet\\Control\\LSA.
+    
     -   Add a new DWORD value named **LsaCfgFlags**. Set the value of this registry setting to 1 to enable Windows Defender Credential Guard with UEFI lock, set it to 2 to enable Windows Defender Credential Guard without lock, and set it to 0 to disable it.
 
 4.  Close Registry Editor.
@@ -145,6 +147,7 @@ DG_Readiness_Tool.ps1 -Enable -AutoReboot
 
 > [!IMPORTANT]
 > When running the HVCI and Windows Defender Credential Guard hardware readiness tool on a non-English operating system, within the script, change `$OSArch = $(gwmi win32_operatingsystem).OSArchitecture` to be `$OSArch = $((gwmi win32_operatingsystem).OSArchitecture).tolower()` instead, in order for the tool to work. 
+>
 > This is a known issue.
 
 ### Review Windows Defender Credential Guard performance
@@ -171,6 +174,7 @@ DG_Readiness_Tool_v3.6.ps1 -Ready
 
 > [!IMPORTANT]
 > When running the HVCI and Windows Defender Credential Guard hardware readiness tool on a non-English operating system, within the script, change `*$OSArch = $(gwmi win32_operatingsystem).OSArchitecture` to be `$OSArch = $((gwmi win32_operatingsystem).OSArchitecture).tolower()` instead, in order for the tool to work. 
+>
 > This is a known issue.
 
 > [!NOTE]
@@ -179,15 +183,25 @@ DG_Readiness_Tool_v3.6.ps1 -Ready
 -   We recommend enabling Windows Defender Credential Guard before a device is joined to a domain. If Windows Defender Credential Guard is enabled after domain join, the user and device secrets may already be compromised. In other words, enabling Credential Guard will not help to secure a device or identity that has already been compromised, which is why we recommend turning on Credential Guard as early as possible.
 
 -   You should perform regular reviews of the PCs that have Windows Defender Credential Guard enabled. This can be done with security audit policies or WMI queries. Here's a list of WinInit event IDs to look for:
-    -   **Event ID 13** Windows Defender Credential Guard (LsaIso.exe) was started and will protect LSA credentials.
-    -   **Event ID 14** Windows Defender Credential Guard (LsaIso.exe) configuration: \[**0x0** \| **0x1** \| **0x2**\], **0**
-        -   The first variable: **0x1** or **0x2** means that Windows Defender Credential Guard is configured to run. **0x0** means that it's not configured to run.
-        -   The second variable: **0** means that it's configured to run in protect mode. **1** means that it's configured to run in test mode. This variable should always be **0**.
-    -   **Event ID 15** Windows Defender Credential Guard (LsaIso.exe) is configured but the secure kernel is not running; continuing without Windows Defender Credential Guard.
-    -   **Event ID 16** Windows Defender Credential Guard (LsaIso.exe) failed to launch: \[error code\]
-    -   **Event ID 17** Error reading Windows Defender Credential Guard (LsaIso.exe) UEFI configuration: \[error code\]  
-    You can also verify that TPM is being used for key protection by checking Event ID 51 in the **Microsoft** -&gt; **Windows** -&gt; **Kernel-Boot** event source. If you are running with a TPM, the TPM PCR mask value will be something other than 0.
-        -   **Event ID 51** VSM Master Encryption Key Provisioning. Using cached copy status: **0x0**. Unsealing cached copy status: 0x1. New key generation status: 0x1. Sealing status: **0x1**. TPM PCR mask: **0x0**.  
+
+    - **Event ID 13** Windows Defender Credential Guard (LsaIso.exe) was started and will protect LSA credentials.
+    
+    - **Event ID 14** Windows Defender Credential Guard (LsaIso.exe) configuration: \[**0x0** \| **0x1** \| **0x2**\], **0**
+    
+        -  The first variable: **0x1** or **0x2** means that Windows Defender Credential Guard is configured to run. **0x0** means that it's not configured to run.
+        
+        -  The second variable: **0** means that it's configured to run in protect mode. **1** means that it's configured to run in test mode. This variable should always be **0**.
+        
+    - **Event ID 15** Windows Defender Credential Guard (LsaIso.exe) is configured but the secure kernel is not running; continuing without Windows Defender Credential Guard.
+    
+    - **Event ID 16** Windows Defender Credential Guard (LsaIso.exe) failed to launch: \[error code\]
+    
+    - **Event ID 17** Error reading Windows Defender Credential Guard (LsaIso.exe) UEFI configuration: \[error code\]  
+    
+      You can also verify that TPM is being used for key protection by checking Event ID 51 in the **Microsoft** -&gt; **Windows** -&gt; **Kernel-Boot** event source. If you are running with a TPM, the TPM PCR mask value will be something other than 0.
+      
+    - **Event ID 51** VSM Master Encryption Key Provisioning. Using cached copy status: **0x0**. Unsealing cached copy status: 0x1. New key generation status: 0x1. Sealing status: **0x1**. TPM PCR mask: **0x0**.  
+        
   - You can use Windows PowerShell to determine whether credential guard is running on a client computer. On the computer in question, open an elevated PowerShell window and run the following command:
   
     ```powershell
@@ -195,10 +209,13 @@ DG_Readiness_Tool_v3.6.ps1 -Ready
     ```
 
     This command generates the following output:  
+    
     - **0**: Windows Defender Credential Guard is disabled (not running)
+    
     - **1**: Windows Defender Credential Guard is enabled (running)
-    > [!NOTE]  
-    > Checking the task list or Task Manager to see if LSAISO.exe is running is not a recommended method for determining whether Windows Defender Credential Guard is running.
+    
+      > [!NOTE]  
+      > Checking the task list or Task Manager to see if LSAISO.exe is running is not a recommended method for determining whether Windows Defender Credential Guard is running.
 
 ## Disable Windows Defender Credential Guard
 
@@ -207,12 +224,15 @@ To disable Windows Defender Credential Guard, you can use the following set of p
 1. If you used Group Policy, disable the Group Policy setting that you used to enable Windows Defender Credential Guard (**Computer Configuration** -&gt; **Administrative Templates** -&gt; **System** -&gt; **Device Guard** -&gt; **Turn on Virtualization Based Security**).
 
 2. Delete the following registry settings:
+
    - HKEY\_LOCAL\_MACHINE\\System\\CurrentControlSet\\Control\\LSA\LsaCfgFlags
    - HKEY\_LOCAL\_MACHINE\\Software\\Policies\\Microsoft\\Windows\\DeviceGuard\\LsaCfgFlags
 
 3. If you also wish to disable virtualization-based security delete the following registry settings:
+
    - HKEY\_LOCAL\_MACHINE\\Software\\Policies\\Microsoft\\Windows\\DeviceGuard\\EnableVirtualizationBasedSecurity
    - HKEY\_LOCAL\_MACHINE\\Software\\Policies\\Microsoft\\Windows\\DeviceGuard\\RequirePlatformSecurityFeatures
+   
      > [!IMPORTANT]
      > If you manually remove these registry settings, make sure to delete them all. If you don't remove them all, the device might go into BitLocker recovery.
 
@@ -261,6 +281,7 @@ DG_Readiness_Tool_v3.6.ps1 -Disable -AutoReboot
 
 > [!IMPORTANT]  
 > When running the HVCI and Windows Defender Credential Guard hardware readiness tool on a non-English operating system, within the script, change `*$OSArch = $(gwmi win32_operatingsystem).OSArchitecture` to be `$OSArch = $((gwmi win32_operatingsystem).OSArchitecture).tolower()` instead, in order for the tool to work. 
+>
 > This is a known issue.
 
 #### Disable Windows Defender Credential Guard for a virtual machine
diff --git a/windows/security/identity-protection/credential-guard/credential-guard-requirements.md b/windows/security/identity-protection/credential-guard/credential-guard-requirements.md
index cdf9c3ec9a..2e56e0803c 100644
--- a/windows/security/identity-protection/credential-guard/credential-guard-requirements.md
+++ b/windows/security/identity-protection/credential-guard/credential-guard-requirements.md
@@ -12,29 +12,30 @@ ms.author: dansimp
 manager: dansimp
 ms.collection: M365-identity-device-management
 ms.topic: article
-ms.date: 01/12/2018
+ms.date: 09/30/2020
 ms.reviewer: 
 ---
 
 # Windows Defender Credential Guard: Requirements
 
-**Applies to**
--   Windows 10
--   Windows Server 2016
+## Applies to
 
+- Windows 10
+- Windows Server 2016
 
-For Windows Defender Credential Guard to provide protection, the computers you are protecting must meet certain baseline hardware, firmware, and software requirements which we will refer to as [Hardware and software requirements](#hardware-and-software-requirements). Additionally, Windows Defender Credential Guard blocks specific authentication capabilities, so applications that require such capabilities will break. We will refer to this as [Application requirements](#application-requirements). Beyond that, computers can meet additional hardware and firmware qualifications, and receive additional protections. Those computers will be more hardened against certain threats. For detailed information on baseline protections, plus protections for improved security that are associated with hardware and firmware options available in 2015, 2016, and 2017, refer to the tables in [Security Considerations](#security-considerations).
-
+For Windows Defender Credential Guard to provide protection, the computers you are protecting must meet certain baseline hardware, firmware, and software requirements, which we will refer to as [Hardware and software requirements](#hardware-and-software-requirements). Additionally, Windows Defender Credential Guard blocks specific authentication capabilities, so applications that require such capabilities will break. We will refer to these requirements as [Application requirements](#application-requirements). Beyond these requirements, computers can meet additional hardware and firmware qualifications, and receive additional protections. Those computers will be more hardened against certain threats. For detailed information on baseline protections, plus protections for improved security that are associated with hardware and firmware options available in 2015, 2016, and 2017, refer to the tables in [Security Considerations](#security-considerations).
 
 ## Hardware and software requirements
 
 To provide basic protections against OS level attempts to read Credential Manager domain credentials, NTLM and Kerberos derived credentials, Windows Defender Credential Guard uses:
+
 - Support for Virtualization-based security (required)
 - Secure boot (required)
-- TPM (preferred - provides binding to hardware) versions 1.2 and 2.0 are supported, either discrete or firmware 
+- Trusted Platform Module (TPM, preferred - provides binding to hardware) versions 1.2 and 2.0 are supported, either discrete or firmware
 - UEFI lock (preferred - prevents attacker from disabling with a simple registry key change)
 
 The Virtualization-based security requires:
+
 - 64-bit CPU
 - CPU virtualization extensions plus extended page tables
 - Windows hypervisor (does not require Hyper-V Windows Feature to be installed)
@@ -47,6 +48,7 @@ Credential Guard can protect secrets in a Hyper-V virtual machine, just as it wo
 
 - The Hyper-V host must have an IOMMU, and run at least Windows Server 2016 or Windows 10 version 1607.
 - The Hyper-V virtual machine must be Generation 2, have an enabled virtual TPM, and be running at least Windows Server 2016 or Windows 10.
+  - TPM is not a requirement, but we recommend that you implement TPM.
 
 For information about other host platforms, see [Enabling Windows Server 2016 and Hyper-V virtualization based security features on other platforms](https://blogs.technet.microsoft.com/windowsserver/2016/09/29/enabling-windows-server-2016-and-hyper-v-virtualization-based-security-features-on-other-platforms/).
 
@@ -56,20 +58,22 @@ For information about Windows Defender Remote Credential Guard hardware and soft
 
 When Windows Defender Credential Guard is enabled, specific authentication capabilities are blocked, so applications that require such capabilities will break. Applications should be tested prior to deployment to ensure compatibility with the reduced functionality.
 
->[!WARNING]
-> Enabling Windows Defender Credential Guard on domain controllers is not supported. <br>
+> [!WARNING]
+> Enabling Windows Defender Credential Guard on domain controllers is not supported.
 > The domain controller hosts authentication services which integrate with processes isolated when Windows Defender Credential Guard is enabled, causing crashes.
 
->[!NOTE]
+> [!NOTE]
 > Windows Defender Credential Guard does not provide protections for the Active Directory database or the Security Accounts Manager (SAM). The credentials protected by Kerberos and NTLM when Windows Defender Credential Guard is enabled are also in the Active Directory database (on domain controllers) and the SAM (for local accounts).
 
 Applications will break if they require:
+
 - Kerberos DES encryption support
 - Kerberos unconstrained delegation
 - Extracting the Kerberos TGT
 - NTLMv1
 
 Applications will prompt and expose credentials to risk if they require:
+
 - Digest authentication
 - Credential delegation
 - MS-CHAPv2
@@ -86,52 +90,66 @@ The following tables describe baseline protections, plus protections for improve
 
 > [!NOTE]
 > Beginning with Windows 10, version 1607, Trusted Platform Module (TPM 2.0) must be enabled by default on new shipping computers.
-> 
+>
 > If you are an OEM, see [PC OEM requirements for Windows Defender Credential Guard](https://msdn.microsoft.com/library/windows/hardware/mt767514.aspx).
 
 ### Baseline protections
 
-|Baseline Protections | Description | Security benefits
+|Baseline Protections|Description|Security benefits
 |---|---|---|
-| Hardware: **64-bit CPU**              | A 64-bit computer is required for the Windows hypervisor to provide VBS. |
-| Hardware: **CPU virtualization extensions**,<br>plus **extended page tables** | **Requirements**: These hardware features are required for VBS:<br>One of the following virtualization extensions:<br>• VT-x (Intel) or<br>• AMD-V<br>And:<br>• Extended page tables, also called Second Level Address Translation (SLAT). | VBS provides isolation of secure kernel from normal operating system. Vulnerabilities and Day 0s in normal operating system cannot be exploited because of this isolation. |
-| Hardware: **Trusted Platform Module (TPM)**  |  **Requirement**: TPM 1.2 or TPM 2.0, either discrete or firmware.<br>[TPM recommendations](https://technet.microsoft.com/itpro/windows/keep-secure/tpm-recommendations) | A TPM provides protection for VBS encryption keys that are stored in the firmware. This helps protect against attacks involving a physically present user with BIOS access. |
-| Firmware: **UEFI firmware version 2.3.1.c or higher with UEFI Secure Boot** | **Requirements**: See the following Windows Hardware Compatibility Program requirement: [System.Fundamentals.Firmware.UEFISecureBoot](https://msdn.microsoft.com/library/windows/hardware/dn932805.aspx#system-fundamentals-firmware-uefisecureboot)| UEFI Secure Boot helps ensure that the device boots only authorized code. This can prevent boot kits and root kits from installing and persisting across reboots.  |
-| Firmware: **Secure firmware update process**  | **Requirements**: UEFI firmware must support secure firmware update found under the following Windows Hardware Compatibility Program requirement: [System.Fundamentals.Firmware.UEFISecureBoot](https://msdn.microsoft.com/library/windows/hardware/dn932805.aspx#system-fundamentals-firmware-uefisecureboot).| UEFI firmware just like software can have security vulnerabilities that, when found, need to be patched through firmware updates. Patching helps prevent root kits from getting installed. |
-| Software: Qualified **Windows operating system**  | **Requirement**: Windows 10 or Windows Server 2016.<br><blockquote><p><b>Important:</b><br> Windows Server 2016 running as a domain controller does not support Windows Defender Credential Guard. </p></blockquote> |Support for VBS and for management features that simplify configuration of Windows Defender Credential Guard. |
+|Hardware: **64-bit CPU**        |A 64-bit computer is required for the Windows hypervisor to provide VBS.|
+|Hardware: **CPU virtualization extensions**, plus **extended page tables**|**Requirements**: </br> - These hardware features are required for VBS: One of the following virtualization extensions: - VT-x (Intel) or - AMD-V And: - Extended page tables, also called Second Level Address Translation (SLAT).|VBS provides isolation of secure kernel from normal operating system. </br></br> Vulnerabilities and Day 0s in normal operating system cannot be exploited because of this isolation.|
+|Hardware: **Trusted Platform Module (TPM)**|**Requirement**: </br> - TPM 1.2 or TPM 2.0, either discrete or firmware. [TPM recommendations](https://technet.microsoft.com/itpro/windows/keep-secure/tpm-recommendations)|A TPM provides protection for VBS encryption keys that are stored in the firmware. TPM helps protect against attacks involving a physically present user with BIOS access.|
+|Firmware: **UEFI firmware version 2.3.1.c or higher with UEFI Secure Boot**|**Requirements**: </br> - See the following Windows Hardware Compatibility Program requirement: System.Fundamentals.Firmware.UEFISecureBoot|UEFI Secure Boot helps ensure that the device boots only authorized code, and can prevent boot kits and root kits from installing and persisting across reboots.|
+|Firmware: **Secure firmware update process**|**Requirements**: </br> - UEFI firmware must support secure firmware update found under the following Windows Hardware Compatibility Program requirement: System.Fundamentals.Firmware.UEFISecureBoot.|UEFI firmware just like software can have security vulnerabilities that, when found, need to be patched through firmware updates. Patching helps prevent root kits from getting installed.|
+|Software: Qualified **Windows operating system**|**Requirement**: </br> - Windows 10 or Windows Server 2016.|Support for VBS and for management features that simplify configuration of Windows Defender Credential Guard.|
+
+> [!IMPORTANT]
+> Windows Server 2016 running as a domain controller does not support Windows Defender Credential Guard.
 
 > [!IMPORTANT]
 > The following tables list additional qualifications for improved security. We strongly recommend meeting the additional qualifications to significantly strengthen the level of security that Windows Defender Credential Guard can provide.
 
-
 ### 2015 Additional security qualifications starting with Windows 10, version 1507, and Windows Server 2016 Technical Preview 4
 
-|             Protections for Improved Security             |                                                                                                                                                                                                                                                                                                               Description                                                                                                                                                                                                                                                                                                                |
-|-----------------------------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
-| Hardware: **IOMMU** (input/output memory management unit) |                                                                                                                                                                               **Requirement**: VT-D or AMD Vi IOMMU **Security benefits**: An IOMMU can enhance system resiliency against memory attacks. For more information, see [ACPI description tables](https://msdn.microsoft.com/windows/hardware/drivers/bringup/acpi-system-description-tables).                                                                                                                                                                               |
-| Firmware: **Securing Boot Configuration and Management**  | **Requirements**:<br>• BIOS password or stronger authentication must be supported.<br>• In the BIOS configuration, BIOS authentication must be set.<br>• There must be support for protected BIOS option to configure list of permitted boot devices (for example, “Boot only from internal hard drive”) and boot device order, overriding BOOTORDER modification made by operating system.<br>• In the BIOS configuration, BIOS options related to security and boot options (list of permitted boot devices, boot order) must be secured to prevent other operating systems from starting and to prevent changes to the BIOS settings. |
-|    Firmware: **Secure MOR, revision 2 implementation**    |                                                                                                                                                                                                                                                                                          **Requirement**: Secure MOR, revision 2 implementation                                                                                                                                                                                                                                                                                          |
-
-<br>
+|Protections for Improved Security|Description|
+|---|---|
+|Hardware: **IOMMU** (input/output memory management unit)|**Requirement**: </br> - VT-D or AMD Vi IOMMU </br> </br> **Security benefits**: </br> - An IOMMU can enhance system resiliency against memory attacks. For more information, see [Advanced Configuration and Power Interface (ACPI) description tables](https://msdn.microsoft.com/windows/hardware/drivers/bringup/acpi-system-description-tables)|
+|Firmware: **Securing Boot Configuration and Management**|**Requirements**: </br> - BIOS password or stronger authentication must be supported. </br> - In the BIOS configuration, BIOS authentication must be set. </br> - There must be support for protected BIOS option to configure list of permitted boot devices (for example, “Boot only from internal hard drive”) and boot device order, overriding BOOTORDER modification made by operating system. </br> - In the BIOS configuration, BIOS options related to security and boot options (list of permitted boot devices, boot order) must be secured to prevent other operating systems from starting and to prevent changes to the BIOS settings.|
+|Firmware: **Secure MOR, revision 2 implementation**|**Requirement**: </br> - Secure MOR, revision 2 implementation|
 
 ### 2016 Additional security qualifications starting with Windows 10, version 1607, and Windows Server 2016
 
 > [!IMPORTANT]
 > The following tables list additional qualifications for improved security. Systems that meet these additional qualifications can provide more protections.
 
-| Protections for Improved Security  | Description  |Security Benefits |
+|Protections for Improved Security|Description|Security Benefits|
 |---|---|---|
-| Firmware: **Hardware Rooted Trust Platform Secure Boot** | **Requirements**:<br>Boot Integrity (Platform Secure Boot) must be supported. See the Windows Hardware Compatibility Program requirements under [System.Fundamentals.Firmware.CS.UEFISecureBoot.ConnectedStandby](https://msdn.microsoft.com/library/windows/hardware/dn932807(v=vs.85).aspx#system_fundamentals_firmware_cs_uefisecureboot_connectedstandby)<br>• The Hardware Security Test Interface (HSTI) must be implemented. See [Hardware Security Testability Specification](https://msdn.microsoft.com/library/windows/hardware/mt712332(v=vs.85).aspx). | Boot Integrity (Platform Secure Boot) from Power-On provides protections against physically present attackers, and defense-in-depth against malware.<br>• HSTI provides additional security assurance for correctly secured silicon and platform. |
-| Firmware: **Firmware Update through Windows Update** | **Requirements**: Firmware must support field updates through Windows Update and UEFI encapsulation update. | Helps ensure that firmware updates are fast, secure, and reliable. |
-| Firmware: **Securing Boot Configuration and Management** | **Requirements**:<br>• Required BIOS capabilities: Ability of OEM to add ISV, OEM, or Enterprise Certificate in Secure Boot DB at manufacturing time.<br>• Required configurations: Microsoft UEFI CA must be removed from Secure Boot DB. Support for 3rd-party UEFI modules is permitted but should leverage ISV-provided certificates or OEM certificate for the specific UEFI software. | • Enterprises can choose to allow proprietary EFI drivers/applications to run.<br>• Removing Microsoft UEFI CA from Secure Boot DB provides full control to enterprises over software that runs before the operating system boots. |
-
-<br>
+|Firmware: **Hardware Rooted Trust Platform Secure Boot**|**Requirements**: </br> - Boot Integrity (Platform Secure Boot) must be supported. See the Windows Hardware Compatibility Program requirements under System.Fundamentals.Firmware.CS.UEFISecureBoot.ConnectedStandby</br> - The Hardware Security Test Interface (HSTI) must be implemented. See [Hardware Security Testability Specification](https://msdn.microsoft.com/library/windows/hardware/mt712332(v=vs.85).aspx).|Boot Integrity (Platform Secure Boot) from Power-On provides protections against physically present attackers, and defense-in-depth against malware. </br> - HSTI provides additional security assurance for correctly secured silicon and platform.|
+|Firmware: **Firmware Update through Windows Update**|**Requirements**: </br> - Firmware must support field updates through Windows Update and UEFI encapsulation update.|Helps ensure that firmware updates are fast, secure, and reliable.|
+|Firmware: **Securing Boot Configuration and Management**|**Requirements**: </br> - Required BIOS capabilities: Ability of OEM to add ISV, OEM, or Enterprise Certificate in Secure Boot DB at manufacturing time. </br> - Required configurations: Microsoft UEFI CA must be removed from Secure Boot DB. Support for 3rd-party UEFI modules is permitted but should leverage ISV-provided certificates or OEM certificate for the specific UEFI software.|- Enterprises can choose to allow proprietary EFI drivers/applications to run. </br> - Removing Microsoft UEFI CA from Secure Boot DB provides full control to enterprises over software that runs before the operating system boots.|
 
 ### 2017 Additional security qualifications starting with Windows 10, version 1703
 
 The following table lists qualifications for Windows 10, version 1703, which are in addition to all preceding qualifications.
 
-| Protections for Improved Security  | Description  | Security Benefits
+|Protections for Improved Security|Description|Security Benefits
 |---|---|---|
-| Firmware: **VBS enablement of NX protection for UEFI runtime services** | **Requirements**:<br>• VBS will enable No-Execute (NX) protection on UEFI runtime service code and data memory regions. UEFI runtime service code must support read-only page protections, and UEFI runtime service data must not be executable.<br>• UEFI runtime service must meet these requirements: <br>&nbsp;&nbsp;&nbsp;&nbsp;- Implement UEFI 2.6 EFI_MEMORY_ATTRIBUTES_TABLE. All UEFI runtime service memory (code and data) must be described by this table. <br>&nbsp;&nbsp;&nbsp;&nbsp;- PE sections need to be page-aligned in memory (not required for in non-volatile storage).<br>&nbsp;&nbsp;&nbsp;&nbsp;- The Memory Attributes Table needs to correctly mark code and data as RO/NX for configuration by the OS:<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;- All entries must include attributes EFI_MEMORY_RO, EFI_MEMORY_XP, or both <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;- No entries may be left with neither of the above attributes, indicating memory that is both executable and writable. Memory must be either readable and executable or writeable and non-executable. <br><blockquote><p><b>Notes:</b><br>• This only applies to UEFI runtime service memory, and not UEFI boot service memory. <br>• This protection is applied by VBS on OS page tables.</p></blockquote><br> Please also note the following: <br>• Do not use sections that are both writeable and executable<br>• Do not attempt to directly modify executable system memory<br>• Do not use dynamic code | • Vulnerabilities in UEFI runtime, if any, will be blocked from compromising VBS (such as in functions like UpdateCapsule and SetVariable)<br>• Reduces the attack surface to VBS from system firmware.     |
-| Firmware: **Firmware support for SMM protection** | **Requirements**: The [Windows SMM Security Mitigations Table (WSMT) specification](https://download.microsoft.com/download/1/8/A/18A21244-EB67-4538-BAA2-1A54E0E490B6/WSMT.docx) contains details of an Advanced Configuration and Power Interface (ACPI) table that was created for use with Windows operating systems that support Windows virtualization-based security (VBS) features. |  • Protects against potential vulnerabilities in UEFI runtime services, if any, will be blocked from compromising VBS (such as in functions like UpdateCapsule and SetVariable)<br>• Reduces the attack surface to VBS from system firmware.<br>• Blocks additional security attacks against SMM. |
+|Firmware: **VBS enablement of No-Execute (NX) protection for UEFI runtime services**|**Requirements**: </br> - VBS will enable NX protection on UEFI runtime service code and data memory regions. UEFI runtime service code must support read-only page protections, and UEFI runtime service data must not be executable. UEFI runtime service must meet these requirements: </br> - Implement UEFI 2.6 EFI_MEMORY_ATTRIBUTES_TABLE. All UEFI runtime service memory (code and data) must be described by this table. </br> - PE sections must be page-aligned in memory (not required for in non-volatile storage). </br> - The Memory Attributes Table needs to correctly mark code and data as RO/NX for configuration by the OS: </br> - All entries must include attributes EFI_MEMORY_RO, EFI_MEMORY_XP, or both. </br> - No entries may be left with neither of the above attributes, indicating memory that is both executable and writable. Memory must be either readable and executable or writeable and non-executable. </br> (**SEE IMPORTANT INFORMATION AFTER THIS TABLE**)|Vulnerabilities in UEFI runtime, if any, will be blocked from compromising VBS (such as in functions like UpdateCapsule and SetVariable) </br> - Reduces the attack surface to VBS from system firmware.|
+|Firmware: **Firmware support for SMM protection**|**Requirements**: </br> - The [Windows SMM Security Mitigations Table (WSMT) specification](https://download.microsoft.com/download/1/8/A/18A21244-EB67-4538-BAA2-1A54E0E490B6/WSMT.docx) contains details of an ACPI table that was created for use with Windows operating systems that support Windows virtualization-based security (VBS) features.|- Protects against potential vulnerabilities in UEFI runtime services, if any, will be blocked from compromising VBS (such as in functions like UpdateCapsule and SetVariable) </br> - Reduces the attack surface to VBS from system firmware. </br> - Blocks additional security attacks against SMM.|
+
+> [!IMPORTANT]
+>
+> Regarding **VBS enablement of NX protection for UEFI runtime services**:
+>
+> - This only applies to UEFI runtime service memory, and not UEFI boot service memory.
+>
+> - This protection is applied by VBS on OS page tables.
+>
+>   Please also note the following:
+>
+>   - Do not use sections that are both writeable and executable
+>
+>   - Do not attempt to directly modify executable system memory
+>
+>   - Do not use dynamic code
diff --git a/windows/security/identity-protection/hello-for-business/hello-faq.md b/windows/security/identity-protection/hello-for-business/hello-faq.md
index e6d36e6967..b5dfff553e 100644
--- a/windows/security/identity-protection/hello-for-business/hello-faq.md
+++ b/windows/security/identity-protection/hello-for-business/hello-faq.md
@@ -75,6 +75,7 @@ Communicating with Azure Active Directory uses the following URLs:
 - enterpriseregistration.windows.net
 - login.microsoftonline.com
 - login.windows.net
+- account.live.com
 
 If your environment uses Microsoft Intune, you need these additional URLs:
 - enrollment.manage.microsoft.com
diff --git a/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-whfb-settings-pki.md b/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-whfb-settings-pki.md
index 8a785dcf5f..8bd8f3e995 100644
--- a/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-whfb-settings-pki.md
+++ b/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-whfb-settings-pki.md
@@ -39,7 +39,7 @@ Clients need to trust domain controllers and the best way to do this is to ensur
 
 Domain controllers automatically request a domain controller certificate (if published) when they discover an enterprise certificate authority is added to Active Directory.  However, certificates based on the *Domain Controller* and *Domain Controller Authentication* certificate templates do not include the **KDC Authentication** object identifier (OID), which was later added to the Kerberos RFC.  Therefore, domain controllers need to request a certificate based on the Kerberos Authentication certificate template.
 
-By default, the Active Directory Certificate Authority provides and publishes the Kerberos Authentication certificate template.  However, the cryptography configuration included in the provided template is based on older and less performant cryptography APIs.  To ensure domain controllers request the proper certificate with the best available cryptography, use the **Kerberos Authentication** certificate template a baseline to create an updated domain controller certificate template.
+By default, the Active Directory Certificate Authority provides and publishes the Kerberos Authentication certificate template.  However, the cryptography configuration included in the provided template is based on older and less performant cryptography APIs.  To ensure domain controllers request the proper certificate with the best available cryptography, use the **Kerberos Authentication** certificate template as a baseline to create an updated domain controller certificate template.
 
 #### Create a Domain Controller Authentication (Kerberos) Certificate Template
 
@@ -95,8 +95,7 @@ Sign-in a certificate authority or management workstations with _Enterprise Admi
 The certificate template is configured to supersede all the certificate templates provided in the certificate templates superseded templates list.  However, the certificate template and the superseding of certificate templates is not active until you publish the certificate template to one or more certificate authorities.
 
 > [!NOTE]
-> * The Domain Controller Certificate must be present in the NTAuth store. By default, Microsoft Enterprise CAs are added to the NTAuth store. 
-> * If you are using a 3rd party CA, add the certificate to the NTAuth store. If the Domain Controller Certificate is not present in the NTAuth store, user authentication will fail. 
+> The domain controller's certificate must chain to a root in the NTAuth store. By default, the Active Directory Certificate Authority's root certificate is added to the NTAuth store. If you are using a third-party CA, this may not be done by default. If the domain controller certificate does not chain to a root in the NTAuth store, user authentication will fail.
 
 ### Enrollment Agent certificate template
 
diff --git a/windows/security/identity-protection/hello-for-business/hello-hybrid-key-whfb-settings-dir-sync.md b/windows/security/identity-protection/hello-for-business/hello-hybrid-key-whfb-settings-dir-sync.md
index ce98019039..3bd0bbe112 100644
--- a/windows/security/identity-protection/hello-for-business/hello-hybrid-key-whfb-settings-dir-sync.md
+++ b/windows/security/identity-protection/hello-for-business/hello-hybrid-key-whfb-settings-dir-sync.md
@@ -39,7 +39,7 @@ Sign-in a domain controller or management workstation with _Domain Admin_ equiva
 2. Click the **Users** container in the navigation pane.
 3. Right-click **Key Admins** in the details pane and click **Properties**.
 4. Click the **Members** tab and click **Add**
-5. In the **Enter the object names to select** text box, type the name of the Azure AD Connect service account.  Click **OK**.
+5. In the **Enter the object names to select** text box, type the name of the service account used as an AD DS Connector account and click **OK**.
 6. Click **OK** to return to **Active Directory Users and Computers**.
 
 ### Section Review
diff --git a/windows/security/identity-protection/remote-credential-guard.md b/windows/security/identity-protection/remote-credential-guard.md
index 373339ebcd..60dc685e1e 100644
--- a/windows/security/identity-protection/remote-credential-guard.md
+++ b/windows/security/identity-protection/remote-credential-guard.md
@@ -53,7 +53,7 @@ Use the following table to compare different Remote Desktop connection security
 <br />
 
 
-|                                                       **Feature**                                                        |                                                           **Remote Desktop**                                                           |                                      **Windows Defender Remote Credential Guard**                                      |                                                                                                                                             **Restricted Admin mode**                                                                                                                                             |
+| Feature | Remote Desktop | Windows Defender Remote Credential Guard | Restricted Admin mode |
 |--------------------------------------------------------------------------------------------------------------------------|----------------------------------------------------------------------------------------------------------------------------------------|------------------------------------------------------------------------------------------------------------------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
 |                                                 **Protection benefits**                                                  |                                Credentials on the server are not protected from Pass-the-Hash attacks.                                 |  User credentials remain on the client. An attacker can act on behalf of the user *only* when the session is ongoing   |                                                                                  User logs on to the server as local administrator, so an attacker cannot act on behalf of the “domain user”. Any attack is local to the server                                                                                   |
 |                                                   **Version support**                                                    |                                        The remote computer can run any Windows operating system                                        | Both the client and the remote computer must be running **at least Windows 10, version 1607, or Windows Server 2016**. | The remote computer must be running **at least patched Windows 7 or patched Windows Server 2008 R2**. <br /><br />For more information about patches (software updates) related to Restricted Admin mode, see [Microsoft Security Advisory 2871997](https://technet.microsoft.com/library/security/2871997.aspx). |
@@ -67,7 +67,7 @@ Use the following table to compare different Remote Desktop connection security
 <br />
 
 For further technical information, see [Remote Desktop Protocol](https://msdn.microsoft.com/library/aa383015(v=vs.85).aspx)
-and [How Kerberos works](https://technet.microsoft.com/library/cc961963.aspx(d=robot))
+and [How Kerberos works](https://technet.microsoft.com/library/cc961963.aspx(d=robot)).
 
 <br />
 
@@ -92,9 +92,12 @@ To use Windows Defender Remote Credential Guard, the Remote Desktop client and r
 
 The Remote Desktop client device:
 
--  Must be running at least Windows 10, version 1703 to be able to supply credentials, which is sent to the remote device. This allows users to run as different users without having to send credentials to the remote machine. 
+-  Must be running at least Windows 10, version 1703 to be able to supply credentials, which is sent to the remote device. This allows users to run as different users without having to send credentials to the remote machine.
+
 -  Must be running at least Windows 10, version 1607 or Windows Server 2016 to use the user’s signed-in credentials. This requires the user’s account be able to sign in to both the client device and the remote host.
+
 -  Must be running the Remote Desktop Classic Windows application. The Remote Desktop Universal Windows Platform application doesn't support Windows Defender Remote Credential Guard.
+
 -  Must use Kerberos authentication to connect to the remote host. If the client cannot connect to a domain controller, then RDP attempts to fall back to NTLM. Windows Defender Remote Credential Guard does not allow NTLM fallback because this would expose credentials to risk.
 
 The Remote Desktop remote host:
@@ -108,9 +111,13 @@ There are no hardware requirements for Windows Defender Remote Credential Guard.
 
 > [!NOTE]
 > Remote Desktop client devices running earlier versions, at minimum Windows 10 version 1607, only support signed-in credentials, so the client device must also be joined to an Active Directory domain. Both Remote Desktop client and server must either be joined to the same domain, or the Remote Desktop server can be joined to a domain that has a trust relationship to the client device's domain.
+>
+> GPO [Remote host allows delegation of non-exportable credentials](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-credentialsdelegation) should be enabled for delegation of non-exportable credentials.
 
 - For Windows Defender Remote Credential Guard to be supported, the user must authenticate to the remote host using Kerberos authentication.
+
 - The remote host must be running at least Windows 10 version 1607, or Windows Server 2016.
+
 - The Remote Desktop classic Windows app is required. The Remote Desktop Universal Windows Platform app doesn't support Windows Defender Remote Credential Guard.
 
 ## Enable Windows Defender Remote Credential Guard
@@ -118,15 +125,20 @@ There are no hardware requirements for Windows Defender Remote Credential Guard.
 You must enable Restricted Admin or Windows Defender Remote Credential Guard on the remote host by using the Registry.
 
 1. Open Registry Editor on the remote host.
+
 2. Enable Restricted Admin and Windows Defender Remote Credential Guard:
+
     - Go to HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Lsa.
+    
     - Add a new DWORD value named **DisableRestrictedAdmin**.
+    
     - To turn on Restricted Admin and Windows Defender Remote Credential Guard, set the value of this registry setting to 0 to turn on Windows Defender Remote Credential Guard.
+    
 3. Close Registry Editor.
 
 You can add this by running the following command from an elevated command prompt:
 
-```
+```console
 reg add HKLM\SYSTEM\CurrentControlSet\Control\Lsa /v DisableRestrictedAdmin /d 0 /t REG_DWORD
 ```
 
@@ -143,6 +155,7 @@ Beginning with Windows 10 version 1703, you can enable Windows Defender Remote C
     ![Windows Defender Remote Credential Guard Group Policy](images/remote-credential-guard-gp.png)
 
 3. Under **Use the following restricted mode**:
+
    - If you want to require either [Restricted Admin mode](https://social.technet.microsoft.com/wiki/contents/articles/32905.remote-desktop-services-enable-restricted-admin-mode.aspx) or Windows Defender Remote Credential Guard, choose **Restrict Credential Delegation**. In this configuration, Windows Defender Remote Credential Guard is preferred, but it will use Restricted Admin mode (if supported) when Windows Defender Remote Credential Guard cannot be used.
 
      > [!NOTE]
@@ -163,7 +176,7 @@ Beginning with Windows 10 version 1703, you can enable Windows Defender Remote C
 
 If you don't use Group Policy in your organization, or if not all your remote hosts support Remote Credential Guard, you can add the remoteGuard parameter when you start Remote Desktop Connection to turn on Windows Defender Remote Credential Guard for that connection.
 
-```
+```console
 mstsc.exe /remoteGuard
 ```
 
diff --git a/windows/security/identity-protection/user-account-control/how-user-account-control-works.md b/windows/security/identity-protection/user-account-control/how-user-account-control-works.md
index 560f4b240c..254e57e0e9 100644
--- a/windows/security/identity-protection/user-account-control/how-user-account-control-works.md
+++ b/windows/security/identity-protection/user-account-control/how-user-account-control-works.md
@@ -109,9 +109,7 @@ To better understand each component, review the table below:
 <th>Description</th>
 </tr>
 <tr>
-<td>
-<p><b>User</b></p>
-</td>
+<th colspan="2">User</th>
 </tr>
 <tr>
 <td>
@@ -138,9 +136,7 @@ To better understand each component, review the table below:
 </td>
 </tr>
 <tr>
-<td>
-<p><b>System</b></p>
-</td>
+<th colspan="2">System</th>
 </tr>
 <tr>
 <td>
@@ -248,8 +244,7 @@ To better understand each component, review the table below:
 </td>
 </tr>
 <tr>
-<td>
-<p><b>Kernel</b></p>
+<th colspan="2">Kernel</th>
 </td>
 </tr>
 <tr>
@@ -276,9 +271,11 @@ The slider will never turn UAC completely off. If you set it to <b>Never notify<
 -   Cause all elevation request initiated by administrators to be auto-approved without showing a UAC prompt.
 -   Automatically deny all elevation requests for standard users.
 
-> **Important:**  In order to fully disable UAC you must disable the policy **User Account Control: Run all administrators in Admin Approval Mode**.
-> 
-> **Warning:**  Universal Windows apps will not work when UAC is disabled.
+> [!IMPORTANT]
+> In order to fully disable UAC you must disable the policy **User Account Control: Run all administrators in Admin Approval Mode**.
+
+> [!WARNING]
+> Some Universal Windows Platform apps may not work when UAC is disabled.
  
 ### Virtualization
 
@@ -291,7 +288,9 @@ Most app tasks operate properly by using virtualization features. Although virtu
 Virtualization is not an option in the following scenarios:
 
 -   Virtualization does not apply to apps that are elevated and run with a full administrative access token.
+
 -   Virtualization supports only 32-bit apps. Non-elevated 64-bit apps simply receive an access denied message when they attempt to acquire a handle (a unique identifier) to a Windows object. Native Windows 64-bit apps are required to be compatible with UAC and to write data into the correct locations.
+
 -   Virtualization is disabled if the app includes an app manifest with a requested execution level attribute.
 
 ### Request execution levels
@@ -319,6 +318,8 @@ Before a 32-bit process is created, the following attributes are checked to dete
 -   Key attributes in the resource script data are linked in the executable file.
 -   There are targeted sequences of bytes within the executable file.
 
-> **Note:**  The keywords and sequences of bytes were derived from common characteristics observed from various installer technologies.
-> 
-> **Note:**  The User Account Control: Detect application installations and prompt for elevation policy setting must be enabled for installer detection to detect installation programs. For more info, see [User Account Control security policy settings](user-account-control-security-policy-settings.md).
+> [!NOTE]
+> The keywords and sequences of bytes were derived from common characteristics observed from various installer technologies.
+
+> [!NOTE]
+> The User Account Control: Detect application installations and prompt for elevation policy setting must be enabled for installer detection to detect installation programs. For more info, see [User Account Control security policy settings](user-account-control-security-policy-settings.md).
diff --git a/windows/security/identity-protection/vpn/vpn-conditional-access.md b/windows/security/identity-protection/vpn/vpn-conditional-access.md
index df414d1e79..fc09e68a62 100644
--- a/windows/security/identity-protection/vpn/vpn-conditional-access.md
+++ b/windows/security/identity-protection/vpn/vpn-conditional-access.md
@@ -48,44 +48,54 @@ The following client-side components are also required:
 - Trusted Platform Module (TPM)
 
 ## VPN device compliance 
+
 At this time, the Azure AD certificates issued to users do not contain a CRL Distribution Point (CDP) and are not suitable for Key Distribution Centers (KDCs) to issue Kerberos tokens. For users to gain access to on-premises resources such as files on a network share, client authentication certificates must be deployed to the Windows profiles of the users, and their VPNv2 profiles must contain the &lt;SSO&gt; section.
 
 Server-side infrastructure requirements to support VPN device compliance include:
 
-- The VPN server should be configured for certificate authentication
-- The VPN server should trust the tenant-specific Azure AD CA
-- For client access using Kerberos/NTLM, a domain-trusted certificate is deployed to the client device and is configured to be used for single sign-on (SSO)
+- The VPN server should be configured for certificate authentication.
+- The VPN server should trust the tenant-specific Azure AD CA.
+- For client access using Kerberos/NTLM, a domain-trusted certificate is deployed to the client device and is configured to be used for single sign-on (SSO).
    
 After the server side is set up, VPN admins can add the policy settings for conditional access to the VPN profile using the VPNv2 DeviceCompliance node.
 
 Two client-side configuration service providers are leveraged for VPN device compliance.
 
-- VPNv2 CSP DeviceCompliance settings
+- VPNv2 CSP DeviceCompliance settings:
+
    - **Enabled**: enables the Device Compliance flow from the client. If marked as **true**, the VPN client attempts to communicate with Azure AD to get a certificate to use for authentication. The VPN should be set up to use certificate authentication and the VPN server must trust the server returned by Azure AD.
    - **Sso**: entries under SSO should be used to direct the VPN client to use a certificate other than the VPN authentication certificate when accessing resources that require Kerberos authentication.
    - **Sso/Enabled**: if this field is set to **true**, the VPN client looks for a separate certificate for Kerberos authentication.
    - **Sso/IssuerHash**: hashes for the VPN client to look for the correct certificate for Kerberos authentication.
    - **Sso/Eku**: comma-separated list of Enhanced Key Usage (EKU) extensions for the VPN client to look for the correct certificate for Kerberos authentication.
+   
 - HealthAttestation CSP (not a requirement) - functions performed by the HealthAttestation CSP include:
+
    - Collects TPM data used to verify health states
    - Forwards the data to the Health Attestation Service (HAS)
    - Provisions the Health Attestation Certificate received from the HAS
    - Upon request, forwards the Health Attestation Certificate (received from HAS) and related runtime information to the MDM server for verification
    
->[!NOTE]
->Currently, it is required that certificates be issued from an on-premises CA, and that SSO be enabled in the user’s VPN profile. This will enable the user to obtain Kerberos tickets in order to access resources on-premises. Kerberos currently does not support the use of Azure AD certificates.
+> [!NOTE]
+> Currently, it is required that certificates used for obtaining Kerberos tickets must be issued from an on-premises CA, and that SSO must be enabled in the user’s VPN profile. This will enable the user to access on-premises resources. 
 
 ## Client connection flow
+
 The VPN client side connection flow works as follows:
 
-![Device compliance workflow when VPN client attempts to connect](images/vpn-device-compliance.png)
+> [!div class="mx-imgBorder"]
+> ![Device compliance workflow when VPN client attempts to connect](images/vpn-device-compliance.png)
  
 When a VPNv2 Profile is configured with \<DeviceCompliance> \<Enabled>true<\/Enabled> the VPN client uses this connection flow:
 
 1.	 The VPN client calls into Windows 10’s Azure AD Token Broker, identifying itself as a VPN client.
+
 2.	 The Azure AD Token Broker authenticates to Azure AD and provides it with information about the device trying to connect. The Azure AD Server checks if the device is in compliance with the policies.
-3.	 If compliant, Azure AD requests a short-lived certificate
+
+3.	 If compliant, Azure AD requests a short-lived certificate.
+
 4.	 Azure AD pushes down a short-lived certificate to the Certificate Store via the Token Broker. The Token Broker then returns control back over to the VPN client for further connection  processing.
+
 5. The VPN client uses the Azure AD-issued certificate to authenticate with the VPN server.
 
 ## Configure conditional access
diff --git a/windows/security/information-protection/bitlocker/bitlocker-recovery-guide-plan.md b/windows/security/information-protection/bitlocker/bitlocker-recovery-guide-plan.md
index 799e432faa..f31dcd8374 100644
--- a/windows/security/information-protection/bitlocker/bitlocker-recovery-guide-plan.md
+++ b/windows/security/information-protection/bitlocker/bitlocker-recovery-guide-plan.md
@@ -20,9 +20,9 @@ ms.custom: bitlocker
 
 # BitLocker recovery guide
 
-**Applies to**
+**Applies to:**
 
--   Windows 10
+- Windows 10
 
 This topic for IT professionals describes how to recover BitLocker keys from AD DS.
 
@@ -32,56 +32,58 @@ This article assumes that you understand how to set up AD DS to back up BitLock
 
 This article does not detail how to configure AD DS to store the BitLocker recovery information.
 
+
 ## <a href="" id="bkmk-whatisrecovery"></a>What is BitLocker recovery?
 
 BitLocker recovery is the process by which you can restore access to a BitLocker-protected drive in the event that you cannot unlock the drive normally. In a recovery scenario, you have the following options to restore access to the drive:
 
--   The user can supply the recovery password. If your organization allows users to print or store recovery passwords, the user can type in the 48-digit recovery password that they printed or stored on a USB drive or with your Microsoft Account online. (Saving a recovery password with your Microsoft Account online is only allowed when BitLocker is used on a PC that is not a member of a domain).
--   A data recovery agent can use their credentials to unlock the drive. If the drive is an operating system drive, the drive must be mounted as a data drive on another computer for the data recovery agent to unlock it.
--   A domain administrator can obtain the recovery password from AD DS and use it to unlock the drive. Storing recovery passwords in AD DS is recommended to provide a way for IT professionals to be able to obtain recovery passwords for drives in their organization if needed. This method requires that you have enabled this recovery method in the BitLocker Group Policy setting **Choose how BitLocker-protected operating system drives can be recovered** located at **Computer Configuration\\Administrative Templates\\Windows Components\\BitLocker Drive Encryption\\Operating System Drives** in the Local Group Policy Editor. For more information, see [BitLocker Group Policy settings](bitlocker-group-policy-settings.md).
+- The user can supply the recovery password. If your organization allows users to print or store recovery passwords, the user can type in the 48-digit recovery password that they printed or stored on a USB drive or with your Microsoft Account online. (Saving a recovery password with your Microsoft Account online is only allowed when BitLocker is used on a PC that is not a member of a domain).
+- A data recovery agent can use their credentials to unlock the drive. If the drive is an operating system drive, the drive must be mounted as a data drive on another computer for the data recovery agent to unlock it.
+- A domain administrator can obtain the recovery password from AD DS and use it to unlock the drive. Storing recovery passwords in AD DS is recommended to provide a way for IT professionals to be able to obtain recovery passwords for drives in their organization if needed. This method requires that you have enabled this recovery method in the BitLocker Group Policy setting **Choose how BitLocker-protected operating system drives can be recovered** located at **Computer Configuration\\Administrative Templates\\Windows Components\\BitLocker Drive Encryption\\Operating System Drives** in the Local Group Policy Editor. For more information, see [BitLocker Group Policy settings](bitlocker-group-policy-settings.md).
+
 
 ### What causes BitLocker recovery?
 
 The following list provides examples of specific events that will cause BitLocker to enter recovery mode when attempting to start the operating system drive:
 
--   On PCs that use BitLocker Drive Encryption, or on devices such as tablets or phones that use [BitLocker Device Encryption](bitlocker-device-encryption-overview-windows-10.md) only, when an attack is detected, the device will immediately reboot and enter into BitLocker recovery mode. To take advantage of this functionality Administrators can set the **Interactive logon: Machine account lockout threshold** Group Policy setting located in **\\Computer Configuration\\Windows Settings\\Security Settings\\Local Policies\\Security Options** in the Local Group Policy Editor, or use the **MaxFailedPasswordAttempts** policy of [Exchange ActiveSync](/Exchange/clients/exchange-activesync/exchange-activesync) (also configurable through [Microsoft Intune](https://www.microsoft.com/microsoft-365/enterprise-mobility-security/microsoft-intune)), to limit the number of failed password attempts before the device goes into Device Lockout.
--   On devices with TPM 1.2, changing the BIOS or firmware boot device order causes BitLocker recovery. However, devices with TPM 2.0 do not start BitLocker recovery in this case. TPM 2.0 does not consider a firmware change of boot device order as a security threat because the OS Boot Loader is not compromised.
--   Having the CD or DVD drive before the hard drive in the BIOS boot order and then inserting or removing a CD or DVD.
--   Failing to boot from a network drive before booting from the hard drive.
--   Docking or undocking a portable computer. In some instances (depending on the computer manufacturer and the BIOS), the docking condition of the portable computer is part of the system measurement and must be consistent to validate the system status and unlock BitLocker. This means that if a portable computer is connected to its docking station when BitLocker is turned on, then it might also need to be connected to the docking station when it is unlocked. Conversely, if a portable computer is not connected to its docking station when BitLocker is turned on, then it might need to be disconnected from the docking station when it is unlocked.
--   Changes to the NTFS partition table on the disk including creating, deleting, or resizing a primary partition.
--   Entering the personal identification number (PIN) incorrectly too many times so that the anti-hammering logic of the TPM is activated. Anti-hammering logic is software or hardware methods that increase the difficulty and cost of a brute force attack on a PIN by not accepting PIN entries until after a certain amount of time has passed.
--   Turning off the support for reading the USB device in the pre-boot environment from the BIOS or UEFI firmware if you are using USB-based keys instead of a TPM.
--   Turning off, disabling, deactivating, or clearing the TPM.
--   Upgrading critical early startup components, such as a BIOS or UEFI firmware upgrade, causing the related boot measurements to change.
--   Forgetting the PIN when PIN authentication has been enabled.
--   Updating option ROM firmware.
--   Upgrading TPM firmware.
--   Adding or removing hardware; for example, inserting a new card in the computer, including some PCMIA wireless cards.
--   Removing, inserting, or completely depleting the charge on a smart battery on a portable computer.
--   Changes to the master boot record on the disk.
--   Changes to the boot manager on the disk.
--   Hiding the TPM from the operating system. Some BIOS or UEFI settings can be used to prevent the enumeration of the TPM to the operating system. When implemented, this option can make the TPM hidden from the operating system. When the TPM is hidden, BIOS and UEFI secure startup are disabled, and the TPM does not respond to commands from any software.
--   Using a different keyboard that does not correctly enter the PIN or whose keyboard map does not match the keyboard map assumed by the pre-boot environment. This can prevent the entry of enhanced PINs.
--   Modifying the Platform Configuration Registers (PCRs) used by the TPM validation profile. For example, including **PCR\[1\]** would result in BitLocker measuring most changes to BIOS settings, causing BitLocker to enter recovery mode even when non-boot critical BIOS settings change.
+- On PCs that use BitLocker Drive Encryption, or on devices such as tablets or phones that use [BitLocker Device Encryption](bitlocker-device-encryption-overview-windows-10.md) only, when an attack is detected, the device will immediately reboot and enter into BitLocker recovery mode. To take advantage of this functionality Administrators can set the **Interactive logon: Machine account lockout threshold** Group Policy setting located in **\\Computer Configuration\\Windows Settings\\Security Settings\\Local Policies\\Security Options** in the Local Group Policy Editor, or use the **MaxFailedPasswordAttempts** policy of [Exchange ActiveSync](/Exchange/clients/exchange-activesync/exchange-activesync) (also configurable through [Microsoft Intune](https://www.microsoft.com/microsoft-365/enterprise-mobility-security/microsoft-intune)), to limit the number of failed password attempts before the device goes into Device Lockout.
+- On devices with TPM 1.2, changing the BIOS or firmware boot device order causes BitLocker recovery. However, devices with TPM 2.0 do not start BitLocker recovery in this case. TPM 2.0 does not consider a firmware change of boot device order as a security threat because the OS Boot Loader is not compromised.
+- Having the CD or DVD drive before the hard drive in the BIOS boot order and then inserting or removing a CD or DVD.
+- Failing to boot from a network drive before booting from the hard drive.
+- Docking or undocking a portable computer. In some instances (depending on the computer manufacturer and the BIOS), the docking condition of the portable computer is part of the system measurement and must be consistent to validate the system status and unlock BitLocker. This means that if a portable computer is connected to its docking station when BitLocker is turned on, then it might also need to be connected to the docking station when it is unlocked. Conversely, if a portable computer is not connected to its docking station when BitLocker is turned on, then it might need to be disconnected from the docking station when it is unlocked.
+- Changes to the NTFS partition table on the disk including creating, deleting, or resizing a primary partition.
+- Entering the personal identification number (PIN) incorrectly too many times so that the anti-hammering logic of the TPM is activated. Anti-hammering logic is software or hardware methods that increase the difficulty and cost of a brute force attack on a PIN by not accepting PIN entries until after a certain amount of time has passed.
+- Turning off the support for reading the USB device in the pre-boot environment from the BIOS or UEFI firmware if you are using USB-based keys instead of a TPM.
+- Turning off, disabling, deactivating, or clearing the TPM.
+- Upgrading critical early startup components, such as a BIOS or UEFI firmware upgrade, causing the related boot measurements to change.
+- Forgetting the PIN when PIN authentication has been enabled.
+- Updating option ROM firmware.
+- Upgrading TPM firmware.
+- Adding or removing hardware; for example, inserting a new card in the computer, including some PCMIA wireless cards.
+- Removing, inserting, or completely depleting the charge on a smart battery on a portable computer.
+- Changes to the master boot record on the disk.
+- Changes to the boot manager on the disk.
+- Hiding the TPM from the operating system. Some BIOS or UEFI settings can be used to prevent the enumeration of the TPM to the operating system. When implemented, this option can make the TPM hidden from the operating system. When the TPM is hidden, BIOS and UEFI secure startup are disabled, and the TPM does not respond to commands from any software.
+- Using a different keyboard that does not correctly enter the PIN or whose keyboard map does not match the keyboard map assumed by the pre-boot environment. This can prevent the entry of enhanced PINs.
+- Modifying the Platform Configuration Registers (PCRs) used by the TPM validation profile. For example, including **PCR\[1\]** would result in BitLocker measuring most changes to BIOS settings, causing BitLocker to enter recovery mode even when non-boot critical BIOS settings change.
 
     > [!NOTE]
     > Some computers have BIOS settings that skip measurements to certain PCRs, such as **PCR\[2\]**. Changing this setting in the BIOS would cause BitLocker to enter recovery mode because the PCR measurement will be different.
-     
--   Moving the BitLocker-protected drive into a new computer.
--   Upgrading the motherboard to a new one with a new TPM.
--   Losing the USB flash drive containing the startup key when startup key authentication has been enabled.
--   Failing the TPM self-test.
--   Having a BIOS, UEFI firmware, or an option ROM component that is not compliant with the relevant Trusted Computing Group standards for a client computer. For example, a non-compliant implementation may record volatile data (such as time) in the TPM measurements, causing different measurements on each startup and causing BitLocker to start in recovery mode.
--   Changing the usage authorization for the storage root key of the TPM to a non-zero value.
+
+- Moving the BitLocker-protected drive into a new computer.
+- Upgrading the motherboard to a new one with a new TPM.
+- Losing the USB flash drive containing the startup key when startup key authentication has been enabled.
+- Failing the TPM self-test.
+- Having a BIOS, UEFI firmware, or an option ROM component that is not compliant with the relevant Trusted Computing Group standards for a client computer. For example, a non-compliant implementation may record volatile data (such as time) in the TPM measurements, causing different measurements on each startup and causing BitLocker to start in recovery mode.
+- Changing the usage authorization for the storage root key of the TPM to a non-zero value.
 
     > [!NOTE]
     > The BitLocker TPM initialization process sets the usage authorization value to zero, so another user or process must explicitly have changed this value.
-     
--   Disabling the code integrity check or enabling test signing on Windows Boot Manager (Bootmgr).
--   Pressing the F8 or F10 key during the boot process.
--   Adding or removing add-in cards (such as video or network cards), or upgrading firmware on add-in cards.
--   Using a BIOS hot key during the boot process to change the boot order to something other than the hard drive.
+
+- Disabling the code integrity check or enabling test signing on Windows Boot Manager (Bootmgr).
+- Pressing the F8 or F10 key during the boot process.
+- Adding or removing add-in cards (such as video or network cards), or upgrading firmware on add-in cards.
+- Using a BIOS hot key during the boot process to change the boot order to something other than the hard drive.
 
 > [!NOTE]
 > Before you begin recovery, we recommend that you determine what caused recovery. This might help prevent the problem from occurring again in the future. For instance, if you determine that an attacker has modified your computer by obtaining physical access, you can create new security policies for tracking who has physical presence. After the recovery password has been used to recover access to the PC, BitLocker will reseal the encryption key to the current values of the measured components.
@@ -95,26 +97,28 @@ If software maintenance requires the computer be restarted and you are using two
 
 Recovery has been described within the context of unplanned or undesired behavior, but you can also cause recovery as an intended production scenario, in order to manage access control. For example, when you redeploy desktop or laptop computers to other departments or employees in your enterprise, you can force BitLocker into recovery before the computer is given to a new user.
 
+
 ## <a href="" id="bkmk-testingrecovery"></a>Testing recovery
 
 Before you create a thorough BitLocker recovery process, we recommend that you test how the recovery process works for both end users (people who call your helpdesk for the recovery password) and administrators (people who help the end user get the recovery password). The –forcerecovery command of manage-bde is an easy way for you to step through the recovery process before your users encounter a recovery situation.
 
-**To force a recovery for the local computer**
+**To force a recovery for the local computer:**
 
-1.  Click the **Start** button, type **cmd** in the **Start Search** box, right-click **cmd.exe**, and then click **Run as administrator**.
-2.  At the command prompt, type the following command and then press ENTER:
+1. Click the **Start** button, type **cmd** in the **Start Search** box, right-click **cmd.exe**, and then click **Run as administrator**.
+2. At the command prompt, type the following command and then press ENTER:
     `manage-bde -forcerecovery <BitLockerVolume>`
 
 
-**To force recovery for a remote computer**
+**To force recovery for a remote computer:**
 
-1.  On the Start screen, type **cmd.exe**, and then click **Run as administrator**.
-2.  At the command prompt, type the following command and then press ENTER:
+1. On the Start screen, type **cmd.exe**, and then click **Run as administrator**.
+2. At the command prompt, type the following command and then press ENTER:
     `manage-bde -ComputerName <RemoteComputerName> -forcerecovery <BitLockerVolume>`
 
     > [!NOTE]
     > Recovery triggered by `-forcerecovery` persists for multiple restarts until a TPM protector is added or protection is suspended by the user. When using Modern Standby devices (such as Surface devices), the `-forcerecovery` option is not recommended because BitLocker will have to be unlocked and disabled manually from the WinRE environment before the OS can boot up again. For more information, see [BitLocker Troubleshooting: Continuous reboot loop with BitLocker recovery on a slate device](https://social.technet.microsoft.com/wiki/contents/articles/18671.bitlocker-troubleshooting-continuous-reboot-loop-with-bitlocker-recovery-on-a-slate-device.aspx).
 
+
 ## <a href="" id="bkmk-planningrecovery"></a>Planning your recovery process
 
 When planning the BitLocker recovery process, first consult your organization's current best practices for recovering sensitive information. For example: How does your enterprise handle lost Windows passwords? How does your organization perform smart card PIN resets? You can use these best practices and related resources (people and tools) to help formulate a BitLocker recovery model.
@@ -125,26 +129,29 @@ After a BitLocker recovery has been initiated, users can use a recovery password
 
 When you determine your recovery process, you should:
 
--   Become familiar with how you can retrieve the recovery password. See:
+- Become familiar with how you can retrieve the recovery password. See:
 
-    -   [Self-recovery](#bkmk-selfrecovery)
-    -   [Recovery password retrieval](#bkmk-recoveryretrieval)
+    - [Self-recovery](#bkmk-selfrecovery)
+    - [Recovery password retrieval](#bkmk-recoveryretrieval)
 
--   Determine a series of steps for post-recovery, including analyzing why the recovery occurred and resetting the recovery password. See:
+- Determine a series of steps for post-recovery, including analyzing why the recovery occurred and resetting the recovery password. See:
+
+    - [Post-recovery analysis](#bkmk-planningpostrecovery)
 
-    -   [Post-recovery analysis](#bkmk-planningpostrecovery)
 
 ### <a href="" id="bkmk-selfrecovery"></a>Self-recovery
 
 In some cases, users might have the recovery password in a printout or a USB flash drive and can perform self-recovery. We recommend that your organization create a policy for self-recovery. If self-recovery includes using a password or recovery key stored on a USB flash drive, the users should be warned not to store the USB flash drive in the same place as the PC, especially during travel, for example if both the PC and the recovery items are in the same bag it would be very easy for access to be gained to the PC by an unauthorized user. Another policy to consider is having users contact the Helpdesk before or after performing self-recovery so that the root cause can be identified.
 
+
 ### <a href="" id="bkmk-recoveryretrieval"></a>Recovery password retrieval
 
 If the user does not have a recovery password in a printout or on a USB flash drive, the user will need to be able to retrieve the recovery password from an online source. If the PC is a member of a domain the recovery password can be backed up to AD DS. However, this does not happen by default, you must have configured the appropriate Group Policy settings before BitLocker was enabled on the PC. BitLocker Group Policy settings can be found in the Local Group Policy Editor or the Group Policy Management Console (GPMC) under **Computer Configuration\\Administrative Templates\\Windows Components\\BitLocker Drive Encryption**. The following policy settings define the recovery methods that can be used to restore access to a BitLocker-protected drive if an authentication method fails or is unable to be used.
 
--   **Choose how BitLocker-protected operating system drives can be recovered**
--   **Choose how BitLocker-protected fixed drives can be recovered**
--   **Choose how BitLocker-protected removable drives can be recovered**
+- **Choose how BitLocker-protected operating system drives can be recovered**
+- **Choose how BitLocker-protected fixed drives can be recovered**
+- **Choose how BitLocker-protected removable drives can be recovered**
+
 In each of these policies, select **Save BitLocker recovery information to Active Directory Domain Services** and then choose which BitLocker recovery information to store in Active Directory Domain Services (AD DS). Select the **Do not enable BitLocker until recovery information is stored in AD
 DS** check box if you want to prevent users from enabling BitLocker unless the computer is connected to the domain and the backup of BitLocker recovery information for the drive to AD DS succeeds.
 
@@ -155,24 +162,28 @@ The BitLocker Recovery Password Viewer for Active Directory Users and Computers
 
 You can use the following list as a template for creating your own recovery process for recovery password retrieval. This sample process uses the BitLocker Recovery Password Viewer for Active Directory Users and Computers tool.
 
--   [Record the name of the user's computer](#bkmk-recordcomputername)
--   [Verify the user's identity](#bkmk-verifyidentity)
--   [Locate the recovery password in AD DS](#bkmk-locatepassword)
--   [Gather information to determine why recovery occurred](#bkmk-gatherinfo)
--   [Give the user the recovery password](#bkmk-givepassword)
+- [Record the name of the user's computer](#bkmk-recordcomputername)
+- [Verify the user's identity](#bkmk-verifyidentity)
+- [Locate the recovery password in AD DS](#bkmk-locatepassword)
+- [Gather information to determine why recovery occurred](#bkmk-gatherinfo)
+- [Give the user the recovery password](#bkmk-givepassword)
+
 
 ### <a href="" id="bkmk-recordcomputername"></a>Record the name of the user's computer
 
 You can use the name of the user's computer to locate the recovery password in AD DS. If the user does not know the name of the computer, ask the user to read the first word of the **Drive Label** in the **BitLocker Drive Encryption Password Entry** user interface. This is the computer name when BitLocker was enabled and is probably the current name of the computer.
 
+
 ### <a href="" id="bkmk-verifyidentity"></a>Verify the user's identity
 
 You should verify that the person that is asking for the recovery password is truly the authorized user of that computer. You may also wish to verify that the computer with the name the user provided belongs to the user.
 
+
 ### <a href="" id="bkmk-locatepassword"></a>Locate the recovery password in AD DS
 
 Locate the Computer object with the matching name in AD DS. Because Computer object names are listed in the AD DS global catalog, you should be able to locate the object even if you have a multi-domain forest.
 
+
 ### Multiple recovery passwords
 
 If multiple recovery passwords are stored under a computer object in AD DS, the name of the BitLocker recovery information object includes the date that the password was created.
@@ -181,10 +192,12 @@ If at any time you are unsure what password to provide, or if you think you migh
 
 Since the password ID is a unique value that is associated with each recovery password stored in AD DS, running a query using this ID will find the correct password to unlock the encrypted volume.
 
+
 ### <a href="" id="bkmk-gatherinfo"></a>Gather information to determine why recovery occurred
 
 Before you give the user the recovery password, you should gather any information that will help determine why the recovery was needed, in order to analyze the root cause during the post-recovery analysis. For more info about post-recovery analysis, see [Post-recovery analysis](#bkmk-planningpostrecovery).
 
+
 ### <a href="" id="bkmk-givepassword"></a>Give the user the recovery password
 
 Because the recovery password is 48 digits long the user may need to record the password by writing it down or typing it on a different computer. If you are using MBAM, the recovery password will be regenerated after it is recovered from the MBAM database to avoid the security risks associated with an uncontrolled password.
@@ -192,15 +205,17 @@ Because the recovery password is 48 digits long the user may need to record the
 > [!NOTE]
 > Because the 48-digit recovery password is long and contains a combination of digits, the user might mishear or mistype the password. The boot-time recovery console uses built-in checksum numbers to detect input errors in each 6-digit block of the 48-digit recovery password, and offers the user the opportunity to correct such errors.
 
+
 ### <a href="" id="bkmk-planningpostrecovery"></a>Post-recovery analysis
 
 When a volume is unlocked using a recovery password, an event is written to the event log and the platform validation measurements are reset in the TPM to match the current configuration. Unlocking the volume means that the encryption key has been released and is ready for on-the-fly encryption
 when data is written to the volume, and on-the-fly decryption when data is read from the volume. After the volume is unlocked, BitLocker behaves the same way, regardless of how the access was granted.
 
-If you notice that a computer is having repeated recovery password unlocks, you might want to have an administrator can perform post-recovery analysis to determine the root cause of the recovery and refresh BitLocker platform validation so that the user no longer needs to enter a recovery password each time that the computer starts up. See:
+If you notice that a computer is having repeated recovery password unlocks, you might want to have an administrator perform post-recovery analysis to determine the root cause of the recovery and refresh BitLocker platform validation so that the user no longer needs to enter a recovery password each time that the computer starts up. See:
+
+- [Determine the root cause of the recovery](#bkmk-determinecause)
+- [Refresh BitLocker protection](#bkmk-refreshprotection)
 
--   [Determine the root cause of the recovery](#bkmk-determinecause)
--   [Refresh BitLocker protection](#bkmk-refreshprotection)
 
 ### <a href="" id="bkmk-determinecause"></a>Determine the root cause of the recovery
 
@@ -210,15 +225,16 @@ While an administrator can remotely investigate the cause of recovery in some ca
 
 Review and answer the following questions for your organization:
 
-1.  What BitLocker protection mode is in effect (TPM, TPM + PIN, TPM + startup key, startup key only)? Which PCR profile is in use on the PC?
-2.  Did the user merely forget the PIN or lose the startup key? If a token was lost, where might the token be?
-3.  If TPM mode was in effect, was recovery caused by a boot file change?
-4.  If recovery was caused by a boot file change, is this due to an intended user action (for example, BIOS upgrade), or to malicious software?
-5.  When was the user last able to start the computer successfully, and what might have happened to the computer since then?
-6.  Might the user have encountered malicious software or left the computer unattended since the last successful startup?
+1. What BitLocker protection mode is in effect (TPM, TPM + PIN, TPM + startup key, startup key only)? Which PCR profile is in use on the PC?
+2. Did the user merely forget the PIN or lose the startup key? If a token was lost, where might the token be?
+3. If TPM mode was in effect, was recovery caused by a boot file change?
+4. If recovery was caused by a boot file change, is this due to an intended user action (for example, BIOS upgrade), or to malicious software?
+5. When was the user last able to start the computer successfully, and what might have happened to the computer since then?
+6. Might the user have encountered malicious software or left the computer unattended since the last successful startup?
 
 To help you answer these questions, use the BitLocker command-line tool to view the current configuration and protection mode (for example, **manage-bde -status**). Scan the event log to find events that help indicate why recovery was initiated (for example, if boot file change occurred). Both of these capabilities can be performed remotely.
 
+
 ### <a href="" id="bkmk-refreshprotection"></a>Resolve the root cause
 
 After you have identified what caused recovery, you can reset BitLocker protection and avoid recovery on every startup.
@@ -231,18 +247,21 @@ The details of this reset can vary according to the root cause of the recovery.
 - [Unknown PIN](#bkmk-unknownpin)
 - [Lost startup key](#bkmk-loststartup)
 - [Changes to boot files](#bkmk-changebootknown)
-  ### <a href="" id="bkmk-unknownpin"></a>Unknown PIN
+
+
+### <a href="" id="bkmk-unknownpin"></a>Unknown PIN
 
 If a user has forgotten the PIN, you must reset the PIN while you are logged on to the computer in order to prevent BitLocker from initiating recovery each time the computer is restarted.
 
 **To prevent continued recovery due to an unknown PIN**
 
-1.  Unlock the computer using the recovery password.
-2.  Reset the PIN:
-    1.  Right-click the drive and then click **Change PIN**
-    2.  In the BitLocker Drive Encryption dialog, click **Reset a forgotten PIN**. If you are not logged in with an administrator account you must provide administrative credentials at this time.
-    3.  In the PIN reset dialog, provide and confirm the new PIN to use and then click **Finish**.
-3.  You will use the new PIN the next time you unlock the drive.
+1. Unlock the computer using the recovery password.
+2. Reset the PIN:
+    1. Right-click the drive and then click **Change PIN**.
+    2. In the BitLocker Drive Encryption dialog, click **Reset a forgotten PIN**. If you are not logged in with an administrator account you must provide administrative credentials at this time.
+    3. In the PIN reset dialog, provide and confirm the new PIN to use and then click **Finish**.
+3. You will use the new PIN the next time you unlock the drive.
+
 
 ### <a href="" id="bkmk-loststartup"></a>Lost startup key
 
@@ -250,22 +269,26 @@ If you have lost the USB flash drive that contains the startup key, then you mus
 
 **To prevent continued recovery due to a lost startup key**
 
-1.  Log on as an administrator to the computer that has the lost startup key.
-2.  Open Manage BitLocker.
-3.  Click **Duplicate start up key**, insert the clean USB drive on which you are going to write the key and then click **Save**.
+1. Log on as an administrator to the computer that has the lost startup key.
+2. Open Manage BitLocker.
+3. Click **Duplicate start up key**, insert the clean USB drive on which you are going to write the key and then click **Save**.
+
 
 ### <a href="" id="bkmk-changebootknown"></a>Changes to boot files
 
-This error might occur if you updated the firmware. As a best practice you should suspend BitLocker before making changes the firmware and then resume protection after the update has completed. This prevents the computer from going into recovery mode. However if changes were made when BitLocker protection was on you can simply log on to the computer using the recovery password and the platform validation profile will be updated so that recovery will not occur the next time.
+This error might occur if you updated the firmware. As a best practice you should suspend BitLocker before making changes to the firmware and then resume protection after the update has completed. This prevents the computer from going into recovery mode. However if changes were made when BitLocker protection was on you can simply log on to the computer using the recovery password and the platform validation profile will be updated so that recovery will not occur the next time.
+
 
 ## Windows RE and BitLocker Device Encryption
 
 Windows Recovery Environment (RE) can be used to recover access to a drive protected by [BitLocker Device Encryption](bitlocker-device-encryption-overview-windows-10.md). If a PC is unable to boot after two failures, Startup Repair will automatically start. When Startup Repair is launched automatically due to boot failures, it will only execute operating system and driver file repairs, provided that the boot logs or any available crash dump point to a specific corrupted file. In Windows 8.1 and later, devices that include firmware to support specific TPM measurements for PCR\[7\] the TPM can validate that Windows RE is a trusted operating environment and will unlock any BitLocker-protected drives if Windows RE has not been modified. If the Windows RE environment has been modified, for example the TPM has been disabled, the drives will stay locked until the BitLocker recovery key is provided. If Startup Repair is not able to be run automatically from the PC and instead Windows RE is manually started from a repair disk, the BitLocker recovery key must be provided to unlock the BitLocker–protected drives.
 
+
 ## BitLocker recovery screen
 
 During BitLocker recovery, Windows can display a custom recovery message and hints that identify where a key can be retrieved from. These improvements can help a user during BitLocker recovery.
 
+
 ### Custom recovery message
 
 BitLocker Group Policy settings in Windows 10, version 1511, let you configure a custom recovery message and URL on the BitLocker recovery screen, which can include the address of the BitLocker self-service recovery portal, the IT internal website, or a phone number for support.
@@ -281,9 +304,10 @@ Example of customized recovery screen:
 
 ![Customized BitLocker Recovery Screen](./images/bl-password-hint1.png)
 
+
 ### BitLocker recovery key hints
 
-BitLocker metadata has been enhanced in Windows 10, version 1903 to include information about when and where the BitLocker recovery key was backed up. This information is not exposed through the UI or any public API. It is used solely by the BitLocker recovery screen in the form of hints to help a user locate a volume's recovery key. Hints are displayed on the recovery screen and refer to the location where key has been saved. Hints are displayed in both the modern (blue) and legacy (black) recovery screen. This applies to both the bootmanager recovery screen and the WinRE unlock screen.
+BitLocker metadata has been enhanced in Windows 10, version 1903 to include information about when and where the BitLocker recovery key was backed up. This information is not exposed through the UI or any public API. It is used solely by the BitLocker recovery screen in the form of hints to help a user locate a volume's recovery key. Hints are displayed on the recovery screen and refer to the location where the key has been saved. Hints are displayed in both the modern (blue) and legacy (black) recovery screen. This applies to both the boot manager recovery screen and the WinRE unlock screen.
 
 ![Customized BitLocker recovery screen](./images/bl-password-hint2.png)
 
@@ -302,6 +326,7 @@ There are rules governing which hint is shown during the recovery (in order of p
 8. There is no specific hint for keys saved to an on-premises Active Directory. In this case, a custom message (if configured) or a generic message, "Contact your organization's help desk," will be displayed.
 9. If two recovery keys are present on the disk, but only one has been successfully backed up, the system will ask for a key that has been backed up, even if another key is newer.
 
+
 #### Example 1 (single recovery key with single backup)
 
 |     Custom URL       |     Yes    |
@@ -316,6 +341,7 @@ There are rules governing which hint is shown during the recovery (in order of p
 
 ![Example 1 of Customized BitLocker recovery screen](./images/rp-example1.PNG)
 
+
 #### Example 2 (single recovery key with single backup)
 
 |     Custom URL       |     Yes    |
@@ -330,6 +356,7 @@ There are rules governing which hint is shown during the recovery (in order of p
 
 ![Example 2 of customized BitLocker recovery screen](./images/rp-example2.PNG)
 
+
 #### Example 3 (single recovery key with multiple backups)
 
 |     Custom URL       |     No     |
@@ -344,6 +371,7 @@ There are rules governing which hint is shown during the recovery (in order of p
 
 ![Example 3 of customized BitLocker recovery screen](./images/rp-example3.PNG)
 
+
 #### Example 4  (multiple recovery passwords)
 
 |     Custom URL       |     No          |
@@ -373,6 +401,7 @@ There are rules governing which hint is shown during the recovery (in order of p
 
 ![Example 4 of customized BitLocker recovery screen](./images/rp-example4.PNG)
 
+
 #### Example 5  (multiple recovery passwords)
 
 |     Custom URL       |     No          |
@@ -402,10 +431,12 @@ There are rules governing which hint is shown during the recovery (in order of p
 
 ![Example 5 of customized BitLocker recovery screen](./images/rp-example5.PNG)
 
+
 ## <a href="" id="bkmk-usingaddrecovery"></a>Using additional recovery information
 
 Besides the 48-digit BitLocker recovery password, other types of recovery information are stored in Active Directory. This section describes how this additional information can be used.
 
+
 ### BitLocker key package
 
 If the recovery methods discussed earlier in this document do not unlock the volume, you can use the BitLocker Repair tool to decrypt the volume at the block level. The tool uses the BitLocker key package to help recover encrypted data from severely damaged drives. You can then use this recovered data to salvage encrypted data, even after the correct recovery password has failed to unlock the damaged volume. We recommend that you still save the recovery password. A key package cannot be used without the corresponding recovery password.
@@ -415,36 +446,37 @@ If the recovery methods discussed earlier in this document do not unlock the vol
 
 The BitLocker key package is not saved by default. To save the package along with the recovery password in AD DS you must select the **Backup recovery password and key package** option in the Group Policy settings that control the recovery method. You can also export the key package from a working volume. For more details on how to export key packages, see [Retrieving the BitLocker Key Package](#bkmk-appendixc).
 
+
 ## <a href="" id="bkmk-appendixb"></a>Resetting recovery passwords
 
 You should invalidate a recovery password after it has been provided and used. It should also be done when you intentionally want to invalidate an existing recovery password for any reason.
 
 You can reset the recovery password in two ways:
 
--   **Use manage-bde** You can use manage-bde to remove the old recovery password and add a new recovery password. The procedure identifies the command and the syntax for this method.
--   **Run a script** You can run a script to reset the password without decrypting the volume. The sample script in the procedure illustrates this functionality. The sample script creates a new recovery password and invalidates all other passwords.
+- **Use manage-bde** You can use manage-bde to remove the old recovery password and add a new recovery password. The procedure identifies the command and the syntax for this method.
+- **Run a script** You can run a script to reset the password without decrypting the volume. The sample script in the procedure illustrates this functionality. The sample script creates a new recovery password and invalidates all other passwords.
 
-**To reset a recovery password using manage-bde**
+**To reset a recovery password using manage-bde:**
 
-1.  Remove the previous recovery password
+1. Remove the previous recovery password
 
     ```powershell
     Manage-bde –protectors –delete C: –type RecoveryPassword
     ```
 
-2.  Add the new recovery password
+2. Add the new recovery password
 
     ```powershell
     Manage-bde –protectors –add C: -RecoveryPassword
     ```
 
-3.  Get the ID of the new recovery password. From the screen copy the ID of the recovery password.
+3. Get the ID of the new recovery password. From the screen copy the ID of the recovery password.
 
     ```powershell
     Manage-bde –protectors –get C: -Type RecoveryPassword
     ```
 
-4.  Backup the new recovery password to AD DS
+4. Backup the new recovery password to AD DS
 
     ```powershell
     Manage-bde –protectors –adbackup C: -id {EXAMPLE6-5507-4924-AA9E-AFB2EB003692}
@@ -453,10 +485,10 @@ You can reset the recovery password in two ways:
     > [!WARNING]
     > You must include the braces in the ID string.
      
-**To run the sample recovery password script**
+**To run the sample recovery password script:**
 
-1.  Save the following sample script in a VBScript file. For example: ResetPassword.vbs.
-2.  At the command prompt, type a command similar to the following:
+1. Save the following sample script in a VBScript file. For example: ResetPassword.vbs.
+2. At the command prompt, type a command similar to the following:
 
     **cscript ResetPassword.vbs**
 
@@ -466,7 +498,7 @@ You can reset the recovery password in two ways:
 > [!NOTE]
 > To manage a remote computer, you can specify the remote computer name rather than the local computer name.
 
-You can use the following sample script to create a VBScript file to reset the recovery passwords.
+You can use the following sample script to create a VBScript file to reset the recovery passwords:
 
 ```vb
 ' Target drive letter
@@ -539,23 +571,24 @@ WScript.Echo "A new recovery password has been added. Old passwords have been re
 'WScript.Echo "Type ""manage-bde -protectors -get " & strDriveLetter & " -type recoverypassword"" to view existing passwords."
 ```
 
+
 ## <a href="" id="bkmk-appendixc"></a>Retrieving the BitLocker key package
 
 You can use two methods to retrieve the key package, as described in [Using Additional Recovery Information](#bkmk-usingaddrecovery):
 
--   **Export a previously-saved key package from AD DS.** You must have Read access to BitLocker recovery passwords that are stored in AD DS.
--   **Export a new key package from an unlocked, BitLocker-protected volume.** You must have local administrator access to the working volume, before any damage has occurred.
+- **Export a previously-saved key package from AD DS.** You must have Read access to BitLocker recovery passwords that are stored in AD DS.
+- **Export a new key package from an unlocked, BitLocker-protected volume.** You must have local administrator access to the working volume, before any damage has occurred.
 
 The following sample script exports all previously-saved key packages from AD DS.
 
-**To run the sample key package retrieval script**
+**To run the sample key package retrieval script:**
 
 1.  Save the following sample script in a VBScript file. For example: GetBitLockerKeyPackageADDS.vbs.
 2.  At the command prompt, type a command similar to the following:
 
     **cscript GetBitLockerKeyPackageADDS.vbs -?**
 
-You can use the following sample script to create a VBScript file to retrieve the BitLocker key package from AD DS.
+You can use the following sample script to create a VBScript file to retrieve the BitLocker key package from AD DS:
 
 ```vb
 ' --------------------------------------------------------------------------------
@@ -697,7 +730,7 @@ WScript.Quit
 
 The following sample script exports a new key package from an unlocked, encrypted volume.
 
-**To run the sample key package retrieval script**
+**To run the sample key package retrieval script:**
 
 1. Save the following sample script in a VBScript file. For example: GetBitLockerKeyPackage.vbs
 2. Open an administrator command prompt, type a command similar to the following:
@@ -882,6 +915,7 @@ Function BinaryToString(Binary)
 End Function
 ```
 
+
 ## See also
 
--   [BitLocker overview](bitlocker-overview.md)
+- [BitLocker overview](bitlocker-overview.md)
diff --git a/windows/security/information-protection/kernel-dma-protection-for-thunderbolt.md b/windows/security/information-protection/kernel-dma-protection-for-thunderbolt.md
index 2d8554f52b..836d7916f5 100644
--- a/windows/security/information-protection/kernel-dma-protection-for-thunderbolt.md
+++ b/windows/security/information-protection/kernel-dma-protection-for-thunderbolt.md
@@ -82,20 +82,24 @@ Beginning with Windows 10 version 1809, you can use Security Center to check if
 ### Using System information
 
 1. Launch MSINFO32.exe in a command prompt, or in the Windows search bar.
+
 2. Check the value of **Kernel DMA Protection**.
+
    ![Kernel DMA protection in System Information](bitlocker/images/kernel-dma-protection.png)
+   
 3. If the current state of **Kernel DMA Protection** is OFF and **Hyper-V - Virtualization Enabled in Firmware** is NO:
+
    - Reboot into BIOS settings
    - Turn on Intel Virtualization Technology.
    - Turn on Intel Virtualization Technology for I/O (VT-d). In Windows 10 version 1803, only Intel VT-d is supported. Other platforms can use DMA attack mitigations described in [BitLocker countermeasures](bitlocker/bitlocker-countermeasures.md).
    - Reboot system into Windows 10.
 
->[!NOTE]
-> **Hyper-V - Virtualization Enabled in Firmware** is NOT shown when **A hypervisor has been detected. Features required for Hyper-V will not be displayed.** is shown because this means that **Hyper-V - Virtualization Enabled in Firmware** is YES.
+   >[!NOTE]
+   > **Hyper-V - Virtualization Enabled in Firmware** is NOT shown when **A hypervisor has been detected. Features required for Hyper-V will not be displayed.** is shown because this means that **Hyper-V - Virtualization Enabled in Firmware** is YES and the **Hyper-V** Windows feature is enabled. Enabling both is needed to enable **Kernel DMA Protection** even when the firmware has the flag of "ACPI Kernel DMA Protection Indicators" described in [Kernel DMA Protection (Memory Access Protection) for OEMs](https://docs.microsoft.com/windows-hardware/design/device-experiences/oem-kernel-dma-protection).
 
 4. If the state of **Kernel DMA Protection** remains Off, then the system does not support this feature. 
 
-For systems that do not support Kernel DMA Protection, please refer to the [BitLocker countermeasures](bitlocker/bitlocker-countermeasures.md) or [Thunderbolt™ 3 and Security on Microsoft Windows® 10 Operating system](https://thunderbolttechnology.net/security/Thunderbolt%203%20and%20Security.pdf) for other means of DMA protection.
+   For systems that do not support Kernel DMA Protection, please refer to the [BitLocker countermeasures](bitlocker/bitlocker-countermeasures.md) or [Thunderbolt™ 3 and Security on Microsoft Windows® 10 Operating system](https://thunderbolttechnology.net/security/Thunderbolt%203%20and%20Security.pdf) for other means of DMA protection.
 
 ## Frequently asked questions
 
diff --git a/windows/security/information-protection/windows-information-protection/create-wip-policy-using-intune-azure.md b/windows/security/information-protection/windows-information-protection/create-wip-policy-using-intune-azure.md
index d27fae3822..7f89a245b5 100644
--- a/windows/security/information-protection/windows-information-protection/create-wip-policy-using-intune-azure.md
+++ b/windows/security/information-protection/windows-information-protection/create-wip-policy-using-intune-azure.md
@@ -593,7 +593,7 @@ After you've decided where your protected apps can access enterprise data on you
         
 **Use Azure RMS for WIP.** Determines whether WIP uses [Microsoft Azure Rights Management](https://products.office.com/business/microsoft-azure-rights-management) to apply EFS encryption to files that are copied from Windows 10 to USB or other removable drives so they can be securely shared amongst employees. In other words, WIP uses Azure Rights Management "machinery" to apply EFS encryption to files when they are copied to removable drives. You must already have Azure Rights Management set up. The EFS file encryption key is protected by the RMS template’s license. Only users with permission to that template will be able to read it from the removable drive. WIP can also integrate with Azure RMS by using the **AllowAzureRMSForEDP** and the **RMSTemplateIDForEDP** MDM settings in the [EnterpriseDataProtection CSP](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/enterprisedataprotection-csp). 
     
-- **On.** Protects files that are copied to a removable drive. You can enter a TemplateID GUID to specify who can access the Azure Rights Management protected files, and for how long. The RMS template is only applied to the files on removable media, and is only used for access control—it doesn’t actually apply Azure Information Protection to the files. Curly braces {} are required around the RMS Template ID, but they are removed after you save the policy. 
+- **On.** Protects files that are copied to a removable drive. You can enter a TemplateID GUID to specify who can access the Azure Rights Management protected files, and for how long. The RMS template is only applied to the files on removable media, and is only used for access control—it doesn’t actually apply Azure Information Protection to the files. 
         
   If you don’t specify an [RMS template](https://docs.microsoft.com/information-protection/deploy-use/configure-custom-templates), it’s a regular EFS file using a default RMS template that all users can access.
         
@@ -622,7 +622,7 @@ You can restrict which files are protected by WIP when they are downloaded from
 
 - [What is Azure Rights Management?](https://docs.microsoft.com/information-protection/understand-explore/what-is-azure-rms)
 
-- [Create and deploy Windows Information Protection (WIP) app protection policy with Intune and MAM](https://docs.microsoft.com/intune/deploy-use/create-windows-information-protection-policy-with-intune)
+- [Create a Windows Information Protection (WIP) protection policy using Microsoft Intune](https://docs.microsoft.com/windows/security/information-protection/windows-information-protection/overview-create-wip-policy)
 
 - [Intune MAM Without Enrollment](https://blogs.technet.microsoft.com/configmgrdogs/2016/02/04/intune-mam-without-enrollment/)
 
diff --git a/windows/security/information-protection/windows-information-protection/enlightened-microsoft-apps-and-wip.md b/windows/security/information-protection/windows-information-protection/enlightened-microsoft-apps-and-wip.md
index a099742145..ebe3c59220 100644
--- a/windows/security/information-protection/windows-information-protection/enlightened-microsoft-apps-and-wip.md
+++ b/windows/security/information-protection/windows-information-protection/enlightened-microsoft-apps-and-wip.md
@@ -73,6 +73,8 @@ Microsoft has made a concerted effort to enlighten several of our more popular a
 
 - Microsoft Remote Desktop 
 
+- Microsoft To Do
+
 > [!NOTE]
 > Microsoft Visio, Microsoft Office Access, Microsoft Project, and Microsoft Publisher are not enlightened apps and need to be exempted from WIP policy. If they are allowed, there is a risk of data loss. For example, if a device is workplace-joined and managed and the user leaves the company, metadata files that the apps rely on remain encrypted and the apps stop functioning.
 
@@ -113,6 +115,7 @@ You can add any or all of the enlightened Microsoft apps to your allowed apps li
 |                   Microsoft Paint                    |                                                                                                                                                          **Publisher:** `O=Microsoft Corporation, L=Redmond, S=Washington, C=US`<br>**Binary Name:** mspaint.exe<br>**App Type:** Desktop app                                                                                                                                                          |
 |               Microsoft Remote Desktop               |                                                                                                                                                           **Publisher:** `O=Microsoft Corporation, L=Redmond, S=Washington, C=US`<br>**Binary Name:** mstsc.exe<br>**App Type:** Desktop app                                                                                                                                                           |
 |              Microsoft MAPI Repair Tool              |                                                                                                                                                          **Publisher:** `O=Microsoft Corporation, L=Redmond, S=Washington, C=US`<br>**Binary Name:** fixmapi.exe<br>**App Type:** Desktop app                                                                                                                                                          |
+|              Microsoft To Do                         |                                                                                                                                                          **Publisher:** `O=Microsoft Corporation, L=Redmond, S=Washington, C=US`<br>**Product Name:** Microsoft.Todos<br>**App Type:** Store app                                                                                                                                                          |
 
 >[!NOTE]
 >Help to make this topic better by providing us with edits, additions, and feedback. For info about how to contribute to this topic, see [Editing Windows IT professional documentation](https://github.com/Microsoft/windows-itpro-docs/blob/master/CONTRIBUTING.md).
diff --git a/windows/security/threat-protection/TOC.md b/windows/security/threat-protection/TOC.md
index 47a8e22219..a3aaa42ef8 100644
--- a/windows/security/threat-protection/TOC.md
+++ b/windows/security/threat-protection/TOC.md
@@ -19,11 +19,10 @@
 ### [Deployment phases](microsoft-defender-atp/deployment-phases.md)
 ### [Phase 1: Prepare](microsoft-defender-atp/prepare-deployment.md)
 ### [Phase 2: Set up](microsoft-defender-atp/production-deployment.md)
-### [Phase 3: Onboard]()
-#### [Onboarding overview](microsoft-defender-atp/onboarding.md)
-##### [Onboarding using Microsoft Endpoint Configuration Manager](microsoft-defender-atp/onboarding-endpoint-configuration-manager.md)
-##### [Onboarding using Microsoft Endpoint Manager](microsoft-defender-atp/onboarding-endpoint-manager.md)
-
+### [Phase 3: Onboard](microsoft-defender-atp/onboarding.md)
+#### [Onboarding using Microsoft Endpoint Configuration Manager](microsoft-defender-atp/onboarding-endpoint-configuration-manager.md)
+#### [Onboarding using Microsoft Endpoint Manager](microsoft-defender-atp/onboarding-endpoint-manager.md)
+#### [Onboard supported devices](microsoft-defender-atp/onboard-configure.md)
 
 ## [Migration guides](microsoft-defender-atp/migration-guides.md)
 ### [Switch from McAfee to Microsoft Defender for Endpoint]()
@@ -49,18 +48,27 @@
 #### [PowerShell, WMI, and MPCmdRun.exe](microsoft-defender-atp/manage-atp-post-migration-other-tools.md)
 
 ## [Security administration]()
-### [Threat & Vulnerability Management]()
-#### [Overview of Threat & Vulnerability Management](microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md)
-#### [Supported operating systems and platforms](microsoft-defender-atp/tvm-supported-os.md)
-#### [Dashboard insights](microsoft-defender-atp/tvm-dashboard-insights.md)
-#### [Exposure score](microsoft-defender-atp/tvm-exposure-score.md)
-#### [Microsoft Secure Score for Devices](microsoft-defender-atp/tvm-microsoft-secure-score-devices.md)
-#### [Security recommendations](microsoft-defender-atp/tvm-security-recommendation.md)
-#### [Remediation and exception](microsoft-defender-atp/tvm-remediation.md)
-#### [Software inventory](microsoft-defender-atp/tvm-software-inventory.md)
-#### [Weaknesses](microsoft-defender-atp/tvm-weaknesses.md)
-#### [Event timeline](microsoft-defender-atp/threat-and-vuln-mgt-event-timeline.md)
-#### [Scenarios](microsoft-defender-atp/threat-and-vuln-mgt-scenarios.md)
+### [Threat & vulnerability management]()
+#### [Overview](microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md)
+#### [Get started]()
+##### [Permissions & prerequisites](microsoft-defender-atp/tvm-prerequisites.md)
+##### [Supported operating systems and platforms](microsoft-defender-atp/tvm-supported-os.md)
+##### [Assign device value](microsoft-defender-atp/tvm-assign-device-value.md)
+#### [Assess your security posture]()
+##### [Dashboard insights](microsoft-defender-atp/tvm-dashboard-insights.md)
+##### [Exposure score](microsoft-defender-atp/tvm-exposure-score.md)
+##### [Microsoft Secure Score for Devices](microsoft-defender-atp/tvm-microsoft-secure-score-devices.md)
+#### [Improve your security posture & reduce risk]()
+##### [Address security recommendations](microsoft-defender-atp/tvm-security-recommendation.md)
+##### [Remediate vulnerabilities](microsoft-defender-atp/tvm-remediation.md)
+##### [Exceptions for security recommendations](microsoft-defender-atp/tvm-exception.md)
+##### [Plan for end-of-support software](microsoft-defender-atp/tvm-end-of-support-software.md)
+#### [Understand vulnerabilities on your devices]()
+##### [Software inventory](microsoft-defender-atp/tvm-software-inventory.md)
+##### [Vulnerabilities in my organization](microsoft-defender-atp/tvm-weaknesses.md)
+##### [Event timeline](microsoft-defender-atp/threat-and-vuln-mgt-event-timeline.md)
+##### [Hunt for exposed devices](microsoft-defender-atp/tvm-hunt-exposed-devices.md)
+
 
 ### [Attack surface reduction]()
 #### [Overview of attack surface reduction](microsoft-defender-atp/overview-attack-surface-reduction.md)
@@ -388,6 +396,7 @@
 
 ### [Automated investigation and response (AIR)]()
 #### [Overview of AIR](microsoft-defender-atp/automated-investigations.md)
+#### [Automation levels in AIR](microsoft-defender-atp/automation-levels.md)
 #### [Configure AIR capabilities](microsoft-defender-atp/configure-automated-investigations-remediation.md)
 
 ### [Advanced hunting]()
@@ -449,7 +458,7 @@
 ##### [Onboard non-persistent virtual desktop infrastructure (VDI) devices](microsoft-defender-atp/configure-endpoints-vdi.md)
 ##### [Onboard Windows 10 multi-session devices in Windows Virtual Desktop](microsoft-defender-atp/Onboard-Windows-10-multi-session-device.md)
  
-#### [Onboard servers](microsoft-defender-atp/configure-server-endpoints.md)
+#### [Onboard Windows servers](microsoft-defender-atp/configure-server-endpoints.md)
 #### [Onboard non-Windows devices](microsoft-defender-atp/configure-endpoints-non-windows.md)
 #### [Onboard devices without Internet access](microsoft-defender-atp/onboard-offline-machines.md)
 #### [Run a detection test on a newly onboarded device](microsoft-defender-atp/run-detection-test.md)
@@ -710,7 +719,7 @@
 ##### [Attack surface reduction rules](microsoft-defender-atp/troubleshoot-asr.md)
   
 #### [Troubleshoot next-generation protection](microsoft-defender-antivirus/troubleshoot-microsoft-defender-antivirus.md)
-
+#### [Troubleshoot migration issues](microsoft-defender-antivirus/troubleshoot-microsoft-defender-antivirus-when-migrating.md)
 
 
 
diff --git a/windows/security/threat-protection/auditing/advanced-security-audit-policy-settings.md b/windows/security/threat-protection/auditing/advanced-security-audit-policy-settings.md
index 1ce7884399..2893cf7ece 100644
--- a/windows/security/threat-protection/auditing/advanced-security-audit-policy-settings.md
+++ b/windows/security/threat-protection/auditing/advanced-security-audit-policy-settings.md
@@ -42,7 +42,7 @@ Configuring policy settings in this category can help you document attempts to a
 -   [Audit Credential Validation](audit-credential-validation.md)
 -   [Audit Kerberos Authentication Service](audit-kerberos-authentication-service.md)
 -   [Audit Kerberos Service Ticket Operations](audit-kerberos-service-ticket-operations.md)
--   [Audit Other Logon/Logoff Events](audit-other-logonlogoff-events.md)
+-   [Audit Other Account Logon Events](audit-other-account-logon-events.md)
 
 ## Account Management
 
@@ -150,8 +150,8 @@ Auditors will be able to prove that every resource in the system is protected by
 
 Resource SACLs are also useful for diagnostic scenarios. For example, setting the Global Object Access Auditing policy to log all the activity for a specific user and enabling the policy to track "Access denied" events for the file system or registry can help administrators quickly identify which object in a system is denying a user access.
 
-> **Note:**  If a file or folder SACL and a Global Object Access Auditing policy setting (or a single registry setting SACL and a Global Object Access Auditing policy setting) are configured on a computer, the effective SACL is derived from combining the file or folder SACL and the Global Object 
-Access Auditing policy. This means that an audit event is generated if an activity matches the file or folder SACL or the Global Object Access Auditing policy.
+> [!NOTE]
+> If a file or folder SACL and a Global Object Access Auditing policy setting (or a single registry setting SACL and a Global Object Access Auditing policy setting) are configured on a computer, the effective SACL is derived from combining the file or folder SACL and the Global Object Access Auditing policy. This means that an audit event is generated if an activity matches the file or folder SACL or the Global Object Access Auditing policy.
  
 This category includes the following subcategories:
 -   [File System (Global Object Access Auditing)](file-system-global-object-access-auditing.md)
diff --git a/windows/security/threat-protection/auditing/basic-audit-logon-events.md b/windows/security/threat-protection/auditing/basic-audit-logon-events.md
index 5c7672c13a..66c1906086 100644
--- a/windows/security/threat-protection/auditing/basic-audit-logon-events.md
+++ b/windows/security/threat-protection/auditing/basic-audit-logon-events.md
@@ -38,33 +38,12 @@ You can configure this security setting by opening the appropriate policy under
 
 | Logon events | Description |
 | - | - |
-| 528          | A user successfully logged on to a computer. For information about the type of logon, see the Logon Types table below.                                                                                          |
-| 529          | Logon failure. A logon attempt was made with an unknown user name or a known user name with a bad password.                                                                                                     |
-| 530          | Logon failure. A logon attempt was made user account tried to log on outside of the allowed time.                                                                                                               |
-| 531          | Logon failure. A logon attempt was made using a disabled account.                                                                                                                                               |
-| 532          | Logon failure. A logon attempt was made using an expired account.                                                                                                                                               |
-| 533          | Logon failure. A logon attempt was made by a user who is not allowed to log on at this computer.                                                                                                                |
-| 534          | Logon failure. The user attempted to log on with a type that is not allowed.                                                                                                                                    |
-| 535          | Logon failure. The password for the specified account has expired.                                                                                                                                              |
-| 536          | Logon failure. The Net Logon service is not active.                                                                                                                                                             |
-| 537          | Logon failure. The logon attempt failed for other reasons.                                                                                                                                                      |
-| 538          | The logoff process was completed for a user.                                                                                                                                                                    |
-| 539          | Logon failure. The account was locked out at the time the logon attempt was made.                                                                                                                               |
-| 540          | A user successfully logged on to a network.                                                                                                                                                                     |
-| 541          | Main mode Internet Key Exchange (IKE) authentication was completed between the local computer and the listed peer identity (establishing a security association), or quick mode has established a data channel. |
-| 542          | A data channel was terminated.                                                                                                                                                                                  |
-| 543          | Main mode was terminated.                                                                                                                                                                                       |
-| 544          | Main mode authentication failed because the peer did not provide a valid certificate or the signature was not validated.                                                                                        |
-| 545          | Main mode authentication failed because of a Kerberos failure or a password that is not valid.                                                                                                                  |
-| 546          | IKE security association establishment failed because the peer sent a proposal that is not valid. A packet was received that contained data that is not valid.                                                  |
-| 547          | A failure occurred during an IKE handshake.                                                                                                                                                                     |
-| 548          | Logon failure. The security ID (SID) from a trusted domain does not match the account domain SID of the client.                                                                                                 |
-| 549          | Logon failure. All SIDs corresponding to untrusted namespaces were filtered out during an authentication across forests.                                                                                        |
-| 550          | Notification message that could indicate a possible denial-of-service attack.                                                                                                                                   |
-| 551          | A user initiated the logoff process.                                                                                                                                                                            |
-| 552          | A user successfully logged on to a computer using explicit credentials while already logged on as a different user.                                                                                             |
-| 682          | A user has reconnected to a disconnected terminal server session.                                                                                                                                               |
-| 683          | A user disconnected a terminal server session without logging off.                                                                                                                                              |
+| 4624          | A user successfully logged on to a computer. For information about the type of logon, see the Logon Types table below.                                                                                          |
+| 4625          | Logon failure. A logon attempt was made with an unknown user name or a known user name with a bad password.                                                                                                     |
+| 4634          | The logoff process was completed for a user.                                                                                                                                                                    |                                                                                                                               
+| 4647          | A user initiated the logoff process.                                                                                                                                                                            |
+| 4648          | A user successfully logged on to a computer using explicit credentials while already logged on as a different user.                                                                                             |
+| 4779          | A user disconnected a terminal server session without logging off.                                                                                                                                              |
  
 
 When event 528 is logged, a logon type is also listed in the event log. The following table describes each logon type.
diff --git a/windows/security/threat-protection/auditing/event-4625.md b/windows/security/threat-protection/auditing/event-4625.md
index 84cf52d450..220876b84a 100644
--- a/windows/security/threat-protection/auditing/event-4625.md
+++ b/windows/security/threat-protection/auditing/event-4625.md
@@ -166,7 +166,7 @@ This event generates on domain controllers, member servers, and workstations.
     | 0xC0000064              | User logon with misspelled or bad user account                                                       |
     | 0xC000006A              | User logon with misspelled or bad password                                                           |
     | 0XC000006D              | This is either due to a bad username or authentication information                                   |
-    | 0XC000006E              | Unknown user name or bad password.                                                                   |
+    | 0XC000006E              | Indicates a referenced user name and authentication information are valid, but some user account restriction has prevented successful authentication (such as time-of-day restrictions).     |
     | 0xC000006F              | User logon outside authorized hours                                                                  |
     | 0xC0000070              | User logon from unauthorized workstation                                                             |
     | 0xC0000071              | User logon with expired password                                                                     |
@@ -284,7 +284,7 @@ For 4625(F): An account failed to log on.
 
 -   Monitor for all events with the fields and values in the following table:
 
-    | **Field**                                                                        | Value to monitor for                                                                                                                                                                                |
+    |  Field                                                                         | Value to monitor for                                                                                                                                                                                |
     |----------------------------------------------------------------------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
     | **Failure Information\\Status** or <br>**Failure Information\\Sub Status** | 0XC000005E – “There are currently no logon servers available to service the logon request.” <br>This is typically not a security issue but it can be an infrastructure or availability issue. |
     | **Failure Information\\Status** or <br>**Failure Information\\Sub Status** | 0xC0000064 – “User logon with misspelled or bad user account”. <br>Especially if you get a number of these in a row, it can be a sign of user enumeration attack.                             |
diff --git a/windows/security/threat-protection/index.md b/windows/security/threat-protection/index.md
index b4f683756c..4ddfd7b193 100644
--- a/windows/security/threat-protection/index.md
+++ b/windows/security/threat-protection/index.md
@@ -17,20 +17,20 @@ ms.topic: conceptual
 ---
 
 # Threat Protection
-[Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559) is a unified platform for preventative protection, post-breach detection, automated investigation, and response. Microsoft Defender ATP protects endpoints from cyber threats; detects advanced attacks and data breaches, automates security incidents and improves security posture.
+[Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection) is a unified platform for preventative protection, post-breach detection, automated investigation, and response. Microsoft Defender ATP protects endpoints from cyber threats, detects advanced attacks and data breaches, automates security incidents, and improves security posture.
 
->[!TIP]
+> [!TIP]
 > Enable your users to access cloud services and on-premises applications with ease and enable modern management capabilities for all devices. For more information, see [Secure your remote workforce](https://docs.microsoft.com/enterprise-mobility-security/remote-work/). 
 
 <center><h2>Microsoft Defender ATP</center></h2>
 <table>
 <tr>
-<td><a href="#tvm"><center><img src="images/TVM_icon.png"> <br><b>Threat & Vulnerability Management</b></center></a></td>
-<td><a href="#asr"><center><img src="images/asr-icon.png"> <br><b>Attack surface reduction</b></center></a></td>
-<td><center><a href="#ngp"><img src="images/ngp-icon.png"><br> <b>Next-generation protection</b></a></center></td>
-<td><center><a href="#edr"><img src="images/edr-icon.png"><br> <b>Endpoint detection and response</b></a></center></td>
-<td><center><a href="#ai"><img src="images/air-icon.png"><br> <b>Automated investigation and remediation</b></a></center></td>
-<td><center><a href="#mte"><img src="images/mte-icon.png"><br> <b>Microsoft Threat Experts</b></a></center></td>
+<td><a href="#tvm"><center><img src="images/TVM_icon.png" alt="threat and vulnerability icon"> <br><b>Threat & vulnerability management</b></center></a></td>
+<td><a href="#asr"><center><img src="images/asr-icon.png" alt="attack surface reduction icon"> <br><b>Attack surface reduction</b></center></a></td>
+<td><center><a href="#ngp"><img src="images/ngp-icon.png" alt="next generation protection icon"><br> <b>Next-generation protection</b></a></center></td>
+<td><center><a href="#edr"><img src="images/edr-icon.png" alt="endpoint detection and response icon"><br> <b>Endpoint detection and response</b></a></center></td>
+<td><center><a href="#ai"><img src="images/air-icon.png" alt="automated investigation and remediation icon"><br> <b>Automated investigation and remediation</b></a></center></td>
+<td><center><a href="#mte"><img src="images/mte-icon.png" alt="microsoft threat experts icon"><br> <b>Microsoft Threat Experts</b></a></center></td>
 </tr>
 <tr>
 <td colspan="7">
@@ -47,19 +47,14 @@ ms.topic: conceptual
 
 >[!VIDEO https://www.microsoft.com/en-us/videoplayer/embed/RE4obJq]
 
-**[Threat & Vulnerability Management](microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md)**<br>
+**[Threat & vulnerability management](microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md)**<br>
 This built-in capability uses a game-changing risk-based approach to the discovery, prioritization, and remediation of endpoint vulnerabilities and misconfigurations.
 
-- [Risk-based Threat & Vulnerability Management](microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md)
-- [Supported operating systems and platforms](microsoft-defender-atp/tvm-supported-os.md)
-- [What's in the dashboard and what it means for my organization](microsoft-defender-atp/tvm-dashboard-insights.md)
-- [Exposure score](microsoft-defender-atp/tvm-exposure-score.md)
-- [Microsoft Secure Score for Devices](microsoft-defender-atp/tvm-microsoft-secure-score-devices.md)
-- [Security recommendations](microsoft-defender-atp/tvm-security-recommendation.md)
-- [Remediation](microsoft-defender-atp/tvm-remediation.md)
-- [Software inventory](microsoft-defender-atp/tvm-software-inventory.md)
-- [Weaknesses](microsoft-defender-atp/tvm-weaknesses.md)
-- [Scenarios](microsoft-defender-atp/threat-and-vuln-mgt-scenarios.md)
+- [Threat & vulnerability management overview](microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md)
+- [Get started](microsoft-defender-atp/tvm-prerequisites.md)
+- [Access your security posture](microsoft-defender-atp/tvm-dashboard-insights.md)
+- [Improve your security posture and reduce risk](microsoft-defender-atp/tvm-security-recommendation.md)
+- [Understand vulnerabilities on your devices](microsoft-defender-atp/tvm-software-inventory.md)
 
 <a name="asr"></a>
 
@@ -103,25 +98,16 @@ Endpoint detection and response capabilities are put in place to detect, investi
 <a name="ai"></a>
 
 **[Automated investigation and remediation](microsoft-defender-atp/automated-investigations.md)**<br>
-In conjunction with being able to quickly respond to advanced attacks, Microsoft Defender ATP offers automatic investigation and remediation capabilities that help reduce the volume of alerts in minutes at scale.
+In addition to quickly responding to advanced attacks, Microsoft Defender ATP offers automatic investigation and remediation capabilities that help reduce the volume of alerts in minutes at scale.
 
 - [Automated investigation and remediation](microsoft-defender-atp/automated-investigations.md)
 - [View details and results of automated investigations](microsoft-defender-atp/auto-investigation-action-center.md)
 - [View and approve remediation actions](microsoft-defender-atp/manage-auto-investigation.md)
 
-<a name="ss"></a>
-
-**[Microsoft Secure Score for Devices](microsoft-defender-atp/tvm-microsoft-secure-score-devices.md)**<br>
-
-Microsoft Defender ATP includes a Microsoft Secure Score for Devices to help you dynamically assess the security state of your enterprise network, identify unprotected systems, and take recommended actions to improve the overall security of your organization.
-
-- [Microsoft Secure Score for Devices](microsoft-defender-atp/tvm-microsoft-secure-score-devices.md)
-- [Threat analytics](microsoft-defender-atp/threat-analytics.md)
-
 <a name="mte"></a>
 
 **[Microsoft Threat Experts](microsoft-defender-atp/microsoft-threat-experts.md)**<br>
-Microsoft Defender ATP's new managed threat hunting service provides proactive hunting, prioritization and additional context and insights that further empower Security Operation Centers (SOCs) to identify and respond to threats quickly and accurately.
+Microsoft Defender ATP's new managed threat hunting service provides proactive hunting, prioritization, and additional context and insights. Microsoft Threat Experts further empowers Security Operation Centers (SOCs) to identify and respond to threats quickly and accurately.
 
 - [Targeted attack notification](microsoft-defender-atp/microsoft-threat-experts.md)
 - [Experts-on-demand](microsoft-defender-atp/microsoft-threat-experts.md)
@@ -149,4 +135,4 @@ Integrate Microsoft Defender Advanced Threat Protection into your existing workf
 
 <a name="mtp"></a>
 **[Microsoft Threat Protection](https://docs.microsoft.com/microsoft-365/security/mtp/microsoft-threat-protection)**<br>
- With Microsoft Threat Protection, Microsoft Defender ATP and various Microsoft security solutions form a unified pre- and post-breach enterprise defense suite that natively integrates across endpoint, identity, email, and applications to detect, prevent, investigate and automatically respond to sophisticated attacks.
+ With Microsoft Threat Protection, Microsoft Defender ATP and various Microsoft security solutions form a unified pre- and post-breach enterprise defense suite that natively integrates across endpoint, identity, email, and applications to detect, prevent, investigate, and automatically respond to sophisticated attacks.
diff --git a/windows/security/threat-protection/intelligence/TOC.md b/windows/security/threat-protection/intelligence/TOC.md
index 48c382b306..18ea7845de 100644
--- a/windows/security/threat-protection/intelligence/TOC.md
+++ b/windows/security/threat-protection/intelligence/TOC.md
@@ -10,7 +10,9 @@
 
 ### [Macro malware](macro-malware.md)
 
-### [Phishing](phishing.md)
+### [Phishing attacks](phishing.md)
+
+#### [Phishing trends and techniques](phishing-trends.md)
 
 ### [Ransomware](ransomware-malware.md)
 
diff --git a/windows/security/threat-protection/intelligence/fileless-threats.md b/windows/security/threat-protection/intelligence/fileless-threats.md
index 6ae2dcfe4c..a5f4583231 100644
--- a/windows/security/threat-protection/intelligence/fileless-threats.md
+++ b/windows/security/threat-protection/intelligence/fileless-threats.md
@@ -43,7 +43,7 @@ A fully fileless malware can be considered one that never requires writing a fil
 
 A compromised device may also have malicious code hiding in device firmware (such as a BIOS), a USB peripheral (like the BadUSB attack), or in the firmware of a network card. All these examples don't require a file on the disk to run, and can theoretically live only in memory. The malicious code would survive reboots, disk reformats, and OS reinstalls.
 
-Infections of this type can be extra difficult deal with because antivirus products usually don’t have the capability to inspect firmware. Even if they did, it would be extremely challenging to detect and remediate threats at this level. This type of fileless malware requires high levels of sophistication and often depends on particular hardware or software configuration. It’s not an attack vector that can be exploited easily and reliably. While dangerous, threats of this type are uncommon and not practical for most attacks.
+Infections of this type can be particularly difficult to detect because most antivirus products don’t have the capability to inspect firmware. In cases where a product does have the ability to inspect and detect malicious firmware, there are still significant challenges associated with remediation of threats at this level. This type of fileless malware requires high levels of sophistication and often depends on particular hardware or software configuration. It’s not an attack vector that can be exploited easily and reliably. While dangerous, threats of this type are uncommon and not practical for most attacks.
 
 ## Type II: Indirect file activity
 
diff --git a/windows/security/threat-protection/intelligence/phishing-trends.md b/windows/security/threat-protection/intelligence/phishing-trends.md
new file mode 100644
index 0000000000..dcb01fd998
--- /dev/null
+++ b/windows/security/threat-protection/intelligence/phishing-trends.md
@@ -0,0 +1,69 @@
+---
+title: Phishing trends and techniques
+ms.reviewer: 
+description: Learn about how to spot phishing techniques
+keywords: security, malware, phishing, information, scam, social engineering, bait, lure, protection, trends, targeted attack, spear phishing, whaling
+ms.prod: w10
+ms.mktglfcycl: secure
+ms.sitesec: library
+ms.localizationpriority: medium
+ms.author: ellevin
+author: levinec
+manager: dansimp
+audience: ITPro
+ms.collection: M365-security-compliance  
+ms.topic: article
+search.appverid: met150
+---
+
+# Phishing trends and techniques
+
+Phishing attacks are scams that often use social engineering bait or lure content. Legitimate-looking communication, usually email, that links to a phishing site is one of the most common methods used in phishing attacks. The phishing site typically mimics sign in pages that require users to input credentials and account information. The phishing site then captures the sensitive information as soon as the user provides it, giving attackers access to the information.
+
+Below are some of the most common phishing techniques attackers will employ to try to steal information or gain access to your devices.
+
+## Invoice phishing
+
+In this scam, the attacker attempts to lure you with an email stating that you have an outstanding invoice from a known vendor or company. They then provide a link for you to access and pay your invoice. When you access the site, the attacker is poised to steal your personal information and funds.
+
+## Payment/delivery scam
+
+You're asked to provide a credit card or other personal information so that your payment information can be updated with a commonly known vendor or supplier. The update is requested so that you can take delivery of your ordered goods. Generally, you may be familiar with the company and have likely done business with them in the past. However, you aren't aware of any items you have recently purchased from them.
+
+## Tax-themed phishing scams
+
+A common IRS phishing scam is receiving an urgent email letter indicating that you owe money to the IRS. Often the email threatens legal action if you don't access the site in a timely manner and pay your taxes. When you access the site, the attackers can steal your personal credit card or bank information and drain your accounts.
+
+## Downloads
+
+An attacker sends a fraudulent email requesting you to open or download a document attachment, such as a PDF. The attachment often contains a message asking you to sign in to another site, such as email or file sharing websites, to open the document. When you access these phishing sites using your sign-in credentials, the attacker now has access to your information and can gain additional personal information about you.
+
+## Phishing emails that deliver other threats
+
+Phishing emails are often effective, so attackers sometimes use them to distribute [ransomware](ransomware-malware.md) through links or attachments in emails. When run, the ransomware encrypts files and displays a ransom note, which asks you to pay a sum of money to access to your files.
+
+We have also seen phishing emails that have links to [tech support scam](support-scams.md) websites. These websites use various scare tactics to trick you into calling hotlines and paying for unnecessary "technical support services" that supposedly fix contrived device, platform, or software problems.
+
+## Spear phishing
+
+Spear phishing is a targeted phishing attack that involves highly customized lure content. Attackers will typically do reconnaissance work by surveying social media and other information sources about their intended target.
+
+Spear phishing may involve tricking you into logging into fake sites and divulging credentials. I may also lure you into opening documents by clicking on links that automatically install malware. With this malware in place, attackers can remotely manipulate the infected computer.
+
+The implanted malware serves as the point of entry for a more sophisticated attack, known as an advanced persistent threat (APT). APTs are designed to establish control and steal data over extended periods. Attackers may try to deploy more covert hacking tools, move laterally to other computers, compromise or create privileged accounts, and regularly exfiltrate information from compromised networks.
+
+## Whaling
+
+Whaling is a form of phishing directed at high-level or senior executives within specific companies to gain access to their credentials and/or bank information. The content of the email may be written as a legal subpoena, customer complaint, or other executive issue. This type of attack can also lead to an APT attack within an organization.
+
+## Business email compromise
+
+Business email compromise (BEC) is a sophisticated scam that targets businesses who frequently work with foreign suppliers or do money wire transfers. One of the most common schemes used by BEC attackers involves gaining access to a company’s network through a spear phishing attack. The attacker creates a domain similar to the company they're targeting, or spoofs their email to scam users into releasing personal account information for money transfers.
+
+## More information about phishing attacks
+
+For information on the latest phishing attacks, techniques, and trends, you can read these entries on the [Microsoft Security blog](https://www.microsoft.com/security/blog/product/windows/):
+
+- [Phishers unleash simple but effective social engineering techniques using PDF attachments](https://cloudblogs.microsoft.com/microsoftsecure/2017/01/26/phishers-unleash-simple-but-effective-social-engineering-techniques-using-pdf-attachments/?source=mmpc)
+- [Tax themed phishing and malware attacks proliferate during the tax filing season](https://cloudblogs.microsoft.com/microsoftsecure/2017/03/20/tax-themed-phishing-and-malware-attacks-proliferate-during-the-tax-filing-season/?source=mmpc)
+- [Phishing like emails lead to tech support scam](https://cloudblogs.microsoft.com/microsoftsecure/2017/08/07/links-in-phishing-like-emails-lead-to-tech-support-scam/?source=mmpc)
diff --git a/windows/security/threat-protection/intelligence/phishing.md b/windows/security/threat-protection/intelligence/phishing.md
index cfc9140745..d70c3f606b 100644
--- a/windows/security/threat-protection/intelligence/phishing.md
+++ b/windows/security/threat-protection/intelligence/phishing.md
@@ -1,5 +1,5 @@
 ---
-title: Phishing
+title: How to protect against phishing attacks
 ms.reviewer: 
 description: Learn about how phishing work, deliver malware do your devices, and  what you can do to protect yourself
 keywords: security, malware, phishing, information, scam, social engineering, bait, lure, protection, trends, targeted attack
@@ -16,98 +16,15 @@ ms.topic: article
 search.appverid: met150
 ---
 
-# Phishing
+# How to protect against phishing attacks
 
 Phishing attacks attempt to steal sensitive information through emails, websites, text messages, or other forms of electronic communication. They try to look like official communication from legitimate companies or individuals.
 
 Cybercriminals often attempt to steal usernames, passwords, credit card details, bank account information, or other credentials. They use stolen information for malicious purposes, such as hacking, identity theft, or stealing money directly from bank accounts and credit cards. The information can also be sold in cybercriminal underground markets.
 
-## What to do if you've been a victim of a phishing scam
-
-If you feel you've been a victim of a phishing attack:
-
-1. Contact your IT admin if you are on a work computer. 
-2. Immediately change all passwords associated with the accounts.
-3. Report any fraudulent activity to your bank and credit card company.
-
-### Reporting spam
-
-- **Outlook.com**: If you receive a suspicious email message that asks for personal information, select the check box next to the message in your Outlook inbox. Select the arrow next to **Junk**, and then select **Phishing**.
-
-- **Microsoft Office Outlook**: While in the suspicious message, select **Report message** from the ribbon, and then select **Phishing**.
-
-- **Microsoft**: Create a new, blank email message with the one of the following recipients:
-    - Junk: junk@office365.microsoft.com
-    - Phishing: phish@office365.microsoft.com
-
-    Drag and drop the junk or phishing message into the new message. This will save the junk or phishing message as an attachment in the new message. Don't copy and paste the content of the message or forward the message (we need the original message so we can inspect the message headers). For more information, see [Submit spam, non-spam, and phishing scam messages to Microsoft for analysis](https://docs.microsoft.com/office365/SecurityCompliance/submit-spam-non-spam-and-phishing-scam-messages-to-microsoft-for-analysis).
-
-- **Anti-Phishing Working Group**: phishing-report@us-cert.gov. The group uses reports generated from emails sent to fight phishing scams and hackers. ISPs, security vendors, financial institutions, and law enforcement agencies are involved.
-
-If you’re on a suspicious website:
-
-- **Microsoft Edge**: While you’re on a suspicious site, select the **More (…) icon** > **Help and feedback** > **Report Unsafe site**. Follow the instructions on the webpage that displays to report the website.
-
-- **Internet Explorer**: While you’re on a suspicious site, select the gear icon, point to **Safety**, and then select **Report Unsafe Website**. Follow the instructions on the webpage that displays to report the website.
-
->[!NOTE]
->For more information, see [Protect yourself from phishing](https://support.microsoft.com/en-us/help/4033787/windows-protect-yourself-from-phishing).
-
-## How phishing works
-
-Phishing attacks are scams that often use social engineering bait or lure content. For example, during tax season bait content can be tax-filing announcements that attempt to lure you into providing personal information such as your SSN or bank account information.
-
-Legitimate-looking communication, usually email, that links to a phishing site is one of the most common methods used in phishing attacks. The phishing site typically mimics sign in pages that require users to input credentials and account information. The phishing site then captures the sensitive information as soon as the user provides it, giving attackers access to the information.
-
-Another common phishing technique is the use of emails that direct you to open a malicious attachment like a PDF file. The attachment often contains a message asking you to sign in to another site, such as email or file sharing websites, to open the document. When you access these phishing sites using your sign-in credentials, the attacker now has access to your information and can gain additional personal information about you.
-
-## Phishing trends and techniques
-
-### Invoice phishing
-
-In this scam, the attacker attempts to lure you with an email stating that you have an outstanding invoice from a known vendor or company. They then provide a link for you to access and pay your invoice. When you access the site, the attacker is poised to steal your personal information and funds.
-
-### Payment/delivery scam
-
-You're asked to provide a credit card or other personal information so that your payment information can be updated with a commonly known vendor or supplier. The update is requested so that you can take delivery of your ordered goods. Generally, you may be familiar with the company and have likely done business with them in the past. However, you aren't aware of any items you have recently purchased from them.
-
-### Tax-themed phishing scams
-
-A common IRS phishing scam is receiving an urgent email letter indicating that you owe money to the IRS. Often the email threatens legal action if you don't access the site in a timely manner and pay your taxes. When you access the site, the attackers can steal your personal credit card or bank information and drain your accounts.
-
-### Downloads
-
-An attacker sends a fraudulent email requesting you to open or download a document, often requiring you to sign in.
-
-### Phishing emails that deliver other threats
-
-Phishing emails are often very effective, so attackers sometimes use them to distribute [ransomware](ransomware-malware.md) through links or attachments in emails. When run, the ransomware encrypts files and displays a ransom note, which asks you to pay a sum of money to access to your files.
-
-We have also seen phishing emails that have links to [tech support scam](support-scams.md) websites. These websites use various scare tactics to trick you into calling hotlines and paying for unnecessary "technical support services" that supposedly fix contrived device, platform, or software problems.
-
-## Targeted attacks against enterprises
-
-### Spear phishing
-
-Spear phishing is a targeted phishing attack that involves highly customized lure content. Attackers will typically do reconnaissance work by surveying social media and other information sources about their intended target.
-
-Spear phishing may involve tricking you into logging into fake sites and divulging credentials. I may also lure you into opening documents by clicking on links that automatically install malware. With this malware in place, attackers can remotely manipulate the infected computer.
-
-The implanted malware serves as the point of entry for a more sophisticated attack, known as an advanced persistent threat (APT). APTs are designed to establish control and steal data over extended periods. Attackers may try to deploy more covert hacking tools, move laterally to other computers, compromise or create privileged accounts, and regularly exfiltrate information from compromised networks.
-
-### Whaling
-
-Whaling is a form of phishing directed at high-level or senior executives within specific companies to gain access to their credentials and/or bank information. The content of the email may be written as a legal subpoena, customer complaint, or other executive issue. This type of attack can also lead to an APT attack within an organization.
-
-### Business email compromise
-
-Business email compromise (BEC) is a sophisticated scam that targets businesses who frequently work with foreign suppliers or do money wire transfers. One of the most common schemes used by BEC attackers involves gaining access to a company’s network through a spear phishing attack. The attacker creates a domain similar to the company they're targeting, or spoofs their email to scam users into releasing personal account information for money transfers.
-
-## How to protect against phishing attacks
-
 Social engineering attacks are designed to take advantage of a user's possible lapse in decision-making. Be aware and never provide sensitive or personal information through email or unknown websites, or over the phone. Remember, phishing emails are designed to appear legitimate.
 
-### Awareness
+## Learn the signs of a phishing scam
 
 The best protection is awareness and education. Don’t open attachments or links in unsolicited emails, even if the emails came from a recognized source. If the email is unexpected, be wary about opening the attachment and verify the URL.
 
@@ -141,9 +58,7 @@ Here are several telltale signs of a phishing scam:
 
 If in doubt, contact the business by known channels to verify if any suspicious emails are in fact legitimate.
 
-For more information, download and read this Microsoft [e-book on preventing social engineering attacks](https://info.microsoft.com/Protectyourweakestlink.html?ls=social), especially in enterprise environments.
-
-### Software solutions for organizations
+## Software solutions for organizations
 
 * [Microsoft Edge](https://docs.microsoft.com/microsoft-edge/deploy/index) and [Windows Defender Application Guard](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-application-guard/wd-app-guard-overview) offer protection from the increasing threat of targeted attacks using Microsoft's industry-leading Hyper-V virtualization technology. If a browsed website is deemed untrusted, the Hyper-V container will isolate that device from the rest of your network thereby preventing access to your enterprise data.
 
@@ -151,14 +66,36 @@ For more information, download and read this Microsoft [e-book on preventing soc
 
 * Use [Office 365 Advanced Threat Protection (ATP)](https://products.office.com/exchange/online-email-threat-protection?ocid=cx-blog-mmpc) to help protect your email, files, and online storage against malware. It offers holistic protection in Microsoft Teams, Word, Excel, PowerPoint, Visio, SharePoint Online, and OneDrive for Business. By protecting against unsafe attachments and expanding protection against malicious links, it complements the security features of Exchange Online Protection to provide better zero-day protection.
 
-For more tips and software solutions, see [prevent malware infection](prevent-malware-infection.md).
+## What to do if you've been a victim of a phishing scam
+
+If you feel you've been a victim of a phishing attack:
+
+1. Contact your IT admin if you are on a work computer
+2. Immediately change all passwords associated with the accounts
+3. Report any fraudulent activity to your bank and credit card company
+
+### Reporting spam
+
+- **Outlook.com**: If you receive a suspicious email message that asks for personal information, select the check box next to the message in your Outlook inbox. Select the arrow next to **Junk**, and then select **Phishing**.
+
+- **Microsoft Office Outlook**: While in the suspicious message, select **Report message** from the ribbon, and then select **Phishing**.
+
+- **Microsoft**: Create a new, blank email message with the one of the following recipients:
+    - Junk: junk@office365.microsoft.com
+    - Phishing: phish@office365.microsoft.com
+
+    Drag and drop the junk or phishing message into the new message. This will save the junk or phishing message as an attachment in the new message. Don't copy and paste the content of the message or forward the message (we need the original message so we can inspect the message headers). For more information, see [Submit spam, non-spam, and phishing scam messages to Microsoft for analysis](https://docs.microsoft.com/office365/SecurityCompliance/submit-spam-non-spam-and-phishing-scam-messages-to-microsoft-for-analysis).
+
+- **Anti-Phishing Working Group**: phishing-report@us-cert.gov. The group uses reports generated from emails sent to fight phishing scams and hackers. ISPs, security vendors, financial institutions, and law enforcement agencies are involved.
+
+### If you’re on a suspicious website
+
+- **Microsoft Edge**: While you’re on a suspicious site, select the **More (…) icon** > **Help and feedback** > **Report Unsafe site**. Follow the instructions on the webpage that displays to report the website.
+
+- **Internet Explorer**: While you’re on a suspicious site, select the gear icon, point to **Safety**, and then select **Report Unsafe Website**. Follow the instructions on the webpage that displays to report the website.
 
 ## More information about phishing attacks
 
-For information on the latest phishing attacks, techniques, and trends, you can read these entries on the [Microsoft Security blog](https://www.microsoft.com/security/blog/product/windows/):
-
-* [Phishers unleash simple but effective social engineering techniques using PDF attachments](https://cloudblogs.microsoft.com/microsoftsecure/2017/01/26/phishers-unleash-simple-but-effective-social-engineering-techniques-using-pdf-attachments/?source=mmpc)
-
-* [Tax themed phishing and malware attacks proliferate during the tax filing season](https://cloudblogs.microsoft.com/microsoftsecure/2017/03/20/tax-themed-phishing-and-malware-attacks-proliferate-during-the-tax-filing-season/?source=mmpc)
-
-* [Phishing like emails lead to tech support scam](https://cloudblogs.microsoft.com/microsoftsecure/2017/08/07/links-in-phishing-like-emails-lead-to-tech-support-scam/?source=mmpc)
+- [Protect yourself from phishing](https://support.microsoft.com/help/4033787/windows-protect-yourself-from-phishing)
+- [Phishing trends](phishing-trends.md)
+- [Microsoft e-book on preventing social engineering attacks](https://info.microsoft.com/Protectyourweakestlink.html?ls=social), especially in enterprise environments.
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/antivirus-false-positives-negatives.md b/windows/security/threat-protection/microsoft-defender-antivirus/antivirus-false-positives-negatives.md
index 1bf808c9ae..cd9480eafa 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/antivirus-false-positives-negatives.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/antivirus-false-positives-negatives.md
@@ -25,7 +25,7 @@ ms.topic: article
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 Microsoft Defender Antivirus is designed to keep your PC safe with built-in, trusted antivirus protection. With Microsoft Defender Antivirus, you get comprehensive, ongoing, and real-time protection against software threats like viruses, malware, and spyware across email, apps, the cloud, and the web.
 
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/collect-diagnostic-data-update-compliance.md b/windows/security/threat-protection/microsoft-defender-antivirus/collect-diagnostic-data-update-compliance.md
index c313f7f7cf..586598290d 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/collect-diagnostic-data-update-compliance.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/collect-diagnostic-data-update-compliance.md
@@ -23,7 +23,7 @@ manager: dansimp
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 This article describes how to collect diagnostic data that can be used by Microsoft support and engineering teams to help troubleshoot issues you may encounter when using the Microsoft Defender AV Assessment section in the Update Compliance add-in.
 
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/collect-diagnostic-data.md b/windows/security/threat-protection/microsoft-defender-antivirus/collect-diagnostic-data.md
index 8d013685ee..b98d9268b6 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/collect-diagnostic-data.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/collect-diagnostic-data.md
@@ -23,7 +23,7 @@ manager: dansimp
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 This article describes how to collect diagnostic data that can be used by Microsoft support and engineering teams to help troubleshoot issues you might encounter when using the Microsoft Defender AV.
 
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/command-line-arguments-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/command-line-arguments-microsoft-defender-antivirus.md
index 3038c3095f..f6c285389b 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/command-line-arguments-microsoft-defender-antivirus.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/command-line-arguments-microsoft-defender-antivirus.md
@@ -22,7 +22,7 @@ ms.date: 08/17/2020
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 You can perform various Microsoft Defender Antivirus functions with the dedicated command-line tool *mpcmdrun.exe*. This utility is useful when you want to automate Microsoft Defender Antivirus use. You can find the utility in `%ProgramFiles%\Windows Defender\MpCmdRun.exe`. You must run it from a command prompt.
 
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/configuration-management-reference-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/configuration-management-reference-microsoft-defender-antivirus.md
index 093c6632fb..2287370263 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/configuration-management-reference-microsoft-defender-antivirus.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/configuration-management-reference-microsoft-defender-antivirus.md
@@ -23,7 +23,7 @@ manager: dansimp
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 You can manage and configure Microsoft Defender Antivirus with the following tools:
 
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/configure-advanced-scan-types-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/configure-advanced-scan-types-microsoft-defender-antivirus.md
index 93b12016f3..5d559f0d89 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/configure-advanced-scan-types-microsoft-defender-antivirus.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/configure-advanced-scan-types-microsoft-defender-antivirus.md
@@ -23,7 +23,7 @@ manager: dansimp
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 ## Use Microsoft Intune to configure scanning options
 
@@ -59,8 +59,8 @@ Specify the level of subfolders within an archive folder to scan | Scan > Specif
  Specify the maximum size (in kilobytes) of archive files that should be scanned. The default, **0**, applies no limit | Scan > Specify the maximum size of archive files to be scanned | No limit | Not available
  Configure low CPU priority for scheduled scans | Scan > Configure low CPU priority for scheduled scans | Disabled | Not available
  
->[!NOTE]
->If real-time protection is enabled, files are scanned before they are accessed and executed. The scanning scope includes all files, including those on mounted removable devices such as USB drives.
+> [!NOTE]
+> If real-time protection is turned on, files are scanned before they are accessed and executed. The scanning scope includes all files, including files on mounted removable media, such as USB drives. If the device performing the scan has real-time protection or on-access protection turned on, the scan will also include network shares.
 
 ## Use PowerShell to configure scanning options
 
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/configure-block-at-first-sight-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/configure-block-at-first-sight-microsoft-defender-antivirus.md
index a71f13399e..75752637b1 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/configure-block-at-first-sight-microsoft-defender-antivirus.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/configure-block-at-first-sight-microsoft-defender-antivirus.md
@@ -1,6 +1,6 @@
 ---
-title: Enable Block at First Sight to detect malware in seconds
-description: Turn on the block at first sight feature to detect and block malware within seconds, and validate that it is configured correctly.
+title: Enable block at first sight to detect malware in seconds
+description: Turn on the block at first sight feature to detect and block malware within seconds.
 keywords: scan, BAFS, malware, first seen, first sight, cloud, defender
 search.product: eADQiWindows 10XVcnh
 ms.prod: w10
@@ -12,7 +12,7 @@ ms.author: deniseb
 ms.reviewer: 
 manager: dansimp
 ms.custom: nextgen
-ms.date: 08/26/2020
+ms.date: 10/22/2020
 ---
 
 # Turn on block at first sight
@@ -24,9 +24,9 @@ ms.date: 08/26/2020
 
 - Microsoft Defender Antivirus
 
-Block at first sight provides a way to detect and block new malware within seconds. This protection is enabled by default when certain prerequisite settings are also enabled. In most cases, these prerequisite settings are also enabled by default, so the feature is running without any intervention. 
+Block at first sight provides a way to detect and block new malware within seconds. This protection is enabled by default when certain prerequisite settings are enabled. These settings include cloud-delivered protection, a specified sample submission timeout (such as 50 seconds), and a file-blocking level of high. In most enterprise organizations, these settings are enabled by default with Microsoft Defender Antivirus deployments. 
 
-You can [specify how long the file should be prevented from running](configure-cloud-block-timeout-period-microsoft-defender-antivirus.md) while the cloud-based protection service analyzes the file. And, you can [customize the message displayed on users' desktops](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-security-center/wdsc-customize-contact-information) when a file is blocked. You can change the company name, contact information, and message URL.
+You can [specify how long a file should be prevented from running](configure-cloud-block-timeout-period-microsoft-defender-antivirus.md) while the cloud-based protection service analyzes the file. And, you can [customize the message displayed on users' desktops](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-security-center/wdsc-customize-contact-information) when a file is blocked. You can change the company name, contact information, and message URL.
 
 >[!TIP]
 >Visit the Microsoft Defender ATP demo website at [demo.wd.microsoft.com](https://demo.wd.microsoft.com?ocid=cx-wddocs-testground) to confirm the features are working and see how they work.
@@ -40,109 +40,75 @@ Microsoft Defender Antivirus uses multiple detection and prevention technologies
 
 In Windows 10, version 1803 or later, block at first sight can block non-portable executable files (such as JS, VBS, or macros) as well as executable files.
 
-Block at first sight only uses the cloud protection backend for executable files and non-portable executable files that are downloaded from the Internet, or that originate from the Internet zone. A hash value of the .exe file is checked via the cloud backend to determine if this is a previously undetected file.
+Block at first sight only uses the cloud protection backend for executable files and non-portable executable files that are downloaded from the Internet, or that originate from the Internet zone. A hash value of the .exe file is checked via the cloud backend to determine if the file is a previously undetected file.
 
 If the cloud backend is unable to make a determination, Microsoft Defender Antivirus locks the file and uploads a copy to the cloud. The cloud performs additional analysis to reach a determination before it either allows the file to run or blocks it in all future encounters, depending on whether it determines the file to be malicious or safe.
 
 In many cases, this process can reduce the response time for new malware from hours to seconds.
 
-## Confirm and validate that block at first sight is turned on
+## Turn on block at first sight with Microsoft Intune
 
-Block at first sight requires a number of settings to be configured correctly or it will not work. These settings are enabled by default in most enterprise Microsoft Defender Antivirus deployments.
+> [!TIP]
+> Microsoft Intune is now part of Microsoft Endpoint Manager.
 
-### Confirm block at first sight is turned on with Intune
+1. In the Microsoft Endpoint Manager admin center ([https://endpoint.microsoft.com](https://endpoint.microsoft.com)), navigate to **Devices** > **Configuration profiles**.
 
-1. In Intune, navigate to **Device configuration - Profiles** > *Profile name* > **Device restrictions** > **Microsoft Defender Antivirus**.
+2. Select or create a profile using the **Device restrictions** profile type.
 
-   > [!NOTE]
-   > The profile you select must be a Device Restriction profile type, not an Endpoint Protection profile type.
+3. In the **Configuration settings** for the Device restrictions profile, set or confirm the following settings under **Microsoft Defender Antivirus**:
 
-2. Verify these settings are configured as follows:
-
-   - **Cloud-delivered protection**: **Enable**
-   - **File Blocking Level**: **High**
-   - **Time extension for file scanning by the cloud**: **50**
-   - **Prompt users before sample submission**: **Send all data without prompting**
+   - **Cloud-delivered protection**: Enabled
+   - **File Blocking Level**: High
+   - **Time extension for file scanning by the cloud**: 50
+   - **Prompt users before sample submission**: Send all data without prompting
 
    ![Intune config](images/defender/intune-block-at-first-sight.png)
 
-   > [!WARNING]
-   > Setting the file blocking level to **High** will apply a strong level of detection. In the unlikely event that it causes a false positive detection of legitimate files, use the option to [restore the quarantined files](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-antivirus/restore-quarantined-files-microsoft-defender-antivirus).
+4. Save your settings.
 
-For more information about configuring Microsoft Defender Antivirus device restrictions in Intune, see [Configure device restriction settings in Microsoft Intune](https://docs.microsoft.com/intune/device-restrictions-configure).
+> [!TIP]
+> - Setting the file blocking level to **High** applies a strong level of detection. In the unlikely event that file blocking causes a false positive detection of legitimate files, you can [restore quarantined files](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-antivirus/restore-quarantined-files-microsoft-defender-antivirus).
+> - For more information about configuring Microsoft Defender Antivirus device restrictions in Intune, see [Configure device restriction settings in Microsoft Intune](https://docs.microsoft.com/intune/device-restrictions-configure).
+> - For a list of Microsoft Defender Antivirus device restrictions in Intune, see [Device restriction for Windows 10 (and newer) settings in Intune](https://docs.microsoft.com/intune/device-restrictions-windows-10#microsoft-defender-antivirus).
 
-For a list of Microsoft Defender Antivirus device restrictions in Intune, see [Device restriction for Windows 10 (and newer) settings in Intune](https://docs.microsoft.com/intune/device-restrictions-windows-10#microsoft-defender-antivirus).
+## Turn on block at first sight with Microsoft Endpoint Manager
 
-### Turn on block at first sight with Microsoft Endpoint Configuration Manager
+> [!TIP]
+> If you're looking for Microsoft Endpoint Configuration Manager, it's now part of Microsoft Endpoint Manager.
 
-1. In Microsoft Endpoint Configuration Manager, click **Assets and Compliance** > **Endpoint Protection** > **AntiMalware Policies**.
+1. In Microsoft Endpoint Manager ([https://endpoint.microsoft.com](https://endpoint.microsoft.com)), go to **Endpoint security** > **Antivirus**.
 
-2. Click **Home** > **Create Antimalware Policy**.
+2. Select an existing policy, or create a new policy using the **Microsoft Defender Antivirus** profile type.
 
-3. Enter a name and a description, and add these settings:
-   - **Real time protection**
-   - **Advanced**
-   - **Cloud Protection Service**
+3. Set or confirm the following configuration settings:
 
-4. In the left column, click **Real time protection**, set **Enable real-time protection** to **Yes**, and set **Scan system files** to **Scan incoming and outgoing files**.
-   ![Enable real-time protection](images/defender/sccm-real-time-protection.png)
+   - **Turn on cloud-delivered protection**: Yes
+   - **Cloud-delivered protection level**: High
+   - **Defender Cloud Extended Timeout in Seconds**: 50
 
-5. Click **Advanced**, set **Enable real-time protection** to **Yes**, and set **Scan system files** to **Scan incoming and outgoing files**.
-   ![Enable Advanced settings](images/defender/sccm-advanced-settings.png)
+   :::image type="content" source="images/endpointmgr-antivirus-cloudprotection.png" alt-text="Block at first sight settings in Endpoint Manager":::
 
-6. Click **Cloud Protection Service**, set **Cloud Protection Service membership type** to **Advanced membership**, set **Level for blocking suspicious files** to **High**, and set **Allow extended cloud check to block and scan suspicious files for up to (seconds)** to **50** seconds.
-   ![Enable Cloud Protection Service](images/defender/sccm-cloud-protection-service.png)
+4. Apply the Microsoft Defender Antivirus profile to a group, such as **All users**, **All devices**, or **All users and devices**.
 
-7. Click **OK** to create the policy.
+## Turn on block at first sight with Group Policy
 
-### Confirm block at first sight is turned on with Group Policy
+> [!NOTE]
+> We recommend using Intune or Microsoft Endpoint Manager to turn on block at first sight. 
 
-1. On your Group Policy management computer, open the [Group Policy Management Console](https://technet.microsoft.com/library/cc731212.aspx), right-click the Group Policy Object you want to configure and click **Edit**. 
+1. On your Group Policy management computer, open the [Group Policy Management Console](https://technet.microsoft.com/library/cc731212.aspx), right-click the Group Policy Object you want to configure and select **Edit**. 
 
-2. In the **Group Policy Management Editor** go to **Computer configuration** and click **Administrative templates**.
+2. Using the **Group Policy Management Editor** go to **Computer configuration** > **Administrative templates** > **Windows Components** > **Microsoft Defender Antivirus** > **MAPS**. 
 
-3. Expand the tree to **Windows components** > **Microsoft Defender Antivirus** > **MAPS**, configure the following Group Policies, and then click **OK**:
+3. In the MAPS section, double-click **Configure the 'Block at First Sight' feature**, and set it to **Enabled**, and then select **OK**.
 
-    1. Double-click **Join Microsoft MAPS** and ensure the option is set to **Enabled**. Click **OK**.
-
-    2. Double-click **Send file samples when further analysis is required** and ensure the option is set to **Enabled** and the additional options are either **Send safe samples (1)** or **Send all samples (3)**.
-
-    > [!WARNING]
+    > [!IMPORTANT]
     > Setting to **Always prompt (0)** will lower the protection state of the device. Setting to **Never send (2)** means block at first sight will not function.
 
-4. In the **Group Policy Management Editor**, expand the tree to **Windows components** > **Microsoft Defender Antivirus** > **Real-time Protection**:
+4. In the MAPS section, double-click **Send file samples when further analysis is required**, and set it to **Enabled**. Under **Send file samples when further analysis is required**, select **Send all samples**, and then click **OK**.
 
-    1. Double-click **Scan all downloaded files and attachments** and ensure the option is set to **Enabled**, and then click **OK**.
+5. If you changed any settings, redeploy the Group Policy Object across your network to ensure all endpoints are covered.
 
-    2. Double-click **Turn off real-time protection** and ensure the option is set to **Disabled**, and then click **OK**.
-
-5. In the **Group Policy Management Editor**, expand the tree to **Windows components** > **Microsoft Defender Antivirus** > **MpEngine**:
-
-    1. Double-click **Select cloud protection level** and ensure the option is set to **Enabled**. 
-
-    2. Ensure that **Select cloud blocking level** section on the same page is set to **High blocking level**, and then click **OK**.
-    
-If you had to change any of the settings, you should redeploy the Group Policy Object across your network to ensure all endpoints are covered.
-
-### Confirm block at first sight is turned on with Registry editor
-
-1. Start Registry Editor.
-
-2. Go to `HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows Defender\Spynet`, and make sure that 
-
-    1. **SpynetReporting** key is set to **1**
-
-    2. **SubmitSamplesConsent** key is set to either **1** (Send safe samples) or **3** (Send all samples)
-
-3. Go to `HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows Defender\Real-Time Protection`, and make sure that
-
-    1. **DisableIOAVProtection** key is set to **0**
-
-    2. **DisableRealtimeMonitoring** key is set to **0**
-    
-4. Go to `HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows Defender\MpEngine`, and make sure that the **MpCloudBlockLevel** key is set to **2**
-    
-### Confirm Block at First Sight is enabled on individual clients
+## Confirm block at first sight is enabled on individual clients
 
 You can confirm that block at first sight is enabled on individual clients using Windows security settings.
 
@@ -157,24 +123,43 @@ Block at first sight is automatically enabled as long as **Cloud-delivered prote
 3. Confirm that **Cloud-delivered protection** and **Automatic sample submission** are both turned on.
 
 > [!NOTE]
-> If the prerequisite settings are configured and deployed using Group Policy, the settings described in this section will be greyed-out and unavailable for use on individual endpoints. Changes made through a Group Policy Object must first be deployed to individual endpoints before the setting will be updated in Windows Settings.
+> - If the prerequisite settings are configured and deployed using Group Policy, the settings described in this section will be greyed-out and unavailable for use on individual endpoints. 
+> - Changes made through a Group Policy Object must first be deployed to individual endpoints before the setting will be updated in Windows Settings.
 
-### Validate block at first sight is working
+## Validate block at first sight is working
 
-You can validate that the feature is working by following the steps outlined in [Validate connections between your network and the cloud](configure-network-connections-microsoft-defender-antivirus.md#validate-connections-between-your-network-and-the-cloud).
+To validate that the feature is working, follow the guidance in [Validate connections between your network and the cloud](configure-network-connections-microsoft-defender-antivirus.md#validate-connections-between-your-network-and-the-cloud).
 
 ## Turn off block at first sight
 
-> [!WARNING]
-> Turning off block at first sight will lower the protection state of the endpoint and your network.
+> [!CAUTION]
+> Turning off block at first sight will lower the protection state of your device(s) and your network.
 
-You may choose to disable block at first sight if you want to retain the prerequisite settings without using block at first sight protection. You might wish to do this if you are experiencing latency issues or you want to test the feature's impact on your network.
+You might choose to disable block at first sight if you want to retain the prerequisite settings without actually using block at first sight protection. You might do temporarily turn block at first sight off if you are experiencing latency issues or you want to test the feature's impact on your network. However, we do not recommend disabling block at first sight protection permanently.
+
+### Turn off block at first sight with Microsoft Endpoint Manager
+
+1. Go to Microsoft Endpoint Manager admin center ([https://endpoint.microsoft.com](https://endpoint.microsoft.com)) and sign in.
+
+2. Go to **Endpoint security** > **Antivirus**, and then select your Microsoft Defender Antivirus policy.
+
+3. Under **Manage**, choose **Properties**.
+
+4. Next to **Configuration settings**, choose **Edit**.
+
+5. Change one or more of the following settings:
+
+   - Set **Turn on cloud-delivered protection** to **No** or **Not configured**.
+   - Set **Cloud-delivered protection level** to **Not configured**.
+   - Clear the **Defender Cloud Extended Timeout In Seconds** box.
+
+6. Review and save your settings.
 
 ### Turn off block at first sight with Group Policy
 
 1. On your Group Policy management computer, open the [Group Policy Management Console](https://technet.microsoft.com/library/cc731212.aspx), right-click the Group Policy Object you want to configure, and then click **Edit**.
 
-2. In the **Group Policy Management Editor** go to **Computer configuration** and click **Administrative templates**.
+2. Using the **Group Policy Management Editor** go to **Computer configuration** and click **Administrative templates**.
 
 3. Expand the tree through **Windows components** > **Microsoft Defender Antivirus** > **MAPS**.
 
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/configure-end-user-interaction-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/configure-end-user-interaction-microsoft-defender-antivirus.md
index db09d1d9ef..93e3d5c543 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/configure-end-user-interaction-microsoft-defender-antivirus.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/configure-end-user-interaction-microsoft-defender-antivirus.md
@@ -22,7 +22,7 @@ manager: dansimp
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 You can configure how users of the endpoints on your network can interact with Microsoft Defender Antivirus.
 
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/configure-exclusions-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/configure-exclusions-microsoft-defender-antivirus.md
index 1351a2448b..4d3ba69753 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/configure-exclusions-microsoft-defender-antivirus.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/configure-exclusions-microsoft-defender-antivirus.md
@@ -22,7 +22,7 @@ manager: dansimp
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 You can exclude certain files, folders, processes, and process-opened files from Microsoft Defender Antivirus scans. Such exclusions apply to [scheduled scans](scheduled-catch-up-scans-microsoft-defender-antivirus.md), [on-demand scans](run-scan-microsoft-defender-antivirus.md), and [always-on real-time protection and monitoring](configure-real-time-protection-microsoft-defender-antivirus.md). Exclusions for process-opened files only apply to real-time protection.
 
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/configure-extension-file-exclusions-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/configure-extension-file-exclusions-microsoft-defender-antivirus.md
index cad89f1643..7212b18c2f 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/configure-extension-file-exclusions-microsoft-defender-antivirus.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/configure-extension-file-exclusions-microsoft-defender-antivirus.md
@@ -12,6 +12,7 @@ ms.author: deniseb
 ms.custom: nextgen
 ms.reviewer: 
 manager: dansimp
+ms.date: 10/21/2020
 ---
 
 # Configure and validate exclusions based on file extension and folder location
@@ -21,7 +22,7 @@ manager: dansimp
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 > [!IMPORTANT]
 > Microsoft Defender Antivirus exclusions don't apply to other Microsoft Defender ATP capabilities, including [endpoint detection and response (EDR)](../microsoft-defender-atp/overview-endpoint-detection-response.md), [attack surface reduction (ASR) rules](../microsoft-defender-atp/attack-surface-reduction.md), and [controlled folder access](../microsoft-defender-atp/controlled-folders.md). Files that you exclude using the methods described in this article can still trigger EDR alerts and other detections. To exclude files broadly, add them to the Microsoft Defender ATP [custom indicators](../microsoft-defender-atp/manage-indicators.md).
@@ -187,7 +188,7 @@ The following table describes how the wildcards can be used and provides some ex
 |Wildcard  |Examples  |
 |---------|---------|
 |`*` (asterisk) <br/><br/>In **file name and file extension inclusions**, the asterisk replaces any number of characters, and only applies to files in the last folder defined in the argument. <br/><br/>In **folder exclusions**, the asterisk replaces a single folder. Use multiple `*` with folder slashes `\` to indicate multiple nested folders. After matching the number of wild carded and named folders, all subfolders are also included.   | `C:\MyData\*.txt` would include `C:\MyData\notes.txt`<br/><br/>`C:\somepath\*\Data` would include any file in `C:\somepath\Archives\Data and its subfolders` and `C:\somepath\Authorized\Data and its subfolders` <br/><br/>`C:\Serv\*\*\Backup` would include any file in `C:\Serv\Primary\Denied\Backup and its subfolders` and `C:\Serv\Secondary\Allowed\Backup and its subfolders`     |
-|`?` (question mark)  <br/><br/>In **file name and file extension inclusions**, the question mark replaces a single character, and only applies to files in the last folder defined in the argument. <br/><br/>In **folder exclusions**, the question mark replaces a single character in a folder name. After matching the number of wild carded and named folders, all subfolders are also included.   |`C:\MyData\my` would include `C:\MyData\my1.zip` <br/><br/>`C:\somepath\?\Data` would include any file in `C:\somepath\P\Data` and its subfolders <br/><br/>`C:\somepath\test0?\Data` would include any file in `C:\somepath\test01\Data` and its subfolders          |
+|`?` (question mark)  <br/><br/>In **file name and file extension inclusions**, the question mark replaces a single character, and only applies to files in the last folder defined in the argument. <br/><br/>In **folder exclusions**, the question mark replaces a single character in a folder name. After matching the number of wild carded and named folders, all subfolders are also included.   |`C:\MyData\my?` would include `C:\MyData\my1.zip` <br/><br/>`C:\somepath\?\Data` would include any file in `C:\somepath\P\Data` and its subfolders <br/><br/>`C:\somepath\test0?\Data` would include any file in `C:\somepath\test01\Data` and its subfolders          |
 |Environment variables <br/><br/>The defined variable is populated as a path when the exclusion is evaluated.          |`%ALLUSERSPROFILE%\CustomLogFiles` would include `C:\ProgramData\CustomLogFiles\Folder1\file1.txt`         |
         
 
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/configure-local-policy-overrides-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/configure-local-policy-overrides-microsoft-defender-antivirus.md
index 5a4dcf2b76..e9c99642d5 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/configure-local-policy-overrides-microsoft-defender-antivirus.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/configure-local-policy-overrides-microsoft-defender-antivirus.md
@@ -23,7 +23,7 @@ manager: dansimp
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 By default, Microsoft Defender Antivirus settings that are deployed via a Group Policy Object to the endpoints in your network will prevent users from locally changing the settings. You can change this in some instances.
 
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/configure-microsoft-defender-antivirus-features.md b/windows/security/threat-protection/microsoft-defender-antivirus/configure-microsoft-defender-antivirus-features.md
index 0e9715c7f7..a3d582510d 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/configure-microsoft-defender-antivirus-features.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/configure-microsoft-defender-antivirus-features.md
@@ -23,7 +23,7 @@ manager: dansimp
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 You can configure Microsoft Defender Antivirus with a number of tools, including:
 
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/configure-notifications-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/configure-notifications-microsoft-defender-antivirus.md
index ce2af4d4b6..609661e280 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/configure-notifications-microsoft-defender-antivirus.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/configure-notifications-microsoft-defender-antivirus.md
@@ -23,7 +23,7 @@ manager: dansimp
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 In Windows 10, application notifications about malware detection and remediation are more robust, consistent, and concise.
 
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/configure-process-opened-file-exclusions-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/configure-process-opened-file-exclusions-microsoft-defender-antivirus.md
index ae76a5bd9d..95de8ec073 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/configure-process-opened-file-exclusions-microsoft-defender-antivirus.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/configure-process-opened-file-exclusions-microsoft-defender-antivirus.md
@@ -22,7 +22,7 @@ manager: dansimp
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 You can exclude files that have been opened by specific processes from Microsoft Defender Antivirus scans. See [Recommendations for defining exclusions](configure-exclusions-microsoft-defender-antivirus.md#recommendations-for-defining-exclusions) before defining your exclusion lists.
 
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/configure-protection-features-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/configure-protection-features-microsoft-defender-antivirus.md
index 3d94d7776c..5e47aa185b 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/configure-protection-features-microsoft-defender-antivirus.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/configure-protection-features-microsoft-defender-antivirus.md
@@ -23,7 +23,7 @@ manager: dansimp
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 Microsoft Defender Antivirus uses several methods to provide threat protection:
 
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/configure-real-time-protection-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/configure-real-time-protection-microsoft-defender-antivirus.md
index d16426a613..83078c2db2 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/configure-real-time-protection-microsoft-defender-antivirus.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/configure-real-time-protection-microsoft-defender-antivirus.md
@@ -23,7 +23,7 @@ ms.custom: nextgen
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 Always-on protection consists of real-time protection, behavior monitoring, and heuristics to identify malware based on known suspicious and malicious activities.
 
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/configure-remediation-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/configure-remediation-microsoft-defender-antivirus.md
index ef93c95c0e..cc8fa8dec9 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/configure-remediation-microsoft-defender-antivirus.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/configure-remediation-microsoft-defender-antivirus.md
@@ -23,7 +23,7 @@ manager: dansimp
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 When Microsoft Defender Antivirus runs a scan, it will attempt to remediate or remove threats that it finds. You can configure how Microsoft Defender Antivirus should react to certain threats, whether it should create a restore point before remediating, and when it should remove remediated threats.
 
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/customize-run-review-remediate-scans-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/customize-run-review-remediate-scans-microsoft-defender-antivirus.md
index f482a524ba..0651cae7a7 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/customize-run-review-remediate-scans-microsoft-defender-antivirus.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/customize-run-review-remediate-scans-microsoft-defender-antivirus.md
@@ -23,7 +23,7 @@ manager: dansimp
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 You can use Group Policy, PowerShell, and Windows Management Instrumentation (WMI) to configure Microsoft Defender Antivirus scans. 
 
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/customize-run-review-remediate-scans-windows-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/customize-run-review-remediate-scans-windows-defender-antivirus.md
index f482a524ba..6b950c1ad9 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/customize-run-review-remediate-scans-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/customize-run-review-remediate-scans-windows-defender-antivirus.md
@@ -16,24 +16,24 @@ ms.reviewer:
 manager: dansimp
 ---
 
-# Customize, initiate, and review the results of Microsoft Defender Antivirus scans and remediation
+# Customize, initiate, and review the results of Microsoft Defender Antivirus scans & remediation
 
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 You can use Group Policy, PowerShell, and Windows Management Instrumentation (WMI) to configure Microsoft Defender Antivirus scans. 
 
 ## In this section
 
-Topic | Description
----|---
-[Configure and validate file, folder, and process-opened file exclusions in Microsoft Defender Antivirus scans](configure-exclusions-microsoft-defender-antivirus.md) | You can exclude files (including files modified by specified processes) and folders from on-demand scans, scheduled scans, and always-on real-time protection monitoring and scanning
-[Configure Microsoft Defender Antivirus scanning options](configure-advanced-scan-types-microsoft-defender-antivirus.md) | You can configure Microsoft Defender Antivirus to include certain types of email storage files, back-up or reparse points, and archived files (such as .zip files) in scans. You can also enable network file scanning
-[Configure remediation for scans](configure-remediation-microsoft-defender-antivirus.md) | Configure what Microsoft Defender Antivirus should do when it detects a threat, and how long quarantined files should be retained in the quarantine folder
-[Configure scheduled scans](scheduled-catch-up-scans-microsoft-defender-antivirus.md) | Set up recurring (scheduled) scans, including when they should run and whether they run as full or quick scans
-[Configure and run scans](run-scan-microsoft-defender-antivirus.md) | Run and configure on-demand scans using PowerShell, Windows Management Instrumentation, or individually on endpoints with the Windows Security app
-[Review scan results](review-scan-results-microsoft-defender-antivirus.md) | Review the results of scans using  Microsoft Endpoint Configuration Manager, Microsoft Intune, or the Windows Security app
+| Article | Description |
+|:---|:---|
+|[Configure and validate file, folder, and process-opened file exclusions in Microsoft Defender Antivirus scans](configure-exclusions-microsoft-defender-antivirus.md) | You can exclude files (including files modified by specified processes) and folders from on-demand scans, scheduled scans, and always-on real-time protection monitoring and scanning |
+|[Configure Microsoft Defender Antivirus scanning options](configure-advanced-scan-types-microsoft-defender-antivirus.md) | You can configure Microsoft Defender Antivirus to include certain types of email storage files, back-up or reparse points, and archived files (such as .zip files) in scans. You can also enable network file scanning |
+|[Configure remediation for scans](configure-remediation-microsoft-defender-antivirus.md) | Configure what Microsoft Defender Antivirus should do when it detects a threat, and how long quarantined files should be retained in the quarantine folder |
+|[Configure scheduled scans](scheduled-catch-up-scans-microsoft-defender-antivirus.md) | Set up recurring (scheduled) scans, including when they should run and whether they run as full or quick scans |
+|[Configure and run scans](run-scan-microsoft-defender-antivirus.md) | Run and configure on-demand scans using PowerShell, Windows Management Instrumentation, or individually on endpoints with the Windows Security app |
+|[Review scan results](review-scan-results-microsoft-defender-antivirus.md) | Review the results of scans using  Microsoft Endpoint Configuration Manager, Microsoft Intune, or the Windows Security app |
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/deploy-manage-report-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/deploy-manage-report-microsoft-defender-antivirus.md
index a6d053b389..5faf7d7a5b 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/deploy-manage-report-microsoft-defender-antivirus.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/deploy-manage-report-microsoft-defender-antivirus.md
@@ -23,7 +23,7 @@ manager: dansimp
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 You can deploy, manage, and report on Microsoft Defender Antivirus in a number of ways.
 
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/deploy-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/deploy-microsoft-defender-antivirus.md
index e66ebbd817..97eeac6ba1 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/deploy-microsoft-defender-antivirus.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/deploy-microsoft-defender-antivirus.md
@@ -23,7 +23,7 @@ manager: dansimp
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 Depending on the management tool you are using, you may need to specifically enable or configure Microsoft Defender Antivirus protection. 
 
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/deployment-vdi-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/deployment-vdi-microsoft-defender-antivirus.md
index ebce0895fc..3f783ede5b 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/deployment-vdi-microsoft-defender-antivirus.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/deployment-vdi-microsoft-defender-antivirus.md
@@ -22,7 +22,7 @@ manager: dansimp
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 In addition to standard on-premises or hardware configurations, you can also use Microsoft Defender Antivirus in a remote desktop (RDS) or virtual desktop infrastructure (VDI) environment.
 
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/detect-block-potentially-unwanted-apps-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/detect-block-potentially-unwanted-apps-microsoft-defender-antivirus.md
index 0c17ea1575..142782c145 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/detect-block-potentially-unwanted-apps-microsoft-defender-antivirus.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/detect-block-potentially-unwanted-apps-microsoft-defender-antivirus.md
@@ -23,7 +23,7 @@ manager: dansimp
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 - [Microsoft Edge](https://docs.microsoft.com/microsoft-edge/deploy/microsoft-edge)
 
 > [!NOTE]
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/evaluate-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/evaluate-microsoft-defender-antivirus.md
index d76667b2a1..6f1c2b1ce8 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/evaluate-microsoft-defender-antivirus.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/evaluate-microsoft-defender-antivirus.md
@@ -22,7 +22,7 @@ manager: dansimp
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 Use this guide to determine how well Microsoft Defender Antivirus protects you from viruses, malware, and potentially unwanted applications.
 
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/images/endpointmgr-antivirus-cloudprotection.png b/windows/security/threat-protection/microsoft-defender-antivirus/images/endpointmgr-antivirus-cloudprotection.png
new file mode 100644
index 0000000000..d9751a4953
Binary files /dev/null and b/windows/security/threat-protection/microsoft-defender-antivirus/images/endpointmgr-antivirus-cloudprotection.png differ
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/images/win-security- exp-policy-endpt-security.png b/windows/security/threat-protection/microsoft-defender-antivirus/images/win-security- exp-policy-endpt-security.png
new file mode 100644
index 0000000000..e4b306fd92
Binary files /dev/null and b/windows/security/threat-protection/microsoft-defender-antivirus/images/win-security- exp-policy-endpt-security.png differ
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/limited-periodic-scanning-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/limited-periodic-scanning-microsoft-defender-antivirus.md
index 9b9a68afc6..1edd31f232 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/limited-periodic-scanning-microsoft-defender-antivirus.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/limited-periodic-scanning-microsoft-defender-antivirus.md
@@ -24,7 +24,7 @@ manager: dansimp
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 Limited periodic scanning is a special type of threat detection and remediation that can be enabled when you have installed another antivirus product on a Windows 10 device.
 
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/manage-event-based-updates-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/manage-event-based-updates-microsoft-defender-antivirus.md
index 2a22aeb079..efb0cb995d 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/manage-event-based-updates-microsoft-defender-antivirus.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/manage-event-based-updates-microsoft-defender-antivirus.md
@@ -23,7 +23,7 @@ manager: dansimp
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 Microsoft Defender Antivirus allows you to determine if updates should (or should not) occur after certain events, such as at startup or after receiving specific reports from the cloud-delivered protection service.
 
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/manage-outdated-endpoints-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/manage-outdated-endpoints-microsoft-defender-antivirus.md
index ab04442450..b6b1f9f8bb 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/manage-outdated-endpoints-microsoft-defender-antivirus.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/manage-outdated-endpoints-microsoft-defender-antivirus.md
@@ -23,7 +23,7 @@ manager: dansimp
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 Microsoft Defender Antivirus lets you define how long an endpoint can avoid an update or how many scans it can miss before it is required to update and scan itself. This is especially useful in environments where devices are not often connected to a corporate or external network, or devices that are not used on a daily basis.
 
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/manage-protection-update-schedule-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/manage-protection-update-schedule-microsoft-defender-antivirus.md
index 9565e809a3..c9d0582201 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/manage-protection-update-schedule-microsoft-defender-antivirus.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/manage-protection-update-schedule-microsoft-defender-antivirus.md
@@ -24,7 +24,7 @@ manager: dansimp
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 Microsoft Defender Antivirus lets you determine when it should look for and download updates.
 
@@ -61,10 +61,10 @@ You can also randomize the times when each endpoint checks and downloads protect
 
 4.  Click **Policies** then **Administrative templates**.
 
-5.  Expand the tree to **Windows components > Microsoft Defender Antivirus > Signature Updates** and configure the following settings:
+5.  Expand the tree to **Windows components** > **Microsoft Defender Antivirus** > **Signature Intelligence Updates** and configure the following settings:
 
-    1.  Double-click the **Specify the interval to check for security intelligence updates** setting and set the option to **Enabled**. Enter the number of hours between updates. Click **OK**.
-    2. Double-click the **Specify the day of the week to check for security intelligence updates** setting and set the option to **Enabled**. Enter the day of the week to check for updates. Click **OK**.
+    1. Double-click the **Specify the day of the week to check for security intelligence updates** setting and set the option to **Enabled**. Enter the day of the week to check for updates. Click **OK**.
+    2. Double-click the **Specify the interval to check for security intelligence updates** setting and set the option to **Enabled**. Enter the number of hours between updates. Click **OK**.
     3. Double-click the **Specify the time to check for security intelligence updates** setting and set the option to **Enabled**. Enter the time when updates should be checked. The time is based on the local time of the endpoint. Click **OK**.
 
 
@@ -103,8 +103,3 @@ See the following for more information and allowed parameters:
 - [Manage updates for mobile devices and virtual machines (VMs)](manage-updates-mobile-devices-vms-microsoft-defender-antivirus.md)
 - [Microsoft Defender Antivirus in Windows 10](microsoft-defender-antivirus-in-windows-10.md)
 
-
-
-
-
-
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/manage-updates-baselines-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/manage-updates-baselines-microsoft-defender-antivirus.md
index ff2517f391..534f46eef6 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/manage-updates-baselines-microsoft-defender-antivirus.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/manage-updates-baselines-microsoft-defender-antivirus.md
@@ -13,7 +13,7 @@ ms.author: deniseb
 ms.custom: nextgen
 ms.reviewer: 
 manager: dansimp
-ms.date: 09/28/2020
+ms.date: 10/21/2020
 ---
 
 # Manage Microsoft Defender Antivirus updates and apply baselines
@@ -23,7 +23,7 @@ ms.date: 09/28/2020
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 There are two types of updates related to keeping Microsoft Defender Antivirus up to date:
 
@@ -33,8 +33,7 @@ There are two types of updates related to keeping Microsoft Defender Antivirus u
 > [!IMPORTANT]
 > Keeping Microsoft Defender Antivirus up to date is critical to assure your devices have the latest technology and features needed to protect against new malware and attack techniques.  
 > This also applies to devices where Microsoft Defender Antivirus is running in [passive mode](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-antivirus/microsoft-defender-antivirus-compatibility).
-
-> [!NOTE]
+> 
 > You can use the below URL to find out what are the current versions:
 > [https://www.microsoft.com/security/encyclopedia/adlpackages.aspx?action=info](https://www.microsoft.com/security/encyclopedia/adlpackages.aspx?action=info)
 
@@ -47,48 +46,55 @@ Microsoft Defender Antivirus uses [cloud-delivered protection](utilize-microsoft
 > Microsoft Defender Antivirus: KB2267602  
 > System Center Endpoint Protection: KB2461484
 
-The cloud-delivered protection is always on and requires an active connection to the Internet to function, while the security intelligence updates occur on a scheduled cadence (configurable via policy). See the [Utilize Microsoft cloud-provided protection in Microsoft Defender Antivirus](utilize-microsoft-cloud-protection-microsoft-defender-antivirus.md) topic for more details about enabling and configuring cloud-provided protection. 
+Cloud-delivered protection is always on and requires an active connection to the Internet to function. Security intelligence updates occur on a scheduled cadence (configurable via policy). For more information, see [Use Microsoft cloud-provided protection in Microsoft Defender Antivirus](utilize-microsoft-cloud-protection-microsoft-defender-antivirus.md). 
 
-Engine updates are included with the security intelligence updates and are released on a monthly cadence.
+Engine updates are included with security intelligence updates and are released on a monthly cadence.
 
 ## Product updates
 
-Microsoft Defender Antivirus requires [monthly updates (KB4052623)](https://support.microsoft.com/help/4052623/update-for-windows-defender-antimalware-platform) (known as "platform updates"), and will receive major feature updates alongside Windows 10 releases.
+Microsoft Defender Antivirus requires [monthly updates (KB4052623)](https://support.microsoft.com/help/4052623/update-for-windows-defender-antimalware-platform) (known as *platform updates*), and will receive major feature updates alongside Windows 10 releases.
+
+You can manage the distribution of updates through one of the following methods: 
+
+- [Windows Server Update Service (WSUS)](https://docs.microsoft.com/mem/configmgr/protect/deploy-use/endpoint-definitions-wsus#to-synchronize-endpoint-protection-definition-updates-in-standalone-wsus)
+- [Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/configmgr/sum/understand/software-updates-introduction)
+- The usual method you use to deploy Microsoft and Windows updates to endpoints in your network.
 
-You can manage the distribution of updates through [Windows Server Update Service (WSUS)](https://docs.microsoft.com/mem/configmgr/protect/deploy-use/endpoint-definitions-wsus#to-synchronize-endpoint-protection-definition-updates-in-standalone-wsus), with [Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/configmgr/sum/understand/software-updates-introduction), or in the normal manner that you deploy Microsoft and Windows updates to endpoints in your network.
 For more information, see [Manage the sources for Microsoft Defender Antivirus protection updates](https://docs.microsoft.com/mem/configmgr/protect/deploy-use/endpoint-definitions-wsus#to-synchronize-endpoint-protection-definition-updates-in-standalone-wsus).
 
 > [!NOTE]
-> We release these monthly updates in phases. This results in multiple packages showing up in your WSUS server.
+> We release these monthly updates in phases. This results in multiple packages visible in your WSUS server.
 
 ## Monthly platform and engine versions
 
-For information how to update or how to install the platform update, please see [Update for Windows Defender antimalware platform](https://support.microsoft.com/help/4052623/update-for-windows-defender-antimalware-platform).
+For information how to update or how to install the platform update, see [Update for Windows Defender antimalware platform](https://support.microsoft.com/help/4052623/update-for-windows-defender-antimalware-platform).
 
 All our updates contain:
-* performance improvements
-* serviceability improvements
-* integration improvements (Cloud, MTP)  
+- performance improvements
+- serviceability improvements
+- integration improvements (Cloud, Microsoft 365 Defender)  
 <br/>
+
+
 <details>
-<summary> September-2020 (Platform: 4.18.2009.X | Engine: 1.1.17500.4)</summary>
+<summary> September-2020 (Platform: 4.18.2009.7 | Engine: 1.1.17500.4)</summary>
 
 &ensp;Security intelligence update version: **1.325.10.0**  
 &ensp;Released: **October 01, 2020**  
-&ensp;Platform: **4.18.2009.X**  
+&ensp;Platform: **4.18.2009.7**  
 &ensp;Engine: **1.1.17500.4**  
 &ensp;Support phase: **Security and Critical Updates**
     
 ### What's new
-*Admin permissions are required to restore files in quarantine
-*XML formatted events are now supported
-*CSP support for ignoring exclusion merge
-*New management interfaces for:
-+UDP Inspection
-+Network Protection on Server 2019
-+IP Address exclusions for Network Protection
-*Improved visibility into TPM measurements
-*Improved Office VBA module scanning
+- Admin permissions are required to restore files in quarantine
+- XML formatted events are now supported
+- CSP support for ignoring exclusion merge
+- New management interfaces for:
+   - UDP Inspection
+   - Network Protection on Server 2019
+   - IP Address exclusions for Network Protection
+- Improved visibility into TPM measurements
+- Improved Office VBA module scanning
 
 ### Known Issues
 No known issues  
@@ -104,11 +110,14 @@ No known issues
 &ensp;Support phase: **Security and Critical Updates**
     
 ### What's new
-* Add more telemetry events
-* Improved scan event telemetry
-* Improved behavior monitoring for memory scans
-* Improved macro streams scanning
-* Added "AMRunningMode" to Get-MpComputerStatus PowerShell CmdLet
+
+- Add more telemetry events
+- Improved scan event telemetry
+- Improved behavior monitoring for memory scans
+- Improved macro streams scanning
+- Added `AMRunningMode` to Get-MpComputerStatus PowerShell cmdlet
+- [DisableAntiSpyware](https://docs.microsoft.com/windows-hardware/customize/desktop/unattend/security-malware-windows-defender-disableantispyware) is ignored. Microsoft Defender Antivirus automatically turns itself off when it detects another antivirus program.
+
 
 ### Known Issues
 No known issues  
@@ -188,7 +197,7 @@ No known issues
     
 ### What's new
 * WDfilter improvements
-* Add more actionable event data to ASR detection events
+* Add more actionable event data to attack surface reduction detection events
 * Fixed version information in diagnostic data and WMI
 * Fixed incorrect platform version in UI after platform update
 * Dynamic URL intel for Fileless threat protection
@@ -213,7 +222,7 @@ No known issues
 
 * CPU Throttling option added to [MpCmdRun](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-antivirus/command-line-arguments-microsoft-defender-antivirus)
 * Improve diagnostic capability
-* reduce Security intelligence timeout (5min)
+* reduce Security intelligence timeout (5 min)
 * Extend AMSI engine internal log capability
 * Improve notification for process blocking
    
@@ -293,8 +302,7 @@ When this update is installed, the device needs the jump package 4.10.2001.10 to
 </details>
 
 ## Microsoft Defender Antivirus platform support
-As stated above, platform and engine updates are provided on a monthly cadence.
-Customers must stay current with the latest platform update to be fully supported. Our support structure is now dynamic, evolving into two phases depending on the availability of the latest platform version:
+Platform and engine updates are provided on a monthly cadence. To be fully supported, keep current with the latest platform updates. Our support structure is dynamic, evolving into two phases depending on the availability of the latest platform version:
 
 
 * **Security and Critical Updates servicing phase** - When running the latest platform version, you will be eligible to receive both Security and Critical updates to the anti-malware platform.
@@ -311,6 +319,7 @@ The below table provides the Microsoft Defender Antivirus platform and engine ve
 
 |Windows 10 release  |Platform version  |Engine version |Support phase |
 |-|-|-|-|
+|2004  (20H1) |4.18.2004.6 |1.1.17000.2 | Technical upgrade Support (Only) |
 |1909  (19H2) |4.18.1902.5 |1.1.16700.3 | Technical upgrade Support (Only) |
 |1903  (19H1) |4.18.1902.5 |1.1.15600.4 | Technical upgrade Support (Only) |
 |1809  (RS5) |4.18.1807.18075 |1.1.15000.2 | Technical upgrade Support (Only) |
@@ -322,12 +331,12 @@ The below table provides the Microsoft Defender Antivirus platform and engine ve
 Windows 10 release info: [Windows lifecycle fact sheet](https://support.microsoft.com/help/13853/windows-lifecycle-fact-sheet).
 
 
-## In this section
+## See also
 
 Article | Description 
 ---|---
 [Manage how protection updates are downloaded and applied](manage-protection-updates-microsoft-defender-antivirus.md) | Protection updates can be delivered through a number of sources.
 [Manage when protection updates should be downloaded and applied](manage-protection-update-schedule-microsoft-defender-antivirus.md) | You can schedule when protection updates should be downloaded.
-[Manage updates for endpoints that are out of date](manage-outdated-endpoints-microsoft-defender-antivirus.md) | If an endpoint misses an update or scheduled scan, you can force an update or scan at the next log on.
+[Manage updates for endpoints that are out of date](manage-outdated-endpoints-microsoft-defender-antivirus.md) | If an endpoint misses an update or scheduled scan, you can force an update or scan at the next logon.
 [Manage event-based forced updates](manage-event-based-updates-microsoft-defender-antivirus.md) | You can set protection updates to be downloaded at startup or after certain cloud-delivered protection events.
 [Manage updates for mobile devices and virtual machines (VMs)](manage-updates-mobile-devices-vms-microsoft-defender-antivirus.md)| You can specify settings, such as whether updates should occur on battery power, that are especially useful for mobile devices and virtual machines.
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/manage-updates-mobile-devices-vms-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/manage-updates-mobile-devices-vms-microsoft-defender-antivirus.md
index 06525a035e..fbbf677933 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/manage-updates-mobile-devices-vms-microsoft-defender-antivirus.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/manage-updates-mobile-devices-vms-microsoft-defender-antivirus.md
@@ -23,7 +23,7 @@ manager: dansimp
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 Mobile devices and VMs may require additional configuration to ensure performance is not impacted by updates.
 
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/microsoft-defender-antivirus-compatibility.md b/windows/security/threat-protection/microsoft-defender-antivirus/microsoft-defender-antivirus-compatibility.md
index 74c6ee2735..a89853180f 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/microsoft-defender-antivirus-compatibility.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/microsoft-defender-antivirus-compatibility.md
@@ -23,7 +23,7 @@ ms.date: 09/28/2020
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 ## Overview
 
@@ -77,7 +77,7 @@ The following table summarizes the functionality and features that are available
 |Automatic disabled mode  |No |Yes |No |No |No |
 
 - In Active mode, Microsoft Defender Antivirus is used as the antivirus app on the machine. All configuration made with Configuration Manager, Group Policy, Intune, or other management products will apply. Files are scanned and threats remediated, and detection information are reported in your configuration tool (such as Configuration Manager or the Microsoft Defender Antivirus app on the machine itself).
-- In Passive mode, Microsoft Defender Antivirus is not used as the antivirus app, and threats are not remediated by Microsoft Defender Antivirus. Files are scanned and reports are provided for threat detections which are shared with the Microsoft Defender ATP service.
+- In Passive mode, Microsoft Defender Antivirus is not used as the antivirus app, and threats are not remediated by Microsoft Defender Antivirus. Files are scanned and reports are provided for threat detections which are shared with the Microsoft Defender ATP service. Therefore, you might encounter alerts in the Security Center console with Microsoft Defender Antivirus as a source, even when Microsoft Defender Antivirus is in Passive mode.
 - When [EDR in block mode](../microsoft-defender-atp/edr-in-block-mode.md) (currently in private preview) is turned on, Microsoft Defender Antivirus is not used as the primary antivirus solution, but can still detect and remediate malicious items.
 - In Automatic disabled mode, Microsoft Defender Antivirus is not used as the antivirus app. Files are not scanned and threats are not remediated.
 
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/microsoft-defender-offline.md b/windows/security/threat-protection/microsoft-defender-antivirus/microsoft-defender-offline.md
index d2e1ac4fe4..355705569c 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/microsoft-defender-offline.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/microsoft-defender-offline.md
@@ -22,7 +22,7 @@ manager: dansimp
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 Microsoft Defender Offline is an antimalware scanning tool that lets you boot and run a scan from a trusted environment. The scan runs from outside the normal Windows kernel so it can target malware that attempts to bypass the Windows shell, such as viruses and rootkits that infect or overwrite the master boot record (MBR).
 
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/microsoft-defender-security-center-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/microsoft-defender-security-center-antivirus.md
index a6e9c4aa01..75153c281f 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/microsoft-defender-security-center-antivirus.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/microsoft-defender-security-center-antivirus.md
@@ -22,7 +22,7 @@ manager: dansimp
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 In Windows 10, version 1703 and later, the Windows Defender app is part of the Windows Security.
 
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md b/windows/security/threat-protection/microsoft-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md
index 6b6a753cf0..6cc3ece08f 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md
@@ -1,6 +1,6 @@
 ---
 title: Protect security settings with tamper protection
-ms.reviewer: 
+ms.reviewer: shwjha, hayhov
 manager: dansimp
 description: Use tamper protection to prevent malicious apps from changing important security settings.
 keywords: malware, defender, antivirus, tamper protection
@@ -14,7 +14,7 @@ audience: ITPro
 author: denisebmsft
 ms.author: deniseb
 ms.custom: nextgen
-ms.date: 08/31/2020
+ms.date: 10/14/2020
 ---
 
 # Protect security settings with tamper protection
@@ -25,6 +25,7 @@ ms.date: 08/31/2020
 **Applies to:**
 
 - Windows 10
+- Windows Server 2019 (if using tenant attach with [Configuration Manager, version 2006](#manage-tamper-protection-with-configuration-manager-version-2006))
 
 ## Overview
 
@@ -41,7 +42,7 @@ With tamper protection, malicious apps are prevented from taking actions such as
 
 ### How it works
 
- Tamper protection essentially locks Microsoft Defender Antivirus and prevents your security settings from being changed through apps and methods such as:
+Tamper protection essentially locks Microsoft Defender Antivirus and prevents your security settings from being changed through apps and methods such as:
 
 - Configuring settings in Registry Editor on your Windows machine
 - Changing settings through PowerShell cmdlets
@@ -54,6 +55,7 @@ Tamper protection doesn't prevent you from viewing your security settings. And,
 1. Turn tamper protection on <br/>
     - [For an individual machine, use Windows Security](#turn-tamper-protection-on-or-off-for-an-individual-machine).
     - [For your organization, use Intune](#turn-tamper-protection-on-or-off-for-your-organization-using-intune).
+    - [Use tenant attach with Configuration Manager, version 2006, for devices running Windows 10 or Windows Server 2019](#manage-tamper-protection-with-configuration-manager-version-2006)
 
 2. [View information about tampering attempts](#view-information-about-tampering-attempts).
 
@@ -121,10 +123,38 @@ If you are using Windows 10 OS [1709](https://docs.microsoft.com/windows/release
 
 1. Open the Windows PowerShell app.
 
-2. Use the [Get-MpComputerStatus](https://docs.microsoft.com/powershell/module/defender/get-mpcomputerstatus?view=win10-ps) PowerShell cmdlet.
+2. Use the [Get-MpComputerStatus](https://docs.microsoft.com/powershell/module/defender/get-mpcomputerstatus?view=win10-ps&preserve-view=true) PowerShell cmdlet.
 
 3. In the list of results, look for `IsTamperProtected`. (A value of *true* means tamper protection is enabled.)
 
+## Manage tamper protection with Configuration Manager, version 2006
+
+> [!IMPORTANT]
+> The procedure can be used to extend tamper protection to devices running Windows 10 and Windows Server 2019. Make sure to review the prerequisites and other information in the resources mentioned in this procedure.
+
+If you're using [version 2006 of Configuration Manager](https://docs.microsoft.com/mem/configmgr/core/plan-design/changes/whats-new-in-version-2006), you can manage tamper protection settings on Windows 10 and Windows Server 2019 using tenant attach. Tenant attach enables you to sync your on-premises-only Configuration Manager devices into the Microsoft Endpoint Manager admin center, and then deliver your endpoint security configuration policies to your on-premises collections & devices.
+
+1. Set up tenant attach. See [Microsoft Endpoint Manager tenant attach: Device sync and device actions](https://docs.microsoft.com/mem/configmgr/tenant-attach/device-sync-actions).
+
+2. In the [Microsoft Endpoint Manager admin center](https://go.microsoft.com/fwlink/?linkid=2109431), go to **Endpoint security** > **Antivirus**, and choose **+ Create Policy**.<br/> 
+
+   - In the **Platform** list, select **Windows 10 and Windows Server (ConfigMgr)**.  
+     
+   - In the **Profile** list, select **Windows Security experience (preview)**. <br/>
+   
+   The following screenshot illustrates how to create your policy:
+
+   :::image type="content" source="images/win-security- exp-policy-endpt-security.png" alt-text="Windows security experience in Endpoint Manager":::
+
+3. Deploy the policy to your device collection.
+
+Need help? See the following resources:
+
+- [Settings for the Windows Security experience profile in Microsoft Intune](https://docs.microsoft.com/mem/intune/protect/antivirus-security-experience-windows-settings)
+
+- [Tech Community Blog: Announcing Tamper Protection for Configuration Manager Tenant Attach clients](https://techcommunity.microsoft.com/t5/microsoft-endpoint-manager-blog/announcing-tamper-protection-for-configuration-manager-tenant/ba-p/1700246#.X3QLR5Ziqq8.linkedin)
+
+
 ## View information about tampering attempts
 
 Tampering attempts typically indicate bigger cyberattacks. Bad actors try to change security settings as a way to persist and stay undetected. If you're part of your organization's security team, you can view information about such attempts, and then take appropriate actions to mitigate threats.
@@ -133,7 +163,7 @@ When a tampering attempt is detected, an alert is raised in the [Microsoft Defen
 
 ![Microsoft Defender Security Center](images/tamperattemptalert.png)
 
-Using [endpoint detection and response](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/overview-endpoint-detection-response) and [advanced hunting](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-overview) capabilities in Microsoft Defender ATP, your security operations team can investigate and address such attempts.
+Using [endpoint detection and response](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/overview-endpoint-detection-response) and [advanced hunting](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-overview) capabilities in Microsoft Defender for Endpoint, your security operations team can investigate and address such attempts.
 
 ## Review your security recommendations
 
@@ -151,11 +181,9 @@ To learn more about Threat & Vulnerability Management, see [Threat & Vulnerabili
 
 ### To which Windows OS versions is configuring tamper protection is applicable?
 
-Windows 10 OS [1709](https://docs.microsoft.com/windows/release-information/status-windows-10-1709), [1803](https://docs.microsoft.com/windows/release-information/status-windows-10-1803), [1809](https://docs.microsoft.com/windows/release-information/status-windows-10-1809-and-windows-server-2019), or later together with [Microsoft Defender Advanced Threat Protection E5](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp).
+Windows 10 OS [1709](https://docs.microsoft.com/windows/release-information/status-windows-10-1709), [1803](https://docs.microsoft.com/windows/release-information/status-windows-10-1803), [1809](https://docs.microsoft.com/windows/release-information/status-windows-10-1809-and-windows-server-2019), or later together with [Microsoft Defender for Endpoint](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp).
 
-### Is configuring tamper protection in Intune supported on servers?
-
-No
+If you are using Configuration Manager, version 2006 with tenant attach, tamper protection can be extended to Windows Server 2019. See [Tenant attach: Create and deploy endpoint security Antivirus policy from the admin center (preview)](https://docs.microsoft.com/mem/configmgr/tenant-attach/deploy-antivirus-policy).
 
 ### Will tamper protection have any impact on third party antivirus registration?
 
@@ -163,13 +191,17 @@ No. Third-party antivirus offerings will continue to register with the Windows S
 
 ### What happens if Microsoft Defender Antivirus is not active on a device?
 
-Tamper protection will not have any impact on such devices.
+Devices that are onboarded to Microsoft Defender for Endpoint will have Microsoft Defender Antivirus running in passive mode. Tamper protection will continue to protect the service and its features. 
 
 ### How can I turn tamper protection on/off?
 
 If you are a home user, see [Turn tamper protection on (or off) for an individual machine](#turn-tamper-protection-on-or-off-for-an-individual-machine).
 
-If you are an organization using [Microsoft Defender ATP E5](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp), you should be able to manage tamper protection in Intune similar to how you manage other endpoint protection features. See [Turn tamper protection on (or off) for your organization using Intune](#turn-tamper-protection-on-or-off-for-your-organization-using-intune).
+If you are an organization using [Microsoft Defender for Endpoint](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp), you should be able to manage tamper protection in Intune similar to how you manage other endpoint protection features. See the following sections of this article: 
+
+- [Turn tamper protection on (or off) for your organization using Intune](#turn-tamper-protection-on-or-off-for-your-organization-using-intune)
+
+- [Manage tamper protection with Configuration Manager, version 2006](#manage-tamper-protection-with-configuration-manager-version-2006) 
 
 ### How does configuring tamper protection in Intune affect how I manage Microsoft Defender Antivirus through my group policy?
 
@@ -186,19 +218,19 @@ Some sample Microsoft Defender Antivirus settings:
   Computer Configuration\Administrative Templates\Windows Components\Microsoft Defender Antivirus\Real-time Protection\\<br />
   Value `DisableRealtimeMonitoring` = 0
 
-### For Microsoft Defender ATP E5, is configuring tamper protection in Intune targeted to the entire organization only?
+### For Microsoft Defender for Endpoint, is configuring tamper protection in Intune targeted to the entire organization only?
 
-Configuring tamper protection in Intune can be targeted to your entire organization as well as to specific devices and user groups.
+Configuring tamper protection in Intune or Microsoft Endpoint Manager can be targeted to your entire organization as well as to specific devices and user groups.
 
 ### Can I configure Tamper Protection in Microsoft Endpoint Configuration Manager?
 
-Currently we do not have support to manage Tamper Protection through Microsoft Endpoint Configuration Manager.
+If you are using tenant attach, you can use Microsoft Endpoint Configuration Manager. See [Manage tamper protection with Configuration Manager, version 2006](#manage-tamper-protection-with-configuration-manager-version-2006) and [Tech Community blog: Announcing Tamper Protection for Configuration Manager Tenant Attach clients](https://techcommunity.microsoft.com/t5/microsoft-endpoint-manager-blog/announcing-tamper-protection-for-configuration-manager-tenant/ba-p/1700246#.X3QLR5Ziqq8.linkedin).
 
 ### I have the Windows E3 enrollment. Can I use configuring tamper protection in Intune?
 
-Currently, configuring tamper protection in Intune is only available for customers who have [Microsoft Defender Advanced Threat Protection E5](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp).
+Currently, configuring tamper protection in Intune is only available for customers who have [Microsoft Defender for Endpoint](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp).
 
-### What happens if I try to change Microsoft Defender ATP settings in Intune, Microsoft Endpoint Configuration Manager, and Windows Management Instrumentation when Tamper Protection is enabled on a device?
+### What happens if I try to change Microsoft Defender for Endpoint settings in Intune, Microsoft Endpoint Configuration Manager, and Windows Management Instrumentation when Tamper Protection is enabled on a device?
 
 You won’t be able to change the features that are protected by tamper protection; such change requests are ignored.
 
@@ -206,9 +238,9 @@ You won’t be able to change the features that are protected by tamper protecti
 
 No. Local admins cannot change or modify tamper protection settings.
 
-### What happens if my device is onboarded with Microsoft Defender ATP and then goes into an off-boarded state?
+### What happens if my device is onboarded with Microsoft Defender for Endpoint and then goes into an off-boarded state?
 
-In this case, tamper protection status changes, and this feature is no longer applied.
+If a device is off-boarded from Microsoft Defender for Endpoint, tamper protection is turned on, which is the default state for unmanaged devices. 
 
 ### Will there be an alert about tamper protection status changing in the Microsoft Defender Security Center?
 
@@ -220,14 +252,10 @@ In addition, your security operations team can use hunting queries, such as the
 
 [View information about tampering attempts](#view-information-about-tampering-attempts).
 
-### Will there be a group policy setting for tamper protection?
-
-No.
-
-## Related articles
+## See also
 
 [Help secure Windows PCs with Endpoint Protection for Microsoft Intune](https://docs.microsoft.com/intune/help-secure-windows-pcs-with-endpoint-protection-for-microsoft-intune)
 
-[Get an overview of Microsoft Defender ATP E5](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp)
+[Get an overview of Microsoft Defender for Endpoint](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp)
 
-[Better together: Microsoft Defender Antivirus and Microsoft Defender Advanced Threat Protection](why-use-microsoft-defender-antivirus.md)
+[Better together: Microsoft Defender Antivirus and Microsoft Defender for Endpoint](why-use-microsoft-defender-antivirus.md)
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/prevent-end-user-interaction-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/prevent-end-user-interaction-microsoft-defender-antivirus.md
index c3358561d8..e12cd18d65 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/prevent-end-user-interaction-microsoft-defender-antivirus.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/prevent-end-user-interaction-microsoft-defender-antivirus.md
@@ -23,7 +23,7 @@ manager: dansimp
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 You can use Group Policy to prevent users on endpoints from seeing the Microsoft Defender Antivirus interface. You can also prevent them from pausing scans.
 
@@ -64,6 +64,9 @@ See [Prevent users from locally modifying policy settings](configure-local-polic
 
 You can prevent users from pausing scans, which can be helpful to ensure scheduled or on-demand scans are not interrupted by users.
 
+> [!NOTE]
+> This setting is not supported on Windows 10.
+
 ### Use Group Policy to prevent users from pausing a scan
 
 1. On your Group Policy management machine, open the [Group Policy Management Console](https://docs.microsoft.com/previous-versions/windows/desktop/gpmc/group-policy-management-console-portal), right-click the Group Policy Object you want to configure and click **Edit**.
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/report-monitor-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/report-monitor-microsoft-defender-antivirus.md
index 2705f9bf69..9b789e6a59 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/report-monitor-microsoft-defender-antivirus.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/report-monitor-microsoft-defender-antivirus.md
@@ -23,7 +23,7 @@ manager: dansimp
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 With Microsoft Defender Antivirus, you have several options for reviewing protection status and alerts. You can use Microsoft Endpoint Configuration Manager to [monitor Microsoft Defender Antivirus](https://docs.microsoft.com/configmgr/protect/deploy-use/monitor-endpoint-protection) or [create email alerts](https://docs.microsoft.com/configmgr/protect/deploy-use/endpoint-configure-alerts). Or, you can monitor protection using [Microsoft Intune](https://docs.microsoft.com/intune/introduction-intune).  
 
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/restore-quarantined-files-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/restore-quarantined-files-microsoft-defender-antivirus.md
index 19b05b9f87..e2ce17b208 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/restore-quarantined-files-microsoft-defender-antivirus.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/restore-quarantined-files-microsoft-defender-antivirus.md
@@ -23,7 +23,7 @@ manager: dansimp
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 If Microsoft Defender Antivirus is configured to detect and remediate threats on your device, Microsoft Defender Antivirus quarantines suspicious files. If you are certain a quarantined file is not a threat, you can restore it.
 
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/review-scan-results-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/review-scan-results-microsoft-defender-antivirus.md
index da893a1b8a..44079dd62b 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/review-scan-results-microsoft-defender-antivirus.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/review-scan-results-microsoft-defender-antivirus.md
@@ -23,7 +23,7 @@ manager: dansimp
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 After a Microsoft Defender Antivirus scan completes, whether it is an [on-demand](run-scan-microsoft-defender-antivirus.md) or [scheduled scan](scheduled-catch-up-scans-microsoft-defender-antivirus.md), the results are recorded and you can view the results. 
 
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/run-scan-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/run-scan-microsoft-defender-antivirus.md
index 84a2edacf5..04914ca837 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/run-scan-microsoft-defender-antivirus.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/run-scan-microsoft-defender-antivirus.md
@@ -23,7 +23,7 @@ manager: dansimp
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 You can run an on-demand scan on individual endpoints. These scans will start immediately, and you can define parameters for the scan, such as the location or type.
 
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/scheduled-catch-up-scans-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/scheduled-catch-up-scans-microsoft-defender-antivirus.md
index f176529dde..88da603710 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/scheduled-catch-up-scans-microsoft-defender-antivirus.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/scheduled-catch-up-scans-microsoft-defender-antivirus.md
@@ -23,7 +23,7 @@ manager: dansimp
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 > [!NOTE]
 > By default, Microsoft Defender Antivirus checks for an update 15 minutes before the time of any scheduled scans. You can [Manage the schedule for when protection updates should be downloaded and applied](manage-protection-update-schedule-microsoft-defender-antivirus.md) to override this default. 
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/troubleshoot-microsoft-defender-antivirus-when-migrating.md b/windows/security/threat-protection/microsoft-defender-antivirus/troubleshoot-microsoft-defender-antivirus-when-migrating.md
new file mode 100644
index 0000000000..09535418a1
--- /dev/null
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/troubleshoot-microsoft-defender-antivirus-when-migrating.md
@@ -0,0 +1,134 @@
+---
+title: Troubleshoot Microsoft Defender Antivirus while migrating from a third-party solution
+description: Troubleshoot common errors when migrating to Microsoft Defender Antivirus
+keywords: event, error code, logging, troubleshooting, microsoft defender antivirus, windows defender antivirus, migration
+search.product: eADQiWindows 10XVcnh
+ms.prod: w10
+ms.mktglfcycl: manage
+ms.sitesec: library
+ms.localizationpriority: medium
+author: martyav
+ms.author: v-maave
+ms.custom: nextgen
+ms.date: 09/11/2018
+ms.reviewer: 
+manager: dansimp
+---
+
+# Troubleshoot Microsoft Defender Antivirus while migrating from a third-party solution
+
+[!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
+
+**Applies to:**
+
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+
+You can find help here if you encounter issues while migrating from a third-party security solution to Microsoft Defender Antivirus.
+
+## Review event logs
+
+Open the Event viewer app by selecting the **Search** icon in the taskbar, and searching for *event viewer*.
+
+Information about Microsoft Defender Antivirus can be found under  **Applications and Services Logs** > **Microsoft** > **Windows** > **Windows Defender**. 
+
+From there, select **Open** underneath **Operational**.
+
+Selecting an event from the details pane will show you more information about an event in the lower pane, under the **General** and **Details** tabs.
+
+## Microsoft Defender Antivirus won't start
+
+This issue can manifest in the form of  several different event IDs, all of which have the same underlying cause.
+
+### Associated event IDs
+
+ Event ID | Log name | Description | Source
+-|-|-|-
+15 | Application | Updated Windows Defender status successfully to SECURITY_PRODUCT_STATE_OFF. | Security Center
+5007 | Microsoft-Windows-Windows Defender/Operational | Windows Defender Antivirus Configuration has changed.  If this is an unexpected event you should review the settings as this may be the result of malware.<br /><br />**Old value:** Default\IsServiceRunning = 0x0<br />**New value:** HKLM\SOFTWARE\Microsoft\Windows Defender\IsServiceRunning = 0x1 | Windows Defender
+5010 | Microsoft-Windows-Windows Defender/Operational | Windows Defender Antivirus scanning for spyware and other potentially unwanted software is disabled. | Windows Defender
+
+### How to tell if Microsoft Defender Antivirus won't start because a third-party antivirus is installed
+
+On a Windows 10 device, if you are not using Microsoft Defender Advanced Threat Protection (ATP), and you have a third-party antivirus installed, then Microsoft Defender Antivirus will be automatically turned off. If you are using Microsoft Defender ATP with a third-party antivirus installed, Microsoft Defender Antivirus will start in passive mode, with reduced functionality.
+
+> [!TIP]
+> The scenario just described applies only to Windows 10. Other versions of Windows have [different responses](microsoft-defender-antivirus-compatibility.md) to Microsoft Defender Antivirus being run alongside third-party security software.
+
+#### Use Services app to check if Microsoft Defender Antivirus is turned off
+
+To open the Services app, select the **Search** icon from the taskbar and search for *services*. You can also open the app from the command-line by typing *services.msc*.
+
+Information about Microsoft Defender Antivirus will be listed within the Services app under **Windows Defender** > **Operational**. The antivirus service name is *Windows Defender Antivirus Service*.
+
+While checking the app, you may see that *Windows Defender Antivirus Service* is set to manual — but when you try to start this service manually, you get a warning stating, *The Windows Defender Antivirus Service service on Local Computer started and then stopped. Some services stop automatically if they are not in use by other services or programs.*
+
+This indicates that Microsoft Defender Antivirus has been automatically turned off to preserve compatibility with a third-party antivirus.
+
+#### Generate a detailed report
+
+You can generate a detailed report about currently active group policies by opening a command prompt in **Run as admin** mode, then entering the following command:
+
+```powershell
+GPresult.exe /h gpresult.html
+```
+
+This will generate a report located at *./gpresult.html*. Open this file and you might see the following results, depending on how Microsoft Defender Antivirus was turned off.
+
+##### Group policy results
+
+##### If security settings are implemented via group policy (GPO) at the domain or local level, or though System center configuration manager (SCCM)
+
+Within the GPResults report, under the heading, *Windows Components/Windows Defender Antivirus*, you may see something like the following entry, indicating that Microsoft Defender Antivirus is turned off.
+
+Policy | Setting | Winning GPO
+-|-|-
+Turn off Windows Defender Antivirus | Enabled | Win10-Workstations
+
+###### If security settings are implemented via Group policy preference (GPP)
+
+Under the heading, *Registry item (Key path: HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender, Value name: DisableAntiSpyware)*, you may see something like the following entry, indicating that Microsoft Defender Antivirus is turned off.
+
+DisableAntiSpyware | -
+-|-
+Winning GPO | Win10-Workstations
+Result: Success | 
+**General** | 
+Action | Update
+**Properties** | 
+Hive | HKEY_LOCAL_MACHINE
+Key path | SOFTWARE\Policies\Microsoft\Windows Defender
+Value name | DisableAntiSpyware
+Value type | REG_DWORD
+Value data | 0x1 (1)
+
+###### If security settings are implemented via registry key
+
+The report may contain the following text, indicating that Microsoft Defender Antivirus is turned off:
+ 
+> Registry (regedit.exe)
+>
+> HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender
+> DisableAntiSpyware (dword) 1 (hex)
+
+###### If security settings are set in Windows or your Windows Server image
+
+Your imagining admin might have set the security policy, **[DisableAntiSpyware](https://docs.microsoft.com/windows-hardware/customize/desktop/unattend/security-malware-windows-defender-disableantispyware)**, locally via *GPEdit.exe*, *LGPO.exe*, or by modifying the registry in their task sequence. You can [configure a Trusted Image Identifier](https://docs.microsoft.com/windows-hardware/manufacture/desktop/configure-a-trusted-image-identifier-for-windows-defender) for Microsoft Defender Antivirus.
+
+### Turn Microsoft Defender Antivirus back on
+
+Microsoft Defender Antivirus will automatically turn on if no other antivirus is currently active. You'll need to turn the third-party antivirus completely off to ensure Microsoft Defender Antivirus can run with full functionality.
+
+> [!WARNING]
+> Solutions suggesting that you edit the *Windows Defender* start values for *wdboot*, *wdfilter*, *wdnisdrv*, *wdnissvc*, and *windefend* in  HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services are unsupported, and may force you to re-image your system.
+
+Passive mode is available if you start using Microsoft Defender ATP and a third-party antivirus together with Microsoft Defender Antivirus. Passive mode allows Microsoft Defender to scan files and update itself, but it will not remediate threats. In addition, behavior monitoring via [Real Time Protection](configure-real-time-protection-microsoft-defender-antivirus.md) is not available under passive mode, unless [Endpoint data loss prevention (DLP)](../microsoft-defender-atp/information-protection-in-windows-overview.md) is deployed.
+
+Another feature, known as [limited periodic scanning](limited-periodic-scanning-microsoft-defender-antivirus.md), is available to end-users when Microsoft Defender Antivirus is set to automatically turn off. This feature allows Microsoft Defender Antivirus to scan files periodically alongside a third-party antivirus, using a limited number of detections.
+
+> [!IMPORTANT]
+> Limited periodic scanning is not recommended in enterprise environments. The detection, management and reporting capabilities available when running Microsoft Defender Antivirus in this mode are reduced as compared to active mode.
+
+### See also
+
+* [Microsoft Defender Antivirus compatibility](microsoft-defender-antivirus-compatibility.md)
+* [Microsoft Defender Antivirus in the Windows Security app](microsoft-defender-security-center-antivirus.md)
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/troubleshoot-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/troubleshoot-microsoft-defender-antivirus.md
index bebdd997f5..5448d13ec7 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/troubleshoot-microsoft-defender-antivirus.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/troubleshoot-microsoft-defender-antivirus.md
@@ -22,7 +22,7 @@ manager: dansimp
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 If you encounter a problem with Microsoft Defender Antivirus, you can search the tables in this topic to find a matching issue and potential solution.
 
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/troubleshoot-reporting.md b/windows/security/threat-protection/microsoft-defender-antivirus/troubleshoot-reporting.md
index 936180ce74..a66172ee17 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/troubleshoot-reporting.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/troubleshoot-reporting.md
@@ -22,7 +22,7 @@ manager: dansimp
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 > [!IMPORTANT]
 > On March 31, 2020, the Microsoft Defender Antivirus reporting feature of Update Compliance will be removed. You can continue to define and review security compliance policies using [Microsoft Endpoint Manager](https://www.microsoft.com/microsoft-365/microsoft-endpoint-manager), which allows finer control over security features and updates.
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/use-group-policy-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/use-group-policy-microsoft-defender-antivirus.md
index 1a87a09ee4..898e5fcc09 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/use-group-policy-microsoft-defender-antivirus.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/use-group-policy-microsoft-defender-antivirus.md
@@ -22,7 +22,7 @@ manager: dansimp
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 You can use [Group Policy](https://msdn.microsoft.com/library/ee663280(v=vs.85).aspx) to configure and manage Microsoft Defender Antivirus on your endpoints.
 
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/use-intune-config-manager-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/use-intune-config-manager-microsoft-defender-antivirus.md
index b32ee0bc06..d52bd64acd 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/use-intune-config-manager-microsoft-defender-antivirus.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/use-intune-config-manager-microsoft-defender-antivirus.md
@@ -23,7 +23,7 @@ manager: dansimp
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 If you are using Microsoft Endpoint Configuration Manager or Microsoft Intune to manage the endpoints on your network, you can also use them to manage Microsoft Defender Antivirus scans.
 
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/use-powershell-cmdlets-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/use-powershell-cmdlets-microsoft-defender-antivirus.md
index 3dc5e33650..ae51436faa 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/use-powershell-cmdlets-microsoft-defender-antivirus.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/use-powershell-cmdlets-microsoft-defender-antivirus.md
@@ -23,7 +23,7 @@ manager: dansimp
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 You can use PowerShell to perform various functions in Windows Defender. Similar to the command prompt or command line, PowerShell is a task-based command-line shell and scripting language designed especially for system administration. You can read more about it at the [PowerShell hub on MSDN](https://docs.microsoft.com/previous-versions/msdn10/mt173057(v=msdn.10)).
 
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/use-wmi-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/use-wmi-microsoft-defender-antivirus.md
index a517c3bd60..6b486451ae 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/use-wmi-microsoft-defender-antivirus.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/use-wmi-microsoft-defender-antivirus.md
@@ -23,7 +23,7 @@ manager: dansimp
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 Windows Management Instrumentation (WMI) is a scripting interface that allows you to retrieve, modify, and update settings.
 
diff --git a/windows/security/threat-protection/microsoft-defender-application-guard/configure-md-app-guard.md b/windows/security/threat-protection/microsoft-defender-application-guard/configure-md-app-guard.md
index 121ed70fbe..aa6d77cbd0 100644
--- a/windows/security/threat-protection/microsoft-defender-application-guard/configure-md-app-guard.md
+++ b/windows/security/threat-protection/microsoft-defender-application-guard/configure-md-app-guard.md
@@ -17,7 +17,7 @@ ms.custom: asr
 # Configure Microsoft Defender Application Guard policy settings
 
 **Applies to:** 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 Microsoft Defender Application Guard (Application Guard) works with Group Policy to help you manage your organization's computer settings. By using Group Policy, you can configure a setting once, and then copy it onto many computers. For example, you can set up multiple security settings in a GPO, which is linked to a domain, and then apply all those settings to every computer in the domain.
 
diff --git a/windows/security/threat-protection/microsoft-defender-application-guard/install-md-app-guard.md b/windows/security/threat-protection/microsoft-defender-application-guard/install-md-app-guard.md
index 8aba080ae4..1903c17792 100644
--- a/windows/security/threat-protection/microsoft-defender-application-guard/install-md-app-guard.md
+++ b/windows/security/threat-protection/microsoft-defender-application-guard/install-md-app-guard.md
@@ -8,7 +8,7 @@ ms.pagetype: security
 ms.localizationpriority: medium
 author: denisebmsft
 ms.author: deniseb
-ms.date: 02/19/2019
+ms.date: 10/21/2020
 ms.reviewer: 
 manager: dansimp
 ms.custom: asr
@@ -17,7 +17,7 @@ ms.custom: asr
 # Prepare to install Microsoft Defender Application Guard
 
 **Applies to:**
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 ## Review system requirements
  
diff --git a/windows/security/threat-protection/microsoft-defender-application-guard/test-scenarios-md-app-guard.md b/windows/security/threat-protection/microsoft-defender-application-guard/test-scenarios-md-app-guard.md
index 1b3e19b06b..6ffce8a986 100644
--- a/windows/security/threat-protection/microsoft-defender-application-guard/test-scenarios-md-app-guard.md
+++ b/windows/security/threat-protection/microsoft-defender-application-guard/test-scenarios-md-app-guard.md
@@ -18,7 +18,7 @@ ms.custom: asr
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 We've come up with a list of scenarios that you can use to test hardware-based isolation in your organization.
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/access-mssp-portal.md b/windows/security/threat-protection/microsoft-defender-atp/access-mssp-portal.md
index acb5350c34..b6e3f60ba0 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/access-mssp-portal.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/access-mssp-portal.md
@@ -24,7 +24,7 @@ ms.topic: article
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-mssp-support-abovefoldlink)
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/add-or-remove-machine-tags.md b/windows/security/threat-protection/microsoft-defender-atp/add-or-remove-machine-tags.md
index 3ef821e164..0fb5352742 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/add-or-remove-machine-tags.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/add-or-remove-machine-tags.md
@@ -21,7 +21,7 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 
-**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 - Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/advanced-features.md b/windows/security/threat-protection/microsoft-defender-atp/advanced-features.md
index 16e7db9ecf..938309f9f2 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/advanced-features.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/advanced-features.md
@@ -24,7 +24,7 @@ ms.topic: article
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-advancedfeats-abovefoldlink)
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-assignedipaddress-function.md b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-assignedipaddress-function.md
new file mode 100644
index 0000000000..f533aa5473
--- /dev/null
+++ b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-assignedipaddress-function.md
@@ -0,0 +1,80 @@
+---
+title: AssignedIPAddresses() function in advanced hunting for Microsoft Defender Advanced Threat Protection
+description: Learn how to use the AssignedIPAddresses() function to get the latest IP addresses assigned to a device 
+keywords: advanced hunting, threat hunting, cyber threat hunting, mdatp, Microsoft Defender ATP, Microsoft Defender Advanced Threat Protection, Windows Defender, Windows Defender ATP, Windows Defender Advanced Threat Protection, search, query, telemetry, schema reference, kusto, FileProfile, file profile, function, enrichment
+search.product: eADQiWindows 10XVcnh
+search.appverid: met150
+ms.prod: w10
+ms.mktglfcycl: deploy
+ms.sitesec: library
+ms.pagetype: security
+ms.author: lomayor
+author: lomayor
+ms.localizationpriority: medium
+manager: dansimp
+audience: ITPro
+ms.collection: M365-security-compliance 
+ms.topic: article
+ms.date: 09/20/2020
+---
+
+# AssignedIPAddresses()
+
+[!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
+
+**Applies to:**
+
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+
+Use the `AssignedIPAddresses()` function in your advanced hunting queries to quickly obtain the latest IP addresses that have been assigned to a device. If you specify a timestamp argument, this function obtains the most recent IP addresses at the specified time.
+
+This function returns a table with the following columns:
+
+Column | Data type | Description
+-|-|-
+`Timestamp` | datetime | Latest time when the device was observed using the IP address
+`IPAddress` | string | IP address used by the device
+`IPType` | string | Indicates whether the IP address is a public or private address
+`NetworkAdapterType` | int | Network adapter type used by the device that has been assigned the IP address. For the possible values, refer to [this enumeration](https://docs.microsoft.com/dotnet/api/system.net.networkinformation.networkinterfacetype)
+`ConnectedNetworks` | int | Networks that the adapter with the assigned IP address is connected to. Each JSON array contains the network name, category (public, private, or domain), a description, and a flag indicating if it's connected publicly to the internet
+
+## Syntax
+
+```kusto
+AssignedIPAddresses(x, y)
+```
+
+## Arguments
+
+- **x**—`DeviceId` or `DeviceName` value identifying the device
+- **y**—`Timestamp` (datetime) value instructing the function to obtain the most recent assigned IP addresses from a specific time. If not specified, the function returns the latest IP addresses.
+
+## Examples
+
+### Get the list of IP addresses used by a device 24 hours ago
+
+```kusto
+AssignedIPAddresses('example-device-name', ago(1d))
+```
+
+### Get IP addresses used by a device and find devices communicating with it
+
+This query uses the `AssignedIPAddresses()` function to get assigned IP addresses for the device (`example-device-name`) on or before a specific date (`example-date`). It then uses the IP addresses to find connections to the device initiated by other devices. 
+
+```kusto
+let Date = datetime(example-date);
+let DeviceName = "example-device-name";
+// List IP addresses used on or before the specified date
+AssignedIPAddresses(DeviceName, Date)
+| project DeviceName, IPAddress, AssignedTime = Timestamp 
+// Get all network events on devices with the assigned IP addresses as the destination addresses
+| join kind=inner DeviceNetworkEvents on $left.IPAddress == $right.RemoteIP
+// Get only network events around the time the IP address was assigned
+| where Timestamp between ((AssignedTime - 1h) .. (AssignedTime + 1h))
+```
+
+## Related topics
+
+- [Advanced hunting overview](advanced-hunting-overview.md)
+- [Learn the query language](advanced-hunting-query-language.md)
+- [Understand the schema](advanced-hunting-schema-reference.md)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-best-practices.md b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-best-practices.md
index 55a5df13d1..89bace1c01 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-best-practices.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-best-practices.md
@@ -13,7 +13,7 @@ author: lomayor
 ms.localizationpriority: medium
 manager: dansimp
 audience: ITPro
-ms.collection: M365-security-compliance 
+ms.collection: m365-security-compliance 
 ms.topic: article
 ---
 
@@ -21,14 +21,16 @@ ms.topic: article
 
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
-
 **Applies to:**
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-bestpractices-abovefoldlink)
 
 ## Optimize query performance
-Apply these recommendations to get results faster and avoid timeouts while running complex queries. 
+
+Apply these recommendations to get results faster and avoid timeouts while running complex queries.
+
 - When trying new queries, always use `limit` to avoid extremely large result sets. You can also initially assess the size of the result set using `count`.
 - Use time filters first. Ideally, limit your queries to seven days.
 - Put filters that are expected to remove most of the data in the beginning of the query, right after the time filter.
@@ -43,6 +45,7 @@ Apply these recommendations to get results faster and avoid timeouts while runni
 ## Query tips and pitfalls
 
 ### Queries with process IDs
+
 Process IDs (PIDs) are recycled in Windows and reused for new processes. On their own, they can't serve as unique identifiers for specific processes. To get a unique identifier for a process on a specific device, use the process ID together with the process creation time. When you join or summarize data around processes, include columns for the device identifier (either `DeviceId` or `DeviceName`), the process ID (`ProcessId` or `InitiatingProcessId`), and the process creation time (`ProcessCreationTime` or `InitiatingProcessCreationTime`).
 
 The following example query finds processes that access more than 10 IP addresses over port 445 (SMB), possibly scanning for file shares.
@@ -57,6 +60,7 @@ DeviceNetworkEvents
 The query summarizes by both `InitiatingProcessId` and `InitiatingProcessCreationTime` so that it looks at a single process, without mixing multiple processes with the same process ID.
 
 ### Queries with command lines
+
 Command lines can vary. When applicable, filter on file names and do fuzzy matching.
 
 There are numerous ways to construct a command line to accomplish a task. For example, an attacker could reference an image file with or without a path, without a file extension, using environment variables, or with quotes. In addition, the attacker could also change the order of parameters or add multiple quotes and spaces.
@@ -87,9 +91,12 @@ DeviceProcessEvents
 | where CanonicalCommandLine contains "stop" and CanonicalCommandLine contains "MpsSvc" 
 ```
 
->Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-bestpractices-belowfoldlink)
+> Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-bestpractices-belowfoldlink)
 
 ## Related topics
+
 - [Advanced hunting overview](advanced-hunting-overview.md)
 - [Learn the query language](advanced-hunting-query-language.md)
 - [Understand the schema](advanced-hunting-schema-reference.md)
+- [Work with query results](advanced-hunting-query-results.md)
+- [Custom detections overview](overview-custom-detections.md)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicealertevents-table.md b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicealertevents-table.md
index 80b4736768..d8fa5a458c 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicealertevents-table.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicealertevents-table.md
@@ -25,7 +25,7 @@ ms.date: 01/22/2020
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-advancedhuntingref-abovefoldlink)
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-deviceevents-table.md b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-deviceevents-table.md
index 33fbf6118f..191dcbcb0e 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-deviceevents-table.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-deviceevents-table.md
@@ -24,7 +24,7 @@ ms.topic: article
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-advancedhuntingref-abovefoldlink)
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicefilecertificateinfo-table.md b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicefilecertificateinfo-table.md
index e5a328a9db..427c9164c2 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicefilecertificateinfo-table.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicefilecertificateinfo-table.md
@@ -25,7 +25,7 @@ ms.date: 01/14/2020
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-advancedhuntingref-abovefoldlink)
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicefileevents-table.md b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicefileevents-table.md
index 246f3b70bd..ca50907f7c 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicefileevents-table.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicefileevents-table.md
@@ -24,7 +24,7 @@ ms.topic: article
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-advancedhuntingref-abovefoldlink)
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-deviceimageloadevents-table.md b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-deviceimageloadevents-table.md
index 7cd8fd9ebe..65b9b2927c 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-deviceimageloadevents-table.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-deviceimageloadevents-table.md
@@ -24,7 +24,7 @@ ms.topic: article
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-advancedhuntingref-abovefoldlink)
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-deviceinfo-table.md b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-deviceinfo-table.md
index b939d5ba59..652be88f72 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-deviceinfo-table.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-deviceinfo-table.md
@@ -24,7 +24,7 @@ ms.topic: article
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-advancedhuntingref-abovefoldlink)
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicelogonevents-table.md b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicelogonevents-table.md
index 17b769e2f3..fcdbc783c4 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicelogonevents-table.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicelogonevents-table.md
@@ -24,7 +24,7 @@ ms.topic: article
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-advancedhuntingref-abovefoldlink)
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicenetworkevents-table.md b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicenetworkevents-table.md
index 77692cf8fe..ba1a43141f 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicenetworkevents-table.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicenetworkevents-table.md
@@ -24,7 +24,7 @@ ms.topic: article
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-advancedhuntingref-abovefoldlink)
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicenetworkinfo-table.md b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicenetworkinfo-table.md
index 8d919d89c0..df10438741 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicenetworkinfo-table.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicenetworkinfo-table.md
@@ -24,7 +24,7 @@ ms.topic: article
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-advancedhuntingref-abovefoldlink)
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-deviceprocessevents-table.md b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-deviceprocessevents-table.md
index 3d7fc8a005..ea24aafcd0 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-deviceprocessevents-table.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-deviceprocessevents-table.md
@@ -24,7 +24,7 @@ ms.topic: article
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-advancedhuntingref-abovefoldlink)
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-deviceregistryevents-table.md b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-deviceregistryevents-table.md
index 4ee7217b7c..5278fc3224 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-deviceregistryevents-table.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-deviceregistryevents-table.md
@@ -24,7 +24,7 @@ ms.topic: article
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-advancedhuntingref-abovefoldlink)
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicetvmsecureconfigurationassessment-table.md b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicetvmsecureconfigurationassessment-table.md
index 22e4e6aa6b..8b7ff40a50 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicetvmsecureconfigurationassessment-table.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicetvmsecureconfigurationassessment-table.md
@@ -24,7 +24,7 @@ ms.topic: article
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/WindowsForBusiness/windows-atp?ocid=docs-wdatp-advancedhuntingref-abovefoldlink)
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicetvmsecureconfigurationassessmentkb-table.md b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicetvmsecureconfigurationassessmentkb-table.md
index d2b7ab5de4..17aa063a7e 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicetvmsecureconfigurationassessmentkb-table.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicetvmsecureconfigurationassessmentkb-table.md
@@ -24,7 +24,7 @@ ms.topic: article
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/WindowsForBusiness/windows-atp?ocid=docs-wdatp-advancedhuntingref-abovefoldlink)
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicetvmsoftwareinventoryvulnerabilities-table.md b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicetvmsoftwareinventoryvulnerabilities-table.md
index a61d3499dc..138d4d539a 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicetvmsoftwareinventoryvulnerabilities-table.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicetvmsoftwareinventoryvulnerabilities-table.md
@@ -24,7 +24,7 @@ ms.topic: article
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/WindowsForBusiness/windows-atp?ocid=docs-wdatp-advancedhuntingref-abovefoldlink)
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicetvmsoftwarevulnerabilitieskb-table.md b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicetvmsoftwarevulnerabilitieskb-table.md
index 36a4097508..7cd66a3115 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicetvmsoftwarevulnerabilitieskb-table.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicetvmsoftwarevulnerabilitieskb-table.md
@@ -24,7 +24,7 @@ ms.topic: article
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/WindowsForBusiness/windows-atp?ocid=docs-wdatp-advancedhuntingref-abovefoldlink)
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-errors.md b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-errors.md
index 092f10cf8f..ec16f7a73d 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-errors.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-errors.md
@@ -22,7 +22,7 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-advancedhunting-abovefoldlink)
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-extend-data.md b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-extend-data.md
new file mode 100644
index 0000000000..a1cde2051e
--- /dev/null
+++ b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-extend-data.md
@@ -0,0 +1,48 @@
+---
+title: Extend advanced hunting coverage with the right settings 
+description: Check auditing settings on Windows devices and other settings to help ensure that you get the most comprehensive data in advanced hunting  
+keywords: advanced hunting, incident, pivot, entity, audit settings, user account management, security group management, threat hunting, cyber threat hunting, search, query, telemetry, mdatp, Microsoft Defender ATP, Microsoft Defender Advanced Threat Protection, Windows Defender, Windows Defender ATP, Windows Defender Advanced Threat Protection 
+search.product: eADQiWindows 10XVcnh
+search.appverid: met150
+ms.prod: w10
+ms.mktglfcycl: deploy
+ms.sitesec: library
+ms.pagetype: security
+ms.author: lomayor
+author: lomayor
+ms.localizationpriority: medium
+manager: dansimp
+audience: ITPro
+ms.collection: M365-security-compliance 
+ms.topic: article
+ms.date: 10/10/2020
+---
+
+# Extend advanced hunting coverage with the right settings
+
+[!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
+
+**Applies to:**
+
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+
+[Advanced hunting](advanced-hunting-overview.md) relies on data coming from across your organization. To get the most comprehensive data possible, ensure that you have the correct settings in the corresponding data sources.
+
+## Advanced security auditing on Windows devices
+
+Turn on these advanced auditing settings to ensure you get data about activities on your devices, including local account management, local security group management, and service creation.
+
+Data | Description | Schema table | How to configure
+-|-|-|-
+Account management | Events captured as various `ActionType` values indicating local account creation, deletion, and other account-related activities | [DeviceEvents](advanced-hunting-deviceevents-table.md) | - Deploy an advanced security audit policy: [Audit User Account Management](https://docs.microsoft.com/windows/security/threat-protection/auditing/audit-user-account-management)<br> - [Learn about advanced security audit policies](https://docs.microsoft.com/windows/security/threat-protection/auditing/advanced-security-auditing)
+Security group management | Events captured as various `ActionType` values indicating local security group creation and other local group management activities | [DeviceEvents](advanced-hunting-deviceevents-table.md) | - Deploy an advanced security audit policy: [Audit Security Group Management](https://docs.microsoft.com/windows/security/threat-protection/auditing/audit-security-group-management)<br> - [Learn about advanced security audit policies](https://docs.microsoft.com/windows/security/threat-protection/auditing/advanced-security-auditing)
+Service installation | Events captured with the `ActionType` value `ServiceInstalled`, indicating that a service has been created | [DeviceEvents](advanced-hunting-deviceevents-table.md) | - Deploy an advanced security audit policy: [Audit Security System Extension](https://docs.microsoft.com/windows/security/threat-protection/auditing/audit-security-system-extension)<br> - [Learn about advanced security audit policies](https://docs.microsoft.com/windows/security/threat-protection/auditing/advanced-security-auditing)
+
+## Related topics
+
+- [Advanced hunting overview](advanced-hunting-overview.md)
+- [Learn the query language](advanced-hunting-query-language.md)
+- [Understand the schema](advanced-hunting-schema-reference.md)
+- [Work with query results](advanced-hunting-query-results.md)
+- [Apply query best practices](advanced-hunting-best-practices.md)
+- [Custom detections overview](overview-custom-detections.md)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-fileprofile-function.md b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-fileprofile-function.md
new file mode 100644
index 0000000000..4d6f6bd635
--- /dev/null
+++ b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-fileprofile-function.md
@@ -0,0 +1,85 @@
+---
+title: FileProfile() function in advanced hunting for Microsoft Defender Advanced Threat Protection
+description: Learn how to use the FileProfile() to enrich information about files in your advanced hunting query results 
+keywords: advanced hunting, threat hunting, cyber threat hunting, mdatp, Microsoft Defender ATP, Microsoft Defender Advanced Threat Protection, Windows Defender, Windows Defender ATP, Windows Defender Advanced Threat Protection, search, query, telemetry, schema reference, kusto, FileProfile, file profile, function, enrichment
+search.product: eADQiWindows 10XVcnh
+search.appverid: met150
+ms.prod: w10
+ms.mktglfcycl: deploy
+ms.sitesec: library
+ms.pagetype: security
+ms.author: lomayor
+author: lomayor
+ms.localizationpriority: medium
+manager: dansimp
+audience: ITPro
+ms.collection: M365-security-compliance 
+ms.topic: article
+ms.date: 09/20/2020
+---
+
+# FileProfile()
+
+**Applies to:**
+
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+
+The `FileProfile()` function is an enrichment function in [advanced hunting](advanced-hunting-overview.md) that adds the following data to files found by the query.
+
+Column | Data type | Description
+-|-|-
+SHA1 | string | SHA-1 of the file that the recorded action was applied to
+SHA256 | string | SHA-256 of the file that the recorded action was applied to
+MD5 | string | MD5 hash of the file that the recorded action was applied to
+FileSize | int | Size of the file in bytes
+GlobalPrevalence | int | Number of instances of the entity observed by Microsoft globally
+GlobalFirstSeen | datetime | Date and time when the entity was first observed by Microsoft globally
+GlobalLastSeen | datetime | Date and time when the entity was last observed by Microsoft globally
+Signer | string | Information about the signer of the file
+Issuer | string | Information about the issuing certificate authority (CA)
+SignerHash | string | Unique hash value identifying the signer
+IsCertificateValid | boolean | Whether the certificate used to sign the file is valid
+IsRootSignerMicrosoft | boolean | Indicates whether the signer of the root certificate is Microsoft
+IsExecutable | boolean | Whether the file is a Portable Executable (PE) file
+ThreatName | string | Detection name for any malware or other threats found
+Publisher | string | Name of the organization that published the file
+SoftwareName | string | Name of the software product
+
+## Syntax
+
+```kusto
+invoke FileProfile(x,y)
+```
+
+## Arguments
+
+- **x** — file ID column to use: `SHA1`, `SHA256`, `InitiatingProcessSHA1` or `InitiatingProcessSHA256`; function uses `SHA1` if unspecified
+- **y** — limit to the number of records to enrich, 1-1000; function uses 100 if unspecified
+
+## Examples
+
+### Project only the SHA1 column and enrich it
+
+```kusto
+DeviceFileEvents
+| where isnotempty(SHA1) and Timestamp > ago(1d)
+| take 10
+| project SHA1
+| invoke FileProfile()
+```
+
+### Enrich the first 500 records and list low-prevalence files
+
+```kusto
+DeviceFileEvents
+| where ActionType == "FileCreated" and Timestamp > ago(1d)
+| project CreatedOn = Timestamp, FileName, FolderPath, SHA1
+| invoke FileProfile("SHA1", 500) 
+| where GlobalPrevalence < 15
+```
+
+## Related topics
+
+- [Advanced hunting overview](advanced-hunting-overview.md)
+- [Learn the query language](advanced-hunting-query-language.md)
+- [Understand the schema](advanced-hunting-schema-reference.md)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-go-hunt.md b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-go-hunt.md
new file mode 100644
index 0000000000..a2ad985d29
--- /dev/null
+++ b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-go-hunt.md
@@ -0,0 +1,107 @@
+---
+title: Get relevant info about an entity with go hunt 
+description: Learn how to use the "go hunt" tool to quickly query for relevant information about an entity or event using advanced hunting.
+keywords: advanced hunting, incident, pivot, entity, go hunt, relevant events, threat hunting, cyber threat hunting, search, query, telemetry, Microsoft Threat Protection
+search.product: eADQiWindows 10XVcnh
+search.appverid: met150
+ms.prod: w10
+ms.mktglfcycl: deploy
+ms.sitesec: library
+ms.pagetype: security
+f1.keywords:
+- NOCSH
+ms.author: v-maave
+author: martyav
+ms.localizationpriority: medium
+manager: dansimp
+audience: ITPro
+ms.collection: M365-security-compliance 
+ms.topic: article
+---
+
+# Quickly hunt for entity or event information with go hunt
+
+[!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
+
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+
+With the *go hunt* action, you can quickly investigate events and various entity types using powerful query-based [advanced hunting](advanced-hunting-overview.md) capabilities. This action automatically runs an advanced hunting query to find relevant information about the selected event or entity.
+
+The *go hunt* action is available in various sections of the security center whenever event or entity details are displayed. For example, you can use *go hunt* from the following sections:
+
+- In the [incident page](investigate-incidents.md), you can review details about users, devices, and many other entities associated with an incident. When you select an entity, you get additional information as well as various actions you could take on that entity. In the example below, a device is selected, showing details about the device as well the option to hunt for more information about the device.
+
+    ![Image showing device details with the go hunt option](./images/go-hunt-device.png)
+
+- In the incident page, you can also access a list of entities under the evidence tab. Selecting one of those entities provides an option to quickly hunt for information about that entity.
+
+    ![Image showing selected url with the go hunt option in the Evidence tab](./images/go-hunt-evidence-url.png)
+
+- When viewing the timeline for a device, you can select an event in the timeline to view additional information about that event. Once an event is selected, you get the option to hunt for other relevant events in advanced hunting.
+
+    ![Image showing event details with the go hunt option](./images/go-hunt-event.png)
+
+Selecting **Go hunt** or **Hunt for related events** passes different queries, depending on whether you've selected an entity or an event.
+
+## Query for entity information
+
+When using *go hunt* to query for information about a user, device, or any other type of entity, the query checks all relevant schema tables for any events involving that entity. To keep the results manageable, the query is scoped to around the same time period as the earliest activity in the past 30 days that involves the entity and is associated with the incident.
+
+Here is an example of the go hunt query for a device:
+
+```kusto
+let selectedTimestamp = datetime(2020-06-02T02:06:47.1167157Z);
+let deviceName = "fv-az770.example.com";
+let deviceId = "device-guid";
+search in (DeviceLogonEvents, DeviceProcessEvents, DeviceNetworkEvents, DeviceFileEvents, DeviceRegistryEvents, DeviceImageLoadEvents, DeviceEvents, DeviceImageLoadEvents, IdentityLogonEvents, IdentityQueryEvents)
+Timestamp between ((selectedTimestamp - 1h) .. (selectedTimestamp + 1h))
+and DeviceName == deviceName
+// or RemoteDeviceName == deviceName
+// or DeviceId == deviceId
+| take 100
+```
+
+### Supported entity types
+
+You can use *go hunt* after selecting any of these entity types:
+
+- Files
+- Users
+- Devices
+- IP addresses
+- URLs
+
+## Query for event information
+
+When using *go hunt* to query for information about a timeline event, the query checks all relevant schema tables for other events around the time of the selected event. For example, the following query lists events in various schema tables that occurred around the same time period on the same device:
+
+```kusto
+// List relevant events 30 minutes before and after selected RegistryValueSet event
+let selectedEventTimestamp = datetime(2020-10-06T21:40:25.3466868Z);
+search in (DeviceFileEvents, DeviceProcessEvents, DeviceEvents, DeviceRegistryEvents, DeviceNetworkEvents, DeviceImageLoadEvents, DeviceLogonEvents)
+    Timestamp between ((selectedEventTimestamp - 30m) .. (selectedEventTimestamp + 30m))
+    and DeviceId == "a305b52049c4658ec63ae8b55becfe5954c654a4"
+| sort by Timestamp desc
+| extend Relevance = iff(Timestamp == selectedEventTimestamp, "Selected event", iff(Timestamp < selectedEventTimestamp, "Earlier event", "Later event"))
+| project-reorder Relevance
+```
+
+## Adjust the query
+
+With some knowledge of the [query language](advanced-hunting-query-language.md), you can adjust the query to your preference. For example, you can adjust this line, which determines the size of the time window:
+
+```kusto
+Timestamp between ((selectedTimestamp - 1h) .. (selectedTimestamp + 1h))
+```
+
+In addition to modifying the query to get more relevant results, you can also:
+
+- [View the results as charts](advanced-hunting-query-results.md#view-query-results-as-a-table-or-chart)
+- [Create a custom detection rule](custom-detection-rules.md)
+
+## Related topics
+
+- [Advanced hunting overview](advanced-hunting-overview.md)
+- [Learn the query language](advanced-hunting-query-language.md)
+- [Work with query results](advanced-hunting-query-results.md)
+- [Custom detection rules](custom-detection-rules.md)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-limits.md b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-limits.md
index 66e8db56e7..84a36793d9 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-limits.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-limits.md
@@ -22,7 +22,7 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-advancedhunting-abovefoldlink)
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-overview.md b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-overview.md
index 576f8e6c89..244c97c13f 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-overview.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-overview.md
@@ -22,24 +22,26 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-advancedhunting-abovefoldlink)
 
 Advanced hunting is a query-based threat-hunting tool that lets you explore up to 30 days of raw data. You can proactively inspect events in your network to locate threat indicators and entities. The flexible access to data enables unconstrained hunting for both known and potential threats.
 
+Watch this video for a quick overview of advanced hunting and a short tutorial that will get you started fast.
+<br />
+<br />
+
+> [!VIDEO https://www.microsoft.com/en-us/videoplayer/embed/RE4bGqo]
+
 You can use the same threat-hunting queries to build custom detection rules. These rules run automatically to check for and then respond to suspected breach activity, misconfigured machines, and other findings.
 
 >[!TIP]
 >Use [advanced hunting in Microsoft Threat Protection](https://docs.microsoft.com/microsoft-365/security/mtp/advanced-hunting-overview) to hunt for threats using data from Microsoft Defender ATP, Office 365 ATP, Microsoft Cloud App Security, and Azure ATP. [Turn on Microsoft Threat Protection](https://docs.microsoft.com/microsoft-365/security/mtp/mtp-enable)
 
 ## Get started with advanced hunting
-Watch this video for a quick overview of advanced hunting and a short tutorial that will get you started fast.
-<p></p>
 
-> [!VIDEO https://www.microsoft.com/en-us/videoplayer/embed/RE4bGqo]
-
-You can also go through each of the following steps to ramp up your advanced hunting knowledge.
+Go through the following steps to ramp up your advanced hunting knowledge.
 
 We recommend going through several steps to quickly get up and running with advanced hunting.
 
@@ -50,18 +52,24 @@ We recommend going through several steps to quickly get up and running with adva
 | **Understand the schema** | Get a good, high-level understanding of the tables in the schema and their columns. Learn where to look for data when constructing your queries. | [Schema reference](advanced-hunting-schema-reference.md) |
 | **Use predefined queries** | Explore collections of predefined queries covering different threat hunting scenarios. | [Shared queries](advanced-hunting-shared-queries.md) |
 | **Optimize queries and handle errors** | Understand how to create efficient and error-free queries. | - [Query best practices](advanced-hunting-best-practices.md)<br>- [Handle errors](advanced-hunting-errors.md) |
+| **Get the most complete coverage** | Use audit settings to provide better data coverage for your organization. | - [Extend advanced hunting coverage](advanced-hunting-extend-data.md) |
+| **Run a quick investigation** | Quickly run an advanced hunting query to investigate suspicious activity. | - [Quickly hunt for entity or event information with *go hunt*](advanced-hunting-go-hunt.md) |
+| **Contain threats and address compromises** | Respond to attacks by quarantining files, restricting app execution, and other actions | - [Take action on advanced hunting query results](advanced-hunting-take-action.md) |
 | **Create custom detection rules** | Understand how you can use advanced hunting queries to trigger alerts and take response actions automatically. | - [Custom detections overview](overview-custom-detections.md)<br>- [Custom detection rules](custom-detection-rules.md) |
 
 ## Data freshness and update frequency
+
 Advanced hunting data can be categorized into two distinct types, each consolidated differently.
 
 - **Event or activity data**—populates tables about alerts, security events, system events, and routine assessments. Advanced hunting receives this data almost immediately after the sensors that collect them successfully transmit them to Microsoft Defender ATP.
 - **Entity data**—populates tables with consolidated information about users and devices. This data comes from both relatively static data sources and dynamic sources, such as Active Directory entries and event logs. To provide fresh data, tables are updated with any new information every 15 minutes, adding rows that might not be fully populated. Every 24 hours, data is consolidated to insert a record that contains the latest, most comprehensive data set about each entity.
 
 ## Time zone
+
 Time information in advanced hunting is currently in the UTC time zone.
 
 ## Related topics
+
 - [Learn the query language](advanced-hunting-query-language.md)
 - [Work with query results](advanced-hunting-query-results.md)
 - [Use shared queries](advanced-hunting-shared-queries.md)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-query-language.md b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-query-language.md
index 7003a2670e..bc86c4a7b6 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-query-language.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-query-language.md
@@ -21,13 +21,12 @@ ms.topic: article
 
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
-
 **Applies to:**
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
->Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-advancedhunting-abovefoldlink)
+> Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-advancedhunting-abovefoldlink)
 
-Advanced hunting is based on the [Kusto query language](https://docs.microsoft.com/azure/kusto/query/). You can use Kusto syntax and operators to construct queries that locate information in the [schema](advanced-hunting-schema-reference.md) specifically structured for advanced hunting. To understand these concepts better, run your first query.
+Advanced hunting is based on the [Kusto query language](https://docs.microsoft.com/azure/kusto/query/). You can use Kusto operators and statements to construct queries that locate information in a specialized [schema](advanced-hunting-schema-reference.md). To understand these concepts better, run your first query.
 
 ## Try your first query
 
@@ -52,26 +51,21 @@ union DeviceProcessEvents, DeviceNetworkEvents
 FileName, ProcessCommandLine, RemoteIP, RemoteUrl, RemotePort, RemoteIPType
 | top 100 by Timestamp
 ```
-
-This is how it will look like in advanced hunting.
-
-![Image of Microsoft Defender ATP advanced hunting query](images/advanced-hunting-query-example-2.png)
-
+**[Run this query in advanced hunting](https://securitycenter.windows.com/hunting?query=H4sIAAAAAAAEAI2TT0vDQBDF5yz4HUJPFcTqyZsXqyCIBFvxKNGWtpo_NVlbC8XP7m8mado0K5Zls8nkzdu3b2Z70pNAbmUmqYyk4D2UTJYyllwGMmWNGQHrN_NNvsSBzUBrbMFMiWieAx3xDEBl4GL4AuNd8B0bNgARENcdUmIZ3yM5liPwac3bN-YZPGPU5ET1rWDc7Ox4uod8YDp4MzI-GkjlX4Ne2nly0zEkKzFWh4ZE5sSuTN8Ehq5couvEMnvmUAhez-HsRBMipVa_W_OG6vEfGtT12JRHpqV064e1Kx04NsxFzXxW1aFjp_djXmDRPbfY3XMMcLogTz2bWZ2KqmIJI6q6wKe2WYnrRsa9KVeU9kCBBo2v7BzPxF_Bx2DKiqh63SGoRoc6Njti48z_yL71XHQAcgAur6rXRpcqH3l-4knZF23Utsbq2MircEqmw-G__xR1TdZ1r7zb7XLezmx3etkvGr-ze6NdGdW92azUfpcdluWvr-aqbh_nofnqcWI3aYyOsBV7giduRUO7187LMKTT5rxvHHX80_t8IeeMgLquvL7-Ak3q-kz8BAAA&runQuery=true&timeRangeId=week)**
 
 ### Describe the query and specify the tables to search
-A short comment has been added to the beginning of the query to describe what it is for. This helps if you later decide to save the query and share it with others in your organization. 
+A short comment has been added to the beginning of the query to describe what it is for. This comment helps if you later decide to save the query and share it with others in your organization.
 
 ```kusto
 // Finds PowerShell execution events that could involve a download
 ```
-
-The query itself will typically start with a table name followed by a series of elements started by a pipe (`|`). In this example, we start by creating a union of two tables,  `DeviceProcessEvents` and `DeviceNetworkEvents`, and add piped elements as needed.
+The query itself will typically start with a table name followed by several elements that start with a pipe (`|`). In this example, we start by creating a union of two tables,  `DeviceProcessEvents` and `DeviceNetworkEvents`, and add piped elements as needed.
 
 ```kusto
 union DeviceProcessEvents, DeviceNetworkEvents
 ```
 ### Set the time range
-The first piped element is a time filter scoped to the previous seven days. Keeping the time range as narrow as possible ensures that queries perform well, return manageable results, and don't time out.
+The first piped element is a time filter scoped to the previous seven days. Limiting the time range helps ensure that queries perform well, return manageable results, and don't time out.
 
 ```kusto
 | where Timestamp > ago(7d)
@@ -80,7 +74,7 @@ The first piped element is a time filter scoped to the previous seven days. Keep
 ### Check specific processes
 The time range is immediately followed by a search for process file names representing the PowerShell application.
 
-```
+```kusto
 // Pivoting on PowerShell processes
 | where FileName in~ ("powershell.exe", "powershell_ise.exe")
 ```
@@ -101,7 +95,7 @@ Afterwards, the query looks for strings in command lines that are typically used
 ```
 
 ### Customize result columns and length 
-Now that your query clearly identifies the data you want to locate, you can add elements that define what the results look like. `project` returns specific columns, and `top` limits the number of results. These operators help ensure the results are well-formatted and reasonably large and easy to process.
+Now that your query clearly identifies the data you want to locate, you can define what the results look like. `project` returns specific columns, and `top` limits the number of results. These operators help ensure the results are well-formatted and reasonably large and easy to process.
 
 ```kusto
 | project Timestamp, DeviceName, InitiatingProcessFileName, InitiatingProcessCommandLine, 
@@ -109,7 +103,7 @@ FileName, ProcessCommandLine, RemoteIP, RemoteUrl, RemotePort, RemoteIPType
 | top 100 by Timestamp
 ```
 
-Click **Run query** to see the results. Select the expand icon at the top right of the query editor to focus on your hunting query and the results. 
+Select **Run query** to see the results. Use the expand icon at the top right of the query editor to focus on your hunting query and the results. 
 
 ![Image of the Expand control in the advanced hunting query editor](images/advanced-hunting-expand.png)
 
@@ -118,7 +112,7 @@ Click **Run query** to see the results. Select the expand icon at the top right
 
 ## Learn common query operators for advanced hunting
 
-Now that you've run your first query and have a general idea of its components, it's time to backtrack a little bit and learn some basics. The Kusto query language used by advanced hunting supports a range of operators, including the following common ones.
+You've just run your first query and have a general idea of its components. It's time to backtrack slightly and learn some basics. The Kusto query language used by advanced hunting supports a range of operators, including the following common ones.
 
 | Operator | Description and usage |
 |--|--|
@@ -137,15 +131,17 @@ To see a live example of these operators, run them from the **Get started** sect
 
 ## Understand data types
 
-Data in advanced hunting tables are generally classified into the following data types.
+Advanced hunting supports Kusto data types, including the following common types:
 
 | Data type | Description and query implications |
 |--|--|
-| `datetime` | Data and time information typically representing event timestamps |
-| `string` | Character string |
-| `bool` | True or false |
-| `int` | 32-bit numeric value  |
-| `long` | 64-bit numeric value |
+| `datetime` | Data and time information typically representing event timestamps. [See supported datetime formats](https://docs.microsoft.com/azure/data-explorer/kusto/query/scalar-data-types/datetime) |
+| `string` | Character string in UTF-8 enclosed in single quotes (`'`) or double quotes (`"`). [Read more about strings](https://docs.microsoft.com/azure/data-explorer/kusto/query/scalar-data-types/string) |
+| `bool` | This data type supports `true` or `false` states. [See supported literals and operators](https://docs.microsoft.com/azure/data-explorer/kusto/query/scalar-data-types/bool) |
+| `int` | 32-bit integer  |
+| `long` | 64-bit integer |
+
+To learn more about these data types, [read about Kusto scalar data types](https://docs.microsoft.com/azure/data-explorer/kusto/query/scalar-data-types/).
 
 ## Get help as you write queries
 Take advantage of the following functionality to write queries faster:
@@ -155,7 +151,7 @@ Take advantage of the following functionality to write queries faster:
 - **[Schema reference](advanced-hunting-schema-reference.md#get-schema-information-in-the-security-center)**—in-portal reference with table and column descriptions as well as supported event types (`ActionType` values) and sample queries
 
 ## Work with multiple queries in the editor
-The query editor can serve as your scratch pad for experimenting with multiple queries. To use multiple queries:
+You can use the query editor to experiment with multiple queries. To use multiple queries:
 
 - Separate each query with an empty line.
 - Place the cursor on any part of a query to select that query before running it. This will run only the selected query. To run another query, move the cursor accordingly and select **Run query**.
@@ -171,7 +167,7 @@ The **Get started** section provides a few simple queries using commonly used op
 ![Image of the advanced hunting get started tab](images/atp-advanced-hunting.png)
 
 > [!NOTE]
-> Apart from the basic query samples, you can also access [shared queries](advanced-hunting-shared-queries.md) for specific threat hunting scenarios. Explore the shared queries on the left side of the page or the GitHub query repository.
+> Apart from the basic query samples, you can also access [shared queries](advanced-hunting-shared-queries.md) for specific threat hunting scenarios. Explore the shared queries on the left side of the page or the [GitHub query repository](https://aka.ms/hunting-queries).
 
 ## Access comprehensive query language reference
 
@@ -180,7 +176,6 @@ For detailed information about the query language, see [Kusto query language doc
 ## Related topics
 - [Advanced hunting overview](advanced-hunting-overview.md)
 - [Work with query results](advanced-hunting-query-results.md)
+- [Use shared queries](advanced-hunting-shared-queries.md)
 - [Understand the schema](advanced-hunting-schema-reference.md)
 - [Apply query best practices](advanced-hunting-best-practices.md)
-
->Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-advancedhunting-belowfoldlink)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-query-results.md b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-query-results.md
index 97391fa308..18ff2942b6 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-query-results.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-query-results.md
@@ -23,7 +23,7 @@ ms.topic: article
 
 
 **Applies to:**
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-advancedhunting-abovefoldlink)
 
@@ -116,6 +116,12 @@ After running a query, select **Export** to save the results to local file. Your
 ## Drill down from query results
 To view more information about entities, such as devices, files, users, IP addresses, and URLs, in your query results, simply click the entity identifier. This opens a detailed profile page for the selected entity.
 
+To quickly inspect a record in your query results, select the corresponding row to open the Inspect record panel. The panel provides the following information based on the selected record:
+
+- **Assets** — A summarized view of the main assets (mailboxes, devices, and users) found in the record, enriched with available information, such as risk and exposure levels
+- **Process tree** — A chart generated for records with process information and enriched using available contextual information; in general, queries that return more columns can result in richer process trees.
+- **All details** — Lists all the values from the columns in the record
+
 ## Tweak your queries from the results
 Right-click a value in the result set to quickly enhance your query. You can use the options to:
 
@@ -126,9 +132,9 @@ Right-click a value in the result set to quickly enhance your query. You can use
 ![Image of advanced hunting result set](images/advanced-hunting-results-filter.png)
 
 ## Filter the query results
-The filters displayed to the right provide a summary of the result set. Each column has its own section that lists the distinct values found for that column and the number of instances.
+The filters displayed in the right pane provide a summary of the result set. Every column has its own section in the pane, each of which lists the values found in that column, and the number of instances.
 
-Refine your query by selecting the `+` or `-` buttons on the values that you want to include or exclude and then selecting **Run query**.
+Refine your query by selecting the `+` or `-` buttons on the values that you want to include or exclude. Then select **Run query**.
 
 ![Image of advanced hunting filter](images/advanced-hunting-filter.png)
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-schema-reference.md b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-schema-reference.md
index 6a0361489c..7f93ba99d5 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-schema-reference.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-schema-reference.md
@@ -24,7 +24,7 @@ ms.date: 01/14/2020
 
 
 **Applies to:**
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-advancedhuntingref-abovefoldlink)
 
@@ -69,8 +69,11 @@ Table and column names are also listed within the Microsoft Defender Security Ce
 | **[DeviceTvmSecureConfigurationAssessment](advanced-hunting-devicetvmsecureconfigurationassessment-table.md)** | Threat & Vulnerability Management assessment events, indicating the status of various security configurations on devices |
 | **[DeviceTvmSecureConfigurationAssessmentKB](advanced-hunting-devicetvmsecureconfigurationassessmentkb-table.md)** | Knowledge base of various security configurations used by Threat & Vulnerability Management to assess devices; includes mappings to various standards and benchmarks |
 
+
 ## Related topics
 - [Advanced hunting overview](advanced-hunting-overview.md)
-- [Work with query results](advanced-hunting-query-results.md)
 - [Learn the query language](advanced-hunting-query-language.md)
+- [Work with query results](advanced-hunting-query-results.md)
+- [Apply query best practices](advanced-hunting-best-practices.md)
+- [Custom detections overview](overview-custom-detections.md)
 - [Advanced hunting data schema changes](https://techcommunity.microsoft.com/t5/microsoft-defender-atp/advanced-hunting-data-schema-changes/ba-p/1043914)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-shared-queries.md b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-shared-queries.md
index 4eb3858c7f..96880e0c7e 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-shared-queries.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-shared-queries.md
@@ -23,7 +23,7 @@ ms.topic: article
 
 
 **Applies to:**
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-advancedhunting-abovefoldlink)
 
@@ -43,7 +43,7 @@ You can save a new or existing query so that it is only accessible to you or sha
    ![Image of saving a query](images/advanced-hunting-save-query.png)
 
 4. Select the folder where you'd like to save the query.
-    - **Shared queries** — shared to all users in the your organization
+    - **Shared queries** — shared to all users in your organization
     - **My queries** — accessible only to you
     
 5. Select **Save**.
@@ -67,3 +67,7 @@ Microsoft security researchers regularly share advanced hunting queries in a [de
 ## Related topics
 - [Advanced hunting overview](advanced-hunting-overview.md)
 - [Learn the query language](advanced-hunting-query-language.md)
+- [Work with query results](advanced-hunting-query-results.md)
+- [Understand the schema](advanced-hunting-schema-reference.md)
+- [Apply query best practices](advanced-hunting-best-practices.md)
+- [Custom detections overview](overview-custom-detections.md)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-take-action.md b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-take-action.md
new file mode 100644
index 0000000000..915cbfa44b
--- /dev/null
+++ b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-take-action.md
@@ -0,0 +1,82 @@
+---
+title: Take action on advanced hunting query results in Microsoft Threat Protection
+description: Quickly address threats and affected assets in your advanced hunting query results
+keywords: advanced hunting, threat hunting, cyber threat hunting, mdatp, microsoft defender atp, wdatp search, query, telemetry, custom detections, schema, kusto, avoid timeout, command lines, process id
+search.product: eADQiWindows 10XVcnh
+search.appverid: met150
+ms.prod: w10
+ms.mktglfcycl: deploy
+ms.sitesec: library
+ms.pagetype: security
+ms.author: lomayor
+author: lomayor
+ms.localizationpriority: medium
+manager: dansimp
+audience: ITPro
+ms.collection: M365-security-compliance 
+ms.topic: article
+ms.date: 09/20/2020
+---
+
+# Take action on advanced hunting query results
+
+**Applies to:**
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+
+> Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-advancedhuntingref-abovefoldlink)
+
+You can quickly contain threats or address compromised assets that you find in [advanced hunting](advanced-hunting-overview.md) using powerful and comprehensive action options. With these options, you can:
+
+- Take various actions on devices
+- Quarantine files
+
+## Required permissions
+
+To be able to take action through advanced hunting, you need a role in Microsoft Defender ATP with [permissions to submit remediation actions on devices](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/user-roles#permission-options). If you can't take action, contact a global administrator about getting the following permission:
+
+*Active remediation actions > Threat and vulnerability management - Remediation handling*
+
+## Take various actions on devices
+
+You can take the following actions on devices identified by the `DeviceId` column in your query results:
+
+- Isolate affected devices to contain an infection or prevent attacks from moving laterally
+- Collect investigation package to obtain more forensic information
+- Run an antivirus scan to find and remove threats using the latest security intelligence updates
+- Initiate an automated investigation to check and remediate threats on the device and possibly other affected devices
+- Restrict app execution to only Microsoft-signed executable files, preventing subsequent threat activity through malware or other untrusted executables
+
+To learn more about how these response actions are performed through Microsoft Defender ATP, [read about response actions on devices](respond-machine-alerts.md).
+
+## Quarantine files
+
+You can deploy the *quarantine* action on files so that they are automatically quarantined when encountered. When selecting this action, you can choose between the following columns to identify which files in your query results to quarantine:
+
+- `SHA1` — In most advanced hunting tables, this is the SHA-1 of the file that was affected by the recorded action. For example, if a file was copied, this would be the copied file.
+- `InitiatingProcessSHA1` — In most advanced hunting tables, this is the file responsible for initiating the recorded action. For example, if a child process was launched, this would be the parent process. 
+- `SHA256` — This is the SHA-256 equivalent of the file identified by the `SHA1` column.
+- `InitiatingProcessSHA256` — This is the SHA-256 equivalent of the file identified by the `InitiatingProcessSHA1` column.
+
+To learn more about how quarantine actions are taken and how files can be restored, [read about response actions on files](respond-file-alerts.md).
+
+>[!NOTE]
+>To locate files and quarantine them, the query results should also include `DeviceId` values as device identifiers.  
+
+## Take action
+
+To take any of the described actions, select one or more records in your query results and then select **Take actions**. A wizard will guide you through the process of selecting and then submitting your preferred actions.
+
+![Image of selected record with panel for inspecting the record](images/ah-take-actions.png)
+
+## Review actions taken
+
+Each action is individually recorded in the action center, under **Action center** > **History** ([security.microsoft.com/action-center/history](https://security.microsoft.com/action-center/history)). Go to the action center to check the status of each action.
+ 
+## Related topics
+
+- [Advanced hunting overview](advanced-hunting-overview.md)
+- [Learn the query language](advanced-hunting-query-language.md)
+- [Understand the schema](advanced-hunting-schema-reference.md)
+- [Work with query results](advanced-hunting-query-results.md)
+- [Apply query best practices](advanced-hunting-best-practices.md)
+- [Custom detections overview](overview-custom-detections.md)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/alerts-queue.md b/windows/security/threat-protection/microsoft-defender-atp/alerts-queue.md
index 9bf8d26a01..d5bccbc7fc 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/alerts-queue.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/alerts-queue.md
@@ -25,7 +25,7 @@ ms.date: 03/27/2020
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-alertsq-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/alerts.md b/windows/security/threat-protection/microsoft-defender-atp/alerts.md
index 67ed2be93e..7a51bd90c7 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/alerts.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/alerts.md
@@ -21,7 +21,7 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 
-**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 - Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/android-configure.md b/windows/security/threat-protection/microsoft-defender-atp/android-configure.md
index e8bb4f8847..6edfd475aa 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/android-configure.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/android-configure.md
@@ -14,7 +14,9 @@ author: dansimp
 ms.localizationpriority: medium
 manager: dansimp
 audience: ITPro
-ms.collection: M365-security-compliance
+ms.collection: 
+- m365-security-compliance 
+- m365initiative-defender-endpoint 
 ms.topic: conceptual
 ---
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/android-intune.md b/windows/security/threat-protection/microsoft-defender-atp/android-intune.md
index 079bb71234..b70734bf7c 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/android-intune.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/android-intune.md
@@ -14,7 +14,9 @@ author: dansimp
 ms.localizationpriority: medium
 manager: dansimp
 audience: ITPro
-ms.collection: M365-security-compliance
+ms.collection: 
+- m365-security-compliance 
+- m365initiative-defender-endpoint 
 ms.topic: conceptual
 ---
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/android-support-signin.md b/windows/security/threat-protection/microsoft-defender-atp/android-support-signin.md
index a989d91d73..d2d946c3fb 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/android-support-signin.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/android-support-signin.md
@@ -14,7 +14,9 @@ author: mjcaparas
 ms.localizationpriority: medium
 manager: dansimp
 audience: ITPro
-ms.collection: M365-security-compliance
+ms.collection: 
+- m365-security-compliance 
+- m365initiative-defender-endpoint 
 ms.topic: conceptual
 ---
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/api-explorer.md b/windows/security/threat-protection/microsoft-defender-atp/api-explorer.md
index 7bc13986b1..4985f37fda 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/api-explorer.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/api-explorer.md
@@ -25,7 +25,7 @@ ms.topic: conceptual
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 The Microsoft Defender ATP API Explorer is a tool that helps you explore various Microsoft Defender ATP APIs interactively. 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/api-hello-world.md b/windows/security/threat-protection/microsoft-defender-atp/api-hello-world.md
index 3163df4fcb..a0330cfe3b 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/api-hello-world.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/api-hello-world.md
@@ -22,7 +22,7 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 
-**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 - Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/api-microsoft-flow.md b/windows/security/threat-protection/microsoft-defender-atp/api-microsoft-flow.md
index 8d06eb8f1b..572437217f 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/api-microsoft-flow.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/api-microsoft-flow.md
@@ -22,7 +22,7 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 
-**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 - Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/api-portal-mapping.md b/windows/security/threat-protection/microsoft-defender-atp/api-portal-mapping.md
index 19a2f46e0c..d93239e1e8 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/api-portal-mapping.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/api-portal-mapping.md
@@ -24,7 +24,7 @@ ms.topic: article
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-apiportalmapping-abovefoldlink)
 
@@ -72,6 +72,9 @@ Field numbers match the numbers in the images below.
 > |                  | LogOnUsers                | sourceUserId        | contoso\liz-bean;   contoso\jay-hardee                                             | The domain and user of the   interactive logon user/s at the time of the event. Note: For devices on   Windows 10 version 1607, the domain information will not be available. |
 > |                  | InternalIPv4List          | No mapping          | 192.168.1.7, 10.1.14.1                                                             | List of IPV4 internal IPs for active network interfaces.                                                                                                                                                                               |
 > |                  | InternalIPv6List          | No mapping          | fd30:0000:0000:0001:ff4e:003e:0009:000e,   FE80:CD00:0000:0CDE:1257:0000:211E:729C | List of IPV6 internal IPs for active network interfaces.                                                                                                                                                                               |
+| | LinkToMTP | No mapping | `https://security.microsoft.com/alert/da637370718981685665_16349121` | Value available for every Detection.
+| | IncidentLinkToMTP | No mapping | `"https://security.microsoft.com/incidents/byalert?alertId=da637370718981685665_16349121&source=SIEM` | Value available for every Detection.
+| | IncidentLinkToWDATP | No mapping | `https://securitycenter.windows.com/incidents/byalert?alertId=da637370718981685665_16349121&source=SIEM` | Value available for every Detection.
 > | Internal   field | LastProcessedTimeUtc      | No mapping          | 2017-05-07T01:56:58.9936648Z                                                       | Time when event arrived at the   backend. This field can be used when setting the request parameter for the range of time that detections are retrieved.                         |
 > |                  | Not part of the schema    | deviceVendor        |                                                                                    | Static value in the ArcSight   mapping - 'Microsoft'.                                                                                                                          |
 > |                  | Not part of the schema    | deviceProduct       |                                                                                    | Static value in the ArcSight   mapping - 'Microsoft Defender ATP'.                                                                                                               |
diff --git a/windows/security/threat-protection/microsoft-defender-atp/api-power-bi.md b/windows/security/threat-protection/microsoft-defender-atp/api-power-bi.md
index 9ed52103d9..ae1fe49ed4 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/api-power-bi.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/api-power-bi.md
@@ -22,7 +22,7 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 
-**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 - Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/apis-intro.md b/windows/security/threat-protection/microsoft-defender-atp/apis-intro.md
index 09205163fe..34f925b4d8 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/apis-intro.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/apis-intro.md
@@ -23,7 +23,7 @@ ms.topic: conceptual
 
 
 **Applies to:** 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 > Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/assign-portal-access.md b/windows/security/threat-protection/microsoft-defender-atp/assign-portal-access.md
index 6eeaf5c729..6c4428c439 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/assign-portal-access.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/assign-portal-access.md
@@ -26,7 +26,7 @@ ms.date: 11/28/2018
 **Applies to:**
 - Azure Active Directory
 - Office 365
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-assignaccess-abovefoldlink)
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/attack-simulations.md b/windows/security/threat-protection/microsoft-defender-atp/attack-simulations.md
index 4726e2223f..47af31878c 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/attack-simulations.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/attack-simulations.md
@@ -25,7 +25,7 @@ ms.date: 11/20/2018
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-attacksimulations-abovefoldlink)
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/attack-surface-reduction-faq.md b/windows/security/threat-protection/microsoft-defender-atp/attack-surface-reduction-faq.md
index 0175049c55..6005a0a536 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/attack-surface-reduction-faq.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/attack-surface-reduction-faq.md
@@ -23,7 +23,7 @@ ms.custom: asr
 
 **Applies to:**
 
-* [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+* [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 ## Is attack surface reduction (ASR) part of Windows?
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/attack-surface-reduction.md b/windows/security/threat-protection/microsoft-defender-atp/attack-surface-reduction.md
index 21443608c3..87e15b62f3 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/attack-surface-reduction.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/attack-surface-reduction.md
@@ -11,9 +11,10 @@ ms.localizationpriority: medium
 audience: ITPro
 author: denisebmsft
 ms.author: deniseb
-ms.reviewer: 
+ms.reviewer: sugamar, jcedola
 manager: dansimp
 ms.custom: asr
+ms.date: 10/08/2020
 ---
 
 # Reduce attack surfaces with attack surface reduction rules
@@ -23,7 +24,7 @@ ms.custom: asr
 
 **Applies to:**
 
-* [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+* [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 Your attack surface is the total number of places where an attacker could compromise your organization's devices or networks. Reducing your attack surface means offering attackers fewer ways to perform attacks.
 
@@ -326,10 +327,7 @@ GUID: `d1e49aac-8f56-4280-b9ba-993a6d77406c`
 
 ### Block untrusted and unsigned processes that run from USB
 
-With this rule, admins can prevent unsigned or untrusted executable files from running from USB removable drives, including SD cards. Blocked file types include:
-
-* Executable files (such as .exe, .dll, or .scr)
-* Script files (such as a PowerShell .ps, Visual Basic .vbs, or JavaScript .js file)
+With this rule, admins can prevent unsigned or untrusted executable files from running from USB removable drives, including SD cards. Blocked file types include executable files (such as .exe, .dll, or .scr)
 
 This rule was introduced in: 
 - [Windows 10, version 1803](https://docs.microsoft.com/windows/whats-new/whats-new-windows-10-version-1803)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/audit-windows-defender.md b/windows/security/threat-protection/microsoft-defender-atp/audit-windows-defender.md
index 8a4304b984..ee65565701 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/audit-windows-defender.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/audit-windows-defender.md
@@ -22,7 +22,7 @@ manager: dansimp
 
 **Applies to:**
 
-* [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+* [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 You can enable attack surface reduction rules, exploit protection, network protection, and controlled folder access in audit mode. Audit mode lets you see a record of what *would* have happened if you had enabled the feature.
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/auto-investigation-action-center.md b/windows/security/threat-protection/microsoft-defender-atp/auto-investigation-action-center.md
index bca632927a..0a77813dd2 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/auto-investigation-action-center.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/auto-investigation-action-center.md
@@ -12,7 +12,9 @@ author: denisebmsft
 ms.localizationpriority: medium
 manager: dansimp
 audience: ITPro
-ms.collection: M365-security-compliance 
+ms.collection: 
+- m365-security-compliance 
+- m365initiative-defender-endpoint 
 ms.topic: article
 ms.reviewer: ramarom, evaldm, isco, mabraitm, chriggs
 ms.date: 09/24/2020
diff --git a/windows/security/threat-protection/microsoft-defender-atp/automated-investigations.md b/windows/security/threat-protection/microsoft-defender-atp/automated-investigations.md
index d422058827..42a409f78e 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/automated-investigations.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/automated-investigations.md
@@ -11,11 +11,13 @@ ms.sitesec: library
 ms.pagetype: security
 ms.author: deniseb
 author: denisebmsft
-ms.date: 09/30/2020
+ms.date: 10/21/2020
 ms.localizationpriority: medium
 manager: dansimp
 audience: ITPro
-ms.collection: M365-security-compliance 
+ms.collection: 
+- m365-security-compliance 
+- m365initiative-defender-endpoint 
 ms.topic: conceptual
 ms.reviewer: ramarom, evaldm, isco, mabraitm, chriggs
 ms.custom: AIR
@@ -25,15 +27,21 @@ ms.custom: AIR
 
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
+**Applies to**
+
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146806)
 
-> [!VIDEO https://www.microsoft.com/en-us/videoplayer/embed/RE4bOeh]
 
 Your security operations team receives an alert whenever a malicious or suspicious artifact is detected by Microsoft Defender for Endpoint. Security operations teams face challenges in addressing the multitude of alerts that arise from the seemingly never-ending flow of threats. Microsoft Defender for Endpoint includes automated investigation and remediation capabilities that can help your security operations team address threats more efficiently and effectively. 
 
+Watch the following video to see how automated investigation and remediation works:
+
+> [!VIDEO https://www.microsoft.com/videoplayer/embed/RE4bOeh]
+
 Automated investigation uses various inspection algorithms and processes used by analysts to examine alerts and take immediate action to resolve breaches. These capabilities significantly reduce alert volume, allowing security operations to focus on more sophisticated threats and other high-value initiatives. The [Action center](auto-investigation-action-center.md) keeps track of all the investigations that were initiated automatically, along with details, such as investigation status, detection source, and any pending or completed actions.
 
 > [!TIP]
-> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-automated-investigations-abovefoldlink)
+> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-automated-investigations-abovefoldlink).
 
 ## How the automated investigation starts
 
@@ -70,28 +78,19 @@ If an incriminated entity is seen in another device, the automated investigation
 
 ## How threats are remediated
 
-Depending on how you set up the device groups and their level of automation, each automated investigation either requires user approval (default) or automatically takes action to remediate threats.
+As alerts are triggered, and an automated investigation runs, a verdict is generated for each piece of evidence investigated. Verdicts can be *Malicious*, *Suspicious*, or *No threats found*. 
 
-> [!NOTE]
-> Microsoft Defender for Endpoint tenants created on or after August 16, 2020 have **Full - remediate threats automatically** selected by default. You can keep the default setting, or change it according to your organizational needs. To change your settings, [adjust your device group settings](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/configure-automated-investigations-remediation#set-up-device-groups).
+As verdicts are reached, automated investigations can result in one or more remediation actions. Examples of remediation actions include sending a file to quarantine, stopping a service, removing a scheduled task, and more. (See [Remediation actions](manage-auto-investigation.md#remediation-actions).)  
 
-You can configure the following levels of automation:
+Depending on the [level of automation](automation-levels.md) set for your organization, remediation actions can occur automatically or only upon approval by your security operations team. 
 
-|Automation level | Description|
-|---|---|
-|**Full - remediate threats automatically** | All remediation actions are performed automatically. Remediation actions that were taken can be viewed in the [Action Center](auto-investigation-action-center.md), on the **History** tab.<br/><br/>***This option is recommended** and is selected by default for tenants that were created on or after August 16, 2020 with Microsoft Defender for Endpoint, with no device groups defined yet.* <br/><br/>*If you do have a device group defined, you will also have a device group called **Ungrouped devices (default)**, which will be set to **Full - remediate threats automatically**.* |
-|**Semi - require approval for core folders remediation** | Approval is required for remediation actions on files or executables that are in core folders. Pending actions can be viewed and approved in the [Action Center](auto-investigation-action-center.md). <br/><br/>Remediation actions can be taken automatically on files or executables that are in other (non-core) folders. Core folders include operating system directories, such as the **Windows** (`\windows\*`). |
-|**Semi - require approval for non-temp folders remediation** | Approval is required for remediation actions on files or executables that are not in temporary folders. Pending actions can be viewed and approved in the [Action Center](auto-investigation-action-center.md).<br/><br/> Remediation actions can be taken automatically on files or executables that are in temporary folders. Temporary folders can include the following examples: <br/>- `\users\*\appdata\local\temp\*`<br/>- `\documents and settings\*\local settings\temp\*` <br/>- `\documents and settings\*\local settings\temporary\*`<br/>- `\windows\temp\*`<br/>- `\users\*\downloads\*`<br/>- `\program files\` <br/>- `\program files (x86)\*`<br/>- `\documents and settings\*\users\*` |
-|**Semi - require approval for any remediation** | Approval is required for any remediation action. Pending actions can be viewed and approved in the [Action Center](auto-investigation-action-center.md).<br/><br/>*This option is selected by default for tenants that were created before August 16, 2020 with Microsoft Defender ATP, with no device groups defined.*<br/><br/>*If you do have a device group defined, you will also have a device group called **Ungrouped devices (default)**, which will be set to **Semi - require approval for any remediation**.*|
-|**No automated response** | Automated investigation does not run on your organization's devices. As a result, no remediation actions are taken or pending as a result of automated investigation. <br/><br/>***This option is not recommended**, because it reduces the security posture of your organization's devices. [Consider setting up or changing your device groups to use **Full** or **Semi** automation](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/machine-groups)* |
-
-
-> [!IMPORTANT]
-> If your tenant already has device groups defined, then the automation level settings are not changed for those device groups.
+All remediation actions, whether pending or completed, can be viewed in Action Center. If necessary, your security operations team can undo a remediation action. (See [Review and approve remediation actions following an automated investigation](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/manage-auto-investigation).)
 
 ## Next steps
 
-- [Learn about the automated investigations dashboard](manage-auto-investigation.md)
+- [Get an overview of the automated investigations dashboard](manage-auto-investigation.md)
+
+- [Learn more about automation levels](automation-levels.md)
 
 - [See the interactive guide: Investigate and remediate threats with Microsoft Defender for Endpoint](https://aka.ms/MDATP-IR-Interactive-Guide)
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/automation-levels.md b/windows/security/threat-protection/microsoft-defender-atp/automation-levels.md
new file mode 100644
index 0000000000..9fa9ebd762
--- /dev/null
+++ b/windows/security/threat-protection/microsoft-defender-atp/automation-levels.md
@@ -0,0 +1,62 @@
+---
+title: Automation levels in automated investigation and remediation
+description: Get an overview of automation levels and how they work in Microsoft Defender for Endpoint
+keywords: automated, investigation, level, defender atp
+search.product: eADQiWindows 10XVcnh
+search.appverid: met150
+ms.prod: w10
+ms.technology: windows
+ms.mktglfcycl: deploy
+ms.sitesec: library
+ms.pagetype: security
+ms.author: deniseb
+author: denisebmsft
+ms.date: 10/22/2020
+ms.localizationpriority: medium
+manager: dansimp
+audience: ITPro
+ms.collection: 
+- m365-security-compliance 
+- m365initiative-defender-endpoint 
+ms.topic: conceptual
+ms.reviewer: ramarom, evaldm, isco, mabraitm, chriggs
+ms.custom: AIR
+---
+
+# Automation levels in automated investigation and remediation capabilities
+
+Automated investigation and remediation (AIR) capabilities in Microsoft Defender for Endpoint can be configured to one of several levels of automation. Your automation level affects whether remediation actions following AIR investigations are taken automatically or only upon approval.  
+- *Full automation* (recommended) means remediation actions are taken automatically on artifacts determined to be malicious.
+- *Semi-automation* means some remediation actions are taken automatically, but other remediation actions await approval before being taken. (See the table in [Levels of automation](#levels-of-automation).)
+- All remediation actions, whether pending or completed, are tracked in the Action Center ([https://securitycenter.windows.com](https://securitycenter.windows.com)). 
+
+> [!TIP]
+> For best results, we recommend using full automation when you [configure AIR](configure-automated-investigations-remediation.md). Data collected and analyzed over the past year shows that customers who are using full automation had 40% more high-confidence malware samples removed than customers who are using lower levels of automation. Full automation can help free up your security operations resources to focus more on your strategic initiatives.
+
+## Levels of automation
+
+The following table describes each level of automation and how it works.
+
+|Automation level | Description|
+|:---|:---|
+|**Full - remediate threats automatically** <br/>(also referred to as *full automation*)| With full automation, remediation actions are performed automatically. All remediation actions that are taken can be viewed in the [Action Center](auto-investigation-action-center.md) on the **History** tab. If necessary, a remediation action can be undone.<br/><br/>***Full automation is recommended** and is selected by default for tenants that were created on or after August 16, 2020 with Microsoft Defender for Endpoint, with no device groups defined yet.*  |
+|**Semi - require approval for any remediation** <br/>(also referred to as *semi-automation*)| With this level of semi-automation, approval is required for *any* remediation action. Such pending actions can be viewed and approved in the [Action Center](auto-investigation-action-center.md), on the **Pending** tab.<br/><br/>*This level of semi-automation is selected by default for tenants that were created before August 16, 2020 with Microsoft Defender ATP, with no device groups defined.*|
+|**Semi - require approval for core folders remediation** <br/>(also a type of *semi-automation*)  | With this level of semi-automation, approval is required for any remediation actions needed on files or executables that are in core folders. Core folders include operating system directories, such as the **Windows** (`\windows\*`).<br/><br/>Remediation actions can be taken automatically on files or executables that are in other (non-core) folders. <br/><br/>Pending actions for files or executables in core folders can be viewed and approved in the [Action Center](auto-investigation-action-center.md), on the **Pending** tab. <br/><br/>Actions that were taken on files or executables in other folders can be viewed in the [Action Center](auto-investigation-action-center.md), on the **History** tab. |
+|**Semi - require approval for non-temp folders remediation** <br/>(also a type of *semi-automation*)| With this level of semi-automation, approval is required for any remediation actions needed on files or executables that are *not* in temporary folders. <br/><br/>Temporary folders can include the following examples: <br/>- `\users\*\appdata\local\temp\*`<br/>- `\documents and settings\*\local settings\temp\*` <br/>- `\documents and settings\*\local settings\temporary\*`<br/>- `\windows\temp\*`<br/>- `\users\*\downloads\*`<br/>- `\program files\` <br/>- `\program files (x86)\*`<br/>- `\documents and settings\*\users\*`<br/><br/>Remediation actions can be taken automatically on files or executables that are in temporary folders. <br/><br/>Pending actions for files or executables that are not in temporary folders can be viewed and approved in the [Action Center](auto-investigation-action-center.md), on the **Pending** tab.<br/><br/>Actions that were taken on files or executables in temporary folders can be viewed and approved in the [Action Center](auto-investigation-action-center.md), on the **History** tab.   |
+|**No automated response** <br/>(also referred to as *no automation*) | With no automation, automated investigation does not run on your organization's devices. As a result, no remediation actions are taken or pending as a result of automated investigation. However, other threat protection features, such as [protection from potentially unwanted applications](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-antivirus/detect-block-potentially-unwanted-apps-microsoft-defender-antivirus), can be in effect, depending on how your antivirus and next-generation protection features are configured.<br/><br/>***Using the *no automation* option is not recommended**, because it reduces the security posture of your organization's devices. [Consider setting up your automation level to full automation (or at least semi-automation)](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/machine-groups)*. |
+
+## Important points about automation levels
+
+- Full automation has proven to be reliable, efficient, and safe, and is recommended for all customers. Full automation frees up your critical security resources so they can focus more on your strategic initiatives.
+
+- New tenants (which include tenants that were created on or after August 16, 2020) with Microsoft Defender for Endpoint are set to full automation by default.
+
+- If your security team has defined device groups with a level of automation, those settings are not changed by the new default settings that are rolling out. 
+
+- You can keep your default automation settings, or change them according to your organizational needs. To change your settings, [set your level of automation](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/configure-automated-investigations-remediation#set-up-device-groups).
+
+## Next steps
+
+- [Configure automated investigation and remediation capabilities in Microsoft Defender for Endpoint](configure-automated-investigations-remediation.md)
+
+- [Visit the Action Center](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/auto-investigation-action-center#the-action-center)
\ No newline at end of file
diff --git a/windows/security/threat-protection/microsoft-defender-atp/basic-permissions.md b/windows/security/threat-protection/microsoft-defender-atp/basic-permissions.md
index 2d1aa8f368..82b023af7d 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/basic-permissions.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/basic-permissions.md
@@ -24,7 +24,7 @@ ms.topic: article
 **Applies to:**
 
 - Azure Active Directory
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-basicaccess-abovefoldlink)
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/behavioral-blocking-containment.md b/windows/security/threat-protection/microsoft-defender-atp/behavioral-blocking-containment.md
index e9516735d3..b69250703a 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/behavioral-blocking-containment.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/behavioral-blocking-containment.md
@@ -16,6 +16,8 @@ ms.custom:
 - next-gen
 - edr
 ms.collection: 
+- m365-security-compliance 
+- m365initiative-defender-endpoint 
 ---
 
 # Behavioral blocking and containment
@@ -25,7 +27,7 @@ ms.collection:
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 ## Overview
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/check-sensor-status.md b/windows/security/threat-protection/microsoft-defender-atp/check-sensor-status.md
index 9e38e27515..3e1124927b 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/check-sensor-status.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/check-sensor-status.md
@@ -24,7 +24,7 @@ ms.date: 04/24/2018
 
 
 **Applies to:**
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-checksensor-abovefoldlink)
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/client-behavioral-blocking.md b/windows/security/threat-protection/microsoft-defender-atp/client-behavioral-blocking.md
index fee9bbd249..0af5e1bb5c 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/client-behavioral-blocking.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/client-behavioral-blocking.md
@@ -16,6 +16,8 @@ ms.custom:
 - next-gen
 - edr
 ms.collection: 
+- m365-security-compliance 
+- m365initiative-defender-endpoint 
 ---
 
 # Client behavioral blocking
@@ -25,7 +27,7 @@ ms.collection:
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 ## Overview
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/collect-investigation-package.md b/windows/security/threat-protection/microsoft-defender-atp/collect-investigation-package.md
index 398305b848..86fb26842c 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/collect-investigation-package.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/collect-investigation-package.md
@@ -22,7 +22,7 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 
-**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 - Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/commercial-gov.md b/windows/security/threat-protection/microsoft-defender-atp/commercial-gov.md
index 3642376253..d4c8c750c8 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/commercial-gov.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/commercial-gov.md
@@ -23,7 +23,7 @@ ms.topic: conceptual
 
 
 **Applies to:**
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP) for US Government Community Cloud High (GCC High) customers, built in the US Azure Government environment, uses the same underlying technologies as Microsoft Defender ATP in Azure Commercial.
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/community.md b/windows/security/threat-protection/microsoft-defender-atp/community.md
index 7a83827fc5..72fcf84f1e 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/community.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/community.md
@@ -25,7 +25,7 @@ ms.date: 04/24/2018
 
 
 **Applies to:**
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/conditional-access.md b/windows/security/threat-protection/microsoft-defender-atp/conditional-access.md
index edcabf4028..37f919486e 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/conditional-access.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/conditional-access.md
@@ -23,7 +23,7 @@ ms.topic: article
 
 
 **Applies to:**
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-arcsight.md b/windows/security/threat-protection/microsoft-defender-atp/configure-arcsight.md
index 2a2e4d3535..af6feb07a8 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/configure-arcsight.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/configure-arcsight.md
@@ -25,7 +25,7 @@ ms.topic: article
 **Applies to:**
 
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-automated-investigations-remediation.md b/windows/security/threat-protection/microsoft-defender-atp/configure-automated-investigations-remediation.md
index 6a3872d1b2..67bd1bd7dc 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/configure-automated-investigations-remediation.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/configure-automated-investigations-remediation.md
@@ -27,11 +27,11 @@ ms.reviewer: ramarom, evaldm, isco, mabraitm, chriggs
 
 **Applies to**
 
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 If your organization is using [Microsoft Defender for Endpoint](https://docs.microsoft.com/windows/security/threat-protection/) (Microsoft Defender ATP), [automated investigation and remediation capabilities](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/automated-investigations) can save your security operations team time and effort. As outlined in [this blog post](https://techcommunity.microsoft.com/t5/microsoft-defender-atp/enhance-your-soc-with-microsoft-defender-atp-automatic/ba-p/848946), these capabilities mimic the ideal steps that a security analyst takes to investigate and remediate threats. [Learn more about automated investigation and remediation](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/automated-investigations). 
 
-To configure automated investigation and remediation, you [turn on the features](#turn-on-automated-investigation-and-remediation), and then you [set up device groups](#set-up-device-groups).
+To configure automated investigation and remediation, [turn on the features](#turn-on-automated-investigation-and-remediation), and then [set up device groups](#set-up-device-groups).
 
 ## Turn on automated investigation and remediation
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-conditional-access.md b/windows/security/threat-protection/microsoft-defender-atp/configure-conditional-access.md
index 8946b66493..afca257675 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/configure-conditional-access.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/configure-conditional-access.md
@@ -22,7 +22,7 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 This section guides you through all the steps you need to take to properly implement Conditional Access.
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-email-notifications.md b/windows/security/threat-protection/microsoft-defender-atp/configure-email-notifications.md
index 18ba591b16..ed52fc4d30 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/configure-email-notifications.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/configure-email-notifications.md
@@ -23,7 +23,7 @@ ms.topic: article
 
 
 **Applies to:**
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 
 >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-emailconfig-abovefoldlink)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-gp.md b/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-gp.md
index 36703ec3a4..700626f9c0 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-gp.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-gp.md
@@ -27,7 +27,7 @@ ms.date: 04/24/2018
 
 - Group Policy
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 
 
@@ -41,6 +41,14 @@ ms.date: 04/24/2018
 > For Windows Server 2019, you may need to replace NT AUTHORITY\Well-Known-System-Account with NT AUTHORITY\SYSTEM of the XML file that the Group Policy preference creates.
 
 ## Onboard devices using Group Policy
+
+[![Image of the PDF showing the various deployment paths](images/onboard-gp.png)](images/onboard-gp.png#lightbox)
+
+
+Check out the [PDF](https://github.com/MicrosoftDocs/windows-itpro-docs/raw/public/windows/security/threat-protection/microsoft-defender-atp/downloads/mdatp-deployment-strategy.pdf)  or  [Visio](https://github.com/MicrosoftDocs/windows-itpro-docs/raw/public/windows/security/threat-protection/microsoft-defender-atp/downloads/mdatp-deployment-strategy.vsdx) to see the various paths in deploying Microsoft Defender ATP. 
+
+
+
 1. Open the GP configuration package .zip file (*WindowsDefenderATPOnboardingPackage.zip*) that you downloaded from the service onboarding wizard. You can also get the package from [Microsoft Defender Security Center](https://securitycenter.windows.com/):
  
     a.  In the navigation pane, select **Settings** > **Onboarding**.
diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-mdm.md b/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-mdm.md
index 439c8e61f3..7afe88950a 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-mdm.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-mdm.md
@@ -25,7 +25,7 @@ ms.topic: article
 **Applies to:**
 
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-configureendpointsmdm-abovefoldlink)
 
@@ -40,6 +40,10 @@ For more information on enabling MDM with Microsoft Intune, see [Device enrollme
 
 ## Onboard devices using Microsoft Intune
 
+[![Image of the PDF showing onboarding devices to Microsoft Defender ATP using Microsoft Intune](images/onboard-intune.png) ](images/onboard-intune-big.png#lightbox)
+
+Check out the [PDF](https://github.com/MicrosoftDocs/windows-itpro-docs/raw/public/windows/security/threat-protection/microsoft-defender-atp/downloads/mdatp-deployment-strategy.pdf)  or  [Visio](https://github.com/MicrosoftDocs/windows-itpro-docs/raw/public/windows/security/threat-protection/microsoft-defender-atp/downloads/mdatp-deployment-strategy.vsdx) to see the various paths in deploying Microsoft Defender ATP. 
+
 Follow the instructions from [Intune](https://docs.microsoft.com/intune/advanced-threat-protection).
 
 For more information on using Microsoft Defender ATP CSP see, [WindowsAdvancedThreatProtection CSP](https://msdn.microsoft.com/library/windows/hardware/mt723296(v=vs.85).aspx) and [WindowsAdvancedThreatProtection DDF file](https://msdn.microsoft.com/library/windows/hardware/mt723297(v=vs.85).aspx).
@@ -54,6 +58,7 @@ For more information on using Microsoft Defender ATP CSP see, [WindowsAdvancedTh
 > After onboarding the device, you can choose to run a detection test to verify that a device is properly onboarded to the service. For more information, see [Run a detection test on a newly onboarded Microsoft Defender ATP device](run-detection-test.md).
 
 
+Check out the [PDF](https://github.com/MicrosoftDocs/windows-itpro-docs/raw/public/windows/security/threat-protection/microsoft-defender-atp/downloads/mdatp-deployment-strategy.pdf)  or  [Visio](https://github.com/MicrosoftDocs/windows-itpro-docs/raw/public/windows/security/threat-protection/microsoft-defender-atp/downloads/mdatp-deployment-strategy.vsdx) to see the various paths in deploying Microsoft Defender ATP. 
 
 ## Offboard and monitor devices using Mobile Device Management tools
 For security reasons, the package used to Offboard devices will expire 30 days after the date it was downloaded. Expired offboarding packages sent to a device will be rejected. When downloading an offboarding package you will be notified of the packages expiry date and it will also be included in the package name.
diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-non-windows.md b/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-non-windows.md
index 82e701c6e9..23aaa30171 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-non-windows.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-non-windows.md
@@ -26,7 +26,7 @@ ms.topic: article
 
 - macOS
 - Linux
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-nonwindows-abovefoldlink) 
 
@@ -40,7 +40,7 @@ You'll need to know the exact Linux distros and macOS versions that are compatib
 You'll need to take the following steps to onboard non-Windows devices:
 1. Select your preferred method of onboarding:
 
-   - For macOS devices, you can choose to onboard through Microsoft Defender ATP or through a third-party solution. For more information, see [Microsoft Defender ATP for Mac](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-antivirus/microsoft-defender-atp-mac).
+   - For macOS devices, you can choose to onboard through Microsoft Defender ATP or through a third-party solution. For more information, see [Microsoft Defender ATP for Mac](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-mac).
    - For other non-Windows devices choose **Onboard non-Windows devices through third-party integration**.   
        
      1. In the navigation pane, select **Interoperability** > **Partners**. Make sure the third-party solution is listed.
diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-sccm.md b/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-sccm.md
index edc7d67d77..9bec35b806 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-sccm.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-sccm.md
@@ -25,7 +25,7 @@ ms.date: 02/07/2020
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 - Microsoft Endpoint Configuration Manager current branch
 - System Center 2012 R2 Configuration Manager
 
@@ -37,14 +37,14 @@ Based on the version of Configuration Manager you're running, the following clie
 
 #### Configuration Manager version 1910 and prior
 
-- Clients computers running Windows 10, version 1607 and later
+- Clients computers running Windows 10 
 
 #### Configuration Manager version 2002 and later
 
 Starting in Configuration Manager version 2002, you can onboard the following operating systems:
 
 - Windows 8.1
-- Windows 10, version 1607 or later
+- Windows 10
 - Windows Server 2012 R2
 - Windows Server 2016
 - Windows Server 2016, version 1803 or later
@@ -52,6 +52,14 @@ Starting in Configuration Manager version 2002, you can onboard the following op
 
 ### Onboard devices using System Center Configuration Manager
 
+
+[![Image of the PDF showing the various deployment paths](images/onboard-config-mgr.png)](images/onboard-config-mgr.png#lightbox)
+
+
+Check out the [PDF](https://github.com/MicrosoftDocs/windows-itpro-docs/raw/public/windows/security/threat-protection/microsoft-defender-atp/downloads/mdatp-deployment-strategy.pdf)  or  [Visio](https://github.com/MicrosoftDocs/windows-itpro-docs/raw/public/windows/security/threat-protection/microsoft-defender-atp/downloads/mdatp-deployment-strategy.vsdx) to see the various paths in deploying Microsoft Defender ATP. 
+
+
+
 1. Open the Configuration Manager configuration package .zip file (*WindowsDefenderATPOnboardingPackage.zip*) that you downloaded from the service onboarding wizard. You can also get the package from [Microsoft Defender Security Center](https://securitycenter.windows.com/):
 
     a. In the navigation pane, select **Settings** > **Onboarding**.
diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-script.md b/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-script.md
index 70821568d1..368587d25f 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-script.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-script.md
@@ -25,7 +25,7 @@ ms.topic: article
 **Applies to:**
 
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 
 
@@ -40,6 +40,13 @@ You can also manually onboard individual devices to Microsoft Defender ATP. You
 > To deploy at scale, use [other deployment options](configure-endpoints.md). For example, you can deploy an onboarding script to more than 10 devices in production with the script available in [Onboard Windows 10 devices using Group Policy](configure-endpoints-gp.md).
 
 ## Onboard devices 
+
+[![Image of the PDF showing the various deployment paths](images/onboard-script.png)](images/onboard-script.png#lightbox)
+
+
+Check out the [PDF](https://github.com/MicrosoftDocs/windows-itpro-docs/raw/public/windows/security/threat-protection/microsoft-defender-atp/downloads/mdatp-deployment-strategy.pdf)  or  [Visio](https://github.com/MicrosoftDocs/windows-itpro-docs/raw/public/windows/security/threat-protection/microsoft-defender-atp/downloads/mdatp-deployment-strategy.vsdx) to see the various paths in deploying Microsoft Defender ATP. 
+
+
 1.  Open the GP configuration package .zip file (*WindowsDefenderATPOnboardingPackage.zip*) that you downloaded from the service onboarding wizard. You can also get the package from [Microsoft Defender Security Center](https://securitycenter.windows.com/):
 
     1. In the navigation pane, select **Settings** > **Onboarding**.
diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints.md b/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints.md
index b77d79c856..e4fff50bcb 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints.md
@@ -25,7 +25,7 @@ ms.topic: conceptual
 **Applies to:**
 
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 - [Microsoft 365 Endpoint data loss prevention (DLP)](/microsoft-365/compliance/endpoint-dlp-learn-about)
 
 Devices in your organization must be configured so that the Microsoft Defender ATP service can get sensor data from them. There are various methods and deployment tools that you can use to configure the devices in your organization.
diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-machines-asr.md b/windows/security/threat-protection/microsoft-defender-atp/configure-machines-asr.md
index db418af7ff..34cad32cfc 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/configure-machines-asr.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/configure-machines-asr.md
@@ -24,7 +24,7 @@ ms.topic: article
 
 **Applies to:**
 
-* [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+* [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 > Want to experience Microsoft Defender ATP? [Sign up for a free trial](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-onboardconfigure-abovefoldlink).
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-machines-onboarding.md b/windows/security/threat-protection/microsoft-defender-atp/configure-machines-onboarding.md
index eb72937f89..62caae5332 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/configure-machines-onboarding.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/configure-machines-onboarding.md
@@ -23,7 +23,7 @@ ms.topic: article
 
 
 **Applies to:**
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-onboardconfigure-abovefoldlink)
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-machines-security-baseline.md b/windows/security/threat-protection/microsoft-defender-atp/configure-machines-security-baseline.md
index d8200f1502..5540903d10 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/configure-machines-security-baseline.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/configure-machines-security-baseline.md
@@ -23,7 +23,7 @@ ms.topic: article
 
 
 **Applies to:**
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-onboardconfigure-abovefoldlink)
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-machines.md b/windows/security/threat-protection/microsoft-defender-atp/configure-machines.md
index 1b1b0495eb..163980b414 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/configure-machines.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/configure-machines.md
@@ -23,7 +23,7 @@ ms.topic: conceptual
 
 
 **Applies to:**
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-onboardconfigure-abovefoldlink)
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-microsoft-threat-experts.md b/windows/security/threat-protection/microsoft-defender-atp/configure-microsoft-threat-experts.md
index 7503ffcee1..d5e1655ca5 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/configure-microsoft-threat-experts.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/configure-microsoft-threat-experts.md
@@ -14,7 +14,9 @@ author: DulceMontemayor
 ms.localizationpriority: medium
 manager: dansimp
 audience: ITPro
-ms.collection: M365-security-compliance 
+ms.collection: 
+- m365-security-compliance 
+- m365initiative-defender-endpoint 
 ms.topic: article
 ---
 
@@ -24,7 +26,7 @@ ms.topic: article
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 ## Before you begin 
 > [!NOTE]
diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-mssp-notifications.md b/windows/security/threat-protection/microsoft-defender-atp/configure-mssp-notifications.md
index 4455735f4f..200173258f 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/configure-mssp-notifications.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/configure-mssp-notifications.md
@@ -24,7 +24,7 @@ ms.topic: article
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-mssp-support-abovefoldlink)
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-mssp-support.md b/windows/security/threat-protection/microsoft-defender-atp/configure-mssp-support.md
index fa877ecd83..f5b7cb8755 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/configure-mssp-support.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/configure-mssp-support.md
@@ -24,7 +24,7 @@ ms.topic: article
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-mssp-support-abovefoldlink)
  
diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-proxy-internet.md b/windows/security/threat-protection/microsoft-defender-atp/configure-proxy-internet.md
index d115e3867d..45f77d5eea 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/configure-proxy-internet.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/configure-proxy-internet.md
@@ -13,7 +13,9 @@ author: mjcaparas
 ms.localizationpriority: medium
 manager: dansimp
 audience: ITPro
-ms.collection: M365-security-compliance 
+ms.collection: 
+- m365-security-compliance 
+- m365initiative-defender-endpoint 
 ms.topic: article
 ---
 
@@ -24,7 +26,7 @@ ms.topic: article
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 > Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-configureendpointsscript-abovefoldlink)
 
@@ -56,10 +58,10 @@ The static proxy is configurable through Group Policy (GP). The group policy can
 
 - Administrative Templates > Windows Components > Data Collection and Preview Builds > Configure Authenticated Proxy usage for the Connected User Experience and Telemetry Service
   - Set it to **Enabled** and select **Disable Authenticated Proxy usage**:
-  ![Image of Group Policy setting](images/atp-gpo-proxy1.png)
+  ![Image of Group Policy setting1](images/atp-gpo-proxy1.png)
 - **Administrative Templates > Windows Components > Data Collection and Preview Builds > Configure connected user experiences and telemetry**:
   - Configure the proxy:<br>
-    ![Image of Group Policy setting](images/atp-gpo-proxy2.png)
+    ![Image of Group Policy setting2](images/atp-gpo-proxy2.png)
 
     The policy sets two registry values `TelemetryProxyServer` as REG_SZ and `DisableEnterpriseAuthProxy` as REG_DWORD under the registry key `HKLM\Software\Policies\Microsoft\Windows\DataCollection`.
 
@@ -111,7 +113,7 @@ If a proxy or firewall is blocking all traffic by default and allowing only spec
 
 |**Item**|**Description**|
 |:-----|:-----|
-|[![Thumb image for Microsoft Defender ATP URLs spreadsheet](images/mdatp-urls.png)](https://github.com/MicrosoftDocs/windows-itpro-docs/raw/public/windows/security/threat-protection/microsoft-defender-atp/downloads/mdatp-urls.xlsx)<br/> [Spreadsheet](https://github.com/MicrosoftDocs/windows-itpro-docs/raw/public/windows/security/threat-protection/microsoft-defender-atp/downloads/mdatp-urls.xlsx)  | The spreadsheet provides specific DNS records for service locations, geographic locations, and OS. 
+|[![Thumb image for Microsoft Defender ATP URLs spreadsheet](images/mdatp-urls.png)](https://github.com/MicrosoftDocs/windows-docs-pr/blob/prereq-urls/windows/security/threat-protection/microsoft-defender-atp/downloads/mdatp-urls.xlsx)<br/> [Spreadsheet](https://github.com/MicrosoftDocs/windows-itpro-docs/raw/public/windows/security/threat-protection/microsoft-defender-atp/downloads/mdatp-urls.xlsx)  | The spreadsheet provides specific DNS records for service locations, geographic locations, and OS. 
 
 
 If a proxy or firewall has HTTPS scanning (SSL inspection) enabled, exclude the domains listed in the above table from HTTPS scanning.
@@ -125,11 +127,11 @@ If a proxy or firewall has HTTPS scanning (SSL inspection) enabled, exclude the
 
 
 > [!NOTE]
-> If you are using Microsoft Defender Antivirus in your environment, please refer to the following article for details on allowing connections to the Microsoft Defender Antivirus cloud service: https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-antivirus/configure-network-connections-microsoft-defender-antivirus
+> If you are using Microsoft Defender Antivirus in your environment, see [Configure network connections to the Microsoft Defender Antivirus cloud service](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-antivirus/configure-network-connections-microsoft-defender-antivirus).
 
 If a proxy or firewall is blocking anonymous traffic, as Microsoft Defender ATP sensor is connecting from system context, make sure anonymous traffic is permitted in the previously listed URLs.
 
-### Log analytics agent requirements
+### Microsoft Monitoring Agent (MMA) - proxy and firewall requirements for older versions of Windows client or Windows Server
 
 The information below list the proxy and firewall configuration information required to communicate with Log Analytics agent (often referred to as Microsoft Monitoring Agent) for the previous versions of Windows such as Windows 7 SP1, Windows 8.1, Windows Server 2008 R2, Windows Server 2012 R2, and Windows Server 2016.
 
@@ -139,25 +141,31 @@ The information below list the proxy and firewall configuration information requ
 |*.oms.opinsights.azure.com |Port 443 |Outbound|Yes |  
 |*.blob.core.windows.net |Port 443 |Outbound|Yes |  
 
-## Microsoft Defender ATP service backend IP range
-
-If your network devices don't support the URLs added to an "allow" list in the prior section, you can use the following information.
-
-Microsoft Defender ATP is built on Azure cloud, deployed in the following regions:
-
-- \+\<Region Name="uswestcentral">
-- \+\<Region Name="useast2">
-- \+\<Region Name="useast">
-- \+\<Region Name="europenorth">
-- \+\<Region Name="europewest">
-- \+\<Region Name="uksouth">
-- \+\<Region Name="ukwest">
-
-You can find the Azure IP range on [Microsoft Azure Datacenter IP Ranges](https://www.microsoft.com/download/details.aspx?id=56519).
 
 > [!NOTE]
 > As a cloud-based solution, the IP range can change. It's recommended you move to DNS resolving setting.
 
+## Confirm Microsoft Monitoring Agent (MMA) Service URL Requirements 
+
+Please see the following guidance to eliminate the wildcard (*) requirement for your specific environment when using the Microsoft Monitoring Agent (MMA) for previous versions of Windows.
+
+1.	Onboard a previous operating system with the Microsoft Monitoring Agent (MMA) into Microsoft Defender for Endpoint (for more information, see [Onboard previous versions of Windows on Microsoft Defender ATP](https://go.microsoft.com/fwlink/p/?linkid=2010326) and [Onboard Windows servers](configure-server-endpoints.md#windows-server-2008-r2-sp1-windows-server-2012-r2-and-windows-server-2016).
+
+2.	Ensure the machine is successfully reporting into the Microsoft Defender Security Center portal.
+
+3.	Run the TestCloudConnection.exe tool from “C:\Program Files\Microsoft Monitoring Agent\Agent” to validate the connectivity and to see the required URLs for your specific workspace.
+
+4.	Check the Microsoft Defender for Endpoint URLs list for the complete list of requirements for your region (please refer to the Service URLs [Spreadsheet](https://github.com/MicrosoftDocs/windows-itpro-docs/raw/public/windows/security/threat-protection/microsoft-defender-atp/downloads/mdatp-urls.xlsx)).
+
+![Image of administrator in Windows PowerShell](images/admin-powershell.png)
+
+The wildcards (*) used in *.ods.opinsights.azure.com, *.oms.opinsights.azure.com, and *.agentsvc.azure-automation.net URL endpoints can be replaced with your specific Workspace ID. The Workspace ID is specific to your environment and workspace and can be found in the Onboarding section of your tenant within the Microsoft Defender Security Center portal.
+
+The *.blob.core.windows.net URL endpoint can be replaced with the URLs shown in the “Firewall Rule: *.blob.core.windows.net” section of the test results. 
+
+> [!NOTE]
+> In the case of onboarding via Azure Security Center (ASC), multiple workspaces maybe used. You will need to perform the TestCloudConnection.exe procedure above on an onboarded machine from each workspace (to determine if there are any changes to the *.blob.core.windows.net URLs between the workspaces).
+
 ## Verify client connectivity to Microsoft Defender ATP service URLs
 
 Verify the proxy configuration completed successfully, that WinHTTP can discover and communicate through the proxy server in your environment, and that the proxy server allows traffic to the Microsoft Defender ATP service URLs.
diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-server-endpoints.md b/windows/security/threat-protection/microsoft-defender-atp/configure-server-endpoints.md
index 38b47a18f9..fb0e253b2c 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/configure-server-endpoints.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/configure-server-endpoints.md
@@ -30,21 +30,13 @@ ms.topic: article
 - Windows Server (SAC) version 1803 and later
 - Windows Server 2019 and later
 - Windows Server 2019 core edition
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 > Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-configserver-abovefoldlink)
 
 
 Microsoft Defender ATP extends support to also include the Windows Server operating system. This support provides advanced attack detection and investigation capabilities seamlessly through the Microsoft Defender Security Center console.
 
-The service supports the onboarding of the following Windows servers:
-- Windows Server 2008 R2 SP1
-- Windows Server 2012 R2
-- Windows Server 2016
-- Windows Server (SAC) version 1803 and later
-- Windows Server 2019 and later
-- Windows Server 2019 core edition
-
 For a practical guidance on what needs to be in place for licensing and infrastructure, see [Protecting Windows Servers with Microsoft Defender ATP](https://techcommunity.microsoft.com/t5/What-s-New/Protecting-Windows-Server-with-Windows-Defender-ATP/m-p/267114#M128).
 
 For guidance on how to download and use Windows Security Baselines for Windows servers, see [Windows Security Baselines](https://docs.microsoft.com/windows/device-security/windows-security-baselines).
@@ -54,16 +46,36 @@ For guidance on how to download and use Windows Security Baselines for Windows s
 
 You can onboard Windows Server 2008 R2 SP1, Windows Server 2012 R2, and Windows Server 2016 to Microsoft Defender ATP by using any of the following options:
 
-- **Option 1**: [Onboard through Microsoft Defender Security Center](#option-1-onboard-windows-servers-through-microsoft-defender-security-center)
+- **Option 1**: [Onboard by installing and configuring Microsoft Monitoring Agent (MMA)](#option-1-onboard-by-installing-and-configuring-microsoft-monitoring-agent-mma)
 - **Option 2**: [Onboard through Azure Security Center](#option-2-onboard-windows-servers-through-azure-security-center)
-- **Option 3**: [Onboard through Microsoft Endpoint Configuration Manager version 2002 and later (only for Windows Server 2012 R2 and Windows Server 2016)](#option-3-onboard-windows-servers-through-microsoft-endpoint-configuration-manager-version-2002-and-later)
+- **Option 3**: [Onboard through Microsoft Endpoint Configuration Manager version 2002 and later](#option-3-onboard-windows-servers-through-microsoft-endpoint-configuration-manager-version-2002-and-later)
+
+
+After completing the onboarding steps using any of the provided options, you'll need to [Configure and update System Center Endpoint Protection clients](#configure-and-update-system-center-endpoint-protection-clients).
+
 
 > [!NOTE]
 > Microsoft defender ATP standalone server license is required, per node, in order to onboard a Windows server through Microsoft Defender Security Center (Option 1), or an Azure Security Center Standard license is required, per node, in order to onboard a Windows server through Azure Security Center (Option 2), see [Supported features available in Azure Security Center](https://docs.microsoft.com/azure/security-center/security-center-services).
 
 
-### Option 1: Onboard Windows servers through Microsoft Defender Security Center
-Perform the following steps to onboard Windows servers through Microsoft Defender Security Center:
+### Option 1: Onboard by installing and configuring Microsoft Monitoring Agent (MMA)
+You'll need to install and configure MMA for Windows servers to report sensor data to Microsoft Defender ATP. For more information, see [Collect log data with Azure Log Analytics agent](https://docs.microsoft.com/azure/azure-monitor/platform/log-analytics-agent).
+
+If you're already leveraging System Center Operations Manager (SCOM) or Azure Monitor (formerly known as Operations Management Suite (OMS)), attach the Microsoft Monitoring Agent (MMA) to report to your Microsoft Defender ATP workspace through Multihoming support.
+
+In general, you'll need to take the following steps:
+1. Fulfill the onboarding requirements outlined in **Before you begin** section.
+2. Turn on server monitoring from Microsoft Defender Security center.
+3. Install and configure MMA for the server to report sensor data to Microsoft Defender ATP.
+4. Configure and update System Center Endpoint Protection clients.
+
+
+> [!TIP]
+> After onboarding the device, you can choose to run a detection test to verify that it is properly onboarded to the service. For more information, see [Run a detection test on a newly onboarded Microsoft Defender ATP endpoint](run-detection-test.md).
+
+
+#### Before you begin 
+Perform the following steps to fulfill the onboarding requirements:
 
  - For Windows Server 2008 R2 SP1 or Windows Server 2012 R2, ensure that you install the following hotfix:
     - [Update for customer experience and diagnostic telemetry](https://support.microsoft.com/help/3080149/update-for-customer-experience-and-diagnostic-telemetry)
@@ -77,32 +89,6 @@ Perform the following steps to onboard Windows servers through Microsoft Defende
     > [!NOTE]
     > This step is required only if your organization uses System Center Endpoint Protection (SCEP) and you're onboarding Windows Server 2008 R2 SP1 and Windows Server 2012 R2.
 
- - [Turn on server monitoring from Microsoft Defender Security Center](#turn-on-server-monitoring-from-the-microsoft-defender-security-center-portal).
-
- - If you're already leveraging System Center Operations Manager (SCOM) or Azure Monitor (formerly known as Operations Management Suite (OMS)), attach the Microsoft Monitoring Agent (MMA) to report to your Microsoft Defender ATP workspace through Multihoming support.
-
-    Otherwise, [install and configure MMA to report sensor data to Microsoft Defender ATP](#install-and-configure-microsoft-monitoring-agent-mma-to-report-sensor-data-to-microsoft-defender-atp). For more information, see [Collect log data with Azure Log Analytics agent](https://docs.microsoft.com/azure/azure-monitor/platform/log-analytics-agent).
-
-> [!TIP]
-> After onboarding the device, you can choose to run a detection test to verify that it is properly onboarded to the service. For more information, see [Run a detection test on a newly onboarded Microsoft Defender ATP endpoint](run-detection-test.md).
-
-### Configure and update System Center Endpoint Protection clients
-
-Microsoft Defender ATP integrates with System Center Endpoint Protection. The integration provides visibility to malware detections and to stop propagation of an attack in your organization by banning potentially malicious files or suspected malware.
-
-The following steps are required to enable this integration:
-- Install the [January 2017 anti-malware platform update for Endpoint Protection clients](https://support.microsoft.com/help/3209361/january-2017-anti-malware-platform-update-for-endpoint-protection-clie).
-
-- Configure the SCEP client Cloud Protection Service membership to the **Advanced** setting.
-
-
-### Turn on Server monitoring from the Microsoft Defender Security Center portal
-
-1. In the navigation pane, select **Settings** > **Device management** > **Onboarding**.
-
-2. Select **Windows Server 2008 R2 SP1, 2012 R2 and 2016** as the operating system.
-
-3. Click **Turn on server monitoring** and confirm that you'd like to proceed with the environment setup. When the setup completes, the **Workspace ID** and **Workspace key** fields are populated with unique values. You'll need to use these values to configure the MMA agent.
 
 <span id="server-mma"/>
 
@@ -115,16 +101,21 @@ The following steps are required to enable this integration:
     On the **Agent Setup Options** page, choose **Connect the agent to Azure Log Analytics (OMS)**.
     - [Install the agent using the command line](https://docs.microsoft.com/azure/log-analytics/log-analytics-windows-agents#install-the-agent-using-the-command-line) and [configure the agent using a script](https://docs.microsoft.com/azure/log-analytics/log-analytics-windows-agents#add-a-workspace-using-a-script).
 
-3. You'll need to configure proxy settings for the Microsoft Monitoring Agent. For more information, see [Configure proxy settings](configure-proxy-internet.md).
 
-Once completed, you should see onboarded Windows servers in the portal within an hour.
 
 <span id="server-proxy"/>
 
-### Configure Windows server proxy and Internet connectivity settings
+### Configure Windows server proxy and Internet connectivity settings if needed
+If your servers need to use a proxy to communicate with Microsoft Defender ATP, use one of the following methods to configure the MMA to use the proxy server:
 
-- Each Windows server must be able to connect to the Internet using HTTPS. This connection can be direct, using a proxy, or through the <a href="https://docs.microsoft.com/azure/log-analytics/log-analytics-oms-gateway" data-raw-source="[OMS Gateway](https://docs.microsoft.com/azure/log-analytics/log-analytics-oms-gateway)">OMS Gateway</a>.
-- If a proxy or firewall is blocking all traffic by default and allowing only specific domains through or HTTPS scanning (SSL inspection) is enabled, make sure that you [enable access to Microsoft Defender ATP service URLs](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/configure-proxy-internet#enable-access-to-microsoft-defender-atp-service-urls-in-the-proxy-server).
+
+- [Configure the MMA to use a proxy server](https://docs.microsoft.com/azure/azure-monitor/platform/agent-windows#install-agent-using-setup-wizard)
+
+- [Configure Windows to use a proxy server for all connections](configure-proxy-internet.md)
+
+If a proxy or firewall is in use, please ensure that servers can access all of the Microsoft Defender ATP service URLs directly and without SSL interception. For more information, see [enable access to Microsoft Defender ATP service URLs](configure-proxy-internet.md#enable-access-to-microsoft-defender-atp-service-urls-in-the-proxy-server). Use of SSL interception will prevent the system from communicating with the Defender for Endpoint service. 
+
+Once completed, you should see onboarded Windows servers in the portal within an hour.
 
 ### Option 2: Onboard Windows servers through Azure Security Center
 1. In the Microsoft Defender Security Center navigation pane, select **Settings** > **Device management** > **Onboarding**.
@@ -135,9 +126,15 @@ Once completed, you should see onboarded Windows servers in the portal within an
 
 4. Follow the onboarding instructions in [Microsoft Defender Advanced Threat Protection with Azure Security Center](https://docs.microsoft.com/azure/security-center/security-center-wdatp).
 
+After completing the onboarding steps, you'll need to [Configure and update System Center Endpoint Protection clients](#configure-and-update-system-center-endpoint-protection-clients).
+
 ### Option 3: Onboard Windows servers through Microsoft Endpoint Configuration Manager version 2002 and later
 You can onboard Windows Server 2012 R2 and Windows Server 2016 by using Microsoft Endpoint Configuration Manager version 2002 and later. For more information, see [Microsoft Defender Advanced Threat Protection in Microsoft Endpoint Configuration Manager current branch](https://docs.microsoft.com/mem/configmgr/protect/deploy-use/defender-advanced-threat-protection).
 
+After completing the onboarding steps, you'll need to [Configure and update System Center Endpoint Protection clients](#configure-and-update-system-center-endpoint-protection-clients).
+
+
+
 ## Windows Server (SAC) version 1803, Windows Server 2019, and Windows Server 2019 Core edition
 You can onboard Windows Server (SAC) version 1803, Windows Server 2019, or Windows Server 2019 Core edition by using the following deployment methods:
 
@@ -201,6 +198,17 @@ Data collected by Microsoft Defender ATP is stored in the geo-location of the te
 Server endpoint monitoring utilizing this integration has been disabled for Office 365 GCC customers.
 
 
+## Configure and update System Center Endpoint Protection clients
+
+Microsoft Defender ATP integrates with System Center Endpoint Protection. The integration provides visibility to malware detections and to stop propagation of an attack in your organization by banning potentially malicious files or suspected malware.
+
+The following steps are required to enable this integration:
+- Install the [January 2017 anti-malware platform update for Endpoint Protection clients](https://support.microsoft.com/help/3209361/january-2017-anti-malware-platform-update-for-endpoint-protection-clie).
+
+- Configure the SCEP client Cloud Protection Service membership to the **Advanced** setting.
+
+
+
 ## Offboard Windows servers
 You can offboard Windows Server (SAC), Windows Server 2019, and Windows Server 2019 Core edition in the same method available for Windows 10 client devices.
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-siem.md b/windows/security/threat-protection/microsoft-defender-atp/configure-siem.md
index 2767826ed6..aa9008f98a 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/configure-siem.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/configure-siem.md
@@ -24,7 +24,7 @@ ms.topic: article
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-configuresiem-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/connected-applications.md b/windows/security/threat-protection/microsoft-defender-atp/connected-applications.md
index 69775ff5c3..389002a969 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/connected-applications.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/connected-applications.md
@@ -23,7 +23,7 @@ ms.topic: conceptual
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 
 Connected applications integrates with the Microsoft Defender ATP platform using APIs. 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/controlled-folders.md b/windows/security/threat-protection/microsoft-defender-atp/controlled-folders.md
index e4e8f5ec72..7687279880 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/controlled-folders.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/controlled-folders.md
@@ -24,7 +24,7 @@ ms.custom: asr
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 ## What is controlled folder access?
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/create-alert-by-reference.md b/windows/security/threat-protection/microsoft-defender-atp/create-alert-by-reference.md
index e02de4aa8b..887c5716d1 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/create-alert-by-reference.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/create-alert-by-reference.md
@@ -21,7 +21,7 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 
-**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 - Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/custom-detection-rules.md b/windows/security/threat-protection/microsoft-defender-atp/custom-detection-rules.md
index 79ab34fce9..9135224d1c 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/custom-detection-rules.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/custom-detection-rules.md
@@ -16,6 +16,7 @@ manager: dansimp
 audience: ITPro
 ms.collection: M365-security-compliance 
 ms.topic: article
+ms.date: 09/20/2020
 ---
 
 # Create custom detection rules
@@ -23,30 +24,36 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 Custom detection rules built from [advanced hunting](advanced-hunting-overview.md) queries let you proactively monitor various events and system states, including suspected breach activity and misconfigured devices. You can set them to run at regular intervals, generating alerts and taking response actions whenever there are matches.
 
-Read this article to learn how to create new custom detection rules. Or [see viewing and managing existing rules](custom-detections-manage.md). 
+Read this article to learn how to create new custom detection rules. Or [see viewing and managing existing rules](custom-detections-manage.md).
 
-## 1. Check required permissions
+> [!NOTE]
+> To create or manage custom detections, [your role](user-roles.md#create-roles-and-assign-the-role-to-an-azure-active-directory-group) needs to have the **manage security settings** permission.
 
-To create or manage custom detections, [your role](user-roles.md#create-roles-and-assign-the-role-to-an-azure-active-directory-group) needs to have the **manage security settings** permission.
-
-## 2. Prepare the query
+## 1. Prepare the query.
 
 In Microsoft Defender Security Center, go to **Advanced hunting** and select an existing query or create a new query. When using a new query, run the query to identify errors and understand possible results.
 
 >[!IMPORTANT]
 >To prevent the service from returning too many alerts, each rule is limited to generating only 100 alerts whenever it runs. Before creating a rule, tweak your query to avoid alerting for normal, day-to-day activity.
 
-
 ### Required columns in the query results
-To use a query for a custom detection rule, the query must return the `Timestamp`, `DeviceId`, and `ReportId` columns in the results. Simple queries, such as those that don't use the `project` or `summarize` operator to customize or aggregate results, typically return these common columns.
 
-There are various ways to ensure more complex queries return these columns. For example, if you prefer to aggregate and count by `DeviceId`, you can still return `Timestamp` and `ReportId` by getting them from the most recent event involving each device. 
+To use a query for a custom detection rule, the query must return the following columns:
 
-The sample query below counts the number of unique devices (`DeviceId`) with antivirus detections and uses this count to find only the devices with more than five detections. To return the latest `Timestamp` and the corresponding `ReportId`, it uses the `summarize` operator with the `arg_max` function.
+- `Timestamp`
+- `DeviceId`
+- `ReportId`
+
+Simple queries, such as those that don't use the `project` or `summarize` operator to customize or aggregate results, typically return these common columns.
+
+There are various ways to ensure more complex queries return these columns. For example, if you prefer to aggregate and count by `DeviceId`, you can still return `Timestamp` and `ReportId` by getting them from the most recent event involving each device.
+
+The sample query below counts the number of unique devices (`DeviceId`) with antivirus detections and uses this to find only those devices with more than five detections. To return the latest `Timestamp` and the corresponding `ReportId`, it uses the `summarize` operator with the `arg_max` function.
 
 ```kusto
 DeviceEvents
@@ -56,7 +63,10 @@ DeviceEvents
 | where count_ > 5
 ```
 
-## 3. Create new rule and provide alert details
+> [!TIP]
+> For better query performance, set a time filter that matches your intended run frequency for the rule. Since the least frequent run is every 24 hours, filtering for the past day will cover all new data.
+
+## 2. Create a new rule and provide alert details.
 
 With the query in the query editor, select **Create detection rule** and specify the following alert details:
 
@@ -67,36 +77,52 @@ With the query in the query editor, select **Create detection rule** and specify
 - **Category**—type of threat component or activity, if any. [Read about alert categories](alerts-queue.md#understanding-alert-categories)
 - **MITRE ATT&CK techniques**—one or more attack techniques identified by the rule as documented in the MITRE ATT&CK framework. This section is not available with certain alert categories, such as malware, ransomware, suspicious activity, and unwanted software
 - **Description**—more information about the component or activity identified by the rule 
-- **Recommended actions**—additional actions that responders might take in response to an alert 
+- **Recommended actions**—additional actions that responders might take in response to an alert
 
 For more information about how alert details are displayed, [read about the alert queue](alerts-queue.md).
 
 ### Rule frequency
-When saved, a new or edited custom detection rule immediately runs and checks for matches from the past 30 days of data. The rule then runs again at fixed intervals and lookback durations based on the frequency you choose:
+
+When saved, a new custom detection rule immediately runs and checks for matches from the past 30 days of data. The rule then runs again at fixed intervals and lookback durations based on the frequency you choose:
 
 - **Every 24 hours**—runs every 24 hours, checking data from the past 30 days
 - **Every 12 hours**—runs every 12 hours, checking data from the past 24 hours
 - **Every 3 hours**—runs every 3 hours, checking data from the past 6 hours
 - **Every hour**—runs hourly, checking data from the past 2 hours
 
+> [!TIP]
+> Match the time filters in your query with the lookback duration. Results outside of the lookback duration are ignored.
+
 Select the frequency that matches how closely you want to monitor detections, and consider your organization's capacity to respond to the alerts.
 
-## 4. Specify actions on files or devices
+## 3. Choose the impacted entities.
+
+Identify the columns in your query results where you expect to find the main affected or impacted entity. For example, a query might return both device and user IDs. Identifying which of these columns represent the main impacted entity helps the service aggregate relevant alerts, correlate incidents, and target response actions.
+
+You can select only one column for each entity type. Columns that are not returned by your query can't be selected.
+
+## 4. Specify actions.
+
 Your custom detection rule can automatically take actions on files or devices that are returned by the query.
 
 ### Actions on devices
+
 These actions are applied to devices in the `DeviceId` column of the query results:
+
 - **Isolate device**—applies full network isolation, preventing the device from connecting to any application or service, except for the Microsoft Defender ATP service. [Learn more about device isolation](respond-machine-alerts.md#isolate-devices-from-the-network)
 - **Collect investigation package**—collects device information in a ZIP file. [Learn more about the investigation package](respond-machine-alerts.md#collect-investigation-package-from-devices)
 - **Run antivirus scan**—performs a full Microsoft Defender Antivirus scan on the device
 - **Initiate investigation**—starts an [automated investigation](automated-investigations.md) on the device
 
 ### Actions on files
+
 These actions are applied to files in the `SHA1` or the `InitiatingProcessSHA1` column of the query results:
+
 - **Allow/Block**—automatically adds the file to your [custom indicator list](manage-indicators.md) so that it is always allowed to run or blocked from running. You can set the scope of this action so that it is taken only on selected device groups. This scope is independent of the scope of the rule.
 - **Quarantine file**—deletes the file from its current location and places a copy in quarantine
 
-## 5. Set the rule scope
+## 5. Set the rule scope.
+
 Set the scope to specify which devices are covered by the rule:
 
 - All devices
@@ -104,12 +130,15 @@ Set the scope to specify which devices are covered by the rule:
 
 Only data from devices in scope will be queried. Also, actions will be taken only on those devices.
 
-## 6. Review and turn on the rule
+## 6. Review and turn on the rule.
+
 After reviewing the rule, select **Create** to save it. The custom detection rule immediately runs. It runs again based on configured frequency to check for matches, generate alerts, and take response actions.
 
+You can [view and manage custom detection rules](custom-detections-manage.md), check their previous runs, and review the alerts they have triggered. You can also run a rule on demand and modify it.
 
 ## Related topics
-- [View and manage detection rules](custom-detections-manage.md)
+
+- [View and manage custom detection rules](custom-detections-manage.md)
 - [Custom detections overview](overview-custom-detections.md)
 - [Advanced hunting overview](advanced-hunting-overview.md)
 - [Learn the advanced hunting query language](advanced-hunting-query-language.md)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/custom-detections-manage.md b/windows/security/threat-protection/microsoft-defender-atp/custom-detections-manage.md
index 855bd65993..93b295e31b 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/custom-detections-manage.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/custom-detections-manage.md
@@ -24,7 +24,7 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 Manage your existing [custom detection rules](custom-detection-rules.md) to ensure they are effectively finding threats and taking actions. Explore how to view the list of rules, check their previous runs, and review the alerts they have triggered. You can also run a rule on demand and modify it.
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/customize-attack-surface-reduction.md b/windows/security/threat-protection/microsoft-defender-atp/customize-attack-surface-reduction.md
index 2773f28ed5..3ca15689d2 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/customize-attack-surface-reduction.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/customize-attack-surface-reduction.md
@@ -21,7 +21,7 @@ manager: dansimp
 
 **Applies to:**
 
-* [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+* [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 > [!IMPORTANT]
 > Some information relates to prereleased product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
diff --git a/windows/security/threat-protection/microsoft-defender-atp/customize-controlled-folders.md b/windows/security/threat-protection/microsoft-defender-atp/customize-controlled-folders.md
index f35a4eefd9..d4f8aeab39 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/customize-controlled-folders.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/customize-controlled-folders.md
@@ -21,7 +21,7 @@ manager: dansimp
 
 **Applies to:**
 
-* [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+* [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 Controlled folder access helps you protect valuable data from malicious apps and threats, such as ransomware. Controlled folder access is supported on Windows Server 2019 and Windows 10 clients.
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/customize-exploit-protection.md b/windows/security/threat-protection/microsoft-defender-atp/customize-exploit-protection.md
index 081c5218c3..6124ea2318 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/customize-exploit-protection.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/customize-exploit-protection.md
@@ -21,7 +21,7 @@ manager: dansimp
 
 **Applies to:**
 
-* [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+* [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 Exploit protection automatically applies a number of exploit mitigation techniques on both the operating system processes and on individual apps.
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/data-retention-settings.md b/windows/security/threat-protection/microsoft-defender-atp/data-retention-settings.md
index f1483165c4..51f62dd09c 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/data-retention-settings.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/data-retention-settings.md
@@ -24,7 +24,7 @@ ms.topic: conceptual
 **Applies to:**
 
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 
 >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-gensettings-abovefoldlink)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/defender-compatibility.md b/windows/security/threat-protection/microsoft-defender-atp/defender-compatibility.md
index fa43e76e73..cae9259b66 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/defender-compatibility.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/defender-compatibility.md
@@ -27,7 +27,7 @@ ms.date: 04/24/2018
 
 
 - Windows Defender
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/delete-ti-indicator-by-id.md b/windows/security/threat-protection/microsoft-defender-atp/delete-ti-indicator-by-id.md
index 1dd2b90d07..5b8786d978 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/delete-ti-indicator-by-id.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/delete-ti-indicator-by-id.md
@@ -21,7 +21,7 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 
-**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 - Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/deployment-phases.md b/windows/security/threat-protection/microsoft-defender-atp/deployment-phases.md
index 000dafbddd..9e8296bde8 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/deployment-phases.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/deployment-phases.md
@@ -1,6 +1,6 @@
 ---
 title: Deployment phases
-description: Learn how deploy Microsoft Defender ATP by preparing, setting up, and onboarding endpoints to that service
+description: Learn how to deploy Microsoft Defender ATP by preparing, setting up, and onboarding endpoints to that service
 keywords: deploy, prepare, setup, onboard, phase, deployment, deploying, adoption, configuring
 search.product: eADQiWindows 10XVcnh
 ms.prod: w10
@@ -24,28 +24,30 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 
 There are three phases in deploying Microsoft Defender ATP:
 
-|Phase | Desription | 
+|Phase | Description | 
 |:-------|:-----|
 | ![Phase 1: Prepare](images/prepare.png)<br>[Phase 1: Prepare](prepare-deployment.md)| Learn about what you need to consider when deploying Microsoft Defender ATP: <br><br>- Stakeholders and sign-off <br> - Environment considerations <br>- Access <br> - Adoption order
 |  ![Phase 2: Setup](images/setup.png) <br>[Phase 2: Setup](production-deployment.md)|  Take the initial steps to access Microsoft Defender Security Center. You'll be guided on:<br><br>- Validating the licensing <br>  - Completing the setup wizard within the portal<br>- Network configuration|
-|  ![Phase 3: Onboard](images/onboard.png) <br>[Phase 3: Onboard](onboarding.md) | Onboard devices to the service so the Microsoft Defender ATP service can get sensor data from them. You'll be guided on:<br><br>- Using Microsoft Endpoint Configuration Manager to onboard devices<br>- Configure capabilities 
+|  ![Phase 3: Onboard](images/onboard.png) <br>[Phase 3: Onboard](onboarding.md) | Onboard devices to the service so the Microsoft Defender ATP service can get sensor data from them. 
 
 
 
- The deployment guide will guide you through the recommended path in deploying Microsoft Defender ATP. 
+The deployment guide will guide you through the recommended path in deploying Microsoft Defender ATP. 
 
-There are several methods you can use to onboard to the service. For information on other ways to onboard, see [Onboard devices to Microsoft Defender ATP](onboard-configure.md).
+If you're unfamiliar with the general deployment planning steps, check out the [Plan deployment](deployment-strategy.md) topic to get a  high-level overview of the general deployment steps and methods.
 
 ## In Scope
 
 The following is in scope for this deployment guide:
 
--   Use of Microsoft Endpoint Configuration Manager to onboard endpoints into the service
+-   Use of Microsoft Endpoint Configuration Manager and Microsoft Endpoint Manager to onboard endpoints into the service and configure capabilities
+
+-   Enabling Microsoft Defender ATP endpoint detection and response (EDR)  capabilities
 
 -   Enabling Microsoft Defender ATP endpoint protection platform (EPP)
     capabilities
@@ -54,11 +56,6 @@ The following is in scope for this deployment guide:
 
     -   Attack surface reduction
 
--   Enabling Microsoft Defender ATP endpoint detection and response (EDR)
-    capabilities including automatic investigation and remediation
-
--   Enabling Microsoft Defender ATP threat and vulnerability management (TVM)
-
 
 ## Out of scope
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/deployment-strategy.md b/windows/security/threat-protection/microsoft-defender-atp/deployment-strategy.md
index cd066db719..1da9daaa7f 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/deployment-strategy.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/deployment-strategy.md
@@ -1,5 +1,5 @@
 ---
-title: Plan your Microsoft Defender ATP deployment strategy
+title: Plan your Microsoft Defender ATP deployment 
 description: Select the best Microsoft Defender ATP deployment strategy for your environment
 keywords: deploy, plan, deployment strategy, cloud native, management, on prem, evaluation, onboarding, local, group policy, gp, endpoint manager, mem
 search.product: eADQiWindows 10XVcnh
@@ -16,35 +16,62 @@ ms.collection: M365-security-compliance
 ms.topic: article
 ---
 
-# Plan your Microsoft Defender ATP deployment strategy
+# Plan your Microsoft Defender ATP deployment 
 
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-secopsdashboard-abovefoldlink) 
 
 Depending on the requirements of your environment, we've put together material to help guide you through the various options you can adopt to deploy Microsoft Defender ATP. 
 
+These are the general steps you need to take to deploy Microsoft Defender ATP:
 
-You can deploy Microsoft Defender ATP using various management tools. In general the following management tools are supported:
+![Image of deployment flow](images/onboarding-flow-diagram.png)
 
-- Group policy
-- Microsoft Endpoint Configuration Manager
-- Mobile Device Management tools
-- Local script
+- Identify architecture
+- Select deployment method
+- Configure capabilities
 
 
-## Microsoft Defender ATP deployment strategy
+## Step 1: Identify architecture
+We understand that every enterprise environment is unique, so we've provided several options to give you the flexibility in choosing how to deploy the service.
 
-Depending on your environment, some tools are better suited for certain architectures.
+Depending on your environment, some tools are better suited for certain architectures. 
 
+Use the following material to select the appropriate Microsoft Defender ATP architecture that best suites your organization.
 
 |**Item**|**Description**|
 |:-----|:-----|
 |[![Thumb image for Microsoft Defender ATP deployment strategy](images/mdatp-deployment-strategy.png)](https://github.com/MicrosoftDocs/windows-itpro-docs/raw/public/windows/security/threat-protection/microsoft-defender-atp/downloads/mdatp-deployment-strategy.pdf)<br/> [PDF](https://github.com/MicrosoftDocs/windows-itpro-docs/raw/public/windows/security/threat-protection/microsoft-defender-atp/downloads/mdatp-deployment-strategy.pdf)  \| [Visio](https://github.com/MicrosoftDocs/windows-itpro-docs/raw/public/windows/security/threat-protection/microsoft-defender-atp/downloads/mdatp-deployment-strategy.vsdx) | The architectural material helps you plan your deployment for the following architectures: <ul><li> Cloud-native </li><li> Co-management </li><li> On-premise</li><li>Evaluation and local onboarding</li>
 
+
+
+## Step 2: Select deployment method
+Microsoft Defender ATP supports a variety of endpoints that you can onboard to the service. 
+
+The following table lists the supported endpoints and the corresponding deployment tool that you can use so that you can plan the deployment appropriately.
+
+| Endpoint     | Deployment tool                       |
+|--------------|------------------------------------------|
+| **Windows**  |  [Local script (up to 10 devices)](configure-endpoints-script.md) <br>  [Group Policy](configure-endpoints-gp.md) <br>  [Microsoft Endpoint Manager/ Mobile Device Manager](configure-endpoints-mdm.md) <br>   [Microsoft Endpoint Configuration Manager](configure-endpoints-sccm.md) <br> [VDI scripts](configure-endpoints-vdi.md)   |
+| **macOS**    | [Local script](mac-install-manually.md) <br> [Microsoft Endpoint Manager](mac-install-with-intune.md) <br> [JAMF Pro](mac-install-with-jamf.md) <br> [Mobile Device Management](mac-install-with-other-mdm.md) |
+| **Linux Server** | [Local script](linux-install-manually.md) <br> [Puppet](linux-install-with-puppet.md) <br> [Ansible](linux-install-with-ansible.md)|
+| **iOS**      | [App-based](ios-install.md)                                |
+| **Android**  | [Microsoft Endpoint Manager](android-intune.md)               | 
+
+
+
+## Step 3: Configure capabilities
+After onboarding endpoints, configure the security capabilities in Microsoft Defender ATP so that you can maximize the robust security protection available in the suite. Capabilities include:
+
+- Endpoint detection and response
+- Next-generation protection
+- Attack surface reduction
+
+
   
 ## Related topics
 - [Deployment phases](deployment-phases.md)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/device-timeline-event-flag.md b/windows/security/threat-protection/microsoft-defender-atp/device-timeline-event-flag.md
index 7b99cd69cd..bd99bff2fa 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/device-timeline-event-flag.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/device-timeline-event-flag.md
@@ -20,7 +20,7 @@ ms.topic: article
 
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
-**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 Event flags in the Microsoft Defender ATP device timeline help you filter and organize specific events when you're  investigate potential attacks.
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/downloads/mdatp-urls.xlsx b/windows/security/threat-protection/microsoft-defender-atp/downloads/mdatp-urls.xlsx
index bd35122350..ded3b76626 100644
Binary files a/windows/security/threat-protection/microsoft-defender-atp/downloads/mdatp-urls.xlsx and b/windows/security/threat-protection/microsoft-defender-atp/downloads/mdatp-urls.xlsx differ
diff --git a/windows/security/threat-protection/microsoft-defender-atp/edr-in-block-mode.md b/windows/security/threat-protection/microsoft-defender-atp/edr-in-block-mode.md
index a92e2b43c4..be7793c044 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/edr-in-block-mode.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/edr-in-block-mode.md
@@ -16,6 +16,9 @@ ms.custom:
 - next-gen
 - edr
 ms.date: 08/21/2020
+ms.collection: 
+- m365-security-compliance 
+- m365initiative-defender-endpoint 
 ---
 
 # Endpoint detection and response (EDR) in block mode
@@ -25,7 +28,7 @@ ms.date: 08/21/2020
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 ## What is EDR in block mode?
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/enable-controlled-folders.md b/windows/security/threat-protection/microsoft-defender-atp/enable-controlled-folders.md
index 2986e7ecf0..6f00213b3c 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/enable-controlled-folders.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/enable-controlled-folders.md
@@ -22,7 +22,7 @@ manager: dansimp
 
 **Applies to:**
 
-* [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+* [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 [Controlled folder access](controlled-folders.md) helps you protect valuable data from malicious apps and threats, such as ransomware. Controlled folder access is included with Windows 10 and Windows Server 2019.
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/enable-exploit-protection.md b/windows/security/threat-protection/microsoft-defender-atp/enable-exploit-protection.md
index 5707cf67b8..2d44c8da7d 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/enable-exploit-protection.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/enable-exploit-protection.md
@@ -21,7 +21,7 @@ manager: dansimp
 
 **Applies to:**
 
-* [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+* [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 [Exploit protection](exploit-protection.md) helps protect against malware that uses exploits to infect devices and spread. Exploit protection consists of a number of mitigations that can be applied to either the operating system or individual apps.
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/enable-network-protection.md b/windows/security/threat-protection/microsoft-defender-atp/enable-network-protection.md
index a6090f9ae7..76fd837692 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/enable-network-protection.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/enable-network-protection.md
@@ -21,7 +21,7 @@ manager: dansimp
 
 **Applies to:**
 
-* [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+* [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 [Network protection](network-protection.md) helps to prevent employees from using any application to access dangerous domains that may host phishing scams, exploits, and other malicious content on the internet. You can [audit network protection](evaluate-network-protection.md) in a test environment to view which apps would be blocked before you enable it.
 
@@ -33,12 +33,14 @@ Check if network protection has been enabled on a local device by using Registry
 
 1. Select the **Start** button in the task bar and type **regedit** to open Registry editor
 1. Choose **HKEY_LOCAL_MACHINE** from the side menu
-1. Navigate through the nested menus to **SOFTWARE** > **Policies** > **Microsoft** > **Windows Defender** > **Policy Manager**
+1. Navigate through the nested menus to **SOFTWARE** > **Policies** > **Microsoft** > **Windows Defender** > **Windows Defender Exploit Guard** > **Network Protection**
 1. Select **EnableNetworkProtection** to see the current state of network protection on the device
 
     * 0, or **Off**
     * 1, or **On**
     * 2, or **Audit** mode
+    
+    ![networkprotection](https://user-images.githubusercontent.com/3296790/95341270-b738b280-08d3-11eb-84a0-16abb140c9fd.PNG)
 
 ## Enable network protection
 
@@ -107,7 +109,7 @@ Confirm network protection is enabled on a local computer by using Registry edit
 
 1. Select **Start** and type **regedit** to open **Registry Editor**.
 
-2. Navigate to HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\Windows Defender Exploit Guard\Network Protection
+2. Navigate to **HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\Windows Defender Exploit Guard\Network Protection**
 
 3. Select **EnableNetworkProtection** and confirm the value:
    * 0=Off
diff --git a/windows/security/threat-protection/microsoft-defender-atp/enable-siem-integration.md b/windows/security/threat-protection/microsoft-defender-atp/enable-siem-integration.md
index 8799a37ea2..c53ee2581c 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/enable-siem-integration.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/enable-siem-integration.md
@@ -23,7 +23,7 @@ ms.topic: article
 
 
 **Applies to:**
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 
 >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-enablesiem-abovefoldlink) 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/endpoint-detection-response-mac-preview.md b/windows/security/threat-protection/microsoft-defender-atp/endpoint-detection-response-mac-preview.md
index d8b5e85940..4d724bc3ca 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/endpoint-detection-response-mac-preview.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/endpoint-detection-response-mac-preview.md
@@ -13,7 +13,9 @@ author: dansimp
 ms.localizationpriority: medium
 manager: dansimp
 audience: ITPro
-ms.collection: M365-security-compliance
+ms.collection: 
+- m365-security-compliance 
+- m365initiative-defender-endpoint 
 ms.topic: conceptual
 ---
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/evaluate-atp.md b/windows/security/threat-protection/microsoft-defender-atp/evaluate-atp.md
index 35dc0c89f1..49d937c1ed 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/evaluate-atp.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/evaluate-atp.md
@@ -23,7 +23,7 @@ ms.topic: conceptual
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 
-[Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559) is a unified platform for preventative protection, post-breach detection, automated investigation, and response.
+[Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631) is a unified platform for preventative protection, post-breach detection, automated investigation, and response.
 
 You can evaluate Microsoft Defender Advanced Threat Protection in your organization by [starting your free trial](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp).
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/evaluate-attack-surface-reduction.md b/windows/security/threat-protection/microsoft-defender-atp/evaluate-attack-surface-reduction.md
index 1c8621e5f2..ad4b38e29a 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/evaluate-attack-surface-reduction.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/evaluate-attack-surface-reduction.md
@@ -21,7 +21,7 @@ manager: dansimp
 
 **Applies to:**
 
-* [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+* [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 Attack surface reduction rules help prevent actions typically used by malware to compromise devices or networks. Set attack surface reduction rules for devices running any of the following editions and versions of Windows:
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/evaluate-controlled-folder-access.md b/windows/security/threat-protection/microsoft-defender-atp/evaluate-controlled-folder-access.md
index da54fddecf..4493d69e8f 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/evaluate-controlled-folder-access.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/evaluate-controlled-folder-access.md
@@ -21,7 +21,7 @@ manager: dansimp
 
 **Applies to:**
 
-* [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+* [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 [Controlled folder access](controlled-folders.md) is a feature that helps protect your documents and files from modification by suspicious or malicious apps. Controlled folder access is supported on Windows Server 2019 and Windows 10 clients.
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/evaluate-exploit-protection.md b/windows/security/threat-protection/microsoft-defender-atp/evaluate-exploit-protection.md
index 0b95bca029..caf0665673 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/evaluate-exploit-protection.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/evaluate-exploit-protection.md
@@ -23,7 +23,7 @@ manager: dansimp
 
 **Applies to:**
 
-* [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+* [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 [Exploit protection](exploit-protection.md) helps protect devices from malware that uses exploits to spread and infect other devices. Mitigation can be applied to either the operating system or to an individual app. Many of the features that were part of the Enhanced Mitigation Experience Toolkit (EMET) are included in exploit protection. (The EMET has reached its end of support.)
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/evaluate-network-protection.md b/windows/security/threat-protection/microsoft-defender-atp/evaluate-network-protection.md
index 17edc7d5e5..2dad3dd570 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/evaluate-network-protection.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/evaluate-network-protection.md
@@ -21,7 +21,7 @@ manager: dansimp
 
 **Applies to:**
 
-* [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+* [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 [Network protection](network-protection.md) helps prevent employees from using any application to access dangerous domains that may host phishing scams, exploits, and other malicious content on the Internet.
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/evaluation-lab.md b/windows/security/threat-protection/microsoft-defender-atp/evaluation-lab.md
index 2f57d47778..7ab9824a6d 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/evaluation-lab.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/evaluation-lab.md
@@ -23,7 +23,7 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 
 Conducting a comprehensive security product evaluation can be a complex process requiring cumbersome environment and device configuration before an end-to-end attack simulation can actually be done. Adding to the complexity is the challenge of tracking where the simulation activities, alerts, and results are reflected during the evaluation.
diff --git a/windows/security/threat-protection/microsoft-defender-atp/event-error-codes.md b/windows/security/threat-protection/microsoft-defender-atp/event-error-codes.md
index 54be37811e..18f64aec7c 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/event-error-codes.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/event-error-codes.md
@@ -28,7 +28,7 @@ ms.date: 05/21/2018
 
 - Event Viewer
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 
 
@@ -36,9 +36,6 @@ You can review event IDs in the [Event Viewer](https://msdn.microsoft.com/librar
 
 For example, if devices are not appearing in the **Devices list**, you might need to look for event IDs on the devices. You can then use this table to determine further troubleshooting steps.
 
-> [!NOTE]
-> It can take several days for devices to begin reporting to the Microsoft Defender ATP service.
-
 **Open Event Viewer and find the Microsoft Defender ATP service event log:**
 
 1. Click **Start** on the Windows menu, type **Event Viewer**, and press **Enter**.
diff --git a/windows/security/threat-protection/microsoft-defender-atp/event-views.md b/windows/security/threat-protection/microsoft-defender-atp/event-views.md
index 926fa6beef..8aecca347e 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/event-views.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/event-views.md
@@ -21,7 +21,7 @@ manager: dansimp
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 Review attack surface reduction events in Event Viewer to monitor what rules or settings are working. You can also determine if any settings are too "noisy" or impacting your day to day workflow.
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/exploit-protection-reference.md b/windows/security/threat-protection/microsoft-defender-atp/exploit-protection-reference.md
index 5cb1174b0a..74fad04acf 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/exploit-protection-reference.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/exploit-protection-reference.md
@@ -24,7 +24,7 @@ ms.custom: asr
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 Exploit Protection provides advanced protections for applications which the IT Pro can apply after the developer has compiled and distributed the software.
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/exploit-protection.md b/windows/security/threat-protection/microsoft-defender-atp/exploit-protection.md
index e4174dddea..f9bb51fa10 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/exploit-protection.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/exploit-protection.md
@@ -11,7 +11,7 @@ ms.localizationpriority: medium
 audience: ITPro
 author: denisebmsft
 ms.author: deniseb
-ms.date: 04/02/2019
+ms.date: 10/21/2020
 ms.reviewer: 
 manager: dansimp
 ms.custom: asr
@@ -24,7 +24,7 @@ ms.custom: asr
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 Exploit protection automatically applies a number of exploit mitigation techniques to operating system processes and apps. Exploit protection is supported beginning with Windows 10, version 1709 and Windows Server, version 1803.
 
@@ -65,7 +65,7 @@ DeviceEvents
 You can review the Windows event log to see events that are created when exploit protection blocks (or audits) an app:
 
 |Provider/source | Event ID | Description|
-|---|---|---|
+|:---|:---|:---|
 |Security-Mitigations | 1 | ACG audit |
 |Security-Mitigations | 2 | ACG enforce |
 |Security-Mitigations | 3 | Do not allow child processes audit |
@@ -100,7 +100,7 @@ The mitigations available in EMET are included natively in Windows 10 (starting
 The table in this section indicates the availability and support of native mitigations between EMET and exploit protection.
 
 |Mitigation | Available under exploit protection | Available in EMET |
-|---|---|---|
+|:---|:---|:---|
 |Arbitrary code guard (ACG) | yes | yes<br />As "Memory Protection Check" |
 |Block remote images | yes | yes<br/>As "Load Library Check" |
 |Block untrusted fonts | yes | yes |
@@ -131,8 +131,6 @@ The table in this section indicates the availability and support of native mitig
 ## See also
 
 - [Protect devices from exploits](exploit-protection.md)
-- [Evaluate exploit protection](evaluate-exploit-protection.md)
-- [Enable exploit protection](enable-exploit-protection.md)
 - [Configure and audit exploit protection mitigations](customize-exploit-protection.md)
-- [Import, export, and deploy exploit protection configurations](import-export-exploit-protection-emet-xml.md)
 - [Troubleshoot exploit protection](troubleshoot-exploit-protection-mitigations.md)
+- [Optimize ASR rule deployment and detections](configure-machines-asr.md)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/exposed-apis-create-app-nativeapp.md b/windows/security/threat-protection/microsoft-defender-atp/exposed-apis-create-app-nativeapp.md
index 8f4d3dec0e..20194e3e9e 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/exposed-apis-create-app-nativeapp.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/exposed-apis-create-app-nativeapp.md
@@ -22,7 +22,7 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 
-**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 - Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/exposed-apis-create-app-partners.md b/windows/security/threat-protection/microsoft-defender-atp/exposed-apis-create-app-partners.md
index 2b71b7c2cf..6e860b794b 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/exposed-apis-create-app-partners.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/exposed-apis-create-app-partners.md
@@ -22,7 +22,7 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 
-**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 - Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/exposed-apis-create-app-webapp.md b/windows/security/threat-protection/microsoft-defender-atp/exposed-apis-create-app-webapp.md
index e4a7458f08..2f0c92ed8d 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/exposed-apis-create-app-webapp.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/exposed-apis-create-app-webapp.md
@@ -22,7 +22,7 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 
-**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 - Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/exposed-apis-full-sample-powershell.md b/windows/security/threat-protection/microsoft-defender-atp/exposed-apis-full-sample-powershell.md
index 1ad142d2e4..bdb9fddc2c 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/exposed-apis-full-sample-powershell.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/exposed-apis-full-sample-powershell.md
@@ -23,7 +23,7 @@ ms.date: 09/24/2018
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 
 Full scenario using multiple APIs from Microsoft Defender ATP.
diff --git a/windows/security/threat-protection/microsoft-defender-atp/exposed-apis-list.md b/windows/security/threat-protection/microsoft-defender-atp/exposed-apis-list.md
index d5115891d3..a226699cda 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/exposed-apis-list.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/exposed-apis-list.md
@@ -22,7 +22,7 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 
-**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 - Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/exposed-apis-odata-samples.md b/windows/security/threat-protection/microsoft-defender-atp/exposed-apis-odata-samples.md
index e5f5fcad0b..3cbeec8462 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/exposed-apis-odata-samples.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/exposed-apis-odata-samples.md
@@ -24,7 +24,7 @@ ms.topic: article
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 If you are not familiar with OData queries, see: [OData V4 queries](https://www.odata.org/documentation/)
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/feedback-loop-blocking.md b/windows/security/threat-protection/microsoft-defender-atp/feedback-loop-blocking.md
index 0d0ee850c5..e65d2379cd 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/feedback-loop-blocking.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/feedback-loop-blocking.md
@@ -25,7 +25,7 @@ ms.collection:
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 ## Overview
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/fetch-alerts-mssp.md b/windows/security/threat-protection/microsoft-defender-atp/fetch-alerts-mssp.md
index d21ad49611..8d265f32ed 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/fetch-alerts-mssp.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/fetch-alerts-mssp.md
@@ -24,7 +24,7 @@ ms.topic: article
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-mssp-support-abovefoldlink)
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/files.md b/windows/security/threat-protection/microsoft-defender-atp/files.md
index 2b27cae459..69f2d43120 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/files.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/files.md
@@ -21,7 +21,7 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 
-**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 - Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/find-machine-info-by-ip.md b/windows/security/threat-protection/microsoft-defender-atp/find-machine-info-by-ip.md
index d0690e63d2..e7ecb972a1 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/find-machine-info-by-ip.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/find-machine-info-by-ip.md
@@ -23,7 +23,7 @@ ms.topic: article
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 Find a device by internal IP.
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/find-machines-by-ip.md b/windows/security/threat-protection/microsoft-defender-atp/find-machines-by-ip.md
index e4a3b8ac99..86fc568017 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/find-machines-by-ip.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/find-machines-by-ip.md
@@ -21,7 +21,7 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 
-**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 - Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/fix-unhealthy-sensors.md b/windows/security/threat-protection/microsoft-defender-atp/fix-unhealthy-sensors.md
index 9afb49c31b..83511489cb 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/fix-unhealthy-sensors.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/fix-unhealthy-sensors.md
@@ -26,7 +26,7 @@ ms.date: 10/23/2017
 **Applies to:**
 
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-alert-info-by-id.md b/windows/security/threat-protection/microsoft-defender-atp/get-alert-info-by-id.md
index d5ed580340..676cdf63f1 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-alert-info-by-id.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-alert-info-by-id.md
@@ -21,7 +21,7 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 
-**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 - Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-alert-related-domain-info.md b/windows/security/threat-protection/microsoft-defender-atp/get-alert-related-domain-info.md
index 6b256610ed..eb2710fcca 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-alert-related-domain-info.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-alert-related-domain-info.md
@@ -21,7 +21,7 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 
-**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 - Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-alert-related-files-info.md b/windows/security/threat-protection/microsoft-defender-atp/get-alert-related-files-info.md
index 5ac0f2d01a..2de0da3586 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-alert-related-files-info.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-alert-related-files-info.md
@@ -21,7 +21,7 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 
-**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 - Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-alert-related-ip-info.md b/windows/security/threat-protection/microsoft-defender-atp/get-alert-related-ip-info.md
index 9b841e71af..e56d99aabd 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-alert-related-ip-info.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-alert-related-ip-info.md
@@ -21,7 +21,7 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 
-**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 - Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-alert-related-machine-info.md b/windows/security/threat-protection/microsoft-defender-atp/get-alert-related-machine-info.md
index 94132932d5..670802c075 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-alert-related-machine-info.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-alert-related-machine-info.md
@@ -21,7 +21,7 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 
-**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 - Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-alert-related-user-info.md b/windows/security/threat-protection/microsoft-defender-atp/get-alert-related-user-info.md
index 4c54267d9a..80df53a33e 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-alert-related-user-info.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-alert-related-user-info.md
@@ -21,7 +21,7 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 
-**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 - Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-alerts.md b/windows/security/threat-protection/microsoft-defender-atp/get-alerts.md
index e0b7e0c358..eb855902a3 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-alerts.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-alerts.md
@@ -21,7 +21,7 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 
-**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 - Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-all-recommendations.md b/windows/security/threat-protection/microsoft-defender-atp/get-all-recommendations.md
index c49e958dfb..31af35af76 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-all-recommendations.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-all-recommendations.md
@@ -21,7 +21,7 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 [!include[Prerelease information](../../includes/prerelease.md)]
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-all-vulnerabilities-by-machines.md b/windows/security/threat-protection/microsoft-defender-atp/get-all-vulnerabilities-by-machines.md
index f3be9540c4..6bd9416f4b 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-all-vulnerabilities-by-machines.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-all-vulnerabilities-by-machines.md
@@ -21,7 +21,7 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 
-**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 Retrieves a list of all the vulnerabilities affecting the organization per [machine](machine.md) and [software](software.md).
 - If the vulnerability has a fixing KB, it will appear in the response.
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-all-vulnerabilities.md b/windows/security/threat-protection/microsoft-defender-atp/get-all-vulnerabilities.md
index 262c80a1bf..84d316b8b5 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-all-vulnerabilities.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-all-vulnerabilities.md
@@ -21,7 +21,7 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 [!include[Prerelease information](../../includes/prerelease.md)]
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-cvekbmap-collection.md b/windows/security/threat-protection/microsoft-defender-atp/get-cvekbmap-collection.md
index d4dac32b7b..44275ce8f2 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-cvekbmap-collection.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-cvekbmap-collection.md
@@ -25,7 +25,7 @@ ROBOTS: NOINDEX
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 Retrieves a map of CVE's to KB's and CVE details.
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-device-secure-score.md b/windows/security/threat-protection/microsoft-defender-atp/get-device-secure-score.md
index 2c896a9943..3f79fbf1ce 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-device-secure-score.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-device-secure-score.md
@@ -21,7 +21,7 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 
-**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 - Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-discovered-vulnerabilities.md b/windows/security/threat-protection/microsoft-defender-atp/get-discovered-vulnerabilities.md
index 10ff59d2ea..920d5431ca 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-discovered-vulnerabilities.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-discovered-vulnerabilities.md
@@ -22,7 +22,7 @@ ms.topic: article
 
 
 **Applies to:**
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 Retrieves a collection of discovered vulnerabilities related to a given device ID.
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-domain-related-alerts.md b/windows/security/threat-protection/microsoft-defender-atp/get-domain-related-alerts.md
index 59c2587cda..1f9e3ec5e7 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-domain-related-alerts.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-domain-related-alerts.md
@@ -21,7 +21,7 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 
-**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 - Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-domain-related-machines.md b/windows/security/threat-protection/microsoft-defender-atp/get-domain-related-machines.md
index 662f9724e7..6170888f9c 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-domain-related-machines.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-domain-related-machines.md
@@ -21,7 +21,7 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 
-**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 - Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-domain-statistics.md b/windows/security/threat-protection/microsoft-defender-atp/get-domain-statistics.md
index efb793f5cc..acc31acf8e 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-domain-statistics.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-domain-statistics.md
@@ -21,7 +21,7 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 
-**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 - Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-exposure-score.md b/windows/security/threat-protection/microsoft-defender-atp/get-exposure-score.md
index 77c92c030f..bad530e3d7 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-exposure-score.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-exposure-score.md
@@ -21,7 +21,7 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 
-**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 - Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-file-information.md b/windows/security/threat-protection/microsoft-defender-atp/get-file-information.md
index db6f1f2f72..ff2d4103f1 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-file-information.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-file-information.md
@@ -21,7 +21,7 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 
-**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 - Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-file-related-alerts.md b/windows/security/threat-protection/microsoft-defender-atp/get-file-related-alerts.md
index 7ccb81730f..eb3a55ece2 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-file-related-alerts.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-file-related-alerts.md
@@ -21,7 +21,7 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 
-**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 - Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-file-related-machines.md b/windows/security/threat-protection/microsoft-defender-atp/get-file-related-machines.md
index 09aef678f7..82a5e5cf93 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-file-related-machines.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-file-related-machines.md
@@ -21,7 +21,7 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 
-**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 - Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-file-statistics.md b/windows/security/threat-protection/microsoft-defender-atp/get-file-statistics.md
index 9f480df6b7..63001b875a 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-file-statistics.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-file-statistics.md
@@ -21,7 +21,7 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 
-**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 - Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-installed-software.md b/windows/security/threat-protection/microsoft-defender-atp/get-installed-software.md
index 79f263d9b0..58024c6bf6 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-installed-software.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-installed-software.md
@@ -21,7 +21,7 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 [!include[Prerelease information](../../includes/prerelease.md)]
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-investigation-collection.md b/windows/security/threat-protection/microsoft-defender-atp/get-investigation-collection.md
index 676eba4bd3..8d24a9f9a7 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-investigation-collection.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-investigation-collection.md
@@ -21,7 +21,7 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 
-**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 - Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-investigation-object.md b/windows/security/threat-protection/microsoft-defender-atp/get-investigation-object.md
index 99fd6a043d..b19d9dfb02 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-investigation-object.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-investigation-object.md
@@ -21,7 +21,7 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 
-**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 - Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-ip-related-alerts.md b/windows/security/threat-protection/microsoft-defender-atp/get-ip-related-alerts.md
index c8a2ab1f94..21923ff2e0 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-ip-related-alerts.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-ip-related-alerts.md
@@ -21,7 +21,7 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 
-**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 - Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-ip-statistics.md b/windows/security/threat-protection/microsoft-defender-atp/get-ip-statistics.md
index ffd9485045..56fee62325 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-ip-statistics.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-ip-statistics.md
@@ -21,7 +21,7 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 
-**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 - Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-kbinfo-collection.md b/windows/security/threat-protection/microsoft-defender-atp/get-kbinfo-collection.md
index d41005cb74..0d6fa206a8 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-kbinfo-collection.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-kbinfo-collection.md
@@ -25,7 +25,7 @@ ROBOTS: NOINDEX
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 Retrieves a collection of KB's and KB details.
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-machine-by-id.md b/windows/security/threat-protection/microsoft-defender-atp/get-machine-by-id.md
index 3cc89cd33b..6d0b2af750 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-machine-by-id.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-machine-by-id.md
@@ -21,7 +21,7 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 
-**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 - Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-machine-group-exposure-score.md b/windows/security/threat-protection/microsoft-defender-atp/get-machine-group-exposure-score.md
index 92b5fae137..fe34aeb59d 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-machine-group-exposure-score.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-machine-group-exposure-score.md
@@ -16,12 +16,12 @@ ms.collection: M365-security-compliance
 ms.topic: article
 ---
 
-# List exposure score by device group
-
-[!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
+# List exposure score by device group
+
+[!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 
-**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 - Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-machine-log-on-users.md b/windows/security/threat-protection/microsoft-defender-atp/get-machine-log-on-users.md
index e673d96cf0..ea5713e42e 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-machine-log-on-users.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-machine-log-on-users.md
@@ -21,7 +21,7 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 
-**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 - Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-machine-related-alerts.md b/windows/security/threat-protection/microsoft-defender-atp/get-machine-related-alerts.md
index f47cdd76d2..6ab025120b 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-machine-related-alerts.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-machine-related-alerts.md
@@ -21,7 +21,7 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 
-**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 - Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-machineaction-object.md b/windows/security/threat-protection/microsoft-defender-atp/get-machineaction-object.md
index b7a20c7b89..648f45ac9e 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-machineaction-object.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-machineaction-object.md
@@ -21,7 +21,7 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 
-**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 - Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-machineactions-collection.md b/windows/security/threat-protection/microsoft-defender-atp/get-machineactions-collection.md
index 5569002ec3..5118cc7b36 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-machineactions-collection.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-machineactions-collection.md
@@ -21,7 +21,7 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 
-**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 - Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-machinegroups-collection.md b/windows/security/threat-protection/microsoft-defender-atp/get-machinegroups-collection.md
index ff88b78222..29b5b778f9 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-machinegroups-collection.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-machinegroups-collection.md
@@ -25,7 +25,7 @@ ms.date: 10/07/2018
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 Retrieves a collection of RBAC device groups.
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-machines-by-software.md b/windows/security/threat-protection/microsoft-defender-atp/get-machines-by-software.md
index d3c3f50dca..fb992bb4c6 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-machines-by-software.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-machines-by-software.md
@@ -23,7 +23,7 @@ ms.topic: article
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 [!include[Prerelease information](../../includes/prerelease.md)]
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-machines-by-vulnerability.md b/windows/security/threat-protection/microsoft-defender-atp/get-machines-by-vulnerability.md
index 02ea057f59..c8417e85f2 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-machines-by-vulnerability.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-machines-by-vulnerability.md
@@ -21,7 +21,7 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 [!include[Prerelease information](../../includes/prerelease.md)]
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-machines.md b/windows/security/threat-protection/microsoft-defender-atp/get-machines.md
index 6f6c6177e9..56975a8e19 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-machines.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-machines.md
@@ -21,7 +21,7 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 
-**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 - Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-machinesecuritystates-collection.md b/windows/security/threat-protection/microsoft-defender-atp/get-machinesecuritystates-collection.md
index 0da42db679..b82da4fc0f 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-machinesecuritystates-collection.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-machinesecuritystates-collection.md
@@ -24,7 +24,7 @@ ms.topic: article
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 Retrieves a collection of devices security states.
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-missing-kbs-machine.md b/windows/security/threat-protection/microsoft-defender-atp/get-missing-kbs-machine.md
index 510c7516c2..ca4006fd78 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-missing-kbs-machine.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-missing-kbs-machine.md
@@ -21,7 +21,7 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 
-**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 - Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-missing-kbs-software.md b/windows/security/threat-protection/microsoft-defender-atp/get-missing-kbs-software.md
index 6b6bf2db5f..a183d680fc 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-missing-kbs-software.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-missing-kbs-software.md
@@ -21,7 +21,7 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 
-**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 - Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-package-sas-uri.md b/windows/security/threat-protection/microsoft-defender-atp/get-package-sas-uri.md
index a43102c733..e93088dc8e 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-package-sas-uri.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-package-sas-uri.md
@@ -21,7 +21,7 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 
-**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 - Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-recommendation-by-id.md b/windows/security/threat-protection/microsoft-defender-atp/get-recommendation-by-id.md
index b7bc3ab58f..beb27d8a20 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-recommendation-by-id.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-recommendation-by-id.md
@@ -21,7 +21,7 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 [!include[Prerelease information](../../includes/prerelease.md)]
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-recommendation-machines.md b/windows/security/threat-protection/microsoft-defender-atp/get-recommendation-machines.md
index 2bdfb4a6e4..db0f71ea64 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-recommendation-machines.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-recommendation-machines.md
@@ -21,7 +21,7 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 [!include[Prerelease information](../../includes/prerelease.md)]
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-recommendation-software.md b/windows/security/threat-protection/microsoft-defender-atp/get-recommendation-software.md
index 449bb2bd1d..daee2d1737 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-recommendation-software.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-recommendation-software.md
@@ -21,7 +21,7 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 [!include[Prerelease information](../../includes/prerelease.md)]
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-recommendation-vulnerabilities.md b/windows/security/threat-protection/microsoft-defender-atp/get-recommendation-vulnerabilities.md
index 156cef803c..3b88d5f028 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-recommendation-vulnerabilities.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-recommendation-vulnerabilities.md
@@ -21,7 +21,7 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 [!include[Prerelease information](../../includes/prerelease.md)]
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-security-recommendations.md b/windows/security/threat-protection/microsoft-defender-atp/get-security-recommendations.md
index dffd2a0613..710d652358 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-security-recommendations.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-security-recommendations.md
@@ -21,7 +21,7 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 [!include[Prerelease information](../../includes/prerelease.md)]
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-software-by-id.md b/windows/security/threat-protection/microsoft-defender-atp/get-software-by-id.md
index 0074439db0..155ec09b5d 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-software-by-id.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-software-by-id.md
@@ -23,7 +23,7 @@ ms.topic: article
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 [!include[Prerelease information](../../includes/prerelease.md)]
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-software-ver-distribution.md b/windows/security/threat-protection/microsoft-defender-atp/get-software-ver-distribution.md
index e9b64f2ad1..2c652bc16f 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-software-ver-distribution.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-software-ver-distribution.md
@@ -23,7 +23,7 @@ ms.topic: article
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 [!include[Prerelease information](../../includes/prerelease.md)]
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-software.md b/windows/security/threat-protection/microsoft-defender-atp/get-software.md
index e205e5f5b7..efe1c0e095 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-software.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-software.md
@@ -21,7 +21,7 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 
-**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 - Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-started-partner-integration.md b/windows/security/threat-protection/microsoft-defender-atp/get-started-partner-integration.md
index 0b87266339..09c65fdff1 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-started-partner-integration.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-started-partner-integration.md
@@ -24,7 +24,7 @@ ms.topic: conceptual
 
 
 **Applies to:** 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 To become a Microsoft Defender ATP solution partner, you'll need to follow and complete the following steps.
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-ti-indicators-collection.md b/windows/security/threat-protection/microsoft-defender-atp/get-ti-indicators-collection.md
index 41c5a0ebdd..dcc4b02436 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-ti-indicators-collection.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-ti-indicators-collection.md
@@ -21,7 +21,7 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 
-**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 - Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-user-information.md b/windows/security/threat-protection/microsoft-defender-atp/get-user-information.md
index 80617258d3..63d25e4217 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-user-information.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-user-information.md
@@ -21,7 +21,7 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 
 Retrieve a User entity by key (user name).
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-user-related-alerts.md b/windows/security/threat-protection/microsoft-defender-atp/get-user-related-alerts.md
index 3d00668c3b..95225803d9 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-user-related-alerts.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-user-related-alerts.md
@@ -21,7 +21,7 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 
-**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 - Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-user-related-machines.md b/windows/security/threat-protection/microsoft-defender-atp/get-user-related-machines.md
index 28c129e51c..f3b126e12f 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-user-related-machines.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-user-related-machines.md
@@ -21,7 +21,7 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 
-**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 - Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-vuln-by-software.md b/windows/security/threat-protection/microsoft-defender-atp/get-vuln-by-software.md
index 4a5514ff10..17b79870dd 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-vuln-by-software.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-vuln-by-software.md
@@ -23,7 +23,7 @@ ms.topic: article
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 [!include[Prerelease information](../../includes/prerelease.md)]
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-vulnerability-by-id.md b/windows/security/threat-protection/microsoft-defender-atp/get-vulnerability-by-id.md
index 27b633e634..6afd9ee76f 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-vulnerability-by-id.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-vulnerability-by-id.md
@@ -21,7 +21,7 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 [!include[Prerelease information](../../includes/prerelease.md)]
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/grant-mssp-access.md b/windows/security/threat-protection/microsoft-defender-atp/grant-mssp-access.md
index 1feba6fc45..0f5a1d3e2a 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/grant-mssp-access.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/grant-mssp-access.md
@@ -24,7 +24,7 @@ ms.topic: article
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-mssp-support-abovefoldlink)
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/helpful-resources.md b/windows/security/threat-protection/microsoft-defender-atp/helpful-resources.md
index 1b411df76d..f53f31390f 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/helpful-resources.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/helpful-resources.md
@@ -23,7 +23,7 @@ ms.topic: conceptual
 
 
 **Applies to:**
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 Access helpful resources such as links to blogs and other resources related to  Microsoft Defender Advanced Threat Protection.
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/admin-powershell.png b/windows/security/threat-protection/microsoft-defender-atp/images/admin-powershell.png
new file mode 100644
index 0000000000..af7d9bc867
Binary files /dev/null and b/windows/security/threat-protection/microsoft-defender-atp/images/admin-powershell.png differ
diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/ah-take-actions.png b/windows/security/threat-protection/microsoft-defender-atp/images/ah-take-actions.png
new file mode 100644
index 0000000000..daf9714d6e
Binary files /dev/null and b/windows/security/threat-protection/microsoft-defender-atp/images/ah-take-actions.png differ
diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/deployment-strategy-big.png b/windows/security/threat-protection/microsoft-defender-atp/images/deployment-strategy-big.png
new file mode 100644
index 0000000000..cfee2eaf86
Binary files /dev/null and b/windows/security/threat-protection/microsoft-defender-atp/images/deployment-strategy-big.png differ
diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/go-hunt-device.png b/windows/security/threat-protection/microsoft-defender-atp/images/go-hunt-device.png
new file mode 100644
index 0000000000..71d8f65d88
Binary files /dev/null and b/windows/security/threat-protection/microsoft-defender-atp/images/go-hunt-device.png differ
diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/go-hunt-event.png b/windows/security/threat-protection/microsoft-defender-atp/images/go-hunt-event.png
new file mode 100644
index 0000000000..cf3c5d405a
Binary files /dev/null and b/windows/security/threat-protection/microsoft-defender-atp/images/go-hunt-event.png differ
diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/go-hunt-evidence-url.png b/windows/security/threat-protection/microsoft-defender-atp/images/go-hunt-evidence-url.png
new file mode 100644
index 0000000000..a489b3c7b9
Binary files /dev/null and b/windows/security/threat-protection/microsoft-defender-atp/images/go-hunt-evidence-url.png differ
diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/onboard-config-mgr.png b/windows/security/threat-protection/microsoft-defender-atp/images/onboard-config-mgr.png
new file mode 100644
index 0000000000..6e0bfa21fc
Binary files /dev/null and b/windows/security/threat-protection/microsoft-defender-atp/images/onboard-config-mgr.png differ
diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/onboard-configure-diagram.png b/windows/security/threat-protection/microsoft-defender-atp/images/onboard-configure-diagram.png
new file mode 100644
index 0000000000..03df8d4c0c
Binary files /dev/null and b/windows/security/threat-protection/microsoft-defender-atp/images/onboard-configure-diagram.png differ
diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/onboard-gp.png b/windows/security/threat-protection/microsoft-defender-atp/images/onboard-gp.png
new file mode 100644
index 0000000000..138ffc93cd
Binary files /dev/null and b/windows/security/threat-protection/microsoft-defender-atp/images/onboard-gp.png differ
diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/onboard-intune-big.png b/windows/security/threat-protection/microsoft-defender-atp/images/onboard-intune-big.png
new file mode 100644
index 0000000000..d2e629f921
Binary files /dev/null and b/windows/security/threat-protection/microsoft-defender-atp/images/onboard-intune-big.png differ
diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/onboard-intune.png b/windows/security/threat-protection/microsoft-defender-atp/images/onboard-intune.png
new file mode 100644
index 0000000000..b794184562
Binary files /dev/null and b/windows/security/threat-protection/microsoft-defender-atp/images/onboard-intune.png differ
diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/onboard-script.png b/windows/security/threat-protection/microsoft-defender-atp/images/onboard-script.png
new file mode 100644
index 0000000000..385dfa8e22
Binary files /dev/null and b/windows/security/threat-protection/microsoft-defender-atp/images/onboard-script.png differ
diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/onboarding-flow-diagram.png b/windows/security/threat-protection/microsoft-defender-atp/images/onboarding-flow-diagram.png
new file mode 100644
index 0000000000..73e6c05da6
Binary files /dev/null and b/windows/security/threat-protection/microsoft-defender-atp/images/onboarding-flow-diagram.png differ
diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/tvm-event-timeline-device-hover.png b/windows/security/threat-protection/microsoft-defender-atp/images/tvm-event-timeline-device-hover.png
new file mode 100644
index 0000000000..6af1526538
Binary files /dev/null and b/windows/security/threat-protection/microsoft-defender-atp/images/tvm-event-timeline-device-hover.png differ
diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/tvm-event-timeline-device-hover360.png b/windows/security/threat-protection/microsoft-defender-atp/images/tvm-event-timeline-device-hover360.png
new file mode 100644
index 0000000000..35c8dbc5f1
Binary files /dev/null and b/windows/security/threat-protection/microsoft-defender-atp/images/tvm-event-timeline-device-hover360.png differ
diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/tvm-event-timeline-exposure-score350.png b/windows/security/threat-protection/microsoft-defender-atp/images/tvm-event-timeline-exposure-score350.png
new file mode 100644
index 0000000000..310f1cb878
Binary files /dev/null and b/windows/security/threat-protection/microsoft-defender-atp/images/tvm-event-timeline-exposure-score350.png differ
diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/tvm-event-timeline-exposure-score400.png b/windows/security/threat-protection/microsoft-defender-atp/images/tvm-event-timeline-exposure-score400.png
deleted file mode 100644
index dd5df1eee4..0000000000
Binary files a/windows/security/threat-protection/microsoft-defender-atp/images/tvm-event-timeline-exposure-score400.png and /dev/null differ
diff --git a/windows/security/threat-protection/microsoft-defender-atp/indicator-certificates.md b/windows/security/threat-protection/microsoft-defender-atp/indicator-certificates.md
index cfff5ce687..5d641d0581 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/indicator-certificates.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/indicator-certificates.md
@@ -24,7 +24,7 @@ ms.topic: article
 
 
 **Applies to:**
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 
 >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-automationexclusionlist-abovefoldlink)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/indicator-file.md b/windows/security/threat-protection/microsoft-defender-atp/indicator-file.md
index 8a5a15bf39..a1df7c41f2 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/indicator-file.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/indicator-file.md
@@ -24,7 +24,7 @@ ms.topic: article
 
 
 **Applies to:**
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 
 >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-automationexclusionlist-abovefoldlink)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/indicator-ip-domain.md b/windows/security/threat-protection/microsoft-defender-atp/indicator-ip-domain.md
index 4769eb6666..5b3fb21a83 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/indicator-ip-domain.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/indicator-ip-domain.md
@@ -24,7 +24,7 @@ ms.topic: article
 
 
 **Applies to:**
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 
 >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-automationexclusionlist-abovefoldlink)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/indicator-manage.md b/windows/security/threat-protection/microsoft-defender-atp/indicator-manage.md
index 54d2c70de6..02ad59046d 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/indicator-manage.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/indicator-manage.md
@@ -24,7 +24,7 @@ ms.topic: article
 
 
 **Applies to:**
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 
 >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-automationexclusionlist-abovefoldlink)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/information-protection-in-windows-overview.md b/windows/security/threat-protection/microsoft-defender-atp/information-protection-in-windows-overview.md
index 17b7c51fcd..dd0b1fee80 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/information-protection-in-windows-overview.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/information-protection-in-windows-overview.md
@@ -24,7 +24,7 @@ ms.topic: conceptual
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 [!include[Prerelease information](../../includes/prerelease.md)]
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/information-protection-investigation.md b/windows/security/threat-protection/microsoft-defender-atp/information-protection-investigation.md
index 4c595bdec5..14e024db46 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/information-protection-investigation.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/information-protection-investigation.md
@@ -23,7 +23,7 @@ ms.topic: article
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 A typical advanced persistent threat lifecycle involves data exfiltration. In a security incident, it's important to have the ability to prioritize investigations where sensitive files may be jeopardy so that corporate data and information are protected.
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/initiate-autoir-investigation.md b/windows/security/threat-protection/microsoft-defender-atp/initiate-autoir-investigation.md
index f464c54bde..e9818ac067 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/initiate-autoir-investigation.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/initiate-autoir-investigation.md
@@ -21,7 +21,7 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 
-**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 - Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/investigate-alerts.md b/windows/security/threat-protection/microsoft-defender-atp/investigate-alerts.md
index 892f860dff..5dff12d03e 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/investigate-alerts.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/investigate-alerts.md
@@ -13,7 +13,9 @@ author: mjcaparas
 ms.localizationpriority: medium
 manager: dansimp
 audience: ITPro
-ms.collection: M365-security-compliance 
+ms.collection: 
+- m365-security-compliance 
+- m365initiative-defender-endpoint 
 ms.topic: article
 ms.date: 04/24/2018
 ---
@@ -25,7 +27,7 @@ ms.date: 04/24/2018
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/investigate-behind-proxy.md b/windows/security/threat-protection/microsoft-defender-atp/investigate-behind-proxy.md
index 0738fd810b..63c047b384 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/investigate-behind-proxy.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/investigate-behind-proxy.md
@@ -13,7 +13,9 @@ author: mjcaparas
 ms.localizationpriority: medium
 manager: dansimp
 audience: ITPro
-ms.collection: M365-security-compliance 
+ms.collection: 
+- m365-security-compliance 
+- m365initiative-defender-endpoint 
 ms.topic: article
 ---
 
@@ -24,7 +26,7 @@ ms.topic: article
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-investigatemachines-abovefoldlink)
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/investigate-domain.md b/windows/security/threat-protection/microsoft-defender-atp/investigate-domain.md
index 65739231df..012d6fffcf 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/investigate-domain.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/investigate-domain.md
@@ -13,7 +13,9 @@ author: mjcaparas
 ms.localizationpriority: medium
 manager: dansimp
 audience: ITPro
-ms.collection: M365-security-compliance 
+ms.collection: 
+- m365-security-compliance 
+- m365initiative-defender-endpoint 
 ms.topic: article
 ms.date: 04/24/2018
 ---
@@ -25,7 +27,7 @@ ms.date: 04/24/2018
 **Applies to:**
 
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/investigate-files.md b/windows/security/threat-protection/microsoft-defender-atp/investigate-files.md
index 0c25dc5114..1eaa23ead2 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/investigate-files.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/investigate-files.md
@@ -13,7 +13,9 @@ author: mjcaparas
 ms.localizationpriority: medium
 manager: dansimp
 audience: ITPro
-ms.collection: M365-security-compliance 
+ms.collection: 
+- m365-security-compliance 
+- m365initiative-defender-endpoint 
 ms.topic: article
 ms.date: 04/24/2018
 ---
@@ -25,7 +27,7 @@ ms.date: 04/24/2018
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 [!include[Prerelease information](../../includes/prerelease.md)]
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/investigate-incidents.md b/windows/security/threat-protection/microsoft-defender-atp/investigate-incidents.md
index 2c7b5a46cc..06ed19033e 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/investigate-incidents.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/investigate-incidents.md
@@ -13,7 +13,9 @@ author: mjcaparas
 ms.localizationpriority: medium
 manager: dansimp
 audience: ITPro
-ms.collection: M365-security-compliance 
+ms.collection: 
+- m365-security-compliance 
+- m365initiative-defender-endpoint 
 ms.topic: article
 ---
 
@@ -23,7 +25,7 @@ ms.topic: article
 
 
 **Applies to:**
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 
 Investigate incidents that affect your network, understand what they mean, and collate evidence to resolve them. 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/investigate-ip.md b/windows/security/threat-protection/microsoft-defender-atp/investigate-ip.md
index 5bcdb3f2c1..d867eb7db4 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/investigate-ip.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/investigate-ip.md
@@ -13,7 +13,9 @@ author: mjcaparas
 ms.localizationpriority: medium
 manager: dansimp
 audience: ITPro
-ms.collection: M365-security-compliance 
+ms.collection: 
+- m365-security-compliance 
+- m365initiative-defender-endpoint 
 ms.topic: article
 ms.date: 04/24/2018
 ---
@@ -25,7 +27,7 @@ ms.date: 04/24/2018
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-investigateip-abovefoldlink)
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/investigate-machines.md b/windows/security/threat-protection/microsoft-defender-atp/investigate-machines.md
index 6e97ffcfa7..154d8b2cef 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/investigate-machines.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/investigate-machines.md
@@ -13,7 +13,9 @@ author: mjcaparas
 ms.localizationpriority: medium
 manager: dansimp
 audience: ITPro
-ms.collection: M365-security-compliance 
+ms.collection: 
+- m365-security-compliance 
+- m365initiative-defender-endpoint 
 ms.topic: article
 ---
 
@@ -24,7 +26,7 @@ ms.topic: article
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-investigatemachines-abovefoldlink)
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/investigate-user.md b/windows/security/threat-protection/microsoft-defender-atp/investigate-user.md
index dd1a9f6766..b8080fe72d 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/investigate-user.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/investigate-user.md
@@ -13,7 +13,9 @@ author: mjcaparas
 ms.localizationpriority: medium
 manager: dansimp
 audience: ITPro
-ms.collection: M365-security-compliance 
+ms.collection: 
+- m365-security-compliance 
+- m365initiative-defender-endpoint 
 ms.topic: article
 ms.date: 04/24/2018
 ---
@@ -24,7 +26,7 @@ ms.date: 04/24/2018
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-investigatgeuser-abovefoldlink)
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/investigation.md b/windows/security/threat-protection/microsoft-defender-atp/investigation.md
index 6f499c34c0..09ba3ad64f 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/investigation.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/investigation.md
@@ -12,7 +12,9 @@ author: mjcaparas
 ms.localizationpriority: medium
 manager: dansimp
 audience: ITPro
-ms.collection: M365-security-compliance 
+ms.collection: 
+- m365-security-compliance 
+- m365initiative-defender-endpoint 
 ms.topic: article
 ---
 
@@ -21,7 +23,7 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 
-**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 - Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/ios-configure-features.md b/windows/security/threat-protection/microsoft-defender-atp/ios-configure-features.md
index 95350170ab..abb45e662b 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/ios-configure-features.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/ios-configure-features.md
@@ -14,7 +14,9 @@ author: mjcaparas
 ms.localizationpriority: medium
 manager: dansimp
 audience: ITPro
-ms.collection: M365-security-compliance
+ms.collection: 
+- m365-security-compliance 
+- m365initiative-defender-endpoint 
 ms.topic: conceptual
 ---
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/ios-install.md b/windows/security/threat-protection/microsoft-defender-atp/ios-install.md
index d4f6077795..be3fe61fbf 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/ios-install.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/ios-install.md
@@ -14,7 +14,9 @@ author: mjcaparas
 ms.localizationpriority: medium
 manager: dansimp
 audience: ITPro
-ms.collection: M365-security-compliance
+ms.collection: 
+- m365-security-compliance 
+- m365initiative-defender-endpoint 
 ms.topic: conceptual
 ---
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/ios-privacy-statement.md b/windows/security/threat-protection/microsoft-defender-atp/ios-privacy-statement.md
deleted file mode 100644
index f775848c86..0000000000
--- a/windows/security/threat-protection/microsoft-defender-atp/ios-privacy-statement.md
+++ /dev/null
@@ -1,58 +0,0 @@
----
-title: Microsoft Defender ATP for iOS note on Privacy
-ms.reviewer:
-description: Describes the Microsoft Defender ATP for iOS Privacy
-keywords: microsoft, defender, atp, iOS, license, terms, application, use, installation, service, feedback, scope, 
-search.product: eADQiWindows 10XVcnh
-search.appverid: met150
-ms.prod: w10
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
-ms.author: sunasing
-author: sunasing
-ms.localizationpriority: medium
-manager: dansimp
-audience: ITPro
-ms.collection: M365-security-compliance
-ms.topic: conceptual
-hideEdit: true
----
-
-# Microsoft Defender ATP for iOS note on Privacy
-
-[!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
-
-
-## What information can my organization see when I use Microsoft Defender ATP on iOS
-
-Your organization cannot see your personal information when you use Microsoft Defender ATP. Microsoft Defender ATP sends certain pieces of information from your device to the ATP portal, such as device threat level, device model, and serial number. Your organization uses this information to help protect you from web-based attacks.
-
-**What your organization can never see:**
-
-- Calling and web browsing history
-- Email and text messages
-- Contacts
-- Calendar
-- Passwords
-- Pictures, including what's in the photos app or camera roll
-- Files
-
-**What your organization can see:**
-
-- Malicious Connections that were blocked by Microsoft Defender ATP
-- Device model, like iPhone 11
-- Operating system and version, like iOS 12.0.1
-- Device name
-- Device serial number
-
-## VPN Usage
-
-Microsoft Defender ATP for iOS uses VPN in order to provide the Web Protection feature. This is not a regular VPN and is a local/self-looping VPN that does not take traffic outside the device.
-
-## More on Privacy
-
-[More information about Privacy](https://aka.ms/mdatpiosmainprivacystatement)
-
-
-
diff --git a/windows/security/threat-protection/microsoft-defender-atp/ios-privacy.md b/windows/security/threat-protection/microsoft-defender-atp/ios-privacy.md
new file mode 100644
index 0000000000..1bef25da5f
--- /dev/null
+++ b/windows/security/threat-protection/microsoft-defender-atp/ios-privacy.md
@@ -0,0 +1,78 @@
+---
+title: Microsoft Defender ATP for iOS note on Privacy
+ms.reviewer:
+description: Describes the Microsoft Defender ATP for iOS Privacy
+keywords: microsoft, defender, atp, iOS, license, terms, application, use, installation, service, feedback, scope, 
+search.product: eADQiWindows 10XVcnh
+search.appverid: met150
+ms.prod: w10
+ms.mktglfcycl: deploy
+ms.sitesec: library
+ms.pagetype: security
+ms.author: sunasing
+author: sunasing
+ms.localizationpriority: medium
+manager: dansimp
+audience: ITPro
+ms.collection: M365-security-compliance
+ms.topic: conceptual
+hideEdit: true
+---
+
+# Microsoft Defender ATP for iOS - Privacy information
+
+**Applies to:**
+
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP) for iOS](microsoft-defender-atp-ios.md)
+
+>[!NOTE]
+> Microsoft Defender ATP for iOS uses a VPN in order to provide the Web Protection feature. This is not a regular VPN and is a local/self-looping VPN that does not take traffic outside the device. Microsoft or your organization **does not see your browsing activity**.
+
+Microsoft Defender ATP for iOS collects information from your configured iOS devices and stores it in the same tenant where you have Microsoft Defender ATP.
+
+Information is collected to help keep Microsoft Defender ATP for iOS secure, up-to-date, performing as expected and to support the service.
+
+## Required data
+
+Required data consists of data that is necessary to make Microsoft Defender ATP for iOS work as expected. This data is essential to the operation of the service and can include data related to the end user, organization, device, and apps. Here's a list of the types of data being collected:
+
+### Web page / Network information
+
+- Connection information
+- Protocol type (such as HTTP, HTTPS, etc.)
+
+### Device and account information
+
+- Device information such as date & time, iOS version, CPU info, and Device identifier
+- Device identifier is one of the below:
+    - Wi-Fi adapter MAC address
+    - Randomly generated globally unique identifier (GUID)
+
+- Tenant, Device, and User information
+    - Azure Active Directory (AD) Device ID and Azure User ID: Uniquely identifies the device, User respectively at Azure Active directory.
+    - Azure tenant ID - GUID that identifies your organization within Azure Active Directory
+    - Microsoft Defender ATP org ID - Unique identifier associated with the enterprise that the device belongs to. Allows Microsoft to identify whether issues are impacting a select set of enterprises and how many enterprises are impacted
+    - User Principal Name - Email ID of the user
+
+### Product and service usage data
+
+- App package info, including name, version, and app upgrade status
+- Actions performed in the app
+- Crash report logs generated by iOS
+- Memory usage data
+
+## Optional data
+
+Optional data includes diagnostic data and feedback data from the client. Optional diagnostic data is additional data that helps us make product improvements and provides enhanced information to help us detect, diagnose, and fix issues. This data is only for diagnostic purposes and is not required for the service itself.
+
+Optional diagnostic data includes:
+
+- App, CPU, and network usage
+- Features configured by the admin
+
+**Feedback Data** is collected through in-app feedback provided by the user.
+
+- The user's email address, if they choose to provide it
+- Feedback type (smile, frown, idea) and any feedback comments submitted by the user
+
+[More on Privacy](https://aka.ms/mdatpiosprivacystatement)
\ No newline at end of file
diff --git a/windows/security/threat-protection/microsoft-defender-atp/ios-terms.md b/windows/security/threat-protection/microsoft-defender-atp/ios-terms.md
index 6969f1c941..39f57d1213 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/ios-terms.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/ios-terms.md
@@ -14,7 +14,9 @@ author: sunasing
 ms.localizationpriority: medium
 manager: dansimp
 audience: ITPro
-ms.collection: M365-security-compliance
+ms.collection: 
+- m365-security-compliance 
+- m365initiative-defender-endpoint 
 ms.topic: conceptual
 hideEdit: true
 ---
diff --git a/windows/security/threat-protection/microsoft-defender-atp/isolate-machine.md b/windows/security/threat-protection/microsoft-defender-atp/isolate-machine.md
index c16a3f2448..5364748405 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/isolate-machine.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/isolate-machine.md
@@ -21,7 +21,7 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 
-**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 - Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/linux-exclusions.md b/windows/security/threat-protection/microsoft-defender-atp/linux-exclusions.md
index baf41c376e..8bee109c6f 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/linux-exclusions.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/linux-exclusions.md
@@ -13,7 +13,9 @@ author: dansimp
 ms.localizationpriority: medium
 manager: dansimp
 audience: ITPro
-ms.collection: M365-security-compliance 
+ms.collection: 
+- m365-security-compliance 
+- m365initiative-defender-endpoint 
 ms.topic: conceptual
 ---
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/linux-install-manually.md b/windows/security/threat-protection/microsoft-defender-atp/linux-install-manually.md
index 157c193e75..3012e87c2c 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/linux-install-manually.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/linux-install-manually.md
@@ -14,7 +14,9 @@ author: dansimp
 ms.localizationpriority: medium
 manager: dansimp
 audience: ITPro
-ms.collection: M365-security-compliance
+ms.collection: 
+- m365-security-compliance 
+- m365initiative-defender-endpoint 
 ms.topic: conceptual
 ---
 
@@ -51,6 +53,12 @@ In order to preview new features and provide early feedback, it is recommended t
 
 ### RHEL and variants (CentOS and Oracle Linux)
 
+- Install `yum-utils` if it isn't installed yet:
+
+    ```bash
+    sudo yum install yum-utils
+    ```
+
 - Note your distribution and version, and identify the closest entry for it under `https://packages.microsoft.com/config/`.
 
     In the below commands, replace *[distro]* and *[version]* with the information you've identified:
@@ -74,12 +82,6 @@ In order to preview new features and provide early feedback, it is recommended t
     sudo rpm --import http://packages.microsoft.com/keys/microsoft.asc
     ```
 
-- Install `yum-utils` if it isn't installed yet:
-
-    ```bash
-    sudo yum install yum-utils
-    ```
-
 - Download and make usable all the metadata for the currently enabled yum repositories:
 
     ```bash
diff --git a/windows/security/threat-protection/microsoft-defender-atp/linux-install-with-ansible.md b/windows/security/threat-protection/microsoft-defender-atp/linux-install-with-ansible.md
index 4e622f504d..2cc5610a4c 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/linux-install-with-ansible.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/linux-install-with-ansible.md
@@ -14,7 +14,9 @@ author: dansimp
 ms.localizationpriority: medium
 manager: dansimp
 audience: ITPro
-ms.collection: M365-security-compliance
+ms.collection: 
+- m365-security-compliance 
+- m365initiative-defender-endpoint 
 ms.topic: conceptual
 ---
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/linux-install-with-puppet.md b/windows/security/threat-protection/microsoft-defender-atp/linux-install-with-puppet.md
index a89c89272b..68fe2b6926 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/linux-install-with-puppet.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/linux-install-with-puppet.md
@@ -14,7 +14,9 @@ author: dansimp
 ms.localizationpriority: medium
 manager: dansimp
 audience: ITPro
-ms.collection: M365-security-compliance
+ms.collection: 
+- m365-security-compliance 
+- m365initiative-defender-endpoint 
 ms.topic: conceptual
 ---
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/linux-preferences.md b/windows/security/threat-protection/microsoft-defender-atp/linux-preferences.md
index 22cebfbcda..e2944beb87 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/linux-preferences.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/linux-preferences.md
@@ -14,7 +14,9 @@ author: dansimp
 ms.localizationpriority: medium
 manager: dansimp
 audience: ITPro
-ms.collection: M365-security-compliance 
+ms.collection: 
+- m365-security-compliance 
+- m365initiative-defender-endpoint 
 ms.topic: conceptual
 ---
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/linux-pua.md b/windows/security/threat-protection/microsoft-defender-atp/linux-pua.md
index 40ac81e1d0..58b9c14323 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/linux-pua.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/linux-pua.md
@@ -13,7 +13,9 @@ author: dansimp
 ms.localizationpriority: medium
 manager: dansimp
 audience: ITPro
-ms.collection: M365-security-compliance
+ms.collection: 
+- m365-security-compliance 
+- m365initiative-defender-endpoint 
 ms.topic: conceptual
 ---
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/linux-resources.md b/windows/security/threat-protection/microsoft-defender-atp/linux-resources.md
index e79f91ce6c..7c779b7d9d 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/linux-resources.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/linux-resources.md
@@ -14,7 +14,9 @@ author: dansimp
 ms.localizationpriority: medium
 manager: dansimp
 audience: ITPro
-ms.collection: M365-security-compliance 
+ms.collection: 
+- m365-security-compliance 
+- m365initiative-defender-endpoint 
 ms.topic: conceptual
 ---
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/linux-static-proxy-configuration.md b/windows/security/threat-protection/microsoft-defender-atp/linux-static-proxy-configuration.md
index d2df9ea151..d3b7796378 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/linux-static-proxy-configuration.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/linux-static-proxy-configuration.md
@@ -14,7 +14,9 @@ author: dansimp
 ms.localizationpriority: medium
 manager: dansimp
 audience: ITPro
-ms.collection: M365-security-compliance 
+ms.collection: 
+- m365-security-compliance 
+- m365initiative-defender-endpoint 
 ms.topic: conceptual
 ---
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/linux-support-connectivity.md b/windows/security/threat-protection/microsoft-defender-atp/linux-support-connectivity.md
index 81de10526e..3406767afa 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/linux-support-connectivity.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/linux-support-connectivity.md
@@ -14,7 +14,9 @@ author: dansimp
 ms.localizationpriority: medium
 manager: dansimp
 audience: ITPro
-ms.collection: M365-security-compliance
+ms.collection: 
+- m365-security-compliance 
+- m365initiative-defender-endpoint 
 ms.topic: conceptual
 ---
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/linux-support-install.md b/windows/security/threat-protection/microsoft-defender-atp/linux-support-install.md
index 5453c8c205..15d0e69c78 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/linux-support-install.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/linux-support-install.md
@@ -14,7 +14,9 @@ author: dansimp
 ms.localizationpriority: medium
 manager: dansimp
 audience: ITPro
-ms.collection: M365-security-compliance
+ms.collection: 
+- m365-security-compliance 
+- m365initiative-defender-endpoint 
 ms.topic: conceptual
 ---
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/linux-support-perf.md b/windows/security/threat-protection/microsoft-defender-atp/linux-support-perf.md
index e0c27b4a46..8390f37105 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/linux-support-perf.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/linux-support-perf.md
@@ -13,7 +13,9 @@ author: dansimp
 ms.localizationpriority: medium
 manager: dansimp
 audience: ITPro
-ms.collection: M365-security-compliance 
+mms.collection: 
+- m365-security-compliance 
+- m365initiative-defender-endpoint 
 ms.topic: conceptual
 ---
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/linux-updates.md b/windows/security/threat-protection/microsoft-defender-atp/linux-updates.md
index adc018682b..dd01c882b0 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/linux-updates.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/linux-updates.md
@@ -14,7 +14,9 @@ author: dansimp
 ms.localizationpriority: medium
 manager: dansimp
 audience: ITPro
-ms.collection: M365-security-compliance 
+ms.collection: 
+- m365-security-compliance 
+- m365initiative-defender-endpoint 
 ms.topic: conceptual
 ---
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/linux-whatsnew.md b/windows/security/threat-protection/microsoft-defender-atp/linux-whatsnew.md
index 302d9c6717..8e290c8ff5 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/linux-whatsnew.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/linux-whatsnew.md
@@ -13,7 +13,9 @@ author: dansimp
 ms.localizationpriority: medium
 manager: dansimp
 audience: ITPro
-ms.collection: M365-security-compliance
+ms.collection: 
+- m365-security-compliance 
+- m365initiative-defender-endpoint 
 ms.topic: conceptual
 ---
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/live-response.md b/windows/security/threat-protection/microsoft-defender-atp/live-response.md
index 35a1c20298..6157678090 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/live-response.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/live-response.md
@@ -23,7 +23,7 @@ ms.topic: article
 
 
 **Applies to:**
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 
 Live response gives security operations teams instantaneous access to a device (also referred to as a machine) using a remote shell connection. This gives you the power to do in-depth investigative work and take immediate response actions to promptly contain identified threats—in real time. 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-exclusions.md b/windows/security/threat-protection/microsoft-defender-atp/mac-exclusions.md
index 2399987032..3eeb408c4d 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/mac-exclusions.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/mac-exclusions.md
@@ -13,7 +13,9 @@ author: dansimp
 ms.localizationpriority: medium
 manager: dansimp
 audience: ITPro
-ms.collection: M365-security-compliance 
+ms.collection: 
+- m365-security-compliance 
+- m365initiative-defender-endpoint  
 ms.topic: conceptual
 ---
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-install-jamfpro-login.md b/windows/security/threat-protection/microsoft-defender-atp/mac-install-jamfpro-login.md
index 49c40a09a3..59d65172e9 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/mac-install-jamfpro-login.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/mac-install-jamfpro-login.md
@@ -13,7 +13,9 @@ author: dansimp
 ms.localizationpriority: medium
 manager: dansimp
 audience: ITPro
-ms.collection: M365-security-compliance 
+ms.collection: 
+- m365-security-compliance 
+- m365initiative-defender-endpoint 
 ms.topic: conceptual
 ---
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-install-manually.md b/windows/security/threat-protection/microsoft-defender-atp/mac-install-manually.md
index db852ca545..3f720e90e8 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/mac-install-manually.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/mac-install-manually.md
@@ -13,7 +13,9 @@ author: dansimp
 ms.localizationpriority: medium
 manager: dansimp
 audience: ITPro
-ms.collection: M365-security-compliance 
+ms.collection: 
+- m365-security-compliance 
+- m365initiative-defender-endpoint 
 ms.topic: conceptual
 ---
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-install-with-intune.md b/windows/security/threat-protection/microsoft-defender-atp/mac-install-with-intune.md
index d7a00dd754..a1fd86434f 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/mac-install-with-intune.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/mac-install-with-intune.md
@@ -13,7 +13,9 @@ author: dansimp
 ms.localizationpriority: medium
 manager: dansimp
 audience: ITPro
-ms.collection: M365-security-compliance 
+ms.collection: 
+- m365-security-compliance 
+- m365initiative-defender-endpoint 
 ms.topic: conceptual
 ---
 
@@ -195,7 +197,7 @@ To approve the system extensions:
 
 9. As part of the Endpoint Detection and Response capabilities, Microsoft Defender ATP for Mac inspects socket traffic and reports this information to the Microsoft Defender Security Center portal. The following policy allows the network extension to perform this functionality. Download `netfilter.mobileconfig` from [our GitHub repository](https://raw.githubusercontent.com/microsoft/mdatp-xplat/master/macos/mobileconfig/profiles/netfilter.mobileconfig), save it as netext.xml and deploy it using the same steps as in the previous sections. <a name = "create-system-configuration-profiles-step-9" id = "create-system-configuration-profiles-step-9"></a>
 
-10. To allow Defender and Auto Update to display notifications in UI on macOS 10.15 (Catalina), download `notif.mobileconfig` from [our GitHub repository](https://raw.githubusercontent.com/microsoft/mdatp-xplat/master/macos/mobileconfig/profiles/notif.mobileconfig) and import it as a custom payload. <a name = "create-system-configuration-profiles-step-10" id = "create-system-configuration-profiles-step-10"></a>
+10. To allow Microsoft Defender ATP for Mac and Microsoft Auto Update to display notifications in UI on macOS 10.15 (Catalina), download `notif.mobileconfig` from [our GitHub repository](https://raw.githubusercontent.com/microsoft/mdatp-xplat/master/macos/mobileconfig/profiles/notif.mobileconfig) and import it as a custom payload. <a name = "create-system-configuration-profiles-step-10" id = "create-system-configuration-profiles-step-10"></a>
 
 11. Select **Manage > Assignments**.  In the **Include** tab, select **Assign to All Users & All devices**.
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-install-with-jamf.md b/windows/security/threat-protection/microsoft-defender-atp/mac-install-with-jamf.md
index f0d4ab8a8a..b02fdd72d5 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/mac-install-with-jamf.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/mac-install-with-jamf.md
@@ -13,7 +13,9 @@ author: dansimp
 ms.localizationpriority: medium
 manager: dansimp
 audience: ITPro
-ms.collection: M365-security-compliance 
+ms.collection: 
+- m365-security-compliance 
+- m365initiative-defender-endpoint 
 ms.topic: conceptual
 ---
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-install-with-other-mdm.md b/windows/security/threat-protection/microsoft-defender-atp/mac-install-with-other-mdm.md
index 1f4d373697..1e43a13d07 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/mac-install-with-other-mdm.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/mac-install-with-other-mdm.md
@@ -13,7 +13,9 @@ author: maximvelichko
 ms.localizationpriority: medium
 manager: dansimp
 audience: ITPro
-ms.collection: M365-security-compliance 
+ms.collection: 
+- m365-security-compliance 
+- m365initiative-defender-endpoint 
 ms.topic: conceptual
 ---
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-jamfpro-device-groups.md b/windows/security/threat-protection/microsoft-defender-atp/mac-jamfpro-device-groups.md
index 0c869e76e4..04cb07cd04 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/mac-jamfpro-device-groups.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/mac-jamfpro-device-groups.md
@@ -13,7 +13,9 @@ author: dansimp
 ms.localizationpriority: medium
 manager: dansimp
 audience: ITPro
-ms.collection: M365-security-compliance 
+ms.collection: 
+- m365-security-compliance 
+- m365initiative-defender-endpoint 
 ms.topic: conceptual
 ---
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-jamfpro-enroll-devices.md b/windows/security/threat-protection/microsoft-defender-atp/mac-jamfpro-enroll-devices.md
index fd353eceb3..ffd3980a4a 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/mac-jamfpro-enroll-devices.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/mac-jamfpro-enroll-devices.md
@@ -13,7 +13,9 @@ author: dansimp
 ms.localizationpriority: medium
 manager: dansimp
 audience: ITPro
-ms.collection: M365-security-compliance 
+ms.collection: 
+- m365-security-compliance 
+- m365initiative-defender-endpoint 
 ms.topic: conceptual
 ---
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-jamfpro-policies.md b/windows/security/threat-protection/microsoft-defender-atp/mac-jamfpro-policies.md
index 10411a985d..a56afd0ef7 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/mac-jamfpro-policies.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/mac-jamfpro-policies.md
@@ -13,7 +13,9 @@ author: dansimp
 ms.localizationpriority: medium
 manager: dansimp
 audience: ITPro
-ms.collection: M365-security-compliance 
+ms.collection: 
+- m365-security-compliance 
+- m365initiative-defender-endpoint 
 ms.topic: conceptual
 ---
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-preferences.md b/windows/security/threat-protection/microsoft-defender-atp/mac-preferences.md
index a85c712b92..e6f713160f 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/mac-preferences.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/mac-preferences.md
@@ -13,7 +13,9 @@ author: dansimp
 ms.localizationpriority: medium
 manager: dansimp
 audience: ITPro
-ms.collection: M365-security-compliance 
+ms.collection: 
+- m365-security-compliance 
+- m365initiative-defender-endpoint  
 ms.topic: conceptual
 ---
 
@@ -336,6 +338,18 @@ Specify whether to show or hide the status menu icon in the top-right corner of
 | **Data type** | Boolean |
 | **Possible values** | false (default) <br/> true |
 
+#### Show / hide option to send feedback
+
+Specify whether users can submit feedback to Microsoft by going to `Help` > `Send Feedback`.
+
+|||
+|:---|:---|
+| **Domain** | `com.microsoft.wdav` |
+| **Key** | userInitiatedFeedback |
+| **Data type** | String |
+| **Possible values** | enabled (default) <br/> disabled |
+| **Comments** | Available in Microsoft Defender ATP version 101.19.61 or higher. |
+
 ### Endpoint detection and response preferences
 
 Manage the preferences of the endpoint detection and response (EDR) component of Microsoft Defender ATP for Mac.
@@ -624,6 +638,8 @@ The following templates contain entries for all settings described in this docum
     <dict>
         <key>hideStatusMenuIcon</key>
         <false/>
+        <key>userInitiatedFeedback</key>
+		<string>enabled</string>
     </dict>
 </dict>
 </plist>
@@ -764,6 +780,8 @@ The following templates contain entries for all settings described in this docum
                 <dict>
                     <key>hideStatusMenuIcon</key>
                     <false/>
+                    <key>userInitiatedFeedback</key>
+		            <string>enabled</string>
                 </dict>
             </dict>
         </array>
diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-privacy.md b/windows/security/threat-protection/microsoft-defender-atp/mac-privacy.md
index 5bb254d10c..42d1a1e3fd 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/mac-privacy.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/mac-privacy.md
@@ -13,7 +13,9 @@ author: dansimp
 ms.localizationpriority: medium
 manager: dansimp
 audience: ITPro
-ms.collection: M365-security-compliance 
+ms.collection: 
+- m365-security-compliance 
+- m365initiative-defender-endpoint 
 ms.topic: conceptual
 ---
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-pua.md b/windows/security/threat-protection/microsoft-defender-atp/mac-pua.md
index e13d95555f..266a05a30f 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/mac-pua.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/mac-pua.md
@@ -13,7 +13,9 @@ author: dansimp
 ms.localizationpriority: medium
 manager: dansimp
 audience: ITPro
-ms.collection: M365-security-compliance
+ms.collection: 
+- m365-security-compliance 
+- m365initiative-defender-endpoint 
 ms.topic: conceptual
 ---
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-resources.md b/windows/security/threat-protection/microsoft-defender-atp/mac-resources.md
index 2aafa7220d..83030035f2 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/mac-resources.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/mac-resources.md
@@ -13,7 +13,9 @@ author: dansimp
 ms.localizationpriority: medium
 manager: dansimp
 audience: ITPro
-ms.collection: M365-security-compliance
+ms.collection: 
+- m365-security-compliance 
+- m365initiative-defender-endpoint 
 ms.topic: conceptual
 ---
 
@@ -44,6 +46,9 @@ If you can reproduce a problem, increase the logging level, run the system for s
 
 3. Run `sudo mdatp diagnostic create` to back up Microsoft Defender ATP's logs. The files will be stored inside a .zip archive. This command will also print out the file path to the backup after the operation succeeds.
 
+  > [!TIP]
+  > By default, diagnostic logs are saved to `/Library/Application Support/Microsoft/Defender/wdavdiag/`. To change the directory where diagnostic logs are saved, pass `--path [directory]` to the below command, replacing `[directory]` with the desired directory.
+
    ```bash
    sudo mdatp diagnostic create
    ```
@@ -97,7 +102,7 @@ Important tasks, such as controlling product settings and triggering on-demand s
 |Configuration|Turn on audit mode for PUA protection      |`mdatp threat policy set --type potentially_unwanted_application -- action audit` |
 |Configuration|Turn on/off passiveMode                    |`mdatp config passive-mode --value enabled [enabled/disabled]`                    |
 |Diagnostics  |Change the log level                       |`mdatp log level set --level [error/warning/info/verbose]`                        |
-|Diagnostics  |Generate diagnostic logs                   |`mdatp diagnostic create`                                                         |
+|Diagnostics  |Generate diagnostic logs                   |`mdatp diagnostic create --path [directory]`                                                         |
 |Health       |Check the product's health                 |`mdatp health`                                                                    |
 |Health       |Check for a spefic product attribute       |`mdatp health --field [attribute: healthy/licensed/engine_version...]`            |
 |Protection   |Scan a path                                |`mdatp scan custom --path [path]`                                                 |
diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-schedule-scan-atp.md b/windows/security/threat-protection/microsoft-defender-atp/mac-schedule-scan-atp.md
index 5fde32aab8..fdad212625 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/mac-schedule-scan-atp.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/mac-schedule-scan-atp.md
@@ -13,7 +13,9 @@ author: dansimp
 ms.localizationpriority: medium
 manager: dansimp
 audience: ITPro
-ms.collection: M365-security-compliance
+ms.collection: 
+- m365-security-compliance 
+- m365initiative-defender-endpoint 
 ms.topic: conceptual
 ---
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-support-install.md b/windows/security/threat-protection/microsoft-defender-atp/mac-support-install.md
index feb636fd2d..f4a32380f3 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/mac-support-install.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/mac-support-install.md
@@ -13,7 +13,9 @@ author: dansimp
 ms.localizationpriority: medium
 manager: dansimp
 audience: ITPro
-ms.collection: M365-security-compliance 
+ms.collection: 
+- m365-security-compliance 
+- m365initiative-defender-endpoint 
 ms.topic: conceptual
 ---
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-support-kext.md b/windows/security/threat-protection/microsoft-defender-atp/mac-support-kext.md
index f773e91875..d369e94d36 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/mac-support-kext.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/mac-support-kext.md
@@ -13,7 +13,9 @@ author: dansimp
 ms.localizationpriority: medium
 manager: dansimp
 audience: ITPro
-ms.collection: M365-security-compliance 
+ms.collection: 
+- m365-security-compliance 
+- m365initiative-defender-endpoint 
 ms.topic: conceptual
 ---
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-support-license.md b/windows/security/threat-protection/microsoft-defender-atp/mac-support-license.md
index 72cfd50ff0..a05f815303 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/mac-support-license.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/mac-support-license.md
@@ -13,7 +13,9 @@ author: dansimp
 ms.localizationpriority: medium
 manager: dansimp
 audience: ITPro
-ms.collection: M365-security-compliance 
+ms.collection: 
+- m365-security-compliance 
+- m365initiative-defender-endpoint 
 ms.topic: conceptual
 ---
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-support-perf.md b/windows/security/threat-protection/microsoft-defender-atp/mac-support-perf.md
index 04cfb43c25..385a3fddb2 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/mac-support-perf.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/mac-support-perf.md
@@ -13,7 +13,9 @@ author: dansimp
 ms.localizationpriority: medium
 manager: dansimp
 audience: ITPro
-ms.collection: M365-security-compliance 
+ms.collection: 
+- m365-security-compliance 
+- m365initiative-defender-endpoint  
 ms.topic: conceptual
 ---
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-sysext-policies.md b/windows/security/threat-protection/microsoft-defender-atp/mac-sysext-policies.md
index 24c22d7bd0..f53075c405 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/mac-sysext-policies.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/mac-sysext-policies.md
@@ -13,7 +13,9 @@ author: dansimp
 ms.localizationpriority: medium
 manager: dansimp
 audience: ITPro
-ms.collection: M365-security-compliance 
+ms.collection: 
+- m365-security-compliance 
+- m365initiative-defender-endpoint 
 ms.topic: conceptual
 ROBOTS: noindex,nofollow
 ---
@@ -62,7 +64,7 @@ As part of the Endpoint Detection and Response capabilities, Microsoft Defender
 >JAMF doesn’t have built-in support for content filtering policies, which are a pre-requisite for enabling the network extensions that Microsoft Defender ATP for Mac installs on the device. Furthermore, JAMF sometimes changes the content of the policies being deployed.
 >As such, the following steps provide a workaround that involve signing the configuration profile.
 
-1. Save the following content to your device as `com.microsoft.network-extension.mobileconfig`
+1. Save the following content to your device as `com.microsoft.network-extension.mobileconfig` using a text editor:
 
     ```xml
     <?xml version="1.0" encoding="UTF-8"?><!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
@@ -125,21 +127,38 @@ As part of the Endpoint Detection and Response capabilities, Microsoft Defender
     </plist>
     ```
 
-2. Verify that the above file was copied correctly. From the Terminal, run the following command and verify that it outputs `OK`:
+2. Verify that the above file was copied correctly by running the `plutil` utility in the Terminal:
 
     ```bash
-    $ plutil -lint com.microsoft.network-extension.mobileconfig
-    com.microsoft.network-extension.mobileconfig: OK
+    $ plutil -lint <PathToFile>/com.microsoft.network-extension.mobileconfig
     ```
 
-3. Follow the instructions on [this page](https://www.jamf.com/jamf-nation/articles/649/creating-a-signing-certificate-using-jamf-pro-s-built-in-certificate-authority) to create a signing certificate using JAMF’s built-in certificate authority
-
-4. After the certificate is created and installed to your device, run the following command from the Terminal:
+    For example, if the file was stored in Documents:
 
     ```bash
-    $ security cms -S -N "<certificate name>" -i com.microsoft.network-extension.mobileconfig -o com.microsoft.network-extension.signed.mobileconfig
+    $ plutil -lint ~/Documents/com.microsoft.network-extension.mobileconfig
     ```
+    
+    Verify that the command outputs `OK`.
+        
+    ```bash
+    <PathToFile>/com.microsoft.network-extension.mobileconfig: OK
+    ```
+    
+3. Follow the instructions on [this page](https://www.jamf.com/jamf-nation/articles/649/creating-a-signing-certificate-using-jamf-pro-s-built-in-certificate-authority) to create a signing certificate using JAMF’s built-in certificate authority.
 
+4. After the certificate is created and installed to your device, run the following command from the Terminal to sign the file:
+
+    ```bash
+    $ security cms -S -N "<CertificateName>" -i <PathToFile>/com.apple.webcontent-filter.mobileconfig -o <PathToSignedFile>/com.microsoft.network-extension.signed.mobileconfig
+    ```
+    
+    For example, if the certificate name is **SigningCertificate** and the signed file is going to be stored in Documents:
+    
+    ```bash
+    $ security cms -S -N "SigningCertificate" -i ~/Documents/com.apple.webcontent-filter.mobileconfig -o ~/Documents/com.microsoft.network-extension.signed.mobileconfig
+    ```
+    
 5. From the JAMF portal, navigate to **Configuration Profiles** and click the **Upload** button. Select `com.microsoft.network-extension.signed.mobileconfig` when prompted for the file.
 
 ## Intune
diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-sysext-preview.md b/windows/security/threat-protection/microsoft-defender-atp/mac-sysext-preview.md
index 27ec242709..86a435cc65 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/mac-sysext-preview.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/mac-sysext-preview.md
@@ -13,7 +13,9 @@ author: dansimp
 ms.localizationpriority: medium
 manager: dansimp
 audience: ITPro
-ms.collection: M365-security-compliance 
+ms.collection: 
+- m365-security-compliance 
+- m365initiative-defender-endpoint 
 ms.topic: conceptual
 ROBOTS: noindex,nofollow
 ---
diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-updates.md b/windows/security/threat-protection/microsoft-defender-atp/mac-updates.md
index a356d8d895..740aaacb77 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/mac-updates.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/mac-updates.md
@@ -13,7 +13,9 @@ author: dansimp
 ms.localizationpriority: medium
 manager: dansimp
 audience: ITPro
-ms.collection: M365-security-compliance 
+ms.collection: 
+- m365-security-compliance 
+- m365initiative-defender-endpoint 
 ms.topic: conceptual
 ---
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-whatsnew.md b/windows/security/threat-protection/microsoft-defender-atp/mac-whatsnew.md
index 7748721340..f14a0d3752 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/mac-whatsnew.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/mac-whatsnew.md
@@ -13,7 +13,9 @@ author: dansimp
 ms.localizationpriority: medium
 manager: dansimp
 audience: ITPro
-ms.collection: M365-security-compliance 
+ms.collection: 
+- m365-security-compliance 
+- m365initiative-defender-endpoint 
 ms.topic: conceptual
 ---
 
@@ -41,6 +43,27 @@ ms.topic: conceptual
 > 2. Refer to this documentation for detailed configuration information and instructions: [New configuration profiles for macOS Catalina and newer versions of macOS](mac-sysext-policies.md).
 > 3. Monitor this page for an announcement of the actual release of MDATP for Mac agent update.
 
+## 101.09.61
+
+- Added a new managed preference for [disabling the option to send feedback](mac-preferences.md#show--hide-option-to-send-feedback)
+- Status menu icon now shows a healthy state when the product settings are managed. Previously, the status menu icon was displaying a warning or error state, even though the product settings were managed by the administrator
+- Performance improvements & bug fixes
+
+## 101.09.50
+
+- This product version has been validated on macOS Big Sur 11 beta 9
+
+  > [!IMPORTANT]
+  > Extensive testing of MDE (Microsoft Defender for Endpoint) with new macOS system extensions revealed an intermittent issue that impacts macOS devices with specific graphic cards models. In rare cases on impacted macOS devices calls into macOS system extensions were seen resulting in kernel panic. Microsoft is actively working with Apple engineering to clarify profile of impacted devices and to address this macOS issue.
+
+- The new syntax for the `mdatp` command-line tool is now the default one. For more information on the new syntax, see [Resources for Microsoft Defender ATP for Mac](mac-resources.md#configuring-from-the-command-line)
+
+  > [!NOTE]
+  > The old command-line tool syntax will be removed from the product on **January 1st, 2021**.
+
+- Extended `mdatp diagnostic create` with a new parameter (`--path [directory]`) that allows the diagnostic logs to be saved to a different directory
+- Performance improvements & bug fixes
+
 ## 101.09.49
 
 - User interface improvements to differentiate exclusions that are managed by the IT administrator versus exclusions defined by the local user
diff --git a/windows/security/threat-protection/microsoft-defender-atp/machine-groups.md b/windows/security/threat-protection/microsoft-defender-atp/machine-groups.md
index 678340162e..1ec1962585 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/machine-groups.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/machine-groups.md
@@ -26,7 +26,7 @@ ms.topic: article
 
 - Azure Active Directory
 - Office 365
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 In an enterprise scenario, security operation teams are typically assigned a set of devices. These devices are grouped together based on a set of attributes such as their domains, computer names, or designated tags.
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/machine-reports.md b/windows/security/threat-protection/microsoft-defender-atp/machine-reports.md
index 3349058516..0f50126e3f 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/machine-reports.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/machine-reports.md
@@ -23,7 +23,7 @@ ms.topic: article
 
 
 **Applies to:**
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 
 The devices status report provides high-level information about the devices in your organization. The report includes trending information showing the sensor health state, antivirus status, OS platforms, and Windows 10 versions.
diff --git a/windows/security/threat-protection/microsoft-defender-atp/machine.md b/windows/security/threat-protection/microsoft-defender-atp/machine.md
index e2bb55c2a6..4fbc97c8a3 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/machine.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/machine.md
@@ -21,7 +21,7 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 
-**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 - Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
@@ -41,7 +41,7 @@ Method|Return Type |Description
 [Add or Remove machine tags](add-or-remove-machine-tags.md) | [machine](machine.md) | Add or Remove tag to a specific machine.
 [Find machines by IP](find-machines-by-ip.md) | [machine](machine.md) collection | Find machines seen with IP.
 [Get missing KBs](get-missing-kbs-machine.md) | KB collection | Get a list of missing KBs associated with the machine ID
-[Set device value](set-device-value.md)| [machine](machine.md) collection | Set the value of a device, See [threat and vulnerability management scenarios](threat-and-vuln-mgt-scenarios.md).
+[Set device value](set-device-value.md)| [machine](machine.md) collection | Set the [value of a device](tvm-assign-device-value.md).
 
 ## Properties
 
@@ -61,8 +61,8 @@ rbacGroupName | String | Machine group Name.
 rbacGroupId | Int | Machine group unique ID.
 riskScore | Nullable Enum | Risk score as evaluated by Microsoft Defender ATP. Possible values are: 'None', 'Low', 'Medium' and 'High'.
 exposureScore | Nullable Enum | [Exposure score](tvm-exposure-score.md) as evaluated by Microsoft Defender ATP. Possible values are: 'None', 'Low', 'Medium' and 'High'.
-aadDeviceId | Nullable representation Guid | AAD Device ID (when [machine](machine.md) is Aad Joined).
+aadDeviceId | Nullable representation Guid | AAD Device ID (when [machine](machine.md) is AAD Joined).
 machineTags | String collection | Set of [machine](machine.md) tags.
 exposureLevel | Nullable Enum | Exposure level as evaluated by Microsoft Defender ATP. Possible values are: 'None', 'Low', 'Medium' and 'High'.
-deviceValue | Nullable Enum | The value of the device, See [threat and vulnerability management scenarios](threat-and-vuln-mgt-scenarios.md). Possible values are: 'Normal', 'Low' and 'High'.
+deviceValue | Nullable Enum | The [value of the device](tvm-assign-device-value.md). Possible values are: 'Normal', 'Low' and 'High'.
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/machineaction.md b/windows/security/threat-protection/microsoft-defender-atp/machineaction.md
index 683d807480..19f660b07e 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/machineaction.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/machineaction.md
@@ -21,7 +21,7 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 
-**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 - Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/machines-view-overview.md b/windows/security/threat-protection/microsoft-defender-atp/machines-view-overview.md
index ff9c54a53f..c4df93659f 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/machines-view-overview.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/machines-view-overview.md
@@ -24,7 +24,7 @@ ms.topic: article
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-machinesview-abovefoldlink)
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/manage-alerts.md b/windows/security/threat-protection/microsoft-defender-atp/manage-alerts.md
index c4d934024e..9a210d00da 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/manage-alerts.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/manage-alerts.md
@@ -23,7 +23,7 @@ ms.topic: article
 
 
 **Applies to:**
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-managealerts-abovefoldlink)
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/manage-atp-post-migration-configuration-manager.md b/windows/security/threat-protection/microsoft-defender-atp/manage-atp-post-migration-configuration-manager.md
index 6d04ee080e..a0a93f2dc7 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/manage-atp-post-migration-configuration-manager.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/manage-atp-post-migration-configuration-manager.md
@@ -14,7 +14,9 @@ author: denisebmsft
 ms.localizationpriority: medium
 manager: dansimp
 audience: ITPro
-ms.collection: M365-security-compliance 
+ms.collection: 
+- M365-security-compliance
+- m365solution-scenario
 ms.topic: article
 ms.date: 09/22/2020
 ms.reviewer: chventou
@@ -26,7 +28,7 @@ ms.reviewer: chventou
 
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 We recommend using We recommend using [Microsoft Endpoint Manager](https://docs.microsoft.com/mem), which includes [Microsoft Intune](https://docs.microsoft.com/mem/intune/fundamentals/what-is-intune) (Intune) and [Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/mem/configmgr/core/understand/introduction) (Configuration Manager) to manage your organization's threat protection features for devices (also referred to as endpoints). 
 - [Learn more about Endpoint Manager](https://docs.microsoft.com/mem/endpoint-manager-overview)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/manage-atp-post-migration-group-policy-objects.md b/windows/security/threat-protection/microsoft-defender-atp/manage-atp-post-migration-group-policy-objects.md
index 016d29c822..c9fe3f4c85 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/manage-atp-post-migration-group-policy-objects.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/manage-atp-post-migration-group-policy-objects.md
@@ -14,7 +14,9 @@ author: denisebmsft
 ms.localizationpriority: medium
 manager: dansimp
 audience: ITPro
-ms.collection: M365-security-compliance 
+ms.collection: 
+- M365-security-compliance
+- m365solution-scenario
 ms.topic: article
 ms.date: 09/22/2020
 ms.reviewer: chventou
@@ -26,7 +28,7 @@ ms.reviewer: chventou
 
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 > [!NOTE]
 > We recommend using [Microsoft Endpoint Manager](https://docs.microsoft.com/mem) to manage your organization's threat protection features for devices (also referred to as endpoints). Endpoint Manager includes [Microsoft Intune](https://docs.microsoft.com/mem/intune/fundamentals/what-is-intune) and [Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/mem/configmgr/core/understand/introduction). **[Learn more about Endpoint Manager](https://docs.microsoft.com/mem/endpoint-manager-overview)**. 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/manage-atp-post-migration-intune.md b/windows/security/threat-protection/microsoft-defender-atp/manage-atp-post-migration-intune.md
index eeefc94bfd..36d77dce37 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/manage-atp-post-migration-intune.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/manage-atp-post-migration-intune.md
@@ -14,7 +14,9 @@ author: denisebmsft
 ms.localizationpriority: medium
 manager: dansimp
 audience: ITPro
-ms.collection: M365-security-compliance 
+ms.collection: 
+- M365-security-compliance
+- m365solution-scenario
 ms.topic: article
 ms.date: 09/22/2020
 ms.reviewer: chventou
@@ -26,7 +28,7 @@ ms.reviewer: chventou
 
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 We recommend using [Microsoft Endpoint Manager](https://docs.microsoft.com/mem), which includes Microsoft Intune (Intune) to manage your organization's threat protection features for devices (also referred to as endpoints). [Learn more about Endpoint Manager](https://docs.microsoft.com/mem/endpoint-manager-overview).
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/manage-atp-post-migration-other-tools.md b/windows/security/threat-protection/microsoft-defender-atp/manage-atp-post-migration-other-tools.md
index 4eb3a79282..339857a351 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/manage-atp-post-migration-other-tools.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/manage-atp-post-migration-other-tools.md
@@ -14,7 +14,9 @@ author: denisebmsft
 ms.localizationpriority: medium
 manager: dansimp
 audience: ITPro
-ms.collection: M365-security-compliance 
+ms.collection: 
+- M365-security-compliance
+- m365solution-scenario
 ms.topic: article
 ms.date: 09/22/2020
 ms.reviewer: chventou
@@ -26,7 +28,7 @@ ms.reviewer: chventou
 
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 > [!NOTE]
 > We recommend using [Microsoft Endpoint Manager](https://docs.microsoft.com/mem) to manage your organization's threat protection features for devices (also referred to as endpoints). Endpoint Manager includes [Microsoft Intune](https://docs.microsoft.com/mem/intune/fundamentals/what-is-intune) and [Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/mem/configmgr/core/understand/introduction). 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/manage-atp-post-migration.md b/windows/security/threat-protection/microsoft-defender-atp/manage-atp-post-migration.md
index 417f5267d3..7d186a373a 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/manage-atp-post-migration.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/manage-atp-post-migration.md
@@ -14,7 +14,9 @@ author: denisebmsft
 ms.localizationpriority: medium
 manager: dansimp
 audience: ITPro
-ms.collection: M365-security-compliance 
+ms.collection: 
+- M365-security-compliance
+- m365solution-scenario
 ms.topic: conceptual
 ms.date: 09/22/2020
 ms.reviewer: chventou
@@ -26,7 +28,7 @@ ms.reviewer: chventou
 
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 After you have moved from your previous endpoint protection and antivirus solution to Microsoft Defender for Endpoint, your next step is to manage your features and capabilities. We recommend using [Microsoft Endpoint Manager](https://docs.microsoft.com/mem/endpoint-manager-overview), which includes [Microsoft Intune](https://docs.microsoft.com/mem/intune/fundamentals/what-is-intune) and [Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/mem/configmgr/core/understand/introduction), to manage your organization's devices and security settings. However, you can use other tools/methods, such as [Group Policy Objects in Azure Active Directory Domain Services](https://docs.microsoft.com/azure/active-directory-domain-services/manage-group-policy). 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/manage-auto-investigation.md b/windows/security/threat-protection/microsoft-defender-atp/manage-auto-investigation.md
index 116cc0e459..ab130cb910 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/manage-auto-investigation.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/manage-auto-investigation.md
@@ -13,7 +13,9 @@ author: denisebmsft
 ms.localizationpriority: medium
 manager: dansimp
 audience: ITPro
-ms.collection: M365-security-compliance 
+ms.collection: 
+- m365-security-compliance 
+- m365initiative-defender-endpoint 
 ms.topic: conceptual
 ms.date: 09/15/2020
 ---
diff --git a/windows/security/threat-protection/microsoft-defender-atp/manage-automation-file-uploads.md b/windows/security/threat-protection/microsoft-defender-atp/manage-automation-file-uploads.md
index 5dfefb6a2a..0b5d31597f 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/manage-automation-file-uploads.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/manage-automation-file-uploads.md
@@ -25,7 +25,7 @@ ms.topic: article
 **Applies to:**
 
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/manage-automation-folder-exclusions.md b/windows/security/threat-protection/microsoft-defender-atp/manage-automation-folder-exclusions.md
index 056f3d9d05..29529c8847 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/manage-automation-folder-exclusions.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/manage-automation-folder-exclusions.md
@@ -25,7 +25,7 @@ ms.topic: article
 **Applies to:**
 
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/manage-edr.md b/windows/security/threat-protection/microsoft-defender-atp/manage-edr.md
index 1755204179..458c0798ce 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/manage-edr.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/manage-edr.md
@@ -14,7 +14,9 @@ author: mjcaparas
 ms.localizationpriority: medium
 manager: dansimp
 audience: ITPro
-ms.collection: M365-security-compliance 
+ms.collection: 
+- m365-security-compliance 
+- m365initiative-defender-endpoint 
 ms.topic: conceptual
 ---
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/manage-incidents.md b/windows/security/threat-protection/microsoft-defender-atp/manage-incidents.md
index 05f77e6b94..f0cd8403c1 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/manage-incidents.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/manage-incidents.md
@@ -13,9 +13,10 @@ author: mjcaparas
 ms.localizationpriority: medium
 manager: dansimp
 audience: ITPro
-ms.collection: M365-security-compliance 
+ms.collection: 
+- m365-security-compliance 
+- m365initiative-defender-endpoint 
 ms.topic: article
-ms.date: 10/08/2018
 ---
 
 # Manage Microsoft Defender ATP incidents
@@ -24,7 +25,7 @@ ms.date: 10/08/2018
 
 
 **Applies to:**
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 Managing incidents is an important part of every cybersecurity operation. You can manage incidents by selecting an incident from the **Incidents queue** or the **Incidents management pane**. 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/manage-indicators.md b/windows/security/threat-protection/microsoft-defender-atp/manage-indicators.md
index b8a672c6a3..d5186273e9 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/manage-indicators.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/manage-indicators.md
@@ -24,7 +24,7 @@ ms.topic: article
 
 
 **Applies to:**
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 
 >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-automationexclusionlist-abovefoldlink)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/manage-suppression-rules.md b/windows/security/threat-protection/microsoft-defender-atp/manage-suppression-rules.md
index 2db2ff913f..d13aa975d2 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/manage-suppression-rules.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/manage-suppression-rules.md
@@ -24,7 +24,7 @@ ms.topic: article
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 There might be scenarios where you need to suppress alerts from appearing in the portal. You can create suppression rules for specific alerts that are known to be innocuous such as known tools or processes in your organization. For more information on how to suppress alerts, see [Suppress alerts](manage-alerts.md).
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/management-apis.md b/windows/security/threat-protection/microsoft-defender-atp/management-apis.md
index 45de6c024c..0a71770ee3 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/management-apis.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/management-apis.md
@@ -24,7 +24,7 @@ ms.topic: conceptual
 
 
 **Applies to:**
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-mgt-apis-abovefoldlink)
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/mcafee-to-microsoft-defender-onboard.md b/windows/security/threat-protection/microsoft-defender-atp/mcafee-to-microsoft-defender-onboard.md
index 3422d29ce9..d38a5977e8 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/mcafee-to-microsoft-defender-onboard.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/mcafee-to-microsoft-defender-onboard.md
@@ -17,6 +17,7 @@ audience: ITPro
 ms.collection: 
 - M365-security-compliance 
 - m365solution-McAfeemigrate
+- m365solution-scenario
 ms.custom: migrationguides
 ms.topic: article
 ms.date: 09/24/2020
diff --git a/windows/security/threat-protection/microsoft-defender-atp/mcafee-to-microsoft-defender-prepare.md b/windows/security/threat-protection/microsoft-defender-atp/mcafee-to-microsoft-defender-prepare.md
index a22a3a83d5..fe973d1a59 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/mcafee-to-microsoft-defender-prepare.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/mcafee-to-microsoft-defender-prepare.md
@@ -17,6 +17,7 @@ audience: ITPro
 ms.collection: 
 - M365-security-compliance 
 - m365solution-mcafeemigrate
+- m365solution-scenario
 ms.topic: article
 ms.custom: migrationguides
 ms.date: 09/22/2020
diff --git a/windows/security/threat-protection/microsoft-defender-atp/mcafee-to-microsoft-defender-setup.md b/windows/security/threat-protection/microsoft-defender-atp/mcafee-to-microsoft-defender-setup.md
index 7e0da8d519..8813e53523 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/mcafee-to-microsoft-defender-setup.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/mcafee-to-microsoft-defender-setup.md
@@ -16,7 +16,8 @@ manager: dansimp
 audience: ITPro
 ms.collection: 
 - M365-security-compliance
-- m365solution-mcafeemigrate 
+- m365solution-mcafeemigrate
+- m365solution-scenario 
 ms.topic: article
 ms.custom: migrationguides
 ms.date: 09/22/2020
diff --git a/windows/security/threat-protection/microsoft-defender-atp/microsoft-cloud-app-security-config.md b/windows/security/threat-protection/microsoft-defender-atp/microsoft-cloud-app-security-config.md
index 2049e0d9bd..06d2ab83cf 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/microsoft-cloud-app-security-config.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/microsoft-cloud-app-security-config.md
@@ -25,7 +25,7 @@ ms.topic: article
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 [!include[Prerelease information](../../includes/prerelease.md)]
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/microsoft-cloud-app-security-integration.md b/windows/security/threat-protection/microsoft-defender-atp/microsoft-cloud-app-security-integration.md
index a6f03c17c5..a23303c507 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/microsoft-cloud-app-security-integration.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/microsoft-cloud-app-security-integration.md
@@ -24,7 +24,7 @@ ms.date: 10/18/2018
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 [!include[Prerelease information](../../includes/prerelease.md)]
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-android.md b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-android.md
index a382a8463d..4b4a872950 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-android.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-android.md
@@ -14,7 +14,9 @@ author: dansimp
 ms.localizationpriority: medium
 manager: dansimp
 audience: ITPro
-ms.collection: M365-security-compliance
+ms.collection: 
+- m365-security-compliance 
+- m365initiative-defender-endpoint 
 ms.topic: conceptual
 ---
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-ios.md b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-ios.md
index ed5256954e..118ea48672 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-ios.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-ios.md
@@ -14,7 +14,9 @@ author: mjcaparas
 ms.localizationpriority: medium
 manager: dansimp
 audience: ITPro
-ms.collection: M365-security-compliance
+ms.collection: 
+- m365-security-compliance 
+- m365initiative-defender-endpoint 
 ms.topic: conceptual
 ---
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-linux.md b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-linux.md
index 1e0b400707..ea21452763 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-linux.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-linux.md
@@ -14,7 +14,9 @@ author: dansimp
 ms.localizationpriority: medium
 manager: dansimp
 audience: ITPro
-ms.collection: M365-security-compliance
+ms.collection: 
+- m365-security-compliance 
+- m365initiative-defender-endpoint 
 ms.topic: conceptual
 ---
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-mac.md b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-mac.md
index 90fef9d116..06899fd04e 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-mac.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-mac.md
@@ -14,7 +14,9 @@ author: dansimp
 ms.localizationpriority: medium
 manager: dansimp
 audience: ITPro
-ms.collection: M365-security-compliance
+ms.collection: 
+- m365-security-compliance 
+- m365initiative-defender-endpoint 
 ms.topic: conceptual
 ---
 
@@ -70,6 +72,18 @@ Beta versions of macOS are not supported. macOS Sierra (10.12) support ended on
 
 After you've enabled the service, you may need to configure your network or firewall to allow outbound connections between it and your endpoints.
 
+### Licensing requirements
+
+Microsoft Defender Advanced Threat Protection for Mac requires one of the following Microsoft Volume Licensing offers:
+
+- Microsoft 365 E5 (M365 E5)
+- Microsoft 365 E5 Security
+- Microsoft 365 A5 (M365 A5)
+
+> [!NOTE]
+> Eligible licensed users may use Microsoft Defender Advanced Threat Protection on up to five concurrent devices.
+> Microsoft Defender Advanced Threat Protection is also available for purchase from a Cloud Solution Provider (CSP). When purchased via a CSP, it does not require Microsoft Volume Licensing offers listed.
+
 ### Network connections
 
 The following downloadable spreadsheet lists the services and their associated URLs that your network must be able to connect to. You should ensure that there are no firewall or network filtering rules that would deny access to these URLs, or you may need to create an *allow* rule specifically for them.
diff --git a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-security-center.md b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-security-center.md
index ee826bd394..e04a02313b 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-security-center.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-security-center.md
@@ -13,7 +13,9 @@ author: mjcaparas
 ms.localizationpriority: medium
 manager: dansimp
 audience: ITPro
-ms.collection: M365-security-compliance 
+ms.collection: 
+- m365-security-compliance 
+- m365initiative-defender-endpoint 
 ms.topic: conceptual
 ---
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/microsoft-threat-experts.md b/windows/security/threat-protection/microsoft-defender-atp/microsoft-threat-experts.md
index 9831cb1cf8..47fcaf8d7d 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/microsoft-threat-experts.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/microsoft-threat-experts.md
@@ -14,7 +14,9 @@ author: mjcaparas
 ms.localizationpriority: medium
 manager: dansimp
 audience: ITPro
-ms.collection: M365-security-compliance 
+ms.collection: 
+- m365-security-compliance 
+- m365initiative-defender-endpoint 
 ms.topic: conceptual
 ---
 
@@ -23,7 +25,7 @@ ms.topic: conceptual
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 Microsoft Threat Experts is a managed threat hunting service that provides Security Operation Centers (SOCs) with expert level monitoring and analysis to help them ensure that critical threats in their unique environments don’t get missed.
   
diff --git a/windows/security/threat-protection/microsoft-defender-atp/migration-guides.md b/windows/security/threat-protection/microsoft-defender-atp/migration-guides.md
index 193a2a1360..308308a4d0 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/migration-guides.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/migration-guides.md
@@ -11,6 +11,7 @@ ms.prod: w10
 ms.localizationpriority: medium
 ms.collection: 
 - M365-security-compliance
+- m365solution-scenario
 ms.custom: migrationguides
 ms.reviewer: chriggs, depicker, yongrhee
 f1.keywords: NOCSH 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/minimum-requirements.md b/windows/security/threat-protection/microsoft-defender-atp/minimum-requirements.md
index d934a67ccf..b659b20797 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/minimum-requirements.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/minimum-requirements.md
@@ -23,7 +23,7 @@ ms.topic: conceptual
 
 
 **Applies to:**
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 There are some minimum requirements for onboarding devices to the service. Learn about the licensing, hardware and software requirements, and other configuration settings to onboard devices to the service.
 
@@ -61,7 +61,7 @@ For detailed licensing information, see the [Product Terms site](https://www.mic
 
 For more information on the array of features in Windows 10 editions, see [Compare Windows 10 editions](https://www.microsoft.com/windowsforbusiness/compare).
 
-For a detailed comparison table of Windows 10 commercial edition comparison, see the [comparison PDF](https://go.microsoft.com/fwlink/p/?linkid=2069559).
+For a detailed comparison table of Windows 10 commercial edition comparison, see the [comparison PDF](https://wfbdevicemanagementprod.blob.core.windows.net/windowsforbusiness/Windows10_CommercialEdition_Comparison.pdf).
 
 ## Browser requirements
 Access to Microsoft Defender ATP is done through a browser, supporting the following browsers:
@@ -80,12 +80,11 @@ Access to Microsoft Defender ATP is done through a browser, supporting the follo
 - Windows 7 SP1 Pro
 - Windows 8.1 Enterprise
 - Windows 8.1 Pro
-- Windows 10, version 1607 or later
-  - Windows 10 Enterprise
-  - [Windows 10 Enterprise LTSC](https://docs.microsoft.com/windows/whats-new/ltsc/)
-  - Windows 10 Education
-  - Windows 10 Pro
-  - Windows 10 Pro Education
+- Windows 10 Enterprise
+- [Windows 10 Enterprise LTSC](https://docs.microsoft.com/windows/whats-new/ltsc/)
+- Windows 10 Education
+- Windows 10 Pro
+- Windows 10 Pro Education
 - Windows server
   - Windows Server 2008 R2 SP1
   - Windows Server 2012 R2
diff --git a/windows/security/threat-protection/microsoft-defender-atp/mssp-list.md b/windows/security/threat-protection/microsoft-defender-atp/mssp-list.md
index e04b5fd740..36d7f8db37 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/mssp-list.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/mssp-list.md
@@ -21,7 +21,7 @@ ms.topic: article
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 Logo |Partner name   | Description 
 :---|:---|:---
diff --git a/windows/security/threat-protection/microsoft-defender-atp/mssp-support.md b/windows/security/threat-protection/microsoft-defender-atp/mssp-support.md
index 6f1d18b0e5..6982d30ef4 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/mssp-support.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/mssp-support.md
@@ -23,7 +23,7 @@ ms.topic: conceptual
 
 
 **Applies to:**
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-mssp-support-abovefoldlink)
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/network-protection.md b/windows/security/threat-protection/microsoft-defender-atp/network-protection.md
index ea52e95529..eec4470439 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/network-protection.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/network-protection.md
@@ -25,7 +25,7 @@ ms.custom: asr
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 Network protection helps reduce the attack surface of your devices from Internet-based events. It prevents employees from using any application to access dangerous domains that may host phishing scams, exploits, and other malicious content on the Internet.
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md b/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md
index a0f4515971..54a1538ebe 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md
@@ -14,17 +14,16 @@ ms.localizationpriority: medium
 manager: dansimp
 audience: ITPro
 ms.collection: M365-security-compliance 
-ms.topic: conceptual
+ms.topic: overview
 ---
 
 # Threat and vulnerability management
 
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
-
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-portaloverview-abovefoldlink)
 
@@ -42,63 +41,49 @@ Threat and vulnerability management is built in, real time, and cloud powered. I
 
 Vulnerability management is the first solution in the industry to bridge the gap between security administration and IT administration during remediation process. Create a security task or ticket by integrating with Microsoft Intune and Microsoft Endpoint Configuration Manager.
 
-It provides the following solutions to frequently cited gaps across security operations, security administration, and IT administration workflows and communication:
-
-- Real-time endpoint detection and response (EDR) insights correlated with endpoint vulnerabilities
-- Linked device vulnerability and security configuration assessment data in the context of exposure discovery
-- Built-in remediation processes through Microsoft Intune and Configuration Manager
-
 ### Real-time discovery
 
 To discover endpoint vulnerabilities and misconfiguration, threat and vulnerability management uses the same agentless built-in Microsoft Defender ATP sensors to reduce cumbersome network scans and IT overhead.
 
 It also provides:
 
-- Real-time device inventory. Devices onboarded to Microsoft Defender ATP automatically report and push vulnerability and security configuration data to the dashboard.
-- Visibility into software and vulnerabilities. Optics into the organization's software inventory, and software changes like installations, uninstalls, and patches. Newly discovered vulnerabilities are reported with actionable mitigation recommendations for 1st and 3rd party applications.
-- Application runtime context. Visibility on application usage patterns for better prioritization and decision-making.
-- Configuration posture. Visibility into organizational security configuration or misconfigurations. Issues are reported in the dashboard with actionable security recommendations.
+- **Real-time device inventory** - Devices onboarded to Microsoft Defender ATP automatically report and push vulnerability and security configuration data to the dashboard.
+- **Visibility into software and vulnerabilities** - Optics into the organization's software inventory, and software changes like installations, uninstalls, and patches. Newly discovered vulnerabilities are reported with actionable mitigation recommendations for 1st and 3rd party applications.
+- **Application runtime context** - Visibility on application usage patterns for better prioritization and decision-making.
+- **Configuration posture** - Visibility into organizational security configuration or misconfigurations. Issues are reported in the dashboard with actionable security recommendations.
 
 ### Intelligence-driven prioritization
 
-Threat and vulnerability management helps customers prioritize and focus on those weaknesses that pose the most urgent and the highest risk to the organization. Rather than using static prioritization by severity scores, threat and vulnerability management highlights the most critical weaknesses that need attention. It fuses security recommendations with dynamic threat and business context:
+Threat and vulnerability management helps customers prioritize and focus on the weaknesses that pose the most urgent and the highest risk to the organization. It fuses security recommendations with dynamic threat and business context:
 
-- Exposing emerging attacks in the wild. Through its advanced cyber data and threat analytics platform, threat and vulnerability management dynamically aligns the prioritization of its security recommendations. It focuses on vulnerabilities currently being exploited in the wild and emerging threats that pose the highest risk.
-- Pinpointing active breaches. Microsoft Defender ATP correlates threat and vulnerability management and EDR insights to prioritize vulnerabilities being exploited in an active breach within the organization.
-- Protecting high-value assets. Microsoft Defender ATP's integration with Azure Information Protection allows threat and vulnerability management to identify the exposed devices with business-critical applications, confidential data, or high-value users.
+- **Exposing emerging attacks in the wild** - Dynamically aligns the prioritization of security recommendations. Threat and vulnerability management focuses on vulnerabilities currently being exploited in the wild and emerging threats that pose the highest risk.
+- **Pinpointing active breaches** - Correlates threat and vulnerability management and EDR insights to prioritize vulnerabilities being exploited in an active breach within the organization.
+- **Protecting high-value assets** - Identify the exposed devices with business-critical applications, confidential data, or high-value users.
 
 ### Seamless remediation
 
-Microsoft Defender ATP's threat and vulnerability management capability allows security administrators and IT administrators to collaborate seamlessly to remediate issues.
+Threat and vulnerability management allows security administrators and IT administrators to collaborate seamlessly to remediate issues.
 
-- Remediation requests to IT. Through Microsoft Defender ATP's integration with Microsoft Intune and Microsoft Endpoint Configuration Manager, security administrators can create a remediation task in Microsoft Intune from the Security recommendation pages. We plan to expand this capability to other IT security management platforms.
-- Alternate mitigations. Threat and vulnerability management provides insights on additional mitigations, such as configuration changes that can reduce risk associated with software vulnerabilities.
-- Real-time remediation status. Microsoft Defender ATP provides real-time monitoring of the status and progress of remediation activities across the organization.
+- **Remediation requests sent to IT** - Create a remediation task in Microsoft Intune from a specific security recommendation. We plan to expand this capability to other IT security management platforms.
+- **Alternate mitigations** - Gain insights on additional mitigations, such as configuration changes that can reduce risk associated with software vulnerabilities.
+- **Real-time remediation status** - Real-time monitoring of the status and progress of remediation activities across the organization.
 
-## Reduce organizational risk with threat and vulnerability management
+## Threat and vulnerability management walk-through
 
 Watch this video for a comprehensive walk-through of threat and vulnerability management.
 
 >[!VIDEO https://aka.ms/MDATP-TVM-Interactive-Guide]
 
-## Before you begin
+## Navigation pane
 
-Ensure that your devices:
-
-- Are onboarded to Microsoft Defender Advanced Threat Protection
-- Run [supported operating systems and platforms](tvm-supported-os.md)
-- Have the following mandatory updates installed and deployed in your network to boost your vulnerability assessment detection rates:
-
-> Release | Security update KB number and link
-> :---|:---
-> Windows 10 Version 1709 | [KB4493441](https://support.microsoft.com/help/4493441/windows-10-update-kb4493441) and [KB 4516071](https://support.microsoft.com/help/4516071/windows-10-update-kb4516071)
-> Windows 10 Version 1803 | [KB4493464](https://support.microsoft.com/help/4493464) and [KB 4516045](https://support.microsoft.com/help/4516045/windows-10-update-kb4516045)
-> Windows 10 Version 1809 | [KB 4516077](https://support.microsoft.com/help/4516077/windows-10-update-kb4516077)
-> Windows 10 Version 1903 | [KB 4512941](https://support.microsoft.com/help/4512941/windows-10-update-kb4512941)
-
-- Are onboarded to [Microsoft Intune](https://docs.microsoft.com/mem/intune/fundamentals/what-is-intune) and  [Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/mem/configmgr/protect/deploy-use/endpoint-protection-configure). If you're using Configuration Manager, update your console to the latest version.
-- Have at least one security recommendation that can be viewed in the device page
-- Are tagged or marked as co-managed
+Area | Description
+:---|:---
+**Dashboard**   | Get a high-level view of the organization exposure score, Microsoft Secure Score for Devices, device exposure distribution, top security recommendations, top vulnerable software, top remediation activities, and top exposed device data.
+[**Security recommendations**](tvm-security-recommendation.md) | See the list of security recommendations and related threat information. When you select an item from the list, a flyout panel opens with vulnerability details, a link to open the software page, and remediation and exception options. You can also open a ticket in Intune if your devices are joined through Azure Active Directory and you've enabled your Intune connections in Microsoft Defender ATP.
+[**Remediation**](tvm-remediation.md) | See remediation activities you've created and recommendation exceptions.
+[**Software inventory**](tvm-software-inventory.md) | See the list of vulnerable software in your organization, along with weakness and threat information.
+[**Weaknesses**](tvm-weaknesses.md) | See the list of common vulnerabilities and exposures (CVEs) in your organization.
+[**Event timeline**](threat-and-vuln-mgt-event-timeline.md) | View events that may impact your organization's risk.
 
 ## APIs
 
@@ -118,14 +103,4 @@ See the following articles for related APIs:
 
 - [Supported operating systems and platforms](tvm-supported-os.md)
 - [Threat and vulnerability management dashboard](tvm-dashboard-insights.md)
-- [Exposure score](tvm-exposure-score.md)
-- [Microsoft Secure Score for Devices](tvm-microsoft-secure-score-devices.md)
-- [Security recommendations](tvm-security-recommendation.md)
-- [Remediation and exception](tvm-remediation.md)
-- [Software inventory](tvm-software-inventory.md)
-- [Weaknesses](tvm-weaknesses.md)
-- [Event timeline](threat-and-vuln-mgt-event-timeline.md)
-- [Scenarios](threat-and-vuln-mgt-scenarios.md)
-- [APIs](next-gen-threat-and-vuln-mgt.md#apis)
-- [Configure data access for threat and vulnerability management roles](user-roles.md#create-roles-and-assign-the-role-to-an-azure-active-directory-group)
 - [BLOG: Microsoft's Threat & Vulnerability Management now helps thousands of customers to discover, prioritize, and remediate vulnerabilities in real time](https://www.microsoft.com/security/blog/2019/07/02/microsofts-threat-vulnerability-management-now-helps-thousands-of-customers-to-discover-prioritize-and-remediate-vulnerabilities-in-real-time/)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/non-windows.md b/windows/security/threat-protection/microsoft-defender-atp/non-windows.md
index 36cab9ff28..2de422a306 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/non-windows.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/non-windows.md
@@ -23,7 +23,7 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 
 Microsoft has been on a journey to extend its industry leading endpoint security
diff --git a/windows/security/threat-protection/microsoft-defender-atp/offboard-machine-api.md b/windows/security/threat-protection/microsoft-defender-atp/offboard-machine-api.md
index 6046e47262..19496bd97c 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/offboard-machine-api.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/offboard-machine-api.md
@@ -21,7 +21,7 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 
-**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 - Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/offboard-machines.md b/windows/security/threat-protection/microsoft-defender-atp/offboard-machines.md
index fdfda0129e..7d9a09d143 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/offboard-machines.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/offboard-machines.md
@@ -27,7 +27,7 @@ ms.topic: conceptual
 - Linux
 - Windows Server 2012 R2
 - Windows Server 2016
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 
 >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-offboarddevices-abovefoldlink)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/onboard-configure.md b/windows/security/threat-protection/microsoft-defender-atp/onboard-configure.md
index 3f37f66880..dab5b79f99 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/onboard-configure.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/onboard-configure.md
@@ -23,7 +23,7 @@ ms.topic: conceptual
 
 
 **Applies to:**
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 [!include[Prerelease information](../../includes/prerelease.md)]
 
@@ -40,6 +40,20 @@ In general, to onboard devices to the service:
 
 >[!VIDEO https://www.microsoft.com/en-us/videoplayer/embed/RE4bGqr]
 
+## Onboarding tool options
+The following table lists the available tools based on the endpoint that you need to onboard.
+
+| Endpoint     | Tool options                       |
+|--------------|------------------------------------------|
+| **Windows**  |  [Local script (up to 10 devices)](configure-endpoints-script.md) <br>  [Group Policy](configure-endpoints-gp.md) <br>  [Microsoft Endpoint Manager/ Mobile Device Manager](configure-endpoints-mdm.md) <br>   [Microsoft Endpoint Configuration Manager](configure-endpoints-sccm.md) <br> [VDI scripts](configure-endpoints-vdi.md)   |
+| **macOS**    | [Local scripts](mac-install-manually.md) <br> [Microsoft Endpoint Manager](mac-install-with-intune.md) <br> [JAMF Pro](mac-install-with-jamf.md) <br> [Mobile Device Management](mac-install-with-other-mdm.md) |
+| **Linux Server** | [Local script](linux-install-manually.md) <br> [Puppet](linux-install-with-puppet.md) <br> [Ansible](linux-install-with-ansible.md)|
+| **iOS**      | [App-based](ios-install.md)                                |
+| **Android**  | [Microsoft Endpoint Manager](android-intune.md)               | 
+
+
+
+
 ## In this section
 Topic | Description
 :---|:---
diff --git a/windows/security/threat-protection/microsoft-defender-atp/onboard-downlevel.md b/windows/security/threat-protection/microsoft-defender-atp/onboard-downlevel.md
index 86e8968854..ca403709b0 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/onboard-downlevel.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/onboard-downlevel.md
@@ -28,7 +28,7 @@ ms.topic: article
 - Windows 7 SP1 Pro
 - Windows 8.1 Pro
 - Windows 8.1 Enterprise
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 
 >Want to experience Microsoft Defender ATP? [Sign up for a free trial](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-downlevel-abovefoldlink).
diff --git a/windows/security/threat-protection/microsoft-defender-atp/onboard-offline-machines.md b/windows/security/threat-protection/microsoft-defender-atp/onboard-offline-machines.md
index cb3d0ee177..137f5c07bc 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/onboard-offline-machines.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/onboard-offline-machines.md
@@ -24,7 +24,7 @@ ms.topic: article
 
 
 **Applies to:**
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 To onboard devices without Internet access, you'll need to take the following general steps:
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/onboard.md b/windows/security/threat-protection/microsoft-defender-atp/onboard.md
index ca17dbdcd7..dc8e5dab0c 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/onboard.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/onboard.md
@@ -24,7 +24,7 @@ ms.topic: conceptual
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 Configure and manage all the Microsoft Defender ATP capabilities to get the best security protection for your organization. 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/onboarding-endpoint-configuration-manager.md b/windows/security/threat-protection/microsoft-defender-atp/onboarding-endpoint-configuration-manager.md
index d839dabec7..7435ab66b6 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/onboarding-endpoint-configuration-manager.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/onboarding-endpoint-configuration-manager.md
@@ -14,7 +14,8 @@ manager: dansimp
 audience: ITPro
 ms.collection: 
 - M365-security-compliance
-- m365solution-endpointprotect  
+- m365solution-endpointprotect
+- m365solution-scenario 
 ms.topic: article
 ---
 
@@ -23,18 +24,42 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
-## Collection creation
+This article is part of the Deployment guide and acts as an example onboarding method that guides users in:
+- Step 1: Onboarding Windows devices to the service 
+- Step 2: Configuring Microsoft Defender ATP capabilities
+
+This onboarding guidance will walk you through the following basic steps that you need to take when using Microsoft Endpoint Configuration Manager:
+- **Creating a collection in Microsoft Endpoint Configuration Manager**
+- **Configuring Microsoft Defender ATP capabilities using Microsoft Endpoint Configuration Manager**
+
+>[!NOTE]
+>Only Windows devices are covered in this example deployment. 
+
+While Microsoft Defender ATP supports onboarding of various endpoints and tools, this article does not cover them. 
+
+For information on general onboarding using other supported deployment tools and methods, see [Onboarding overview](onboarding.md).
+
+
+## Step 1: Onboard Windows devices using Microsoft Endpoint Configuration Manager
+
+### Collection creation
 To onboard Windows 10 devices with Microsoft Endpoint Configuration Manager, the
-deployment can target either and existing collection or a new collection can be
-created for testing. The onboarding like group policy or manual method does
-not install any agent on the system. Within the Configuration Manager console
+deployment can target an existing collection or a new collection can be
+created for testing. 
+
+Onboarding using tools such as Group policy or manual method does not install any agent on the system. 
+
+Within the Microsoft Endpoint Configuration Manager console
 the onboarding process will be configured as part of the compliance settings
-within the console. Any system that receives this required configuration will
+within the console.
+
+Any system that receives this required configuration will
 maintain that configuration for as long as the Configuration Manager client
-continues to receive this policy from the management point. Follow the steps
-below to onboard systems with Configuration Manager.
+continues to receive this policy from the management point. 
+
+Follow the steps below to onboard endpoints using Microsoft Endpoint Configuration Manager.
 
 1. In Microsoft Endpoint Configuration Manager console, navigate to **Assets and Compliance \> Overview \> Device Collections**.            
 
@@ -74,8 +99,17 @@ below to onboard systems with Configuration Manager.
 
 After completing this task, you now have a device collection with all the Windows 10 endpoints in the environment. 
 
-## Endpoint detection and response
-### Windows 10
+
+## Step 2: Configure Microsoft Defender ATP capabilities 
+This section guides you in configuring the following capabilities using Microsoft Endpoint Configuration Manager on Windows devices:
+
+- [**Endpoint detection and response**](#endpoint-detection-and-response)
+- [**Next-generation protection**](#next-generation-protection)
+- [**Attack surface reduction**](#attack-surface-reduction)
+
+
+### Endpoint detection and response
+#### Windows 10
 From within the Microsoft Defender Security Center it is possible to download
 the '.onboarding' policy that can be used to create the policy in System Center Configuration
 Manager and deploy that policy to Windows 10 devices.
@@ -131,7 +165,7 @@ Manager and deploy that policy to Windows 10 devices.
     ![Image of configuration settings](images/configmgr-select-collection.png)
 
 
-### Previous versions of Windows Client (Windows 7 and Windows 8.1)
+#### Previous versions of Windows Client (Windows 7 and Windows 8.1)
 Follow the steps below to identify the Microsoft Defender ATP Workspace ID and Workspace Key, that will be required for the onboarding of previous versions of Windows.
 
 1. From a Microsoft Defender Security Center Portal, select **Settings > Onboarding**.
@@ -182,7 +216,7 @@ Follow the steps below to identify the Microsoft Defender ATP Workspace ID and W
 
 Once completed, you should see onboarded endpoints in the portal within an hour.
 
-## Next generation protection 
+### Next generation protection 
 Microsoft Defender Antivirus is a built-in antimalware solution that provides next generation protection for desktops, portable computers, and servers.
 
 1. In the Microsoft Endpoint Configuration Manager console, navigate to **Assets and Compliance \> Overview \> Endpoint Protection \> Antimalware Polices** and choose **Create Antimalware Policy**.
@@ -229,7 +263,7 @@ needs on how Antivirus is configured.
 After completing this task, you now have successfully configured Windows
 Defender Antivirus.
 
-## Attack surface reduction
+### Attack surface reduction
 The attack surface reduction pillar of Microsoft Defender ATP includes the feature set that is available under Exploit Guard. Attack surface reduction (ASR) rules, Controlled Folder Access, Network Protection and Exploit
 Protection. 
 
@@ -294,7 +328,7 @@ See [Optimize ASR rule deployment and
 detections](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/configure-machines-asr)   for more details.  
 
 
-### To set Network Protection rules in Audit mode:
+#### Set Network Protection rules in Audit mode:
 1. In the Microsoft Endpoint Configuration Manager console, navigate to **Assets and  Compliance \> Overview \> Endpoint Protection \> Windows Defender Exploit Guard** and choose **Create Exploit Guard Policy**.
 
     ![A screenshot System Center Configuration Manager](images/728c10ef26042bbdbcd270b6343f1a8a.png)
@@ -324,7 +358,7 @@ detections](https://docs.microsoft.com/windows/security/threat-protection/micros
 After completing this task, you now have successfully configured Network
 Protection in audit mode.
 
-### To set Controlled Folder Access rules in Audit mode:
+#### To set Controlled Folder Access rules in Audit mode:
 
 1. In the Microsoft Endpoint Configuration Manager console, navigate to **Assets and Compliance \> Overview \> Endpoint Protection \> Windows Defender Exploit Guard** and choose **Create Exploit Guard Policy**.
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/onboarding-endpoint-manager.md b/windows/security/threat-protection/microsoft-defender-atp/onboarding-endpoint-manager.md
index 31593b47cc..29548856da 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/onboarding-endpoint-manager.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/onboarding-endpoint-manager.md
@@ -14,7 +14,8 @@ manager: dansimp
 audience: ITPro
 ms.collection: 
 - M365-security-compliance
-- m365solution-endpointprotect  
+- m365solution-endpointprotect
+- m365solution-scenario 
 ms.topic: article
 ---
 
@@ -23,27 +24,28 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 
-In this section, we will be using Microsoft Endpoint Manager (MEM) to deploy
-Microsoft Defender ATP to your endpoints.
-
-For more information about MEM, check out these resources:
-- [Microsoft Endpoint Manager page](https://docs.microsoft.com/mem/)
-- [Blog post on convergence of Intune and ConfigMgr](https://www.microsoft.com/microsoft-365/blog/2019/11/04/use-the-power-of-cloud-intelligence-to-simplify-and-accelerate-it-and-the-move-to-a-modern-workplace/)
-- [Introduction video on MEM](https://www.microsoft.com/microsoft-365/blog/2019/11/04/use-the-power-of-cloud-intelligence-to-simplify-and-accelerate-it-and-the-move-to-a-modern-workplace)
 
 
-This process is a multi-step process, you'll need to:
+This article is part of the Deployment guide and acts as an example onboarding method that guides users in:
+- Step 1: Onboarding devices to the service by creating a group in Microsoft Endpoint Manager (MEM) to assign configurations on
+- Step 2: Configuring Microsoft Defender ATP capabilities using Microsoft Endpoint Manager
 
--   Identify target devices or users
+This onboarding guidance will walk you through the following basic steps that you need to take when using Microsoft Endpoint Manager:
 
-    -   Create an Azure Active Directory group (User or Device)
+-   [Identifying target devices or users](#identify-target-devices-or-users)
 
--   Create a Configuration Profile
+    -   Creating an Azure Active Directory group (User or Device)
 
-    -   In MEM, we'll guide you in creating a separate policy for each feature
+-   [Creating a Configuration Profile](#step-2-create-configuration-policies-to-configure-microsoft-defender-atp-capabilities)
+
+    -   In Microsoft Endpoint Manager, we'll guide you in creating a separate policy for each capability.
+
+While Microsoft Defender ATP supports onboarding of various endpoints and tools, this article does not cover them. 
+
+For information on general onboarding using other supported deployment tools and methods, see [Onboarding overview](onboarding.md).
 
 ## Resources
 
@@ -56,7 +58,13 @@ Here are the links you'll need for the rest of the process:
 
 -   [Intune Security baselines](https://docs.microsoft.com/mem/intune/protect/security-baseline-settings-defender-atp#microsoft-defender)
 
-## Identify target devices or users
+For more information about Microsoft Endpoint Manager, check out these resources:
+- [Microsoft Endpoint Manager page](https://docs.microsoft.com/mem/)
+- [Blog post on convergence of Intune and ConfigMgr](https://www.microsoft.com/microsoft-365/blog/2019/11/04/use-the-power-of-cloud-intelligence-to-simplify-and-accelerate-it-and-the-move-to-a-modern-workplace/)
+- [Introduction video on MEM](https://www.microsoft.com/microsoft-365/blog/2019/11/04/use-the-power-of-cloud-intelligence-to-simplify-and-accelerate-it-and-the-move-to-a-modern-workplace)
+
+## Step 1: Onboard devices by creating a group in MEM to assign configurations on
+### Identify target devices or users
 In this section, we will create a test group to assign your configurations on.
 
 >[!NOTE]
@@ -71,11 +79,13 @@ needs.<br>
 
 2.  Open **Groups > New Group**.
 
-    ![Image of Microsoft Endpoint Manager portal](images/66f724598d9c3319cba27f79dd4617a4.png)
+    > [!div class="mx-imgBorder"]
+    > ![Image of Microsoft Endpoint Manager portal](images/66f724598d9c3319cba27f79dd4617a4.png)
 
 3.  Enter details and create a new group.
 
-    ![Image of Microsoft Endpoint Manager portal](images/b1e0206d675ad07db218b63cd9b9abc3.png)
+    > [!div class="mx-imgBorder"]
+    > ![Image of Microsoft Endpoint Manager portal](images/b1e0206d675ad07db218b63cd9b9abc3.png)
 
 4.  Add your test user or device.
 
@@ -85,15 +95,23 @@ needs.<br>
 
 7.  Find your test user or device and select it.
 
-    ![Image of Microsoft Endpoint Manager portal](images/149cbfdf221cdbde8159d0ab72644cd0.png)
+    > [!div class="mx-imgBorder"]
+    > ![Image of Microsoft Endpoint Manager portal](images/149cbfdf221cdbde8159d0ab72644cd0.png)
 
 8.  Your testing group now has a member to test.
 
-## Create configuration policies
+## Step 2: Create configuration policies to configure Microsoft Defender ATP capabilities
 In the following section, you'll create a number of configuration policies.
+
 First is a configuration policy to select which groups of users or devices will
-be onboarded to Microsoft Defender ATP. Then you will continue by creating several
-different types of Endpoint security policies.
+be onboarded to Microsoft Defender ATP. 
+
+Then you will continue by creating several
+different types of endpoint security policies.
+
+- [Endpoint detection and response](#endpoint-detection-and-response)
+- [Next-generation protection](#next-generation-protection)
+- [Attack surface reduction](#attack-surface-reduction--attack-surface-reduction-rules)
 
 ### Endpoint detection and response
 
@@ -102,40 +120,48 @@ different types of Endpoint security policies.
 2.  Navigate to **Endpoint security > Endpoint detection and response**. Click
     on **Create Profile**.
 
-    ![Image of Microsoft Endpoint Manager portal](images/58dcd48811147feb4ddc17212b7fe840.png)
+    > [!div class="mx-imgBorder"]
+    > ![Image of Microsoft Endpoint Manager portal](images/58dcd48811147feb4ddc17212b7fe840.png)
 
 3.  Under **Platform, select Windows 10 and Later, Profile - Endpoint detection
     and response > Create**.
 
 4.  Enter a name and description, then select  **Next**.
 
-    ![Image of Microsoft Endpoint Manager portal](images/a5b2d23bdd50b160fef4afd25dda28d4.png)
+    > [!div class="mx-imgBorder"]
+    > ![Image of Microsoft Endpoint Manager portal](images/a5b2d23bdd50b160fef4afd25dda28d4.png)
 
 5.  Select settings as required, then select  **Next**.
 
-    ![Image of Microsoft Endpoint Manager portal](images/cea7e288b5d42a9baf1aef0754ade910.png)
+    > [!div class="mx-imgBorder"]
+    > ![Image of Microsoft Endpoint Manager portal](images/cea7e288b5d42a9baf1aef0754ade910.png)
 
-    >[!NOTE]
-    >In this instance, this has been auto populated as Microsoft Defender ATP has already been integrated with Intune. For more information on the integration, see [Enable Microsoft Defender ATP in Intune](https://docs.microsoft.com/mem/intune/protect/advanced-threat-protection-configure#to-enable-microsoft-defender-atp). <br>
-    
-
-    ![Image of Microsoft Endpoint Manager portal](images/2466460812371ffae2d19a10c347d6f4.png)
+    > [!NOTE]
+    > In this instance, this has been auto populated as Microsoft Defender ATP has already been integrated with Intune. For more information on the integration, see [Enable Microsoft Defender ATP in Intune](https://docs.microsoft.com/mem/intune/protect/advanced-threat-protection-configure#to-enable-microsoft-defender-atp).
+    > 
+    > The following image is an example of what you'll see when Microsoft Defender ATP is NOT integrated with Intune:
+    >
+    > ![Image of Microsoft Endpoint Manager portal](images/2466460812371ffae2d19a10c347d6f4.png)
 
 6.  Add scope tags if necessary, then select  **Next**.
 
-    ![Image of Microsoft Endpoint Manager portal](images/ef844f52ec2c0d737ce793f68b5e8408.png)
+    > [!div class="mx-imgBorder"]
+    > ![Image of Microsoft Endpoint Manager portal](images/ef844f52ec2c0d737ce793f68b5e8408.png)
 
 7.  Add test group by clicking on **Select groups to include** and choose your group, then select  **Next**.
 
-    ![Image of Microsoft Endpoint Manager portal](images/fc3525e20752da026ec9f46ab4fec64f.png)
+    > [!div class="mx-imgBorder"]
+    > ![Image of Microsoft Endpoint Manager portal](images/fc3525e20752da026ec9f46ab4fec64f.png)
 
 8.  Review and accept, then select  **Create**.
 
-    ![Image of Microsoft Endpoint Manager portal](images/289172dbd7bd34d55d24810d9d4d8158.png)
+    > [!div class="mx-imgBorder"]
+    > ![Image of Microsoft Endpoint Manager portal](images/289172dbd7bd34d55d24810d9d4d8158.png)
 
 9.  You can view your completed policy.
 
-    ![Image of Microsoft Endpoint Manager portal](images/5a568b6878be8243ea2b9d82d41ed297.png)
+    > [!div class="mx-imgBorder"]
+    > ![Image of Microsoft Endpoint Manager portal](images/5a568b6878be8243ea2b9d82d41ed297.png)
 
 ### Next-generation protection
 
@@ -143,36 +169,43 @@ different types of Endpoint security policies.
 
 2.  Navigate to **Endpoint security > Antivirus > Create Policy**.
 
-    ![Image of Microsoft Endpoint Manager portal](images/6b728d6e0d71108d768e368b416ff8ba.png)
+    > [!div class="mx-imgBorder"]
+    > ![Image of Microsoft Endpoint Manager portal](images/6b728d6e0d71108d768e368b416ff8ba.png)
 
 3.  Select **Platform - Windows 10 and Later - Windows and Profile – Microsoft
     Defender Antivirus > Create**.
 
 4.  Enter name and description, then select  **Next**.
 
-    ![Image of Microsoft Endpoint Manager portal](images/a7d738dd4509d65407b7d12beaa3e917.png)
+    > [!div class="mx-imgBorder"]
+    > ![Image of Microsoft Endpoint Manager portal](images/a7d738dd4509d65407b7d12beaa3e917.png)
 
 5.  In the **Configuration settings page**: Set the configurations you require for
     Microsoft Defender Antivirus (Cloud Protection, Exclusions, Real-Time
     Protection, and Remediation).
 
-    ![Image of Microsoft Endpoint Manager portal](images/3840b1576d6f79a1d72eb14760ef5e8c.png)
+    > [!div class="mx-imgBorder"]
+    > ![Image of Microsoft Endpoint Manager portal](images/3840b1576d6f79a1d72eb14760ef5e8c.png)
 
 6.  Add scope tags if necessary, then select  **Next**.
 
-    ![Image of Microsoft Endpoint Manager portal](images/2055e4f9b9141525c0eb681e7ba19381.png)
+    > [!div class="mx-imgBorder"]
+    > ![Image of Microsoft Endpoint Manager portal](images/2055e4f9b9141525c0eb681e7ba19381.png)
 
 7.  Select groups to include, assign to your test group, then select  **Next**.
 
-    ![Image of Microsoft Endpoint Manager portal](images/48318a51adee06bff3908e8ad4944dc9.png)
+    > [!div class="mx-imgBorder"]
+    > ![Image of Microsoft Endpoint Manager portal](images/48318a51adee06bff3908e8ad4944dc9.png)
 
 8.  Review and create, then select  **Create**.
 
-    ![Image of Microsoft Endpoint Manager portal](images/dfdadab79112d61bd3693d957084b0ec.png)
+    > [!div class="mx-imgBorder"]
+    > ![Image of Microsoft Endpoint Manager portal](images/dfdadab79112d61bd3693d957084b0ec.png)
 
 9.  You'll see the configuration policy you created.
 
-    ![Image of Microsoft Endpoint Manager portal](images/38180219e632d6e4ec7bd25a46398da8.png)
+    > [!div class="mx-imgBorder"]
+    > ![Image of Microsoft Endpoint Manager portal](images/38180219e632d6e4ec7bd25a46398da8.png)
 
 ### Attack Surface Reduction – Attack surface reduction rules
 
@@ -185,37 +218,44 @@ different types of Endpoint security policies.
 4.  Select **Platform - Windows 10 and Later – Profile - Attack surface reduction
     rules > Create**.
 
-    ![Image of Microsoft Endpoint Manager portal](images/522d9bb4288dc9c1a957392b51384fdd.png)
+    > [!div class="mx-imgBorder"]
+    > ![Image of Microsoft Endpoint Manager portal](images/522d9bb4288dc9c1a957392b51384fdd.png)
 
 5.  Enter a name and description, then select  **Next**.
 
-    ![Image of Microsoft Endpoint Manager portal](images/a5a71fd73ec389f3cdce6d1a6bd1ff31.png)
+    > [!div class="mx-imgBorder"]
+    > ![Image of Microsoft Endpoint Manager portal](images/a5a71fd73ec389f3cdce6d1a6bd1ff31.png)
 
 6.  In the **Configuration settings page**: Set the configurations you require for
     Attack surface reduction rules, then select  **Next**.
 
-    >[!NOTE]
-    >We will be configuring all of the Attack surface reduction rules to Audit.
+    > [!NOTE]
+    > We will be configuring all of the Attack surface reduction rules to Audit.
+    > 
+    > For more information, see [Attack surface reduction rules](attack-surface-reduction.md).
 
-    For more information, see [Attack surface reduction rules](attack-surface-reduction.md).
-
-    ![Image of Microsoft Endpoint Manager portal](images/dd0c00efe615a64a4a368f54257777d0.png)
+    > [!div class="mx-imgBorder"]
+    > ![Image of Microsoft Endpoint Manager portal](images/dd0c00efe615a64a4a368f54257777d0.png)
 
 7.  Add Scope Tags as required, then select  **Next**.
 
-    ![Image of Microsoft Endpoint Manager portal](images/6daa8d347c98fe94a0d9c22797ff6f28.png)
+    > [!div class="mx-imgBorder"]
+    > ![Image of Microsoft Endpoint Manager portal](images/6daa8d347c98fe94a0d9c22797ff6f28.png)
 
 8.  Select groups to include and assign to test group, then select  **Next**.
 
-    ![Image of Microsoft Endpoint Manager portal](images/45cefc8e4e474321b4d47b4626346597.png)
+    > [!div class="mx-imgBorder"]
+    > ![Image of Microsoft Endpoint Manager portal](images/45cefc8e4e474321b4d47b4626346597.png)
 
 9. Review the details, then select  **Create**.
 
-    ![Image of Microsoft Endpoint Manager portal](images/2c2e87c5fedc87eba17be0cdeffdb17f.png)
+    > [!div class="mx-imgBorder"]
+    > ![Image of Microsoft Endpoint Manager portal](images/2c2e87c5fedc87eba17be0cdeffdb17f.png)
 
 10. View the policy.
 
-    ![Image of Microsoft Endpoint Manager portal](images/7a631d17cc42500dacad4e995823ffef.png)
+    > [!div class="mx-imgBorder"]
+    > ![Image of Microsoft Endpoint Manager portal](images/7a631d17cc42500dacad4e995823ffef.png)
 
 ### Attack Surface Reduction – Web Protection
 
@@ -227,37 +267,44 @@ different types of Endpoint security policies.
 
 4.  Select **Windows 10 and Later – Web protection > Create**.
 
-    ![Image of Microsoft Endpoint Manager portal](images/cd7b5a1cbc16cc05f878cdc99ba4c27f.png)
+    > [!div class="mx-imgBorder"]
+    > ![Image of Microsoft Endpoint Manager portal](images/cd7b5a1cbc16cc05f878cdc99ba4c27f.png)
 
 5.  Enter a name and description, then select  **Next**.
 
-    ![Image of Microsoft Endpoint Manager portal](images/5be573a60cd4fa56a86a6668b62dd808.png)
+    > [!div class="mx-imgBorder"]
+    > ![Image of Microsoft Endpoint Manager portal](images/5be573a60cd4fa56a86a6668b62dd808.png)
 
 6.  In the **Configuration settings page**: Set the configurations you require for
    Web Protection, then select  **Next**.
 
-    >[!NOTE]
-    >We are configuring Web Protection to Block.
+    > [!NOTE]
+    > We are configuring Web Protection to Block.
+    > 
+    > For more information, see [Web Protection](web-protection-overview.md).
 
-    For more information, see [Web Protection](web-protection-overview.md).
-
-    ![Image of Microsoft Endpoint Manager portal](images/6104aa33a56fab750cf30ecabef9f5b6.png)
+    > [!div class="mx-imgBorder"]
+    > ![Image of Microsoft Endpoint Manager portal](images/6104aa33a56fab750cf30ecabef9f5b6.png)
 
 7.  Add **Scope Tags as required > Next**.
 
-    ![Image of Microsoft Endpoint Manager portal](images/6daa8d347c98fe94a0d9c22797ff6f28.png)
+    > [!div class="mx-imgBorder"]
+    > ![Image of Microsoft Endpoint Manager portal](images/6daa8d347c98fe94a0d9c22797ff6f28.png)
 
 8.  Select **Assign to test group > Next**.
 
-    ![Image of Microsoft Endpoint Manager portal](images/45cefc8e4e474321b4d47b4626346597.png)
+    > [!div class="mx-imgBorder"]
+    > ![Image of Microsoft Endpoint Manager portal](images/45cefc8e4e474321b4d47b4626346597.png)
 
 9.  Select **Review and Create > Create**.
 
-    ![Image of Microsoft Endpoint Manager portal](images/8ee0405f1a96c23d2eb6f737f11c1ae5.png)
+    > [!div class="mx-imgBorder"]
+    > ![Image of Microsoft Endpoint Manager portal](images/8ee0405f1a96c23d2eb6f737f11c1ae5.png)
 
 10. View the policy.
 
-    ![Image of Microsoft Endpoint Manager portal](images/e74f6f6c150d017a286e6ed3dffb7757.png)
+    > [!div class="mx-imgBorder"]
+    > ![Image of Microsoft Endpoint Manager portal](images/e74f6f6c150d017a286e6ed3dffb7757.png)
 
 ## Validate configuration settings
 
@@ -274,26 +321,31 @@ To confirm that the configuration policy has been applied to your test device, f
 1.  Open the MEM portal and navigate to the relevant policy as shown in the
     steps above. The following example shows the next generation protection settings.
 
-    ![Image of Microsoft Endpoint Manager portal](images/43ab6aa74471ee2977e154a4a5ef2d39.png)
+    > [!div class="mx-imgBorder"]
+    > [ ![Image of Microsoft Endpoint Manager portal](images/43ab6aa74471ee2977e154a4a5ef2d39.png) ](images/43ab6aa74471ee2977e154a4a5ef2d39.png#lightbox)
 
 2.  Select  the **Configuration Policy** to view the policy status.
 
-    ![Image of Microsoft Endpoint Manager portal](images/55ecaca0e4a022f0e29d45aeed724e6c.png)
+    > [!div class="mx-imgBorder"]
+    > [ ![Image of Microsoft Endpoint Manager portal](images/55ecaca0e4a022f0e29d45aeed724e6c.png) ](images/55ecaca0e4a022f0e29d45aeed724e6c.png#lightbox)
 
 3.  Select  **Device Status** to see the status.
 
-    ![Image of Microsoft Endpoint Manager portal](images/18a50df62cc38749000dbfb48e9a4c9b.png)
+    > [!div class="mx-imgBorder"]
+    > [ ![Image of Microsoft Endpoint Manager portal](images/18a50df62cc38749000dbfb48e9a4c9b.png) ](images/18a50df62cc38749000dbfb48e9a4c9b.png#lightbox)
 
 4.  Select  **User Status** to see the status.
 
-    ![Image of Microsoft Endpoint Manager portal](images/4e965749ff71178af8873bc91f9fe525.png)
+    > [!div class="mx-imgBorder"]
+    > [ ![Image of Microsoft Endpoint Manager portal](images/4e965749ff71178af8873bc91f9fe525.png) ](images/4e965749ff71178af8873bc91f9fe525.png#lightbox)
 
 5.  Select  **Per-setting status** to see the status.
 
     >[!TIP]
     >This view is very useful to identify any settings that conflict with another policy.
 
-    ![Image of Microsoft Endpoint Manager portal](images/42acc69d0128ed09804010bdbdf0a43c.png)
+    > [!div class="mx-imgBorder"]
+    > [ ![Image of Microsoft Endpoint Manager portal](images/42acc69d0128ed09804010bdbdf0a43c.png) ](images/42acc69d0128ed09804010bdbdf0a43c.png#lightbox)
 
 ### Endpoint detection and response
 
@@ -301,33 +353,38 @@ To confirm that the configuration policy has been applied to your test device, f
 1.  Before applying the configuration, the Microsoft Defender ATP
     Protection service should not be started.
 
-    ![Image of Services panel](images/b418a232a12b3d0a65fc98248dbb0e31.png)
+    > [!div class="mx-imgBorder"]
+    > [ ![Image of Services panel](images/b418a232a12b3d0a65fc98248dbb0e31.png) ](images/b418a232a12b3d0a65fc98248dbb0e31.png#lightbox)
 
 2.  After the configuration has been applied, the Microsoft Defender ATP
     Protection Service should be started.
 
-    ![Image of Services panel](images/a621b699899f1b41db211170074ea59e.png)
+    > [!div class="mx-imgBorder"]
+    > [ ![Image of Services panel](images/a621b699899f1b41db211170074ea59e.png) ](images/a621b699899f1b41db211170074ea59e.png#lightbox)
 
 3.  After the services are running on the device, the device appears in Microsoft
     Defender Security Center.
 
-    ![Image of Microsoft Defender Security Center](images/df0c64001b9219cfbd10f8f81a273190.png)
+    > [!div class="mx-imgBorder"]
+    > [ ![Image of Microsoft Defender Security Center](images/df0c64001b9219cfbd10f8f81a273190.png) ](images/df0c64001b9219cfbd10f8f81a273190.png#lightbox)
 
 ### Next-generation protection
 
 1.  Before applying the policy on a test device, you should be able to manually
     manage the settings as shown below.
 
-    ![Image of setting page](images/88efb4c3710493a53f2840c3eac3e3d3.png)
+    > [!div class="mx-imgBorder"]
+    > ![Image of setting page](images/88efb4c3710493a53f2840c3eac3e3d3.png)
 
 2.  After the policy has been applied, you should not be able to manually manage
     the settings.
 
-    >[!NOTE]
+    > [!NOTE]
     > In the following image **Turn on cloud-delivered protection** and
-    **Turn on real-time protection** are being shown as managed.
+    > **Turn on real-time protection** are being shown as managed.
 
-    ![Image of setting page](images/9341428b2d3164ca63d7d4eaa5cff642.png)
+    > [!div class="mx-imgBorder"]
+    > ![Image of setting page](images/9341428b2d3164ca63d7d4eaa5cff642.png)
 
 ### Attack Surface Reduction – Attack surface reduction rules
 
@@ -336,11 +393,11 @@ To confirm that the configuration policy has been applied to your test device, f
 
 2.  This should respond with the following lines with no content:
 
-    AttackSurfaceReductionOnlyExclusions:
-
-    AttackSurfaceReductionRules_Actions:
-
-    AttackSurfaceReductionRules_Ids:
+    > AttackSurfaceReductionOnlyExclusions:
+    > 
+    > AttackSurfaceReductionRules_Actions:
+    > 
+    > AttackSurfaceReductionRules_Ids:
 
     ![Image of command line](images/cb0260d4b2636814e37eee427211fe71.png)
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/onboarding-notification.md b/windows/security/threat-protection/microsoft-defender-atp/onboarding-notification.md
index 7052df6942..30c80bb608 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/onboarding-notification.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/onboarding-notification.md
@@ -23,7 +23,7 @@ ms.topic: article
 
 
 **Applies to:**
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 Create a notification rule so that when a local onboarding or offboardiing script is used, you'll be notified. 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/onboarding.md b/windows/security/threat-protection/microsoft-defender-atp/onboarding.md
index feeca610db..f26781b856 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/onboarding.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/onboarding.md
@@ -1,6 +1,6 @@
 ---
 title: Onboard to the Microsoft Defender ATP service
-description: 
+description: Learn how to onboard endpoints to Microsoft Defender ATP service
 keywords: 
 search.product: eADQiWindows 10XVcnh
 ms.prod: w10
@@ -14,7 +14,8 @@ manager: dansimp
 audience: ITPro
 ms.collection: 
 - M365-security-compliance
-- m365solution-endpointprotect  
+- m365solution-endpointprotect
+- m365solution-scenario  
 ms.topic: article
 ---
 
@@ -23,7 +24,7 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 
 Deploying Microsoft Defender ATP is a three-phase process:
@@ -43,28 +44,51 @@ Deploying Microsoft Defender ATP is a three-phase process:
     </td>
     <td align="center" bgcolor="#d5f5e3">
       <a href="https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/onboarding">
-        <img src="images/onboard.png" alt="Onboard" title="Onboard to the Microsoft Defender ATP service" />
+        <img src="images/onboard.png" alt="Onboard diagram" title="Onboard to the Microsoft Defender ATP service" />
       <br/>Phase 3: Onboard </a><br>
 </td>
 
 
   </tr>
 </table>
+
 You are currently in the onboarding phase.
 
+These are the steps you need to take to deploy Microsoft Defender ATP:
+
+- Step 1: Onboard endpoints to the service 
+- Step 2: Configure capabilities 
+
+## Step 1: Onboard endpoints using any of the supported management tools
+The [Plan deployment](deployment-strategy.md) topic outlines the general steps you need to take to deploy Microsoft Defender ATP.  
+
+After identifying your architecture, you'll need to decide which deployment method to use. The deployment tool you choose influences how you onboard endpoints to the service. 
+
+### Onboarding tool options
+
+The following table lists the available tools based on the endpoint that you need to onboard.
+
+| Endpoint     | Tool options                       |
+|--------------|------------------------------------------|
+| **Windows**  |  [Local script (up to 10 devices)](configure-endpoints-script.md) <br>  [Group Policy](configure-endpoints-gp.md) <br>  [Microsoft Endpoint Manager/ Mobile Device Manager](configure-endpoints-mdm.md) <br>   [Microsoft Endpoint Configuration Manager](configure-endpoints-sccm.md) <br> [VDI scripts](configure-endpoints-vdi.md)   |
+| **macOS**    | [Local scripts](mac-install-manually.md) <br> [Microsoft Endpoint Manager](mac-install-with-intune.md) <br> [JAMF Pro](mac-install-with-jamf.md) <br> [Mobile Device Management](mac-install-with-other-mdm.md) |
+| **Linux Server** | [Local script](linux-install-manually.md) <br> [Puppet](linux-install-with-puppet.md) <br> [Ansible](linux-install-with-ansible.md)|
+| **iOS**      | [App-based](ios-install.md)                                |
+| **Android**  | [Microsoft Endpoint Manager](android-intune.md)               | 
 
 
-To deploy Microsoft Defender ATP, you'll need to onboard devices to the service.
-
-Depending on the architecture of your environment, you'll need to use the appropriate management tool that best suites your requirements. 
-
-After onboarding the devices, you'll then configure the various capabilities such as endpoint detection and response, next-generation protection, and attack surface reduction. 
+## Step 2: Configure capabilities
+After onboarding the endpoints, you'll then configure the various capabilities such as endpoint detection and response, next-generation protection, and attack surface reduction. 
 
 
-This article provides resources to guide you on:
-- Using various management tools to onboard devices
-    - [Onboarding using Microsoft Endpoint Configuration Manager](onboarding-endpoint-configuration-manager.md)
-    - [Onboarding using Microsoft Endpoint Manager](onboarding-endpoint-manager.md)
+## Example deployments
+In this deployment guide, we'll guide you through using two deployment tools to onboard endpoints and how to configure capabilities.
+
+The tools in the example deployments are:
+- [Onboarding using Microsoft Endpoint Configuration Manager](onboarding-endpoint-configuration-manager.md)
+- [Onboarding using Microsoft Endpoint Manager](onboarding-endpoint-manager.md)
+
+Using the mentioned deployment tools above, you'll then be guided in configuring the following Microsoft Defender ATP capabilities:
 - Endpoint detection and response configuration
 - Next-generation protection configuration
 - Attack surface reduction configuration
diff --git a/windows/security/threat-protection/microsoft-defender-atp/overview-attack-surface-reduction.md b/windows/security/threat-protection/microsoft-defender-atp/overview-attack-surface-reduction.md
index 3996f745b3..6af7ba9c0f 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/overview-attack-surface-reduction.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/overview-attack-surface-reduction.md
@@ -26,7 +26,7 @@ ms.topic: conceptual
 
 **Applies to:**
 
-* [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+* [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 Help reduce your attack surfaces, by minimizing the places where your organization is vulnerable to cyberthreats and attacks. Use the following resources to configure protection for the devices and applications in your organization.
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/overview-custom-detections.md b/windows/security/threat-protection/microsoft-defender-atp/overview-custom-detections.md
index a6bc0dc2a2..3e8077b6b8 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/overview-custom-detections.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/overview-custom-detections.md
@@ -23,7 +23,7 @@ ms.topic: conceptual
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 With custom detections, you can proactively monitor for and respond to various events and system states, including suspected breach activity and misconfigured devices. You can do this with customizable detection rules that automatically trigger alerts and response actions.
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/overview-endpoint-detection-response.md b/windows/security/threat-protection/microsoft-defender-atp/overview-endpoint-detection-response.md
index 4c1e39e0e5..0f3c036938 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/overview-endpoint-detection-response.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/overview-endpoint-detection-response.md
@@ -25,7 +25,7 @@ ms.topic: conceptual
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 Microsoft Defender ATP endpoint detection and response capabilities provide advanced attack detections that are near real-time and actionable. Security analysts can prioritize alerts effectively, gain visibility into the full scope of a breach, and take response actions to remediate threats.
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/overview-hardware-based-isolation.md b/windows/security/threat-protection/microsoft-defender-atp/overview-hardware-based-isolation.md
index cf352dd917..8b32269fe0 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/overview-hardware-based-isolation.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/overview-hardware-based-isolation.md
@@ -22,7 +22,7 @@ ms.date: 09/07/2018
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 
-**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 Hardware-based isolation helps protect system integrity in Windows 10 and is integrated with Microsoft Defender ATP. 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/partner-applications.md b/windows/security/threat-protection/microsoft-defender-atp/partner-applications.md
index 40d005db5a..19b0432ed6 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/partner-applications.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/partner-applications.md
@@ -24,7 +24,7 @@ ms.topic: conceptual
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 
 Microsoft Defender ATP supports third-party applications to help enhance the detection, investigation, and threat intelligence capabilities of the platform.
diff --git a/windows/security/threat-protection/microsoft-defender-atp/partner-integration.md b/windows/security/threat-protection/microsoft-defender-atp/partner-integration.md
index 7c6e64db5c..efb88424f7 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/partner-integration.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/partner-integration.md
@@ -24,7 +24,7 @@ ms.topic: conceptual
 
 
 **Applies to:** 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 > Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/portal-overview.md b/windows/security/threat-protection/microsoft-defender-atp/portal-overview.md
index f8d7446a76..699cc87da7 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/portal-overview.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/portal-overview.md
@@ -23,7 +23,7 @@ ms.topic: conceptual
 
 
 **Applies to:**
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-portaloverview-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/post-ti-indicator.md b/windows/security/threat-protection/microsoft-defender-atp/post-ti-indicator.md
index 7525f68b6e..f74d49ee22 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/post-ti-indicator.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/post-ti-indicator.md
@@ -21,7 +21,7 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 
-**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 - Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/preferences-setup.md b/windows/security/threat-protection/microsoft-defender-atp/preferences-setup.md
index f5f432ad15..59653a5fc2 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/preferences-setup.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/preferences-setup.md
@@ -23,7 +23,7 @@ ms.topic: article
 
 
 **Applies to:**
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-prefsettings-abovefoldlink)
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/prepare-deployment.md b/windows/security/threat-protection/microsoft-defender-atp/prepare-deployment.md
index 1217b7de99..c0279badc8 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/prepare-deployment.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/prepare-deployment.md
@@ -15,7 +15,8 @@ manager: dansimp
 audience: ITPro
 ms.collection: 
 - M365-security-compliance
-- m365solution-endpointprotect 
+- m365solution-endpointprotect
+- m365solution-scenario 
 ms.topic: article 
 ---
 
@@ -25,7 +26,7 @@ ms.topic: article
 
 
 **Applies to:**
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/preview-settings.md b/windows/security/threat-protection/microsoft-defender-atp/preview-settings.md
index f031b9edd9..0609532537 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/preview-settings.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/preview-settings.md
@@ -22,7 +22,7 @@ ms.topic: article
 
 
 **Applies to:**
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-previewsettings-abovefoldlink)
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/preview.md b/windows/security/threat-protection/microsoft-defender-atp/preview.md
index e67120d349..eca1e04388 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/preview.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/preview.md
@@ -13,7 +13,9 @@ author: mjcaparas
 ms.localizationpriority: medium
 manager: dansimp
 audience: ITPro
-ms.collection: M365-security-compliance 
+ms.collection: 
+- m365-security-compliance 
+- m365initiative-defender-endpoint 
 ms.topic: conceptual
 ---
 
@@ -21,9 +23,11 @@ ms.topic: conceptual
 
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
+>[!IMPORTANT]
+>The preview versions are provided without a service level agreement, and it's not recommended for production workloads. Certain features might not be supported or might have constrained capabilities.
 
 **Applies to:**
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 The Microsoft Defender ATP service is constantly being updated to include new feature enhancements and capabilities.
 
@@ -56,8 +60,6 @@ The following features are included in the preview release:
 
 - [Web Content Filtering](web-content-filtering.md) <br> Web content filtering is part of web protection capabilities in Microsoft Defender ATP. It enables your organization to track and regulate access to websites based on their content categories. Many of these websites, while not malicious, might be problematic because of compliance regulations, bandwidth usage, or other concerns.
 
- - [Threat and vulnerability management supported operating systems and platforms](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/tvm-supported-os) <BR> Ensure that you meet the operating system or platform requisites for Threat & Vulnerability Management so the activities in your devices are properly accounted for. Threat & Vulnerability Management supports Windows 7, Windows 10 1607-1703, Windows 10 1709+, Windows Server 2008R2, Windows Server 2012R2, Windows Server 2016, Windows Server 2019. <BR> <BR> Secure Configuration Assessment (SCA) supports Windows 10 1709+, Windows Server 2008R2, Windows Server 2012R2, Windows Server 2016, and Windows Server 2019.
-
 - [Device health and compliance report](machine-reports.md) <br/> The device health and compliance report provides high-level information about the devices in your organization.
 
 - [Information protection](information-protection-in-windows-overview.md)<BR>
diff --git a/windows/security/threat-protection/microsoft-defender-atp/production-deployment.md b/windows/security/threat-protection/microsoft-defender-atp/production-deployment.md
index 6e8ce89f59..3dc038ac75 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/production-deployment.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/production-deployment.md
@@ -15,7 +15,8 @@ manager: dansimp
 audience: ITPro
 ms.collection: 
 - M365-security-compliance
-- m365solution-endpointprotect 
+- m365solution-endpointprotect
+- m365solution-scenario 
 ms.topic: article 
 ---
 
@@ -25,7 +26,7 @@ ms.topic: article
 
 
 **Applies to:**
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 
 Deploying Microsoft Defender ATP is a three-phase process:
diff --git a/windows/security/threat-protection/microsoft-defender-atp/pull-alerts-using-rest-api.md b/windows/security/threat-protection/microsoft-defender-atp/pull-alerts-using-rest-api.md
index 38400901cd..5ded65750b 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/pull-alerts-using-rest-api.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/pull-alerts-using-rest-api.md
@@ -23,7 +23,7 @@ ms.topic: article
 
 
 **Applies to:**
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 
 
@@ -71,7 +71,7 @@ You'll use the access token to access the protected resource, which are detectio
 
 To get an access token, you'll need to do a POST request to the token issuing endpoint. Here is a sample request:
 
-```syntax
+```http
 
 POST /72f988bf-86f1-41af-91ab-2d7cd011db47/oauth2/token HTTP/1.1
 Host: login.microsoftonline.com
@@ -124,14 +124,14 @@ CloudCreatedMachineTags | string | Device tags that were created in Microsoft De
 ### Request example
 The following example demonstrates how to retrieve all the detections in your organization.
 
-```syntax
+```http
 GET  https://wdatp-alertexporter-eu.windows.com/api/alerts
 Authorization: Bearer <your access token>
 ```
 
 The following example demonstrates a request to get the last 20 detections since 2016-09-12 00:00:00.
 
-```syntax
+```http
 GET  https://wdatp-alertexporter-eu.windows.com/api/alerts?limit=20&sinceTimeUtc=2016-09-12T00:00:00.000
 Authorization: Bearer <your access token>
 ```
@@ -142,39 +142,60 @@ The return value is an array of alert objects in JSON format.
 Here is an example return value:
 
 ```json 
-{"AlertTime":"2017-01-23T07:32:54.1861171Z",
-"ComputerDnsName":"desktop-bvccckk",
-"AlertTitle":"Suspicious PowerShell commandline",
-"Category":"SuspiciousActivity",
-"Severity":"Medium",
-"AlertId":"636207535742330111_-1114309685",
-"Actor":null,
-"LinkToWDATP":"https://securitycenter.windows.com/alert/636207535742330111_-1114309685",
-"IocName":null,
-"IocValue":null,
-"CreatorIocName":null,
-"CreatorIocValue":null,
-"Sha1":"69484ca722b4285a234896a2e31707cbedc59ef9",
-"FileName":"powershell.exe",
-"FilePath":"C:\\Windows\\SysWOW64\\WindowsPowerShell\\v1.0",
-"IpAddress":null,
-"Url":null,
-"IoaDefinitiondId":"7f1c3609-a3ff-40e2-995b-c01770161d68",
-"UserName":null,
-"AlertPart":0,
-"FullId":"636207535742330111_-1114309685:9DE735BA9FF87725E392C6DFBEB2AF279035CDE229FCC00D28C0F3242C5A50AF",
-"LastProcessedTimeUtc":"2017-01-23T11:33:45.0760449Z",
-"ThreatCategory":null,
-"ThreatFamily":null,
-"ThreatName":null,
-"RemediationAction":null,
-"RemediationIsSuccess":null,
-"Source":"Microsoft Defender ATP",
-"Md5":null,
-"Sha256":null,
-"WasExecutingWhileDetected":null,
-"FileHash":"69484ca722b4285a234896a2e31707cbedc59ef9",
-"IocUniqueId":"9DE735BA9FF87725E392C6DFBEB2AF279035CDE229FCC00D28C0F3242C5A50AF"}
+[
+{        
+        "AlertTime": "2020-09-30T14:09:20.35743Z",
+        "ComputerDnsName": "mymachine1.domain.com",
+        "AlertTitle": "Suspicious File Activity",
+        "Category": "Malware",
+        "Severity": "High",
+        "AlertId": "da637370718981685665_16349121",
+        "Actor": "",
+        "LinkToWDATP": "https://securitycenter.windows.com/alert/da637370718981685665_16349121",
+        "IocName": "",
+        "IocValue": "",
+        "CreatorIocName": "",
+        "CreatorIocValue": "",
+        "Sha1": "aabbccddee1122334455aabbccddee1122334455",
+        "FileName": "cmdParent.exe",
+        "FilePath": "C:\\WINDOWS\\SysWOW64\\boo3\\qwerty",
+        "IpAddress": "",
+        "Url": "",
+        "IoaDefinitionId": "b20af1d2-5990-4672-87f1-acc2a8ff7725",
+        "UserName": "",
+        "AlertPart": 0,
+        "FullId": "da637370718981685665_16349121:R4xEdgAvDb2LQl3BgHoA3NYqKmRSiIAG7dpxAJCYZhY=",
+        "LastProcessedTimeUtc": "2020-09-30T14:11:44.0779765Z",
+        "ThreatCategory": "",
+        "ThreatFamily": "",
+        "ThreatName": "",
+        "RemediationAction": "",
+        "RemediationIsSuccess": null,
+        "Source": "EDR",
+        "Md5": "854b85cbff2752fcb88606bca76f83c6",
+        "Sha256": "",
+        "WasExecutingWhileDetected": null,
+        "UserDomain": "",
+        "LogOnUsers": "",
+        "MachineDomain": "domain.com",
+        "MachineName": "mymachine1",
+        "InternalIPv4List": "",
+        "InternalIPv6List": "",
+        "FileHash": "aabbccddee1122334455aabbccddee1122334455",
+        "DeviceID": "deadbeef000040830ee54503926f556dcaf82bb0",
+        "MachineGroup": "",
+        "Description": "Test Alert",
+        "DeviceCreatedMachineTags": "",
+        "CloudCreatedMachineTags": "",
+        "CommandLine": "",
+        "IncidentLinkToWDATP": "https://securitycenter.windows.com/incidents/byalert?alertId=da637370718981685665_16349121&source=SIEM",
+        "ReportID": 1053729833,
+        "LinkToMTP": "https://security.microsoft.com/alert/da637370718981685665_16349121",
+        "IncidentLinkToMTP": "https://security.microsoft.com/incidents/byalert?alertId=da637370718981685665_16349121&source=SIEM",
+        "ExternalId": "31DD0A845DDA4059FDEDE031014645350AECABD3",
+        "IocUniqueId": "R4xEdgAvDb2LQl3BgHoA3NYqKmRSiIAG7dpxAJCYZhY="
+}
+]
 ```
 
 ## Code examples
diff --git a/windows/security/threat-protection/microsoft-defender-atp/raw-data-export-event-hub.md b/windows/security/threat-protection/microsoft-defender-atp/raw-data-export-event-hub.md
index 8dfa3de26f..3dd71c46a6 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/raw-data-export-event-hub.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/raw-data-export-event-hub.md
@@ -24,7 +24,7 @@ ms.topic: article
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-configuresiem-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/raw-data-export-storage.md b/windows/security/threat-protection/microsoft-defender-atp/raw-data-export-storage.md
index 136bd67acd..ae061aa91b 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/raw-data-export-storage.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/raw-data-export-storage.md
@@ -24,7 +24,7 @@ ms.topic: article
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-configuresiem-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/raw-data-export.md b/windows/security/threat-protection/microsoft-defender-atp/raw-data-export.md
index 70e5354db8..e5a93c9ecf 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/raw-data-export.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/raw-data-export.md
@@ -24,7 +24,7 @@ ms.topic: article
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 - Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-configuresiem-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/rbac.md b/windows/security/threat-protection/microsoft-defender-atp/rbac.md
index 6b595daea4..d0659c30a2 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/rbac.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/rbac.md
@@ -24,7 +24,7 @@ ms.topic: article
 **Applies to:**
 - Azure Active Directory
 - Office 365
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-rbac-abovefoldlink)
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/recommendation.md b/windows/security/threat-protection/microsoft-defender-atp/recommendation.md
index c094ae5bec..4e9bf9b693 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/recommendation.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/recommendation.md
@@ -21,7 +21,7 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 
-**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 - Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/respond-file-alerts.md b/windows/security/threat-protection/microsoft-defender-atp/respond-file-alerts.md
index cad6f89bbe..b22362ce0a 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/respond-file-alerts.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/respond-file-alerts.md
@@ -24,7 +24,7 @@ ms.topic: article
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
  
 [!include[Prerelease information](../../includes/prerelease.md)]
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/respond-machine-alerts.md b/windows/security/threat-protection/microsoft-defender-atp/respond-machine-alerts.md
index 62ea654ded..98a8d61680 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/respond-machine-alerts.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/respond-machine-alerts.md
@@ -23,7 +23,7 @@ ms.topic: article
 
 
 **Applies to:**
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-respondmachine-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/restrict-code-execution.md b/windows/security/threat-protection/microsoft-defender-atp/restrict-code-execution.md
index f4b6552adb..7b9e53a6e8 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/restrict-code-execution.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/restrict-code-execution.md
@@ -21,7 +21,7 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 
-**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 - Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/review-alerts.md b/windows/security/threat-protection/microsoft-defender-atp/review-alerts.md
index b956165700..7188c9c212 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/review-alerts.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/review-alerts.md
@@ -11,7 +11,9 @@ author: danihalfin
 ms.localizationpriority: medium
 manager: dansimp
 audience: ITPro
-ms.collection: M365-security-compliance 
+ms.collection: 
+- m365-security-compliance 
+- m365initiative-defender-endpoint 
 ms.topic: conceptual
 ms.date: 5/1/2020
 ---
@@ -23,12 +25,10 @@ ms.date: 5/1/2020
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-managealerts-abovefoldlink)
 
-[!include[Prerelease information](../../includes/prerelease.md)]
-
 The new alert page in Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP) provides full context to the alert, by combining attack signals and alerts related to the selected alert, to construct a detailed alert story.
 
 Quickly triage, investigate, and take effective action on alerts that affect your organization. Understand why they were triggered, and their impact from one location.
diff --git a/windows/security/threat-protection/microsoft-defender-atp/run-advanced-query-api.md b/windows/security/threat-protection/microsoft-defender-atp/run-advanced-query-api.md
index a902dc094d..91772a215f 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/run-advanced-query-api.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/run-advanced-query-api.md
@@ -22,14 +22,16 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 
-**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 - Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
 ## Limitations
 1. You can only run a query on data from the last 30 days.
 2. The results will include a maximum of 100,000 rows.
-3. The number of executions is limited per tenant: up to 10 calls per minute, 10 minutes of running time every hour and 4 hours of running time a day.
+3. The number of executions is limited per tenant:
+   - API calls: Up to 15 calls per minute
+   - Execution time: 10 minutes of running time every hour and 4 hours of running time a day
 4. The maximal execution time of a single request is 10 minutes.
 5. 429 response will represent reaching quota limit either by number of requests or by CPU. The 429 response body will also indicate the time until the quota is renewed. 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/run-advanced-query-sample-powershell.md b/windows/security/threat-protection/microsoft-defender-atp/run-advanced-query-sample-powershell.md
index 00381d0550..c95d5dc155 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/run-advanced-query-sample-powershell.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/run-advanced-query-sample-powershell.md
@@ -22,7 +22,7 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 
 Run advanced queries using PowerShell, see [Advanced Hunting API](run-advanced-query-api.md).
diff --git a/windows/security/threat-protection/microsoft-defender-atp/run-advanced-query-sample-python.md b/windows/security/threat-protection/microsoft-defender-atp/run-advanced-query-sample-python.md
index 282cc94d06..ad9c61aa16 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/run-advanced-query-sample-python.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/run-advanced-query-sample-python.md
@@ -24,7 +24,7 @@ ms.topic: article
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 Run advanced queries using Python, see [Advanced Hunting API](run-advanced-query-api.md).
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/run-av-scan.md b/windows/security/threat-protection/microsoft-defender-atp/run-av-scan.md
index 1219b9aa21..ac66c55986 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/run-av-scan.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/run-av-scan.md
@@ -21,7 +21,7 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 
-**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 - Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/run-detection-test.md b/windows/security/threat-protection/microsoft-defender-atp/run-detection-test.md
index 257fb9494d..21efcfa495 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/run-detection-test.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/run-detection-test.md
@@ -13,7 +13,9 @@ author: mjcaparas
 ms.localizationpriority: medium
 manager: dansimp
 audience: ITPro
-ms.collection: M365-security-compliance 
+ms.collection: 
+- m365-security-compliance 
+- m365initiative-defender-endpoint 
 ms.topic: article
 ---
 
@@ -28,7 +30,7 @@ ms.topic: article
 - Windows Server 2016
 - Windows Server, version 1803
 - Windows Server, 2019
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 
 Run the following PowerShell script on a newly onboarded device to verify that it is properly reporting to the Microsoft Defender ATP service.
diff --git a/windows/security/threat-protection/microsoft-defender-atp/score.md b/windows/security/threat-protection/microsoft-defender-atp/score.md
index edeeea026b..e0d37c9adc 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/score.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/score.md
@@ -21,7 +21,7 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 
-**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 - Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/security-operations-dashboard.md b/windows/security/threat-protection/microsoft-defender-atp/security-operations-dashboard.md
index 608a4bedcf..c564eb22ec 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/security-operations-dashboard.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/security-operations-dashboard.md
@@ -23,7 +23,7 @@ ms.topic: conceptual
 
 
 **Applies to:**
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-secopsdashboard-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/service-status.md b/windows/security/threat-protection/microsoft-defender-atp/service-status.md
index b9325d8184..b95ecdb603 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/service-status.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/service-status.md
@@ -23,7 +23,7 @@ ms.topic: article
 
 
 **Applies to:**
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/set-device-value.md b/windows/security/threat-protection/microsoft-defender-atp/set-device-value.md
index 65012f7ca0..eb081b2ce2 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/set-device-value.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/set-device-value.md
@@ -21,14 +21,14 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 
-**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 - Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
 ## API description
 
 Set the device value of a specific [Machine](machine.md).<br>
-See [threat and vulnerability management scenarios](threat-and-vuln-mgt-scenarios.md) for more information.
+See [assign device values](tvm-assign-device-value.md) for more information.
 
 ## Limitations
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/software.md b/windows/security/threat-protection/microsoft-defender-atp/software.md
index 514baa2899..bdd977b76d 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/software.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/software.md
@@ -21,7 +21,7 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 
-**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 - Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/stop-and-quarantine-file.md b/windows/security/threat-protection/microsoft-defender-atp/stop-and-quarantine-file.md
index 60c046ee70..1d98b043e9 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/stop-and-quarantine-file.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/stop-and-quarantine-file.md
@@ -21,7 +21,7 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 
-**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 - Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/supported-response-apis.md b/windows/security/threat-protection/microsoft-defender-atp/supported-response-apis.md
index 2fa6615e6a..4158bfea2b 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/supported-response-apis.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/supported-response-apis.md
@@ -23,7 +23,7 @@ ms.topic: conceptual
 
 
 **Applies to:**
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 > [!TIP]
 > Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-supported-response-apis-abovefoldlink) 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/threat-analytics.md b/windows/security/threat-protection/microsoft-defender-atp/threat-analytics.md
index caf55924e5..7736f20b59 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/threat-analytics.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/threat-analytics.md
@@ -14,7 +14,9 @@ author: lomayor
 ms.localizationpriority: medium
 manager: dansimp
 audience: ITPro
-ms.collection: M365-security-compliance 
+ms.collection: 
+- m365-security-compliance 
+- m365initiative-defender-endpoint 
 ms.topic: article
 ---
 
@@ -23,7 +25,7 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 With more sophisticated adversaries and new threats emerging frequently and prevalently, it's critical to be able to quickly:
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/threat-and-vuln-mgt-event-timeline.md b/windows/security/threat-protection/microsoft-defender-atp/threat-and-vuln-mgt-event-timeline.md
index 3ad5cff1e5..0e1e460db8 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/threat-and-vuln-mgt-event-timeline.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/threat-and-vuln-mgt-event-timeline.md
@@ -13,7 +13,9 @@ author: levinec
 ms.localizationpriority: medium
 manager: dansimp
 audience: ITPro
-ms.collection: M365-security-compliance 
+ms.collection: 
+- m365-security-compliance 
+- m365initiative-defender-endpoint 
 ms.topic: conceptual
 ---
 # Event timeline - threat and vulnerability management
@@ -22,41 +24,36 @@ ms.topic: conceptual
 
 
 **Applies to:**
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-portaloverview-abovefoldlink)
 
 Event timeline is a risk news feed that helps you interpret how risk is introduced into the organization through new vulnerabilities or exploits. You can view events that may impact your organization's risk. For example, you can find new vulnerabilities that were introduced, vulnerabilities that became exploitable, exploit that was added to an exploit kit, and more.
 
-Event timeline also tells the story of your [exposure score](tvm-exposure-score.md) so you can determine the cause of large changes. Reduce you exposure score by addressing what needs to be remediated based on the prioritized [security recommendations](tvm-security-recommendation.md).
+Event timeline also tells the story of your [exposure score](tvm-exposure-score.md) and [Microsoft Secure Score for Devices](tvm-microsoft-secure-score-devices.md) so you can determine the cause of large changes. Events can impact your devices or your score for devices. Reduce you exposure by addressing what needs to be remediated based on the prioritized [security recommendations](tvm-security-recommendation.md).
 
 ## Navigate to the Event timeline page
 
-You can access Event timeline mainly through three ways:
+There are also three entry points from the [threat and vulnerability management dashboard](tvm-dashboard-insights.md):
 
-- In the threat and vulnerability management navigation menu in the Microsoft Defender Security Center
-- Top events card in the [threat and vulnerability management dashboard](tvm-dashboard-insights.md). The highest impact events (for example, affect the most devices or critical vulnerabilities)
-- Hovering over the Exposure Score graph in the [threat and vulnerability management dashboard](tvm-dashboard-insights.md)
+- **Organization exposure score card**: Hover over the event dots in the "Exposure Score over time" graph and select "See all events from this day." The events represent software vulnerabilities.
+- **Microsoft Secure Score for Devices**: Hover over the event dots in the "Your score for devices over time" graph and select "See all events from this day." The events represent new configuration assessments.
+- **Top events card**: Select "Show more" at the bottom of the top events table. The card displays the three most impactful events in the last 7 days. Impactful events can include if the event affects a large number of devices, or if it is a critical vulnerability.
 
-### Navigation menu
+### Exposure score and Microsoft Secure Score for Devices graphs
 
-Go to the threat and vulnerability management navigation menu and select **Event timeline** to view impactful events.
+In the threat and vulnerability management dashboard, hover over the Exposure score graph to view top software vulnerability events from that day that impacted your devices. Hover over the Microsoft Secure Score for Devices graph to view new security configuration assessments that affect your score.
 
-### Top events card
+If there are no events that affect your devices or your score for devices, then none will be shown.
 
-In the threat and vulnerability management dashboard, the "Top events" card displays the three most impactful events in the last 7 days. Select **Show more** to go to the Event timeline page.
+![Exposure score hover](images/tvm-event-timeline-exposure-score350.png) 
+![Microsoft Secure Score for Devices hover](images/tvm-event-timeline-device-hover360.png)
 
-![Event timeline page](images/tvm-top-events-card.png)
-
-### Exposure score graph
-
-In the threat and vulnerability management dashboard, hover over the Exposure score graph to view top events from that day that impacted your devices. If there are no events, then none will be shown.
-
-![Event timeline page](images/tvm-event-timeline-exposure-score400.png)
+### Drill down to events from that day
 
 Selecting **Show all events from this day** takes you to the Event timeline page with a custom date range for that day.
 
-![Event timeline page](images/tvm-event-timeline-drilldown.png)
+![Event timeline selected custom date range](images/tvm-event-timeline-drilldown.png)
 
 Select **Custom range** to change the date range to another custom one, or a pre-set time range.
 
@@ -76,9 +73,6 @@ The two large numbers at the top of the page show the number of new vulnerabilit
 
 ![Event timeline page](images/tvm-event-timeline-overview-mixed-type.png)
 
->[!NOTE]
->Event type called "New configuration assessment" coming soon.
-
 ### Columns
 
 - **Date**: month, day, year
@@ -91,6 +85,7 @@ The two large numbers at the top of the page show the number of new vulnerabilit
     - Exploit was verified
     - New public exploit
     - New vulnerability
+    - New configuration assessment
 - **Score trend**: exposure score trend
 
 ### Icons
@@ -100,7 +95,7 @@ The following icons show up next to events:
 - ![bug icon](images/tvm-black-bug-icon.png) New public exploit
 - ![report warning icon](images/report-warning-icon.png) New vulnerability was published
 - ![exploit kit](images/bug-lightning-icon2.png) Exploit found in exploit kit
-- ![bug icon](images/bug-caution-icon2.png) Exploit verified
+- ![bug icon with warning icon](images/bug-caution-icon2.png) Exploit verified
 
 ### Drill down to a specific event
 
@@ -110,7 +105,7 @@ The arrow below "score trend" helps you determine whether this event potentially
 
 ![Event timeline flyout](images/tvm-event-timeline-flyout500.png)
 
-From there, select **Go to related security recommendation** view the recommendation that addresses the new software vulnerability in the [security recommendations page](tvm-security-recommendation.md). After reading the description and vulnerability details in the security recommendation, you can [submit a remediation request](tvm-security-recommendation.md#request-remediation), and track the request in the [remediation page](tvm-remediation.md).  
+From there, select **Go to related security recommendation** view the recommendation that addresses the new software vulnerability in the [security recommendations page](tvm-security-recommendation.md). After reading the description and vulnerability details in the security recommendation, you can submit a remediation request, and track the request in the [remediation page](tvm-remediation.md).  
 
 ## View Event timelines in software pages
 
@@ -127,17 +122,9 @@ Navigate to the event timeline tab to view all the events related to that softwa
 ## Related topics
 
 - [Threat and vulnerability management overview](next-gen-threat-and-vuln-mgt.md)
-- [Supported operating systems and platforms](tvm-supported-os.md)
-- [Threat and vulnerability management dashboard](tvm-dashboard-insights.md)
+- [Dashboard](tvm-dashboard-insights.md)
 - [Exposure score](tvm-exposure-score.md)
-- [Microsoft Secure Score for Devices](tvm-microsoft-secure-score-devices.md)
 - [Security recommendations](tvm-security-recommendation.md)
-- [Remediation and exception](tvm-remediation.md)
+- [Remediate vulnerabilities](tvm-remediation.md)
 - [Software inventory](tvm-software-inventory.md)
-- [Weaknesses](tvm-weaknesses.md)
-- [Event timeline](threat-and-vuln-mgt-event-timeline.md)
-- [Scenarios](threat-and-vuln-mgt-scenarios.md)
-- [APIs](next-gen-threat-and-vuln-mgt.md#apis)
-- [Configure data access for threat and vulnerability management roles](user-roles.md#create-roles-and-assign-the-role-to-an-azure-active-directory-group)
-- [Advanced hunting overview](overview-hunting.md)
-- [All advanced hunting tables](advanced-hunting-reference.md)
+
diff --git a/windows/security/threat-protection/microsoft-defender-atp/threat-indicator-concepts.md b/windows/security/threat-protection/microsoft-defender-atp/threat-indicator-concepts.md
index a4691bc3cc..a7fc785038 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/threat-indicator-concepts.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/threat-indicator-concepts.md
@@ -23,7 +23,7 @@ ms.topic: conceptual
 
 
 **Applies to:**
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/threat-protection-integration.md b/windows/security/threat-protection/microsoft-defender-atp/threat-protection-integration.md
index a8d1540ac2..937906e7a6 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/threat-protection-integration.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/threat-protection-integration.md
@@ -25,7 +25,7 @@ ms.topic: conceptual
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 ## Integrate with other Microsoft solutions
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/threat-protection-reports.md b/windows/security/threat-protection/microsoft-defender-atp/threat-protection-reports.md
index 3fff8e808b..6690a9a308 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/threat-protection-reports.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/threat-protection-reports.md
@@ -23,7 +23,7 @@ ms.topic: article
 
 
 **Applies to:**
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 
 The threat protection report provides high-level information about alerts generated in your organization. The report includes trending information showing the detection sources, categories, severities, statuses, classifications, and determinations of alerts across time.
diff --git a/windows/security/threat-protection/microsoft-defender-atp/ti-indicator.md b/windows/security/threat-protection/microsoft-defender-atp/ti-indicator.md
index 039703000c..a527797436 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/ti-indicator.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/ti-indicator.md
@@ -21,7 +21,7 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 
-**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 - Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/time-settings.md b/windows/security/threat-protection/microsoft-defender-atp/time-settings.md
index c2362f07ac..173c407eda 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/time-settings.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/time-settings.md
@@ -23,7 +23,7 @@ ms.topic: article
 
 
 **Applies to:**
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-asr.md b/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-asr.md
index ba95b235f8..5869c9d23d 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-asr.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-asr.md
@@ -24,7 +24,7 @@ ms.custom: asr
 
 **Applies to:**
 
-* [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+* [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 When you use [attack surface reduction rules](attack-surface-reduction.md) you may run into issues, such as:
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-collect-support-log.md b/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-collect-support-log.md
index eecaf63643..30017b4ca8 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-collect-support-log.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-collect-support-log.md
@@ -21,7 +21,7 @@ ms.topic: troubleshooting
 
 
 **Applies to:**
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 When contacting support, you may be asked to provide the output package of the Microsoft Defender ATP Client Analyzer tool.
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-exploit-protection-mitigations.md b/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-exploit-protection-mitigations.md
index 2773899fc2..aff164b095 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-exploit-protection-mitigations.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-exploit-protection-mitigations.md
@@ -23,7 +23,7 @@ manager: dansimp
 
 **Applies to:**
 
-* [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+* [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 When you create a set of exploit protection mitigations (known as a configuration), you might find that the configuration export and import process does not remove all unwanted mitigations.
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-live-response.md b/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-live-response.md
index db3f3bee81..e6ed78f7f8 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-live-response.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-live-response.md
@@ -24,7 +24,7 @@ ms.topic: troubleshooting
 
 
 **Applies to:**
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 
 This page provides detailed steps to troubleshoot live response issues.
diff --git a/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-np.md b/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-np.md
index f925f8ec6f..bea92c57cf 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-np.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-np.md
@@ -23,7 +23,7 @@ manager: dansimp
 
 **Applies to:**
 
-* [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+* [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 * IT administrators
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-onboarding-error-messages.md b/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-onboarding-error-messages.md
index 42a3ad5d0b..16f93645cd 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-onboarding-error-messages.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-onboarding-error-messages.md
@@ -24,7 +24,7 @@ ms.topic: troubleshooting
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 
 >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-troublshootonboarding-abovefoldlink)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-onboarding.md b/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-onboarding.md
index d55165aaae..673f3f624c 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-onboarding.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-onboarding.md
@@ -24,7 +24,7 @@ ms.topic: troubleshooting
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 - Windows Server 2012 R2
 - Windows Server 2016
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-siem.md b/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-siem.md
index 0ac32a5707..765a21fe20 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-siem.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-siem.md
@@ -23,7 +23,7 @@ ms.topic: troubleshooting
 
 
 **Applies to:**
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/tvm-assign-device-value.md b/windows/security/threat-protection/microsoft-defender-atp/tvm-assign-device-value.md
new file mode 100644
index 0000000000..8dfec3f344
--- /dev/null
+++ b/windows/security/threat-protection/microsoft-defender-atp/tvm-assign-device-value.md
@@ -0,0 +1,76 @@
+---
+title: Assign device value - threat and vulnerability management
+description: Learn how to assign a low, normal, or high value to a device to help you differentiate between asset priorities.
+keywords: microsoft defender atp device value, threat and vulnerability management device value, high value devices, device value exposure score
+search.product: eADQiWindows 10XVcnh
+search.appverid: met150
+ms.prod: w10
+ms.mktglfcycl: deploy
+ms.sitesec: library
+ms.pagetype: security
+ms.author: ellevin
+author: levinec
+ms.localizationpriority: medium
+manager: dansimp
+audience: ITPro
+ms.collection: 
+- m365-security-compliance 
+- m365initiative-defender-endpoint 
+ms.topic: article
+---
+
+# Assign device value - threat and vulnerability management
+
+[!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
+
+**Applies to:**
+
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Threat and vulnerability management](next-gen-threat-and-vuln-mgt.md)
+
+>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-portaloverview-abovefoldlink)
+
+[!include[Prerelease information](../../includes/prerelease.md)]
+
+Defining a device’s value helps you differentiate between asset priorities. The device value is used to incorporate the risk appetite of an individual asset into the threat and vulnerability management exposure score calculation. Devices assigned as “high value” will receive more weight.
+
+You can also use the [set device value API](set-device-value.md).
+
+Device value options:
+
+- Low
+- Normal (Default)
+- High
+
+Examples of devices that should be assigned a high value:
+
+- Domain controllers, Active Directory
+- Internet facing devices
+- VIP devices
+- Devices hosting internal/external production services
+
+## Choose device value
+
+1. Navigate to any device page, the easiest place is from the device inventory.
+
+2. Select **Device value** from three dots next to the actions bar at the top of the page.
+
+    ![Example of the device value dropdown.](images/tvm-device-value-dropdown.png)
+
+3. A flyout will appear with the current device value and what it means. Review the value of the device and choose the one that best fits your device.
+![Example of the device value flyout.](images/tvm-device-value-flyout.png)
+
+## How device value impacts your exposure score
+
+The exposure score is a weighted average across all devices. If you have device groups, you can also filter the score by device group.
+
+- Normal devices have a weight of 1
+- Low value devices have a weight of 0.75
+- High value devices have a weight of NumberOfAssets / 10.
+    - If you have 100 devices, each high value device will have a weight of 10 (100/10)
+
+## Related topics
+
+- [Threat and vulnerability management overview](next-gen-threat-and-vuln-mgt.md)
+- [Exposure Score](tvm-exposure-score.md)
+- [APIs](next-gen-threat-and-vuln-mgt.md#apis)
\ No newline at end of file
diff --git a/windows/security/threat-protection/microsoft-defender-atp/tvm-dashboard-insights.md b/windows/security/threat-protection/microsoft-defender-atp/tvm-dashboard-insights.md
index 00d85e1d60..004ad94602 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/tvm-dashboard-insights.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/tvm-dashboard-insights.md
@@ -1,5 +1,5 @@
 ---
-title: Threat and vulnerability management dashboard insights
+title: Dashboard insights - threat and vulnerability management
 description: The threat and vulnerability management dashboard can help SecOps and security admins address cybersecurity threats and build their organization's security resilience.
 keywords: mdatp-tvm, mdatp-tvm dashboard, threat & vulnerability management, threat and vulnerability management, risk-based threat & vulnerability management, security configuration, Microsoft Secure Score for Devices, exposure score    
 search.appverid: met150
@@ -13,17 +13,19 @@ author: levinec
 ms.localizationpriority: medium
 manager: dansimp
 audience: ITPro
-ms.collection: M365-security-compliance
+ms.collection: 
+- m365-security-compliance 
+- m365initiative-defender-endpoint 
 ms.topic: conceptual
 ---
-# Threat and vulnerability management dashboard insights
+# Dashboard insights - threat and vulnerability management
 
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
-
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Threat and vulnerability management](next-gen-threat-and-vuln-mgt.md)
 
 >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-portaloverview-abovefoldlink)
 
@@ -47,24 +49,10 @@ Watch this video for a quick overview of what is in the threat and vulnerability
 
 >[!VIDEO https://www.microsoft.com/en-us/videoplayer/embed/RE4r1nv]
 
-## Threat and vulnerability management in Microsoft Defender Security Center
+## Threat and vulnerability management dashboard
 
  ![Microsoft Defender Advanced Threat Protection portal](images/tvm-dashboard-devices.png)
 
-You can navigate through the portal using the menu options available in all sections. Refer to the following tables for a description of each section.
-
-## Threat and vulnerability management navigation pane
-
-Area | Description
-:---|:---
-**Dashboard**   | Get a high-level view of the organization exposure score, Microsoft Secure Score for Devices, device exposure distribution, top security recommendations, top vulnerable software, top remediation activities, and top exposed device data.
-[**Security recommendations**](tvm-security-recommendation.md) | See the list of security recommendations, their related components, whether software or software versions in your network have reached end-of-support, insights, number or exposed devices, impact, and request for remediation. When you select an item from the list, a flyout panel opens with vulnerability details, a link to open the software page, and remediation and exception options. You can also open a ticket in Intune if your devices are joined through Azure Active Directory and you've enabled your Intune connections in Microsoft Defender ATP.
-[**Remediation**](tvm-remediation.md) | See the remediation activity, related component, remediation type, status, due date, option to export the remediation and process data to CSV, and active exceptions.
-[**Software inventory**](tvm-software-inventory.md) | See the list of software, versions, weaknesses, whether there's an exploit found on the software, whether the software or software version has reached end-of-support, prevalence in the organization, how many were installed, how many exposed devices there are, and the numerical value of the impact. You can select each item in the list and opt to open the software page that shows the associated vulnerabilities, misconfigurations, affected device, version distribution details, and missing KBs (security updates).
-[**Weaknesses**](tvm-weaknesses.md) | See the list of common vulnerabilities and exposures, the severity, the common vulnerability scoring system (CVSS) V3 score, related software, age, when it was published, related threat alerts, and how many exposed devices there are. You can select each item in the list to see a flyout panel with the vulnerability description and other details.
-
-## Threat and vulnerability management dashboard
-
 Area | Description
 :---|:---
 **Selected device groups (#/#)**   | Filter the threat and vulnerability management data you want to see in the dashboard and cards by device groups. What you select in the filter applies throughout the threat and vulnerability management pages.
@@ -81,14 +69,9 @@ For more information on the icons used throughout the portal, see [Microsoft Def
 ## Related topics
 
 - [Threat and vulnerability management overview](next-gen-threat-and-vuln-mgt.md)
-- [Supported operating systems and platforms](tvm-supported-os.md)
 - [Exposure score](tvm-exposure-score.md)
 - [Microsoft Secure Score for Devices](tvm-microsoft-secure-score-devices.md)
 - [Security recommendations](tvm-security-recommendation.md)
-- [Remediation and exception](tvm-remediation.md)
 - [Software inventory](tvm-software-inventory.md)
-- [Weaknesses](tvm-weaknesses.md)
 - [Event timeline](threat-and-vuln-mgt-event-timeline.md)
-- [Scenarios](threat-and-vuln-mgt-scenarios.md)
-- [APIs](next-gen-threat-and-vuln-mgt.md#apis)
-- [Configure data access for threat and vulnerability management roles](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/user-roles#create-roles-and-assign-the-role-to-an-azure-active-directory-group)
+
diff --git a/windows/security/threat-protection/microsoft-defender-atp/tvm-end-of-support-software.md b/windows/security/threat-protection/microsoft-defender-atp/tvm-end-of-support-software.md
new file mode 100644
index 0000000000..7d2f8da30c
--- /dev/null
+++ b/windows/security/threat-protection/microsoft-defender-atp/tvm-end-of-support-software.md
@@ -0,0 +1,69 @@
+---
+title: Plan for end-of-support software and software versions
+description: Discover and plan for software and software versions that are no longer supported and won't receive security updates.
+keywords: threat and vulnerability management, mdatp tvm security recommendation, cybersecurity recommendation, actionable security recommendation
+search.product: eADQiWindows 10XVcnh
+search.appverid: met150
+ms.prod: w10
+ms.mktglfcycl: deploy
+ms.sitesec: library
+ms.pagetype: security
+ms.author: ellevin
+author: levinec
+ms.localizationpriority: medium
+manager: dansimp
+audience: ITPro
+ms.collection: 
+- m365-security-compliance 
+- m365initiative-defender-endpoint 
+ms.topic: conceptual
+---
+# Plan for end-of-support software and software versions with threat and vulnerability management
+
+[!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
+
+**Applies to:**
+
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Threat and vulnerability management](next-gen-threat-and-vuln-mgt.md)
+
+>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-portaloverview-abovefoldlink)
+
+End-of-support (EOS), otherwise known as end-of-life (EOL), for software or software versions means that they will no longer be supported or serviced, and will not receive security updates. When you use software or software versions with ended support, you're exposing your organization to security vulnerabilities, legal, and financial risks.
+
+It's crucial for Security and IT Administrators to work together and ensure that the organization's software inventory is configured for optimal results, compliance, and a healthy network ecosystem. They should examine the options to remove or replace apps that have reached end-of-support and update versions that are no longer supported. It's best to create and implement a plan **before** the end of support dates.
+
+## Find software or software versions that are no longer supported
+
+1. From the threat and vulnerability management menu, navigate to [**Security recommendations**](tvm-security-recommendation.md).
+2. Go to the **Filters** panel and look for the tags section. Select one or more of the EOS tag options. Then **Apply**.
+
+    ![Screenshot tags that say EOS software, EOS versions, and Upcoming EOS versions.](images/tvm-eos-tag.png)
+
+3. You'll see a list of recommendations related to software with ended support, software versions that are end of support, or versions with upcoming end of support. These tags are also visible in the [software inventory](tvm-software-inventory.md) page.
+
+    ![Recommendations with EOS tag.](images/tvm-eos-tags-column.png)
+
+## List of versions and dates
+
+To view a list of versions that have reached end of support, or end or support soon, and those dates, follow the below steps:
+
+1. A message will appear in the security recommendation flyout for software with versions that have reached end of support, or will reach end of support soon.
+
+    ![Screenshot of version distribution link.](images/eos-upcoming-eos.png)
+
+2. Select the **version distribution** link to go to the software drill-down page. There, you can see a filtered list of versions with tags identifying them as end of support, or upcoming end of support.
+
+    ![Screenshot of software drilldown page with end of support software.](images/software-drilldown-eos.png)
+
+3. Select one of the versions in the table to open. For example, version 10.0.18362.1. A flyout will appear with the end of support date.
+
+    ![Screenshot of end of support date.](images/version-eos-date.png)
+
+Once you identify which software and software versions are vulnerable due to their end-of-support status, you must decide whether to update or remove them from your organization. Doing so will lower your organizations exposure to vulnerabilities and advanced persistent threats.
+
+## Related topics
+
+- [Threat and vulnerability management overview](next-gen-threat-and-vuln-mgt.md)
+- [Security recommendations](tvm-security-recommendation.md)
+- [Software inventory](tvm-software-inventory.md)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/tvm-exception.md b/windows/security/threat-protection/microsoft-defender-atp/tvm-exception.md
new file mode 100644
index 0000000000..f8f6565174
--- /dev/null
+++ b/windows/security/threat-protection/microsoft-defender-atp/tvm-exception.md
@@ -0,0 +1,98 @@
+---
+title: Create and view exceptions for security recommendations - threat and vulnerability management
+description: Create and monitor exceptions for security recommendations in threat and vulnerability management. 
+keywords: microsoft defender atp tvm remediation, mdatp tvm, threat and vulnerability management, threat & vulnerability management, threat & vulnerability management remediation, tvm remediation intune, tvm remediation sccm
+search.product: eADQiWindows 10XVcnh
+search.appverid: met150
+ms.prod: w10
+ms.mktglfcycl: deploy
+ms.sitesec: library
+ms.pagetype: security
+ms.author: ellevin
+author: levinec
+ms.localizationpriority: medium
+manager: dansimp
+audience: ITPro
+ms.collection: 
+- m365-security-compliance 
+- m365initiative-defender-endpoint 
+ms.topic: conceptual
+---
+# Create and view exceptions for security recommendations - threat and vulnerability management
+
+[!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
+
+**Applies to:**
+
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Threat and vulnerability management](next-gen-threat-and-vuln-mgt.md)
+
+>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-portaloverview-abovefoldlink)
+
+Sometimes, you may not be able to take the remediation steps suggested by a security recommendation. If that is the case, threat and vulnerability management gives you an avenue to create an exception.
+
+When an exception is created for a recommendation, the recommendation is no longer active. The recommendation state changes to **Exception**, and no longer shows up in the security recommendations list.
+
+## Create an exception
+
+1. Go to the threat and vulnerability management navigation menu in the Microsoft Defender Security Center, and select [**Security recommendations**](tvm-security-recommendation.md).
+
+2. Select a security recommendation you would like to create an exception for, and then **Exception options**.
+![Showing where the button for "exception options" is location in a security recommendation flyout.](images/tvm-exception-option.png)
+
+3. Select your justification for the exception you need to file instead of remediating the security recommendation in question. Fill out the justification context, then set the exception duration.
+
+    The following list details the justifications behind the exception options:
+
+    - **Third party control** - A third party product or software already addresses this recommendation
+        - Choosing this justification type will lower your exposure score and increase you secure score because your risk is reduced
+    - **Alternate mitigation** - An internal tool already addresses this recommendation
+        - Choosing this justification type will lower your exposure score and increase you secure score because your risk is reduced
+    - **Risk accepted** - Poses low risk and/or implementing the recommendation is too expensive
+    - **Planned remediation (grace)** - Already planned but is awaiting execution or authorization
+
+4. Select **Submit**. A confirmation message at the top of the page indicates that the exception has been created.
+
+## View your exceptions
+
+When you file for an exception from the security recommendations page, you create an exception  for that security recommendation. You can file exceptions to exclude certain recommendation from showing up in reports and affecting your [Microsoft Secure Score for Devices](tvm-microsoft-secure-score-devices.md).
+
+The exceptions you've filed will show up in the **Remediation** page, in the **Exceptions** tab. You can filter your view based on exception justification, type, and status.  
+
+![Example of the exception page and filter options.](images/tvm-exception-filters.png)
+
+### Exception actions and statuses
+
+Once an exception exists, you can cancel it at any time by going to the exception in the **Remediation** page and selecting **Cancel exception**.
+
+The following statuses will be a part of an exception:
+
+- **Canceled** - The exception has been canceled and is no longer in effect  
+- **Expired** - The exception that you've filed is no longer in effect
+- **In effect** - The exception that you've filed is in progress
+
+### Exception impact on scores
+
+Creating an exception can potentially affect the Exposure Score (for both types of weaknesses) and Microsoft Secure Score for Devices of your organization in the following manner:
+
+- **No impact** - Removes the recommendation from the lists (which can be reverse through filters), but will not affect the scores.
+- **Mitigation-like impact** - As if the recommendation was mitigated (and scores will be adjusted accordingly) when you select it as a compensating control.
+- **Hybrid** - Provides visibility on both No impact and Mitigation-like impact. It shows both the Exposure Score and Microsoft Secure Score for Devices results out of the exception option that you made.
+
+The exception impact shows on both the Security recommendations page column and in the flyout pane.
+
+![Screenshot identifying the impact sections which list score impacts in the full page security recommendations table, and the flyout.](images/tvm-exception-impact.png)
+
+### View exceptions in other places
+
+Select **Show exceptions** at the bottom of the **Top security recommendations** card in the dashboard. It will open a filtered view in the **Security recommendations** page of recommendations with an "Exception" status.
+
+![Screenshot of Show exceptions link in the Top security recommendations card in the dashboard.](images/tvm-exception-dashboard.png)
+
+## Related topics
+
+- [Threat and vulnerability management overview](next-gen-threat-and-vuln-mgt.md)
+- [Remediate vulnerabilities](tvm-remediation.md)
+- [Security recommendations](tvm-security-recommendation.md)
+- [Exposure score](tvm-exposure-score.md)
+- [Microsoft Secure Score for Devices](tvm-microsoft-secure-score-devices.md)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/tvm-exposure-score.md b/windows/security/threat-protection/microsoft-defender-atp/tvm-exposure-score.md
index 28da6b8c57..f73d28e79c 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/tvm-exposure-score.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/tvm-exposure-score.md
@@ -13,17 +13,19 @@ author: levinec
 ms.localizationpriority: medium
 manager: dansimp
 audience: ITPro
-ms.collection: M365-security-compliance 
+ms.collection: 
+- m365-security-compliance 
+- m365initiative-defender-endpoint  
 ms.topic: conceptual
 ---
 # Exposure score - threat and vulnerability management
 
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
-
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Threat and vulnerability management](next-gen-threat-and-vuln-mgt.md)
 
 >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-portaloverview-abovefoldlink)
 
@@ -63,14 +65,6 @@ Lower your threat and vulnerability exposure by remediating [security recommenda
 ## Related topics
 
 - [Threat and vulnerability management overview](next-gen-threat-and-vuln-mgt.md)
-- [Supported operating systems and platforms](tvm-supported-os.md)
-- [Threat and vulnerability management dashboard](tvm-dashboard-insights.md)
 - [Microsoft Secure Score for Devices](tvm-microsoft-secure-score-devices.md)
 - [Security recommendations](tvm-security-recommendation.md)
-- [Remediation and exception](tvm-remediation.md)
-- [Software inventory](tvm-software-inventory.md)
-- [Weaknesses](tvm-weaknesses.md)
 - [Event timeline](threat-and-vuln-mgt-event-timeline.md)
-- [Scenarios](threat-and-vuln-mgt-scenarios.md)
-- [APIs](next-gen-threat-and-vuln-mgt.md#apis)
-- [Configure data access for threat and vulnerability management roles](user-roles.md#create-roles-and-assign-the-role-to-an-azure-active-directory-group)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/threat-and-vuln-mgt-scenarios.md b/windows/security/threat-protection/microsoft-defender-atp/tvm-hunt-exposed-devices.md
similarity index 54%
rename from windows/security/threat-protection/microsoft-defender-atp/threat-and-vuln-mgt-scenarios.md
rename to windows/security/threat-protection/microsoft-defender-atp/tvm-hunt-exposed-devices.md
index 85d599cd64..d530052017 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/threat-and-vuln-mgt-scenarios.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/tvm-hunt-exposed-devices.md
@@ -1,5 +1,5 @@
 ---
-title: Scenarios - threat and vulnerability management
+title: 	Hunt for exposed devices 
 description: Learn how threat and vulnerability management can be used to help security admins, IT admins, and SecOps collaborate.
 keywords: mdatp-tvm scenarios, mdatp, tvm, tvm scenarios, reduce threat & vulnerability exposure, reduce threat and vulnerability, improve security configuration, increase Microsoft Secure Score for Devices, increase threat & vulnerability Microsoft Secure Score for Devices, Microsoft Secure Score for Devices, exposure score, security controls 
 search.product: eADQiWindows 10XVcnh
@@ -13,24 +13,38 @@ author: levinec
 ms.localizationpriority: medium
 manager: dansimp
 audience: ITPro
-ms.collection: M365-security-compliance 
+ms.collection: 
+- m365-security-compliance 
+- m365initiative-defender-endpoint 
 ms.topic: article
 ---
 
-# Scenarios - threat and vulnerability management
+# Hunt for exposed devices - threat and vulnerability management
 
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
-
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Threat and vulnerability management](next-gen-threat-and-vuln-mgt.md)
 
 >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-portaloverview-abovefoldlink)
 
-[!include[Prerelease information](../../includes/prerelease.md)]
+## Use advanced hunting to find devices with vulnerabilities
 
-## Use advanced hunting query to search for devices with High active alerts or critical CVE public exploit
+Advanced hunting is a query-based threat-hunting tool that lets you explore up to 30 days of raw data. You can proactively inspect events in your network to locate threat indicators and entities. The flexible access to data enables unconstrained hunting for both known and potential threats. [Learn more about advanced hunting](advanced-hunting-overview.md)
+
+### Schema tables
+
+- [DeviceTvmSoftwareInventoryVulnerabilities](advanced-hunting-devicetvmsoftwareinventoryvulnerabilities-table.md) - Inventory of software on devices as well as any known vulnerabilities in these software products
+
+- [DeviceTvmSoftwareVulnerabilitiesKB](advanced-hunting-devicetvmsoftwarevulnerabilitieskb-table.md) - Knowledge base of publicly disclosed vulnerabilities, including whether exploit code is publicly available
+
+- [DeviceTvmSecureConfigurationAssessment](advanced-hunting-devicetvmsecureconfigurationassessment-table.md) - Threat & Vulnerability Management assessment events, indicating the status of various security configurations on devices
+
+- [DeviceTvmSecureConfigurationAssessmentKB](advanced-hunting-devicetvmsecureconfigurationassessmentkb-table.md) - Knowledge base of various security configurations used by Threat & Vulnerability Management to assess devices; includes mappings to various standards and benchmarks
+
+## Check which devices are involved in high severity alerts
 
 1. Go to **Advanced hunting** from the left-hand navigation pane of the Microsoft Defender Security Center.
 
@@ -53,50 +67,10 @@ DeviceName=any(DeviceName) by DeviceId, AlertId
 
 ```
 
-## Define a device's value to the organization
-
-Defining a device’s value helps you differentiate between asset priorities. The device value is used to incorporate the risk appetite of an individual asset into the threat and vulnerability management exposure score calculation. Devices marked as “high value” will receive more weight.
-
-You can also use the [set device value API](set-device-value.md).
-
-Device value options:
-
-- Low
-- Normal (Default)
-- High
-
-Examples of devices that should be marked as high value:
-
-- Domain controllers, Active Directory
-- Internet facing devices
-- VIP devices
-- Devices hosting internal/external production services
-
-### Set device value
-
-1. Navigate to any device page, the easiest place is from the device inventory.
-
-2. Select **Device Value** from three dots next to the actions bar at the top of the page.
-    ![Example of the device value dropdown.](images/tvm-device-value-dropdown.png)
-
-<br><br>
-
-3. A flyout will appear with the current device value and what it means. Review the value of the device and choose the one that best fits your device.
-![Example of the device value flyout.](images/tvm-device-value-flyout.png)
-
-
 ## Related topics
 
 - [Threat and vulnerability management overview](next-gen-threat-and-vuln-mgt.md)
-- [Supported operating systems and platforms](tvm-supported-os.md)
-- [Threat and vulnerability management dashboard](tvm-dashboard-insights.md)
-- [Exposure score](tvm-exposure-score.md)
-- [Microsoft Secure Score for Devices](tvm-microsoft-secure-score-devices.md)
 - [Security recommendations](tvm-security-recommendation.md)
-- [Remediation and exception](tvm-remediation.md)
-- [Software inventory](tvm-software-inventory.md)
-- [Weaknesses](tvm-weaknesses.md)
-- [Event timeline](threat-and-vuln-mgt-event-timeline.md)
 - [APIs](next-gen-threat-and-vuln-mgt.md#apis)
 - [Configure data access for threat and vulnerability management roles](user-roles.md#create-roles-and-assign-the-role-to-an-azure-active-directory-group)
 - [Advanced hunting overview](overview-hunting.md)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/tvm-microsoft-secure-score-devices.md b/windows/security/threat-protection/microsoft-defender-atp/tvm-microsoft-secure-score-devices.md
index ad687089f9..ea67db383d 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/tvm-microsoft-secure-score-devices.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/tvm-microsoft-secure-score-devices.md
@@ -1,5 +1,5 @@
 ---
-title: Overview of Microsoft Secure Score for Devices in Microsoft Defender Security Center
+title: Microsoft Secure Score for Devices
 description: Your score for devices shows the collective security configuration state of your devices across application, operating system, network, accounts, and security controls.
 keywords: Microsoft Secure Score for Devices, mdatp Microsoft Secure Score for Devices, secure score, configuration score, threat and vulnerability management, security controls, improvement opportunities, security configuration score over time, security posture, baseline
 search.product: eADQiWindows 10XVcnh
@@ -13,17 +13,19 @@ author: levinec
 ms.localizationpriority: medium
 manager: dansimp
 audience: ITPro
-ms.collection: M365-security-compliance 
+ms.collection: 
+- m365-security-compliance 
+- m365initiative-defender-endpoint 
 ms.topic: conceptual
 ---
 # Microsoft Secure Score for Devices
 
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
-
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Threat and vulnerability management](next-gen-threat-and-vuln-mgt.md)
 
 >[!NOTE]
 > Configuration score is now part of threat and vulnerability management as Microsoft Secure Score for Devices.
@@ -98,13 +100,6 @@ Improve your security configuration by remediating issues from the security reco
 ## Related topics
 
 - [Threat and vulnerability management overview](next-gen-threat-and-vuln-mgt.md)
-- [Supported operating systems and platforms](tvm-supported-os.md)
-- [Threat and vulnerability management dashboard](tvm-dashboard-insights.md)
+- [Dashboard](tvm-dashboard-insights.md)
 - [Exposure score](tvm-exposure-score.md)
 - [Security recommendations](tvm-security-recommendation.md)
-- [Remediation and exception](tvm-remediation.md)
-- [Software inventory](tvm-software-inventory.md)
-- [Weaknesses](tvm-weaknesses.md)
-- [Scenarios](threat-and-vuln-mgt-scenarios.md)
-- [APIs](next-gen-threat-and-vuln-mgt.md#apis)
-- [Configure data access for threat and vulnerability management roles](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/user-roles#create-roles-and-assign-the-role-to-an-azure-active-directory-group)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/tvm-prerequisites.md b/windows/security/threat-protection/microsoft-defender-atp/tvm-prerequisites.md
new file mode 100644
index 0000000000..9aba0d42d1
--- /dev/null
+++ b/windows/security/threat-protection/microsoft-defender-atp/tvm-prerequisites.md
@@ -0,0 +1,74 @@
+---
+title: Prerequisites & permissions - threat and vulnerability management
+description: Before you begin using threat and vulnerability management, make sure you have the relevant configurations and permissions.
+keywords: threat & vulnerability management permissions prerequisites, threat and vulnerability management permissions prerequisites, MDATP TVM permissions prerequisites, vulnerability management
+search.product: eADQiWindows 10XVcnh
+search.appverid: met150
+ms.prod: w10
+ms.mktglfcycl: deploy
+ms.sitesec: library
+ms.pagetype: security
+ms.author: ellevin
+author: levinec
+ms.localizationpriority: medium
+manager: dansimp
+audience: ITPro
+ms.collection: M365-security-compliance 
+ms.topic: conceptual
+---
+
+# Prerequisites & permissions - threat and vulnerability management
+
+[!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
+
+**Applies to:**
+
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Threat and vulnerability management](next-gen-threat-and-vuln-mgt.md)
+
+>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-portaloverview-abovefoldlink)
+
+Ensure that your devices:
+
+- Are onboarded to Microsoft Defender Advanced Threat Protection
+- Run [supported operating systems and platforms](tvm-supported-os.md)
+- Have the following mandatory updates installed and deployed in your network to boost your vulnerability assessment detection rates:
+
+> Release | Security update KB number and link
+> :---|:---
+> Windows 10 Version 1709 | [KB4493441](https://support.microsoft.com/help/4493441/windows-10-update-kb4493441) and [KB 4516071](https://support.microsoft.com/help/4516071/windows-10-update-kb4516071)
+> Windows 10 Version 1803 | [KB4493464](https://support.microsoft.com/help/4493464) and [KB 4516045](https://support.microsoft.com/help/4516045/windows-10-update-kb4516045)
+> Windows 10 Version 1809 | [KB 4516077](https://support.microsoft.com/help/4516077/windows-10-update-kb4516077)
+> Windows 10 Version 1903 | [KB 4512941](https://support.microsoft.com/help/4512941/windows-10-update-kb4512941)
+
+- Are onboarded to [Microsoft Intune](https://docs.microsoft.com/mem/intune/fundamentals/what-is-intune) and  [Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/mem/configmgr/protect/deploy-use/endpoint-protection-configure). If you're using Configuration Manager, update your console to the latest version.
+- Have at least one security recommendation that can be viewed in the device page
+- Are tagged or marked as co-managed
+
+## Relevant permission options
+
+1. Log in to Microsoft Defender Security Center using account with a Security administrator or Global administrator role assigned.
+2. In the navigation pane, select **Settings > Roles**.
+
+For more information, see [Create and manage roles for role-based access control](user-roles.md)
+
+### View data
+
+- **Security operations** - View all security operations data in the portal
+- **Threat and vulnerability management** - View threat and vulnerability management data in the portal
+
+### Active remediation actions
+
+- **Security operations** - Take response actions, approve or dismiss pending remediation actions, manage allowed/blocked lists for automation and indicators
+- **Threat and vulnerability management - Exception handling** - Create new exceptions and manage active exceptions
+- **Threat and vulnerability management - Remediation handling** - Submit new remediation requests, create tickets, and manage existing remediation activities
+
+For more information, see [RBAC permission options](user-roles.md#permission-options)
+
+## Related articles
+
+- [Threat and vulnerability management overview](next-gen-threat-and-vuln-mgt.md)
+- [Supported operating systems and platforms](tvm-supported-os.md)
+- [Assign device value](tvm-assign-device-value.md)
+- [Threat and vulnerability management dashboard](tvm-dashboard-insights.md)
+
diff --git a/windows/security/threat-protection/microsoft-defender-atp/tvm-remediation.md b/windows/security/threat-protection/microsoft-defender-atp/tvm-remediation.md
index 3a45c885e5..83f4fa34f0 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/tvm-remediation.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/tvm-remediation.md
@@ -1,5 +1,5 @@
 ---
-title: Remediation activities and exceptions - threat and vulnerability management
+title: Remediate vulnerabilities with threat and vulnerability management
 description: Remediate security weaknesses discovered through security recommendations, and create exceptions if needed, in threat and vulnerability management. 
 keywords: microsoft defender atp tvm remediation, mdatp tvm, threat and vulnerability management, threat & vulnerability management, threat & vulnerability management remediation, tvm remediation intune, tvm remediation sccm
 search.product: eADQiWindows 10XVcnh
@@ -13,36 +13,61 @@ author: levinec
 ms.localizationpriority: medium
 manager: dansimp
 audience: ITPro
-ms.collection: M365-security-compliance 
+ms.collection: 
+- m365-security-compliance 
+- m365initiative-defender-endpoint 
 ms.topic: conceptual
 ---
-# Remediation activities and exceptions - threat and vulnerability management
+# Remediate vulnerabilities with threat and vulnerability management
 
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
-
 **Applies to:**
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Threat and vulnerability management](next-gen-threat-and-vuln-mgt.md)
 
 >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-portaloverview-abovefoldlink)
 
+## Request remediation
+
+The threat and vulnerability management capability in Microsoft Defender ATP bridges the gap between Security and IT administrators through the remediation request workflow. Security admins like you can request for the IT Administrator to remediate a vulnerability from the **Security recommendation** pages to Intune.
+
+### Enable Microsoft Intune connection
+
+To use this capability, enable your Microsoft Intune connections. In the Microsoft Defender Security Center, navigate to **Settings** > **General** > **Advanced features**. Scroll down and look for **Microsoft Intune connection**. By default, the toggle is turned off. Turn your **Microsoft Intune connection** toggle **On**.
+
+See [Use Intune to remediate vulnerabilities identified by Microsoft Defender ATP](https://docs.microsoft.com/intune/atp-manage-vulnerabilities) for details.
+
+### Remediation request steps
+
+1. Go to the threat and vulnerability management navigation menu in the Microsoft Defender Security Center, and select [**Security recommendations**](tvm-security-recommendation.md).
+
+2. Select a security recommendation you would like to request remediation for, and then select **Remediation options**.
+
+3. Fill out the form, including what you are requesting remediation for, priority, due date, and optional notes. Select **Submit request**. Submitting a remediation request creates a remediation activity item within threat and vulnerability management, which can be used for monitoring the remediation progress for this recommendation. This will not trigger a remediation or apply any changes to devices.
+
+4. Notify your IT Administrator about the new request and have them log into Intune to approve or reject the request and start a package deployment.
+
+5. Go to the [**Remediation**](tvm-remediation.md) page to view the status of your remediation request.
+
+If you want to check how the ticket shows up in Intune, see [Use Intune to remediate vulnerabilities identified by Microsoft Defender ATP](https://docs.microsoft.com/intune/atp-manage-vulnerabilities) for details.
+
 >[!NOTE]
->To use this capability, enable your Microsoft Intune connections. Navigate to **Settings** > **General** > **Advanced features**. Scroll down and look for **Microsoft Intune connection**. By default, the toggle is turned off. Turn your **Microsoft Intune connection** toggle on.
+>If your request involves remediating more than 10,000 devices, we can only send 10,000 devices for remediation to Intune.
 
 After your organization's cybersecurity weaknesses are identified and mapped to actionable [security recommendations](tvm-security-recommendation.md), start creating security tasks. You can create tasks through the integration with Microsoft Intune where remediation tickets are created.
 
 Lower your organization's exposure from vulnerabilities and increase your security configuration by remediating the security recommendations.
 
-## Navigate to the Remediation page
+## View your remediation activities
 
-You can access the Remediation page a few different ways:
+When you submit a remediation request from the Security recommendations page, it kicks-off a remediation activity. A security task is created that can be tracked in the threat and vulnerability management **Remediation** page, and a remediation ticket is created in Microsoft Intune.
 
-- Threat and vulnerability management navigation menu in the [Microsoft Defender Security Center](portal-overview.md)
-- Top remediation activities card in the [threat and vulnerability management dashboard](tvm-dashboard-insights.md)
+Once you are in the Remediation page, select the remediation activity that you want to view. You can follow the remediation steps, track progress, view the related recommendation, export to CSV, or mark as complete.
+![Example of the Remediation page, with a selected remediation activity, and that activity's flyout listing the description, IT service and device management tools, and device remediation progress.](images/remediation_flyouteolsw.png)
 
-### Navigation menu
-
-Go to the threat and vulnerability management navigation menu and select **Remediation**. It will open the list of remediation activities and exceptions found in your organization.
+>[!NOTE]
+> There is a 180 day retention period for completed remediation activities. To keep the Remediation page performing optimally, the remediation activity will be removed 6 months after its completion.
 
 ### Top remediation activities in the dashboard
 
@@ -50,63 +75,8 @@ View **Top remediation activities** in the [threat and vulnerability management
 
 ![Example of Top remediation activities card with a table that lists top activities that were generated from security recommendations.](images/tvm-remediation-activities-card.png)
 
-## Remediation activities
-
-When you [submit a remediation request](tvm-security-recommendation.md#request-remediation) from the [Security recommendations page](tvm-security-recommendation.md), it kicks-off a remediation activity. A security task is created that can be tracked in the threat and vulnerability management **Remediation** page, and a remediation ticket is created in Microsoft Intune.
-
-Once you are in the Remediation page, select the remediation activity that you want to view. You can follow the remediation steps, track progress, view the related recommendation, export to CSV, or mark as complete.
-![Example of the Remediation page, with a selected remediation activity, and that activity's flyout listing the description, IT service and device management tools, and device remediation progress.](images/remediation_flyouteolsw.png)
-
-## Exceptions
-
-When you [file for an exception](tvm-security-recommendation.md#file-for-exception) from the [Security recommendations page](tvm-security-recommendation.md), you create an exception  for that security recommendation. You can file exceptions to exclude certain recommendation from showing up in reports and affecting your [Microsoft Secure Score for Devices](tvm-microsoft-secure-score-devices.md).
-
-The exceptions you've filed will show up in the **Remediation** page, in the **Exceptions** tab. You can filter your view based on exception justification, type, and status.  
-
-![Example of the exception page and filter options.](images/tvm-exception-filters.png)
-
-### Exception actions and statuses
-
-You can take the following actions on an exception:
-
-- Cancel - You can cancel the exceptions you've filed anytime
-- Resurface - Your exception automatically becomes void and resurfaces in the security recommendation list when dynamic environmental factors change. It adversely affects the exposure impact associated with a recommendation that had previously been excluded.
-
-The following statuses will be a part of an exception:
-
-- **Canceled** - The exception has been canceled and is no longer in effect  
-- **Expired** - The exception that you've filed is no longer in effect
-- **In effect** - The exception that you've filed is in progress
-
-### Exception impact on scores
-
-Creating an exception can potentially affect the Exposure Score (for both types of weaknesses) and Microsoft Secure Score for Devices of your organization in the following manner:
-
-- **No impact** - Removes the recommendation from the lists (which can be reverse through filters), but will not affect the scores.
-- **Mitigation-like impact** - As if the recommendation was mitigated (and scores will be adjusted accordingly) when you select it as a compensating control.
-- **Hybrid** - Provides visibility on both No impact and Mitigation-like impact. It shows both the Exposure Score and Microsoft Secure Score for Devices results out of the exception option that you made.
-
-The exception impact shows on both the Security recommendations page column and in the flyout pane.
-
-![Screenshot identifying the impact sections which list score impacts in the full page security recommendations table, and the flyout.](images/tvm-exception-impact.png)
-
-### View exceptions in other places
-
-Select **Show exceptions** at the bottom of the **Top security recommendations** card in the dashboard. It will open a filtered view in the **Security recommendations** page of recommendations with an "Exception" status.
-
-![Screenshot of Show exceptions link in the Top security recommendations card in the dashboard.](images/tvm-exception-dashboard.png)
-
-## Related topics
+## Related articles
 
 - [Threat and vulnerability management overview](next-gen-threat-and-vuln-mgt.md)
-- [Supported operating systems and platforms](tvm-supported-os.md)
-- [Threat and vulnerability management dashboard](tvm-dashboard-insights.md)
-- [Exposure score](tvm-exposure-score.md)
-- [Microsoft Secure Score for Devices](tvm-microsoft-secure-score-devices.md)
-- [Security recommendations](tvm-security-recommendation.md)
-- [Software inventory](tvm-software-inventory.md)
-- [Weaknesses](tvm-weaknesses.md)
-- [Event timeline](threat-and-vuln-mgt-event-timeline.md)
-- [Scenarios](threat-and-vuln-mgt-scenarios.md)
-- [APIs](next-gen-threat-and-vuln-mgt.md#apis)
-- [Configure data access for threat and vulnerability management roles](user-roles.md#create-roles-and-assign-the-role-to-an-azure-active-directory-group)
+- [Dashboard](tvm-dashboard-insights.md)
+- [Security recommendations](tvm-security-recommendation.md)
\ No newline at end of file
diff --git a/windows/security/threat-protection/microsoft-defender-atp/tvm-security-recommendation.md b/windows/security/threat-protection/microsoft-defender-atp/tvm-security-recommendation.md
index a64042be50..613f488021 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/tvm-security-recommendation.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/tvm-security-recommendation.md
@@ -13,17 +13,19 @@ author: levinec
 ms.localizationpriority: medium
 manager: dansimp
 audience: ITPro
-ms.collection: M365-security-compliance 
+ms.collection: 
+- m365-security-compliance 
+- m365initiative-defender-endpoint 
 ms.topic: conceptual
 ---
 # Security recommendations - threat and vulnerability management
 
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
-
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Threat and vulnerability management](next-gen-threat-and-vuln-mgt.md)
 
 >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-portaloverview-abovefoldlink)
 
@@ -73,11 +75,14 @@ View recommendations, the number of weaknesses found, related components, threat
 
 The color of the **Exposed devices** graph changes as the trend changes. If the number of exposed devices is on the rise, the color changes into red. If there's a decrease in the number of exposed devices, the color of the graph will change into green.
 
+>[!NOTE]
+>Threat and vulnerability management shows devices that were in use up to **30 days** ago. This is different from the rest of Microsoft Defender for Endpoint, where if a device has not been in use for more than 7 days it has in an ‘Inactive’ status.
+
 ![Example of the landing page for security recommendations.](images/tvmsecrec-updated.png)
 
 ### Icons
 
-Useful icons also quickly call your attention to:  
+Useful icons also quickly call your attention to:
 - ![arrow hitting a target](images/tvm_alert_icon.png) possible active alerts
 - ![red bug](images/tvm_bug_icon.png) associated public exploits
 - ![light bulb](images/tvm_insight_icon.png) recommendation insights
@@ -92,71 +97,20 @@ From the flyout, you can choose any of the following options:
 
 - **Open software page** - Open the software page to get more context on the software and how it's distributed. The information can include threat context, associated recommendations, weaknesses discovered, number of exposed devices, discovered vulnerabilities, names and detailed of devices with the software installed, and version distribution.
 
-- [**Remediation options**](tvm-security-recommendation.md#request-remediation) - Submit a remediation request to open a ticket in Microsoft Intune for your IT Administrator to pick up and address.
+- [**Remediation options**](tvm-remediation.md) - Submit a remediation request to open a ticket in Microsoft Intune for your IT Administrator to pick up and address.
 
-- [**Exception options**](tvm-security-recommendation.md#file-for-exception) - Submit an exception, provide justification, and set exception duration if you can't remediate the issue yet.
+- [**Exception options**](tvm-exception.md) - Submit an exception, provide justification, and set exception duration if you can't remediate the issue yet.
 
 >[!NOTE]
 >When a change is made on a device, it typically takes two hours for the data to be reflected in the Microsoft Defender Security Center. However, it may sometimes take longer.
 
-### Investigate changes in machine exposure or impact
+### Investigate changes in device exposure or impact
 
-If there is a large jump in the number of exposed machines, or a sharp increase in the impact on your organization exposure score and configuration score, then that security recommendation is worth investigating.
+If there is a large jump in the number of exposed devices, or a sharp increase in the impact on your organization exposure score and Microsoft Secure Score for Devices, then that security recommendation is worth investigating.
 
 1. Select the recommendation and **Open software page**
 2. Select the **Event timeline** tab to view all the impactful events related to that software, such as new vulnerabilities or new public exploits. [Learn more about event timeline](threat-and-vuln-mgt-event-timeline.md)
-3. Decide how to address the increase or your organization's exposure, such as submitting a remediation request
-
-## Request remediation
-
-The threat and vulnerability management capability in Microsoft Defender ATP bridges the gap between Security and IT administrators through the remediation request workflow. Security admins like you can request for the IT Administrator to remediate a vulnerability from the **Security recommendation** pages to Intune.
-
-### Enable Microsoft Intune connection
-
-To use this capability, enable your Microsoft Intune connections. In the Microsoft Defender Security Center, navigate to **Settings** > **General** > **Advanced features**. Scroll down and look for **Microsoft Intune connection**. By default, the toggle is turned off. Turn your **Microsoft Intune connection** toggle **On**.
-
-See [Use Intune to remediate vulnerabilities identified by Microsoft Defender ATP](https://docs.microsoft.com/intune/atp-manage-vulnerabilities) for details.
-
-### Remediation request steps
-
-1. Select a security recommendation you would like to request remediation for, and then select **Remediation options**.
-
-2. Fill out the form, including what you are requesting remediation for, priority, due date, and optional notes. Select **Submit request**. Submitting a remediation request creates a remediation activity item within threat and vulnerability management, which can be used for monitoring the remediation progress for this recommendation. This will not trigger a remediation or apply any changes to devices.
-
-3. Notify your IT Administrator about the new request and have them log into Intune to approve or reject the request and start a package deployment.
-
-4. Go to the [**Remediation**](tvm-remediation.md) page to view the status of your remediation request.
-
-If you want to check how the ticket shows up in Intune, see [Use Intune to remediate vulnerabilities identified by Microsoft Defender ATP](https://docs.microsoft.com/intune/atp-manage-vulnerabilities) for details.
-
->[!NOTE]
->If your request involves remediating more than 10,000 devices, we can only send 10,000 devices for remediation to Intune.
-
-## File for exception
-
-As an alternative to a remediation request, you can create exceptions for recommendations.
-
-There are many reasons why organizations create exceptions for a recommendation. For example, if there's a business justification that prevents the company from applying the recommendation, the existence of a compensating or alternative control that provides as much protection than the recommendation would, a false positive, among other reasons.
-
-When an exception is created for a recommendation, the recommendation is no longer active. The recommendation state changes to **Exception**, and it no longer shows up in the security recommendations list.
-
-1. Select a security recommendation you would like to create an exception for, and then **Exception options**.
-![Showing where the button for "exception options" is location in a security recommendation flyout.](images/tvm-exception-option.png)
-
-2. Select your justification for the exception you need to file instead of remediating the security recommendation in question. Fill out the justification context, then set the exception duration.
-
-    The following list details the justifications behind the exception options:
-
-    - **Third party control** - A third party product or software already addresses this recommendation
-        - Choosing this justification type will lower your exposure score and increase you secure score because your risk is reduced
-    - **Alternate mitigation** - An internal tool already addresses this recommendation
-        - Choosing this justification type will lower your exposure score and increase you secure score because your risk is reduced
-    - **Risk accepted** - Poses low risk and/or implementing the recommendation is too expensive
-    - **Planned remediation (grace)** - Already planned but is awaiting execution or authorization
-
-3. Select **Submit**. A confirmation message at the top of the page indicates that the exception has been created.
-
-4. Navigate to the [**Remediation**](tvm-remediation.md) page under the **Threat and vulnerability management** menu and select the **Exceptions** tab to view all your exceptions (current and past).
+3. Decide how to address the increase or your organization's exposure, such as submitting a remediation request.
 
 ## Report inaccuracy
 
@@ -172,52 +126,12 @@ You can report a false positive when you see any vague, inaccurate, incomplete,
 
 4. Select **Submit**. Your feedback is immediately sent to the threat and vulnerability management experts.
 
-## Find and remediate software or software versions which have reached end-of-support (EOS)
-
-End-of-support (otherwise known as end-of-life) for software or software versions means that they will no longer be supported or serviced, and will not receive security updates. When you use software or software versions with ended support, you're exposing your organization to security vulnerabilities, legal, and financial risks.
-
-It's crucial for Security and IT Administrators to work together and ensure that the organization's software inventory is configured for optimal results, compliance, and a healthy network ecosystem. They should examine the options to remove or replace apps that have reached end-of-support and update versions that are no longer supported. It's best to create and implement a plan **before** the end of support dates.
-
-To find software or software versions that are no longer supported:
-
-1. From the threat and vulnerability management menu, navigate to **Security recommendations**.
-2. Go to the **Filters** panel and look for the tags section. Select one or more of the EOS tag options. Then **Apply**.
-
-    ![Screenshot tags that say EOS software, EOS versions, and Upcoming EOS versions](images/tvm-eos-tag.png)
-
-3. You'll see a list of recommendations related to software with ended support, software versions that are end of support, or versions with upcoming end of support. These tags are also visible in the [software inventory](tvm-software-inventory.md) page.
-
-    ![Screenshot tags that say EOS software, EOS versions, and Upcoming EOS versions](images/tvm-eos-tags-column.png)
-
-### List of versions and dates
-
-To view a list of versions that have reached end of support, or end or support soon, and those dates, follow the below steps:
-
-1. A message will appear in the security recommendation flyout for software with versions that have reached end of support, or will reach end of support soon.
-
-    ![Screenshot of version distribution link](images/eos-upcoming-eos.png)
-
-2. Select the **version distribution** link to go to the software drill-down page. There, you can see a filtered list of versions with tags identifying them as end of support, or upcoming end of support.
-
-    ![Screenshot of version distribution link](images/software-drilldown-eos.png)
-
-3. Select one of the versions in the table to open. For example, version 10.0.18362.1. A flyout will appear with the end of support date.
-
-    ![Screenshot of version distribution link](images/version-eos-date.png)
-
-Once you identify which software and software versions are vulnerable due to their end-of-support status, you must decide whether to update or remove them from your organization. Doing so will lower your organizations exposure to vulnerabilities and advanced persistent threats.
-
-## Related topics
+## Related articles
 
 - [Threat and vulnerability management overview](next-gen-threat-and-vuln-mgt.md)
-- [Supported operating systems and platforms](tvm-supported-os.md)
-- [Threat and vulnerability management dashboard](tvm-dashboard-insights.md)
+- [Dashboard](tvm-dashboard-insights.md)
 - [Exposure score](tvm-exposure-score.md)
 - [Microsoft Secure Score for Devices](tvm-microsoft-secure-score-devices.md)
-- [Remediation and exception](tvm-remediation.md)
-- [Software inventory](tvm-software-inventory.md)
-- [Weaknesses](tvm-weaknesses.md)
+- [Remediate vulnerabilities](tvm-remediation.md)
+- [Create and view exceptions for security recommendations](tvm-exception.md)
 - [Event timeline](threat-and-vuln-mgt-event-timeline.md)
-- [Scenarios](threat-and-vuln-mgt-scenarios.md)
-- [APIs](next-gen-threat-and-vuln-mgt.md#apis)
-- [Configure data access for threat and vulnerability management roles](user-roles.md#create-roles-and-assign-the-role-to-an-azure-active-directory-group)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/tvm-software-inventory.md b/windows/security/threat-protection/microsoft-defender-atp/tvm-software-inventory.md
index 215f2fc19c..8ee0bcbe8c 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/tvm-software-inventory.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/tvm-software-inventory.md
@@ -13,20 +13,22 @@ author: levinec
 ms.localizationpriority: medium
 manager: dansimp
 audience: ITPro
-ms.collection: M365-security-compliance 
+ms.collection: 
+- m365-security-compliance 
+- m365initiative-defender-endpoint 
 ms.topic: conceptual
 ---
 # Software inventory - threat and vulnerability management
 
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
-
 **Applies to:**
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Threat and vulnerability management](next-gen-threat-and-vuln-mgt.md)
 
 >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-portaloverview-abovefoldlink)
 
-The software inventory in threat and vulnerability management is a list of all the software in your organization. It also includes details such as the name of the vendor, number of weaknesses, threats, and number of exposed devices.
+The software inventory in threat and vulnerability management is a list of all the software in your organization with known vulnerabilities. It also includes details such as the name of the vendor, number of weaknesses, threats, and number of exposed devices.
 
 ## How it works
 
@@ -40,6 +42,9 @@ Access the Software inventory page by selecting **Software inventory** from the
 
 View software on specific devices in the individual devices pages from the [devices list](machines-view-overview.md).
 
+>[!NOTE]
+>If you search for software using the Microsoft Defender ATP global search, make sure to put an underscore instead of a space. For example, for the best search results you'd write "windows_10" instead of "Windows 10".
+
 ## Software inventory overview
 
 The **Software inventory** page opens with a list of software installed in your network, including the vendor name, weaknesses found, threats associated with them, exposed devices, impact to exposure score, and tags. You can filter the list view based on weaknesses found in the software, threats associated with them, and whether the software or software versions have reached end-of-support.
@@ -83,17 +88,9 @@ Report a false positive when you see any vague, inaccurate, or incomplete inform
 3. From the flyout pane, select the inaccuracy category from the drop-down menu, fill in your email address, and details about the inaccuracy.
 4. Select **Submit**. Your feedback is immediately sent to the threat and vulnerability management experts.
 
-## Related topics
+## Related articles
 
 - [Threat and vulnerability management overview](next-gen-threat-and-vuln-mgt.md)
-- [Supported operating systems and platforms](tvm-supported-os.md)
-- [Threat and vulnerability management dashboard](tvm-dashboard-insights.md)
-- [Exposure score](tvm-exposure-score.md)
-- [Microsoft Secure Score for Devices](tvm-microsoft-secure-score-devices.md)
 - [Security recommendations](tvm-security-recommendation.md)
-- [Remediation and exception](tvm-remediation.md)
-- [Weaknesses](tvm-weaknesses.md)
 - [Event timeline](threat-and-vuln-mgt-event-timeline.md)
-- [Scenarios](threat-and-vuln-mgt-scenarios.md)
-- [APIs](next-gen-threat-and-vuln-mgt.md#apis)
-- [Configure data access for threat and vulnerability management roles](user-roles.md#create-roles-and-assign-the-role-to-an-azure-active-directory-group)
+- [View and organize the Microsoft Defender ATP Devices list](machines-view-overview.md)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/tvm-supported-os.md b/windows/security/threat-protection/microsoft-defender-atp/tvm-supported-os.md
index 0b2eca42e4..f907cb50ed 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/tvm-supported-os.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/tvm-supported-os.md
@@ -1,7 +1,7 @@
 ---
 title: Supported operating systems and platforms for threat and vulnerability management
-description: Before you begin, ensure that you meet the operating system or platform requisites for threat and vulnerability management so the activities in your all devices are properly accounted for.
-keywords: threat & vulnerability management, threat and vulnerability management, operating system, platform requirements, prerequisites, mdatp-tvm supported os, mdatp-tvm, risk-based threat & vulnerability management, security configuration, Microsoft Secure Score for Devices, exposure score
+description: Ensure that you meet the operating system or platform requisites for threat and vulnerability management, so the activities in your all devices are properly accounted for.
+keywords: threat & vulnerability management, threat and vulnerability management, operating system, platform requirements, prerequisites, mdatp-tvm supported os, mdatp-tvm,
 search.appverid: met150
 search.product: eADQiWindows 10XVcnh
 ms.prod: w10
@@ -13,7 +13,9 @@ author: levinec
 ms.localizationpriority: medium
 manager: dansimp
 audience: ITPro
-ms.collection: M365-security-compliance
+ms.collection: 
+- m365-security-compliance 
+- m365initiative-defender-endpoint 
 ms.topic: article
 ---
 # Supported operating systems and platforms - threat and vulnerability management
@@ -23,7 +25,8 @@ ms.topic: article
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Threat and vulnerability management](next-gen-threat-and-vuln-mgt.md)
 
 >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-portaloverview-abovefoldlink)
 
@@ -45,17 +48,7 @@ Windows Server 2019 | Operating System (OS) vulnerabilities<br/>Software product
 macOS 10.13 "High Sierra" and above | Operating System (OS) vulnerabilities<br/>Software product vulnerabilities 
 Linux | Not supported (planned)
 
-## Related topics
+## Related articles
 
 - [Threat and vulnerability management overview](next-gen-threat-and-vuln-mgt.md)
-- [Threat and vulnerability management dashboard](tvm-dashboard-insights.md)
-- [Exposure score](tvm-exposure-score.md)
-- [Microsoft Secure Score for Devices](tvm-microsoft-secure-score-devices.md)
-- [Security recommendations](tvm-security-recommendation.md)
-- [Remediation and exception](tvm-remediation.md)
-- [Software inventory](tvm-software-inventory.md)
-- [Weaknesses](tvm-weaknesses.md)
-- [Event timeline](threat-and-vuln-mgt-event-timeline.md)
-- [Scenarios](threat-and-vuln-mgt-scenarios.md)
-- [APIs](next-gen-threat-and-vuln-mgt.md#apis)
-- [Configure data access for threat and vulnerability management roles](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/user-roles#create-roles-and-assign-the-role-to-an-azure-active-directory-group)
+- [Prerequisites & permissions](tvm-prerequisites.md)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/tvm-weaknesses.md b/windows/security/threat-protection/microsoft-defender-atp/tvm-weaknesses.md
index 4f2cc260b4..aa51efe8ff 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/tvm-weaknesses.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/tvm-weaknesses.md
@@ -1,5 +1,5 @@
 ---
-title: Weaknesses found by threat and vulnerability management
+title: Vulnerabilities in my organization - threat and vulnerability management
 description: Lists the common vulnerabilities and exposures (CVE) ID of weaknesses found in the software running in your organization. Discovered by the Microsoft Defender ATP threat and vulnerability management capability. 
 keywords: mdatp threat & vulnerability management, threat and vulnerability management, mdatp tvm weaknesses page, finding weaknesses through tvm, tvm vulnerability list, vulnerability details in tvm 
 search.product: eADQiWindows 10XVcnh
@@ -13,22 +13,24 @@ author: levinec
 ms.localizationpriority: medium
 manager: dansimp
 audience: ITPro
-ms.collection: M365-security-compliance 
+ms.collection: 
+- m365-security-compliance 
+- m365initiative-defender-endpoint 
 ms.topic: conceptual
 ---
-# Weaknesses found by threat and vulnerability management
+# Vulnerabilities in my organization - threat and vulnerability management
 
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
-
 **Applies to:**
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Threat and vulnerability management](next-gen-threat-and-vuln-mgt.md)
 
 >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-portaloverview-abovefoldlink)
 
 Threat and vulnerability management uses the same signals in Microsoft Defender ATP's endpoint protection to scan and detect vulnerabilities.
 
-The **Weaknesses** page lists down the vulnerabilities found in the infected software running in your organization by listing the Common Vulnerabilities and Exposures (CVE) ID. You can also view the severity, Common Vulnerability Scoring System (CVSS) rating, prevalence in your organization, corresponding breach, threat insights, and more.
+The **Weaknesses** page lists the software vulnerabilities your devices are exposed to by listing the Common Vulnerabilities and Exposures (CVE) ID. You can also view the severity, Common Vulnerability Scoring System (CVSS) rating, prevalence in your organization, corresponding breach, threat insights, and more.
 
 >[!NOTE]
 >If there is no official CVE-ID assigned to a vulnerability, the vulnerability name is assigned by threat and vulnerability management.
@@ -68,7 +70,7 @@ Remediate the vulnerabilities in exposed devices to reduce the risk to your asse
 
 ### Breach and threat insights
 
-View related breach and threat insights in the **Threat** column when the icons are colored red.
+View any related breach and threat insights in the **Threat** column when the icons are colored red.
 
  >[!NOTE]
  > Always prioritize recommendations that are associated with ongoing threats. These recommendations are marked with the threat insight icon ![Simple drawing of a red bug.](images/tvm_bug_icon.png) and breach insight icon ![Simple drawing of an arrow hitting a target.](images/tvm_alert_icon.png).  
@@ -76,15 +78,16 @@ View related breach and threat insights in the **Threat** column when the icons
 The breach insights icon is highlighted if there's a vulnerability found in your organization.
 ![Example of a breach insights text that could show up when hovering over icon. This one says "possible active alert is associated with this recommendation.](images/tvm-breach-insights.png)
 
-The threat insights icon is highlighted if there are associated exploits in the vulnerability found in your organization. Hovering over the icon shows whether the threat is a part of an exploit kit, or connected to specific advanced persistent campaigns or activity groups. When available, there is a link to a Threat Analytics report with zero-day exploitation news, disclosures, or related security advisories.  
+The threat insights icon is highlighted if there are associated exploits in the vulnerability found in your organization. Hovering over the icon shows whether the threat is a part of an exploit kit, or connected to specific advanced persistent campaigns or activity groups. When available, there's a link to a Threat Analytics report with zero-day exploitation news, disclosures, or related security advisories.  
 
 ![Threat insights text that that could show up when hovering over icon. This one has multiple bullet points and linked text.](images/tvm-threat-insights.png)
 
 ### Gain vulnerability insights
 
-If you select a CVE, a flyout panel will open with more information, including the vulnerability description, details, threat insights, and exposed devices.
+If you select a CVE, a flyout panel will open with more information such as the vulnerability description, details, threat insights, and exposed devices.
 
-The "OS Feature" category is shown in relevant scenarios.
+- The "OS Feature" category is shown in relevant scenarios
+- You can go to the related security recommendation for every CVE with exposed device
 
  ![Weakness flyout example.](images/tvm-weakness-flyout400.png)
 
@@ -135,17 +138,9 @@ Report a false positive when you see any vague, inaccurate, or incomplete inform
 3. Select the inaccuracy category from the drop-down menu and fill in your email address and inaccuracy details.
 4. Select **Submit**. Your feedback is immediately sent to the threat and vulnerability management experts.
 
-## Related topics
+## Related articles
 
 - [Threat and vulnerability management overview](next-gen-threat-and-vuln-mgt.md)
-- [Supported operating systems and platforms](tvm-supported-os.md)
-- [Threat and vulnerability management dashboard](tvm-dashboard-insights.md)
-- [Exposure score](tvm-exposure-score.md)
-- [Microsoft Secure Score for Devices](tvm-microsoft-secure-score-devices.md)
 - [Security recommendations](tvm-security-recommendation.md)
-- [Remediation and exception](tvm-remediation.md)
 - [Software inventory](tvm-software-inventory.md)
-- [Event timeline](threat-and-vuln-mgt-event-timeline.md)
-- [Scenarios](threat-and-vuln-mgt-scenarios.md)
-- [APIs](next-gen-threat-and-vuln-mgt.md#apis)
-- [Configure data access for threat and vulnerability management roles](user-roles.md#create-roles-and-assign-the-role-to-an-azure-active-directory-group)
+- [View and organize the Microsoft Defender ATP Devices list](machines-view-overview.md)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/unisolate-machine.md b/windows/security/threat-protection/microsoft-defender-atp/unisolate-machine.md
index c518418a7f..1833077b2c 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/unisolate-machine.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/unisolate-machine.md
@@ -22,7 +22,7 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 
-**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 - Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/unrestrict-code-execution.md b/windows/security/threat-protection/microsoft-defender-atp/unrestrict-code-execution.md
index 50319acfe5..f05f9a4644 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/unrestrict-code-execution.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/unrestrict-code-execution.md
@@ -21,7 +21,7 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 
-**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 - Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/update-alert.md b/windows/security/threat-protection/microsoft-defender-atp/update-alert.md
index 9c9268711b..8d2e4f9a6a 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/update-alert.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/update-alert.md
@@ -21,7 +21,7 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 
-**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 - Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/use.md b/windows/security/threat-protection/microsoft-defender-atp/use.md
index da8874d9ba..a2838a56d7 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/use.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/use.md
@@ -24,7 +24,7 @@ ms.topic: conceptual
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-usewdatp-abovefoldlink)
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/user-roles.md b/windows/security/threat-protection/microsoft-defender-atp/user-roles.md
index 3e7673cab5..4c08836f95 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/user-roles.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/user-roles.md
@@ -23,7 +23,7 @@ ms.topic: article
 
 
 **Applies to:**
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-roles-abovefoldlink)
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/user.md b/windows/security/threat-protection/microsoft-defender-atp/user.md
index e94dd0bb1d..3a38c1edfc 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/user.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/user.md
@@ -21,7 +21,7 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 
-**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 - Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/view-incidents-queue.md b/windows/security/threat-protection/microsoft-defender-atp/view-incidents-queue.md
index a1fa8c6d8a..9742f5aa9e 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/view-incidents-queue.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/view-incidents-queue.md
@@ -23,7 +23,7 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 
 The **Incidents queue** shows a collection of incidents that were flagged from devices in your network. It helps you sort through incidents to prioritize and create an informed cybersecurity response decision.
diff --git a/windows/security/threat-protection/microsoft-defender-atp/vulnerability.md b/windows/security/threat-protection/microsoft-defender-atp/vulnerability.md
index 121df4f64b..d91dfe2c07 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/vulnerability.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/vulnerability.md
@@ -21,7 +21,7 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 
-**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 - Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/whats-new-in-microsoft-defender-atp.md b/windows/security/threat-protection/microsoft-defender-atp/whats-new-in-microsoft-defender-atp.md
index 2f6aaf198d..7e173b6a93 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/whats-new-in-microsoft-defender-atp.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/whats-new-in-microsoft-defender-atp.md
@@ -13,7 +13,9 @@ author: mjcaparas
 ms.localizationpriority: medium
 manager: dansimp
 audience: ITPro
-ms.collection: M365-security-compliance 
+ms.collection: 
+- m365-security-compliance 
+- m365initiative-defender-endpoint 
 ms.topic: conceptual
 ---
 
@@ -24,7 +26,7 @@ ms.topic: conceptual
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 The following features are generally available (GA) in the latest release of Microsoft Defender ATP as well as security features in Windows 10 and Windows Server.
 
diff --git a/windows/security/threat-protection/security-policy-settings/account-lockout-threshold.md b/windows/security/threat-protection/security-policy-settings/account-lockout-threshold.md
index 3db828212a..ab09ef2ca5 100644
--- a/windows/security/threat-protection/security-policy-settings/account-lockout-threshold.md
+++ b/windows/security/threat-protection/security-policy-settings/account-lockout-threshold.md
@@ -77,8 +77,11 @@ None. Changes to this policy setting become effective without a computer restart
 ### <a href="" id="bkmk-impleconsiderations"></a>Implementation considerations
 
 Implementation of this policy setting is dependent on your operational environment. You should consider threat vectors, deployed operating systems, and deployed apps, for example:
+
 -   The likelihood of an account theft or a DoS attack is based on the security design for your systems and environment. You should set the account lockout threshold in consideration of the known and perceived risk of those threats.
+
 -   When negotiating encryption types between clients, servers, and domain controllers, the Kerberos protocol can automatically retry account sign-in attempts that count toward the threshold limits that you set in this policy setting. In environments where different versions of the operating system are deployed, encryption type negotiation increases.
+
 -   Not all apps that are used in your environment effectively manage how many times a user can attempt to sign-in. For instance, if a connection drops repeatedly when a user is running the app, all subsequent failed sign-in attempts count toward the account lockout threshold.
 
 For more information about Windows security baseline recommendations for account lockout, see [Configuring Account Lockout](https://blogs.technet.microsoft.com/secguide/2014/08/13/configuring-account-lockout/). 
@@ -87,22 +90,31 @@ For more information about Windows security baseline recommendations for account
 
 This section describes how an attacker might exploit a feature or its configuration, how to implement the countermeasure, and the possible negative consequences of countermeasure implementation.
 
+> [!NOTE]
+> A lockout threshold policy will apply to both local member computer users and domain users, in order to allow mitigation of issues as described under "Vulnerability". The built-in Administrator account, however, whilst a highly privileged account, has a different risk profile and is excluded from this policy. This ensures there is no scenario where an administrator cannot sign in to remediate an issue. As an administrator, there are additional mitigation strategies available, such as a strong password. See also [Appendix D: Securing Built-In Administrator Accounts in Active Directory](https://docs.microsoft.com/windows-server/identity/ad-ds/plan/security-best-practices/appendix-d--securing-built-in-administrator-accounts-in-active-directory).
+
 ### Vulnerability
 
 Brute force password attacks can use automated methods to try millions of password combinations for any user account. The effectiveness of such attacks can be almost eliminated if you limit the number of failed sign-in attempts that can be performed.
 However, a DoS attack could be performed on a domain that has an account lockout threshold configured. An attacker could programmatically attempt a series of password attacks against all users in the organization. If the number of attempts is greater than the account lockout threshold, the attacker might be able to lock every account without needing any special privileges or being authenticated in the network.
 
-> **Note:** Offline password attacks are not countered by this policy setting.
+> [!NOTE]
+> Offline password attacks are not countered by this policy setting.
+
  
 ### <a href="" id="bkmk-countermeasure"></a>Countermeasure
 
 Because vulnerabilities can exist when this value is configured and when it is not configured, two distinct countermeasures are defined. Organizations should weigh the choice between the two, based on their identified threats and the risks that they want to mitigate. The two countermeasure options are:
+
 -   Configure the **Account lockout threshold** setting to 0. This configuration ensures that accounts will not be locked, and it will prevent a DoS attack that intentionally attempts to lock accounts. This configuration also helps reduce Help Desk calls because users cannot accidentally lock themselves out of their accounts. Because it does not prevent a brute force attack, this configuration should be chosen only if both of the following criteria are explicitly met:
+
     -   The password policy setting requires all users to have complex passwords of 8 or more characters.
     -   A robust audit mechanism is in place to alert administrators when a series of failed sign-ins occur in the environment.
+    
 -   Configure the **Account lockout threshold** policy setting to a sufficiently high value to provide users with the ability to accidentally mistype their password several times before the account is locked, but ensure that a brute force password attack still locks the account.
 
     [Windows security baselines](https://docs.microsoft.com/windows/security/threat-protection/windows-security-baselines) recommend configuring a threshold of 10 invalid sign-in attempts, which prevents accidental account lockouts and reduces the number of Help Desk calls, but does not prevent a DoS attack.
+    
     Using this type of policy must be accompanied by a process to unlock locked accounts. It must be possible to implement this policy whenever it is needed to help mitigate massive lockouts caused by an attack on your systems.
 
 ### Potential impact
diff --git a/windows/security/threat-protection/security-policy-settings/minimum-password-length.md b/windows/security/threat-protection/security-policy-settings/minimum-password-length.md
index 35eaa8ac76..74ed307f82 100644
--- a/windows/security/threat-protection/security-policy-settings/minimum-password-length.md
+++ b/windows/security/threat-protection/security-policy-settings/minimum-password-length.md
@@ -76,7 +76,7 @@ Types of password attacks include dictionary attacks (which attempt to use commo
 
 ### Countermeasure
 
-Configure the **** policy setting to a value of 8 or more. If the number of characters is set to 0, no password will be required.
+Configure the **Minimum password length** policy setting to a value of 8 or more. If the number of characters is set to 0, no password will be required.
 
 In most environments, we recommend an eight-character password because it is long enough to provide adequate security, but not too difficult for users to easily remember. This configuration provides adequate defense against a brute force attack. Using the [Password must meet complexity requirements](password-must-meet-complexity-requirements.md) policy setting in addition to the **Minimum password length** setting helps reduce the possibility of a dictionary attack.
 
diff --git a/windows/security/threat-protection/wannacrypt-ransomware-worm-targets-out-of-date-systems-wdsi.md b/windows/security/threat-protection/wannacrypt-ransomware-worm-targets-out-of-date-systems-wdsi.md
deleted file mode 100644
index 387aca9327..0000000000
--- a/windows/security/threat-protection/wannacrypt-ransomware-worm-targets-out-of-date-systems-wdsi.md
+++ /dev/null
@@ -1,254 +0,0 @@
----
-title: WannaCrypt ransomware worm targets out-of-date systems
-description: This is an early analysis of the WannaCrypt ransomware attack. Microsoft antimalware diagnostic data immediately picked up signs of this campaign in May 2017.
-keywords: wannacry, wannacrypt, wanna, ransomware
-search.product: eADQiWindows 10XVcnh
-ms.pagetype: security
-ms.prod: w10
-ms.mktglfcycl: manage
-ms.sitesec: library
-ms.localizationpriority: medium
-author: dulcemontemayor
-ms.date: 07/27/2017
-ms.reviewer: 
-manager: dansimp
-ms.author: dansimp
----
-
-# WannaCrypt ransomware worm targets out-of-date systems
-
-
-On May 12, 2017 we detected a new ransomware that spreads like a worm by leveraging vulnerabilities that have been previously fixed. While security updates are automatically applied in most computers, some users and enterprises may delay deployment of patches. Unfortunately, the ransomware, known as [WannaCrypt](https://www.microsoft.com/security/portal/threat/encyclopedia/Entry.aspx?Name=Ransom:Win32/WannaCrypt), appears to have affected computers that have not applied the patch for these vulnerabilities. While the attack is unfolding, we remind users to install [MS17-010](https://technet.microsoft.com/library/security/ms17-010.aspx) if they have not already done so.
-
-Microsoft antimalware diagnostic data immediately picked up signs of this campaign. Our expert systems gave us visibility and context into this new attack as it happened, allowing [Microsoft Defender Antivirus](https://technet.microsoft.com/itpro/windows/keep-secure/windows-defender-in-windows-10) to deliver real-time defense. Through automated analysis, machine learning, and predictive modeling, we were able to rapidly protect against this malware.
-
-In this blog, we provide an early analysis of the end-to-end ransomware attack. Please note this threat is still under investigation. The attack is still active, and there is a possibility that the attacker will attempt to react to our detection response.
-
-## Attack vector
-
-Ransomware threats do not typically spread rapidly. Threats like WannaCrypt (also known as WannaCry, WanaCrypt0r, WCrypt, or WCRY) usually leverage social engineering or email as primary attack vector, relying on users downloading and executing a malicious payload. However, in this unique case, the ransomware perpetrators used publicly available exploit code for the patched SMB 'EternalBlue' vulnerability, [CVE-2017-0145](http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0145), which can be triggered by sending a specially crafted packet to a targeted SMBv1 server. This vulnerability was fixed in security bulletin [MS17-010](https://technet.microsoft.com/library/security/ms17-010.aspx), which was released on March 14, 2017.
-
-WannaCrypt's spreading mechanism is borrowed from [well-known](https://packetstormsecurity.com/files/142464/MS17-010-SMBv1-SrvOs2FeaToNt-OOB-Remote-Code-Execution.html) [public SMB exploits](https://github.com/RiskSense-Ops/MS17-010), which armed this regular ransomware with worm-like functionalities, creating an entry vector for machines still unpatched even after the fix had become available.
-
-The exploit code used by WannaCrypt was designed to work only against unpatched Windows 7 and Windows Server 2008 (or earlier OS) systems, so Windows 10 PCs are not affected by this attack.
-
-We haven't found evidence of the exact initial entry vector used by this threat, but there are two scenarios that we believe are highly possible explanations for the spread of this ransomware:
-
-- Arrival through social engineering emails designed to trick users to run the malware and activate the worm-spreading functionality with the SMB exploit
-- Infection through SMB exploit when an unpatched computer is addressable from other infected machines
-
-## Dropper
-
-The threat arrives as a dropper Trojan that has the following two components:
-
-1. A component that attempts to exploit the SMB CVE-2017-0145 vulnerability in other computers
-2. The ransomware known as WannaCrypt
-
-The dropper tries to connect the following domains using the API `InternetOpenUrlA()`:
-
-- www[.]iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea[.]com
-- www[.]ifferfsodp9ifjaposdfjhgosurijfaewrwergwea[.]com
-
-If connection to the domains is successful, the dropper does not infect the system further with ransomware or try to exploit other systems to spread; it simply stops execution. However, if the connection fails, the threat proceeds to drop the ransomware and creates a service on the system.
-
-In other words, unlike in most malware infections, **IT Administrators should NOT block these domains**. Note that the malware is not proxy-aware, so a local DNS record may be required. This does not need to point to the Internet, but can resolve to any accessible server which will accept connections on TCP 80.
-
-![Connection information from WannaCrypt code](images/wanna1.png)
-
-The threat creates a service named *mssecsvc2.0*, whose function is to exploit the SMB vulnerability in other computers accessible from the infected system:
-```
-Service Name: mssecsvc2.0
-Service Description: (Microsoft Security Center (2.0) Service)
-Service Parameters: '-m security'
-```
-
- ![Mssecsvc2.0 process details](images/wanna2.png)
-
-## WannaCrypt ransomware
-
-The ransomware component is a dropper that contains a password-protected .zip archive in its resource section. The document encryption routine and the files in the .zip archive contain support tools, a decryption tool, and the ransom message. In the samples we analyzed, the password for the .zip archive is 'WNcry@2ol7'.
-
-When run, WannaCrypt creates the following registry keys:
-
-- *HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\\<random string> = '\<malware working directory>\tasksche.exe'*
-- *HKLM\SOFTWARE\WanaCrypt0r\\wd = '\<malware working directory>'*
-
-It changes the wallpaper to a ransom message by modifying the following registry key:
-
-- *HKCU\Control Panel\Desktop\Wallpaper: '\<malware working directory>\\@WanaDecryptor@.bmp'*
-
-It creates the following files in the malware's working directory:
-
-- *00000000.eky*
-- *00000000.pky*
-- *00000000.res*
-- *274901494632976.bat*
-- <em>@Please_Read_Me@.txt</em>
-- <em>@WanaDecryptor@.bmp</em>
-- <em>@WanaDecryptor@.exe</em>
-- *b.wnry*
-- *c.wnry*
-- *f.wnry*
-- *m.vbs*
-- *msg\m_bulgarian.wnry*
-- *msg\m_chinese (simplified).wnry*
-- *msg\m_chinese (traditional).wnry*
-- *msg\m_croatian.wnry*
-- *msg\m_czech.wnry*
-- *msg\m_danish.wnry*
-- *msg\m_dutch.wnry*
-- *msg\m_english.wnry*
-- *msg\m_filipino.wnry*
-- *msg\m_finnish.wnry*
-- *msg\m_french.wnry*
-- *msg\m_german.wnry*
-- *msg\m_greek.wnry*
-- *msg\m_indonesian.wnry*
-- *msg\m_italian.wnry*
-- *msg\m_japanese.wnry*
-- *msg\m_korean.wnry*
-- *msg\m_latvian.wnry*
-- *msg\m_norwegian.wnry*
-- *msg\m_polish.wnry*
-- *msg\m_portuguese.wnry*
-- *msg\m_romanian.wnry*
-- *msg\m_russian.wnry*
-- *msg\m_slovak.wnry*
-- *msg\m_spanish.wnry*
-- *msg\m_swedish.wnry*
-- *msg\m_turkish.wnry*
-- *msg\m_vietnamese.wnry*
-- *r.wnry*
-- *s.wnry*
-- *t.wnry*
-- *TaskData\Tor\libeay32.dll*
-- *TaskData\Tor\libevent-2-0-5.dll*
-- *TaskData\Tor\libevent_core-2-0-5.dll*
-- *TaskData\Tor\libevent_extra-2-0-5.dll*
-- *TaskData\Tor\libgcc_s_sjlj-1.dll*
-- *TaskData\Tor\libssp-0.dll*
-- *TaskData\Tor\ssleay32.dll*
-- *TaskData\Tor\taskhsvc.exe*
-- *TaskData\Tor\tor.exe*
-- *TaskData\Tor\zlib1.dll*
-- *taskdl.exe*
-- *taskse.exe*
-- *u.wnry*
-
-WannaCrypt may also create the following files:
-
-- *%SystemRoot%\tasksche.exe*
-- *%SystemDrive%\intel\\\<random directory name>\tasksche.exe*
-- *%ProgramData%\\\<random directory name>\tasksche.exe*
-
-It may create a randomly named service that has the following associated ImagePath: `cmd.exe /c '<malware working directory>\tasksche.exe'`.
-
-It then searches the whole computer for any file with any of the following file name extensions: *.123, .jpeg , .rb , .602 , .jpg , .rtf , .doc , .js , .sch , .3dm , .jsp , .sh , .3ds , .key , .sldm , .3g2 , .lay , .sldm , .3gp , .lay6 , .sldx , .7z , .ldf , .slk , .accdb , .m3u , .sln , .aes , .m4u , .snt , .ai , .max , .sql , .ARC , .mdb , .sqlite3 , .asc , .mdf , .sqlitedb , .asf , .mid , .stc , .asm , .mkv , .std , .asp , .mml , .sti , .avi , .mov , .stw , .backup , .mp3 , .suo , .bak , .mp4 , .svg , .bat , .mpeg , .swf , .bmp , .mpg , .sxc , .brd , .msg , .sxd , .bz2 , .myd , .sxi , .c , .myi , .sxm , .cgm , .nef , .sxw , .class , .odb , .tar , .cmd , .odg , .tbk , .cpp , .odp , .tgz , .crt , .ods , .tif , .cs , .odt , .tiff , .csr , .onetoc2 , .txt , .csv , .ost , .uop , .db , .otg , .uot , .dbf , .otp , .vb , .dch , .ots , .vbs , .der' , .ott , .vcd , .dif , .p12 , .vdi , .dip , .PAQ , .vmdk , .djvu , .pas , .vmx , .docb , .pdf , .vob , .docm , .pem , .vsd , .docx , .pfx , .vsdx , .dot , .php , .wav , .dotm , .pl , .wb2 , .dotx , .png , .wk1 , .dwg , .pot , .wks , .edb , .potm , .wma , .eml , .potx , .wmv , .fla , .ppam , .xlc , .flv , .pps , .xlm , .frm , .ppsm , .xls , .gif , .ppsx , .xlsb , .gpg , .ppt , .xlsm , .gz , .pptm , .xlsx , .h , .pptx , .xlt , .hwp , .ps1 , .xltm , .ibd , .psd , .xltx , .iso , .pst , .xlw , .jar , .rar , .zip , .java , .raw.*
-
-WannaCrypt encrypts all files it finds and renames them by appending *.WNCRY* to the file name. For example, if a file is named *picture.jpg*, the ransomware encrypts and renames the file to *picture.jpg.WNCRY*.
-
-This ransomware also creates the file <em>@Please_Read_Me@.txt</em> in every folder where files are encrypted. The file contains the same ransom message shown in the replaced wallpaper image (see screenshot below).
-
-After completing the encryption process, the malware deletes the volume shadow copies by running the following command:
-`cmd.exe /c vssadmin delete shadows /all /quiet & wmic shadowcopy delete & bcdedit /set {default} bootstatuspolicy ignoreallfailures & bcdedit /set {default} recoveryenabled no & wbadmin delete catalog -quiet`
-
-It then replaces the desktop background image with the following message:
-
-![Example background image of WannaCrypt](images/wanna3.png)
-
-It also runs an executable showing a ransom note which indicates a $300 ransom in Bitcoins as well as a timer:
-
- ![Screenshot of WannaCrypt ransom notice](images/wanna4.png)
-
-The text is localized into the following languages: Bulgarian, Chinese (simplified), Chinese (traditional), Croatian, Czech, Danish, Dutch, English, Filipino, Finnish, French, German, Greek, Indonesian, Italian, Japanese, Korean, Latvian, Norwegian, Polish, Portuguese, Romanian, Russian, Slovak, Spanish, Swedish, Turkish, and Vietnamese.
-
-The ransomware also demonstrates the decryption capability by allowing the user to decrypt a few random files, free of charge. It then quickly reminds the user to pay the ransom to decrypt all the remaining files.
-
- ![Screenshot of decryption window](images/wanna5.png)
-
-## Spreading capability
-
-The worm functionality attempts to infect unpatched Windows machines in the local network. At the same time, it also executes massive scanning on Internet IP addresses to find and infect other vulnerable computers. This activity results in large SMB traffic from the infected host, which can be observed by SecOps personnel, as shown below.
-
-![Spreading scanning activity](images/wanna6.png)
-
-The Internet scanning routine randomly generates octets to form the IPv4 address. The malware then targets that IP to attempt to exploit CVE-2017-0145. The threat avoids infecting the IPv4 address if the randomly generated value for first octet is 127 or if the value is equal to or greater than 224, in order to skip local loopback interfaces. Once a vulnerable machine is found and infected, it becomes the next hop to infect other machines. The vicious infection cycle continues as the scanning routing discovers unpatched computers.
-
-When it successfully infects a vulnerable computer, the malware runs kernel-level shellcode that seems to have been copied from the public backdoor known as DOUBLEPULSAR, but with certain adjustments to drop and execute the ransomware dropper payload, both for x86 and x64 systems.
-
- ![Kernel-level shellcode used by WannaCrypt](images/wanna7.png)
-
- ![Kernel-level shellcode used by WannaCrypt](images/wanna8.png)
-
-## Protection against the WannaCrypt attack
-
-To get the latest protection from Microsoft, upgrade to [Windows 10](https://www.microsoft.com/windows/windows-10-upgrade). Keeping your computers [up-to-date](https://www.microsoft.com/security/portal/mmpc/help/updatefaqs.aspx) gives you the benefits of the latest features and proactive mitigations built into the latest versions of Windows.
-
-We recommend customers that have not yet installed the security update [MS17-010](https://technet.microsoft.com/library/security/ms17-010.aspx) do so as soon as possible. Until you can apply the patch, we also recommend two possible workarounds to reduce the attack surface:
-
-- Disable SMBv1 with the steps documented at [Microsoft Knowledge Base Article 2696547](https://support.microsoft.com/kb/2696547) and as [recommended previously](https://blogs.technet.microsoft.com/filecab/2016/09/16/stop-using-smb1/)
-- Consider adding a rule on your router or firewall to block incoming SMB traffic on port 445
-
-[Microsoft Defender Antivirus](https://technet.microsoft.com/itpro/windows/keep-secure/windows-defender-in-windows-10) detects this threat as [Ransom:Win32/WannaCrypt](https://www.microsoft.com/security/portal/threat/encyclopedia/Entry.aspx?Name=Ransom:Win32/WannaCrypt) as of the *1.243.297.0* update. Microsoft Defender Antivirus uses cloud-based protection, helping to protect you from the latest threats.
-
-For enterprises, use [Device Guard](https://technet.microsoft.com/itpro/windows/keep-secure/device-guard-deployment-guide) to lock down devices and provide kernel-level virtualization-based security, allowing only trusted applications to run, effectively preventing malware from running.
-
-Use [Office 365 Advanced Threat Protection](https://blogs.office.com/2015/04/08/introducing-exchange-online-advanced-threat-protection/), which has machine learning capability that blocks dangerous email threats, such as the emails carrying ransomware.
-
-Monitor networks with [Windows Defender Advanced Threat Protection](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp), which alerts security operations teams about suspicious activities. Download this playbook to see how you can leverage Windows Defender ATP to detect, investigate, and mitigate ransomware in networks: [Windows Defender Advanced Threat Protection - Ransomware response playbook](https://www.microsoft.com/download/details.aspx?id=55090).
-
-## Resources
-
-Download English language security updates: [Windows Server 2003 SP2 x64](http://download.windowsupdate.com/d/csa/csa/secu/2017/02/windowsserver2003-kb4012598-x64-custom-enu_f24d8723f246145524b9030e4752c96430981211.exe), [Windows Server 2003 SP2 x86,](http://download.windowsupdate.com/c/csa/csa/secu/2017/02/windowsserver2003-kb4012598-x86-custom-enu_f617caf6e7ee6f43abe4b386cb1d26b3318693cf.exe) [Windows XP SP2 x64](http://download.windowsupdate.com/d/csa/csa/secu/2017/02/windowsserver2003-kb4012598-x64-custom-enu_f24d8723f246145524b9030e4752c96430981211.exe), [Windows XP SP3 x86](http://download.windowsupdate.com/d/csa/csa/secu/2017/02/windowsxp-kb4012598-x86-custom-enu_eceb7d5023bbb23c0dc633e46b9c2f14fa6ee9dd.exe), [Windows XP Embedded SP3 x86](http://download.windowsupdate.com/c/csa/csa/secu/2017/02/windowsxp-kb4012598-x86-embedded-custom-enu_8f2c266f83a7e1b100ddb9acd4a6a3ab5ecd4059.exe), [Windows 8 x86,](http://download.windowsupdate.com/c/msdownload/update/software/secu/2017/05/windows8-rt-kb4012598-x86_a0f1c953a24dd042acc540c59b339f55fb18f594.msu) [Windows 8 x64](http://download.windowsupdate.com/c/msdownload/update/software/secu/2017/05/windows8-rt-kb4012598-x64_f05841d2e94197c2dca4457f1b895e8f632b7f8e.msu)
-
-Download localized language security updates: [Windows Server 2003 SP2 x64](https://www.microsoft.com/downloads/details.aspx?FamilyId=d3cb7407-3339-452e-8371-79b9c301132e), [Windows Server 2003 SP2 x86](https://www.microsoft.com/downloads/details.aspx?FamilyId=350ec04d-a0ba-4a50-9be3-f900dafeddf9), [Windows XP SP2 x64](https://www.microsoft.com/downloads/details.aspx?FamilyId=5fbaa61b-15ce-49c7-9361-cb5494f9d6aa), [Windows XP SP3 x86](https://www.microsoft.com/downloads/details.aspx?FamilyId=7388c05d-9de6-4c6a-8b21-219df407754f), [Windows XP Embedded SP3 x86](https://www.microsoft.com/downloads/details.aspx?FamilyId=a1db143d-6ad2-4e7e-9e90-2a73316e1add), [Windows 8 x86](https://www.microsoft.com/downloads/details.aspx?FamilyId=6e2de6b7-9e43-4b42-aca2-267f24210340), [Windows 8 x64](https://www.microsoft.com/downloads/details.aspx?FamilyId=b08bb3f1-f156-4e61-8a68-077963bae8c0)
-
-MS17-010 Security Update: [https://technet.microsoft.com/library/security/ms17-010.aspx](https://technet.microsoft.com/library/security/ms17-010.aspx)
-
-Customer guidance for WannaCrypt attacks: [https://blogs.technet.microsoft.com/msrc/2017/05/12/customer-guidance-for-wannacrypt-attacks/](https://blogs.technet.microsoft.com/msrc/2017/05/12/customer-guidance-for-wannacrypt-attacks/)
-
-General information on ransomware: [https://www.microsoft.com/security/portal/mmpc/shared/ransomware.aspx](https://www.microsoft.com/security/portal/mmpc/shared/ransomware.aspx)
-
-## Indicators of compromise
-
-SHA1 of samples analyzed:
-
-- 51e4307093f8ca8854359c0ac882ddca427a813c
-- e889544aff85ffaf8b0d0da705105dee7c97fe26
-
-Files created:
-
-- %SystemRoot%\mssecsvc.exe
-- %SystemRoot%\tasksche.exe
-- %SystemRoot%\qeriuwjhrf
-- b.wnry
-- c.wnry
-- f.wnry
-- r.wnry
-- s.wnry
-- t.wnry
-- u.wnry
-- taskdl.exe
-- taskse.exe
-- 00000000.eky
-- 00000000.res
-- 00000000.pky
-- @WanaDecryptor@.exe
-- @Please_Read_Me@.txt
-- m.vbs
-- @WanaDecryptor@.exe.lnk
-- @WanaDecryptor@.bmp
-- 274901494632976.bat
-- taskdl.exe
-- Taskse.exe
-- Files with '.wnry' extension
-- Files with '.WNCRY' extension
-
-Registry keys created:
-
-- HKLM\SOFTWARE\WanaCrypt0r\wd
-
-
-
-*Karthik Selvaraj, Elia Florio, Andrea Lelli, and Tanmay Ganacharya*<br />*Microsoft Malware Protection Center*
-
diff --git a/windows/security/threat-protection/windows-defender-application-control/TOC.md b/windows/security/threat-protection/windows-defender-application-control/TOC.md
index a8f8114e8a..79c0d8087a 100644
--- a/windows/security/threat-protection/windows-defender-application-control/TOC.md
+++ b/windows/security/threat-protection/windows-defender-application-control/TOC.md
@@ -14,6 +14,7 @@
 #### [Authorize reputable apps with Intelligent Security Graph (ISG)](use-windows-defender-application-control-with-intelligent-security-graph.md)
 #### [Use multiple WDAC policies](deploy-multiple-windows-defender-application-control-policies.md)
 #### [Microsoft recommended block rules](microsoft-recommended-block-rules.md)
+#### [Microsoft recommended driver block rules](microsoft-recommended-driver-block-rules.md)
 ### Create your initial WDAC policy
 #### [Example WDAC base policies](example-wdac-base-policies.md)
 #### [Policy creation for common WDAC usage scenarios](types-of-devices.md)
diff --git a/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-driver-block-rules.md b/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-driver-block-rules.md
new file mode 100644
index 0000000000..7d56cdbe9e
--- /dev/null
+++ b/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-driver-block-rules.md
@@ -0,0 +1,387 @@
+---
+title: Microsoft recommended driver block rules (Windows 10)
+description: View a list of recommended block rules to block vulnerable third-party drivers discovered by Microsoft and the security research community.  
+keywords:  security, malware, kernel mode, driver
+ms.assetid: 8d6e0474-c475-411b-b095-1c61adb2bdbb
+ms.prod: w10
+ms.mktglfcycl: deploy
+ms.sitesec: library
+ms.pagetype: security
+ms.localizationpriority: medium
+audience: ITPro
+ms.collection: M365-security-compliance
+author: jgeurten
+ms.reviewer: isbrahm
+ms.author: dansimp
+manager: dansimp
+ms.date: 10/15/2020
+---
+
+# Microsoft recommended driver block rules
+
+**Applies to:**
+
+- Windows 10
+- Windows Server 2016 and above
+
+Microsoft has strict requirements for code running in kernel. Consequently, malicious actors are turning to exploit vulnerabilities in legitimate and signed kernel drivers to run malware in kernel. One of the many strengths of the Windows platform is our strong collaboration with independent hardware vendors (IHVs) and OEMs. Microsoft works closely with our IHVs and security community to ensure the highest level of driver security for our customers and when vulnerabilities in drivers do arise, that they are patched and rolled out to the ecosystem in an expedited manner. Microsoft then adds the vulnerable versions of the drivers to our ecosystem block policy which is applied to the following sets of devices:
+
+- Hypervisor-protected code integrity (HVCI) enabled devices
+- Windows 10 in S mode (S mode) devices
+
+Microsoft recommends enabling [HVCI](https://docs.microsoft.com/windows/security/threat-protection/device-guard/enable-virtualization-based-protection-of-code-integrity) or S mode to protect your devices against security threats. If this is not possible, Microsoft recommends blocking the following list of drivers by merging this policy with your existing Windows Defender Application Control policy. Blocking kernel drivers without sufficient testing can result in devices or software to malfunction, and in rare cases, blue screen. It is recommended to first validate this policy in [audit mode](audit-windows-defender-application-control-policies.md) and review the audit block events.
+
+> [!Note]
+> This application list will be updated with the latest vendor information as application vulnerabilities are resolved and new issues are discovered. It is recommended that this policy be first validated in audit mode before rolling the rules into enforcement mode. 
+
+```xml
+<?xml version="1.0" encoding="utf-8"?>
+<SiPolicy xmlns="urn:schemas-microsoft-com:sipolicy">
+  <VersionEx>10.0.19565.0</VersionEx>
+  <PolicyTypeID>{D2BDA982-CCF6-4344-AC5B-0B44427B6816}</PolicyTypeID>
+  <PlatformID>{2E07F7E4-194C-4D20-B7C9-6F44A6C5A234}</PlatformID>
+  <Rules>
+    <Rule>
+      <Option>Enabled:Unsigned System Integrity Policy</Option>
+    </Rule>
+    <Rule>
+      <Option>Enabled:Audit Mode</Option>
+    </Rule>
+    <Rule>
+      <Option>Enabled:Advanced Boot Options Menu</Option>
+    </Rule>
+  </Rules>
+  <!--EKUS-->
+  <EKUs />
+  <!--File Rules-->
+  <FileRules>
+    <Allow ID="ID_ALLOW_ALL_1" FriendlyName="" FileName="*" />
+    <Allow ID="ID_ALLOW_ALL_2" FriendlyName="" FileName="*" />
+    <Deny ID="ID_DENY_BANDAI_SHA1" FriendlyName="bandai.sys Hash Sha1" Hash="0F780B7ADA5DD8464D9F2CC537D973F5AC804E9C" />
+    <Deny ID="ID_DENY_BANDAI_SHA256" FriendlyName="bandai.sys Hash Sha256" Hash="7FD788358585E0B863328475898BB4400ED8D478466D1B7F5CC0252671456CC8" />
+    <Deny ID="ID_DENY_BANDAI_SHA1_PAGE" FriendlyName="bandai.sys Hash Page Sha1" Hash="EA360A9F23BB7CF67F08B88E6A185A699F0C5410" />
+    <Deny ID="ID_DENY_BANDAI_SHA256_PAGE" FriendlyName="bandai.sys Hash Page Sha256" Hash="BB83738210650E09307CE869ACA9BFA251024D3C47B1006B94FCE2846313F56E" />
+    <Deny ID="ID_DENY_CAPCOM_SHA1" FriendlyName="capcom.sys Hash Sha1" Hash="1D1CAFC73C97C6BCD2331F8777D90FDCA57125A3" />
+    <Deny ID="ID_DENY_CAPCOM_SHA256" FriendlyName="capcom.sys Hash Sha256" Hash="FAA08CB609A5B7BE6BFDB61F1E4A5E8ADF2F5A1D2492F262483DF7326934F5D4" />
+    <Deny ID="ID_DENY_CAPCOM_SHA1_PAGE" FriendlyName="capcom.sys Hash Page Sha1" Hash="69006FBBD1B150FB9404867A5BCDC04FE0FC1BAD" />
+    <Deny ID="ID_DENY_CAPCOM_SHA256_PAGE" FriendlyName="capcom.sys Hash Page Sha256" Hash="42589C7CE89941060465096C4661654B43E38C1F9D05D66239825E8FCCF52705" />
+    <Deny ID="ID_DENY_FIDDRV_SHA1" FriendlyName="fiddrv.sys Hash Sha1" Hash="8CC8974A05E81678E3D28ACFE434E7804ABD019C" />
+    <Deny ID="ID_DENY_FIDDRV_SHA256" FriendlyName="fiddrv.sys Hash Sha256" Hash="97B976F7E7E5DF7AF0781BBBB33CB5F3F7A59EFDD07995253B31DE8123352A67" />
+    <Deny ID="ID_DENY_FIDDRV_SHA1_PAGE" FriendlyName="fiddrv.sys Hash Page Sha1" Hash="282BB241BDA5C4C1B8EB9BF56D018896649CA0E1" />
+    <Deny ID="ID_DENY_FIDDRV_SHA256_PAGE" FriendlyName="fiddrv.sys Hash Page Sha256" Hash="1ED9DA2DA2539284404E0701E6BA3C9EB37BE10353E826F425A194D247B8B7CE" />
+    <Deny ID="ID_DENY_FIDDRV64_SHA1" FriendlyName="fiddrv64.sys Hash Sha1" Hash="10E15BA8FF8ED926DDD3636CEC66A0F08C9860A4" />
+    <Deny ID="ID_DENY_FIDDRV64_SHA256" FriendlyName="fiddrv64.sys Hash Sha256" Hash="FEEF191064D18B6FB63B7299415D1B1E2EC8FCDD742854AA96268D0EC4A0F7B6" />
+    <Deny ID="ID_DENY_FIDDRV64_SHA1_PAGE" FriendlyName="fiddrv64.sys Hash Page Sha1" Hash="E4436C8C42BA5FFABD58A3B2256F6E86CCC907AB" />
+    <Deny ID="ID_DENY_FIDDRV64_SHA256_PAGE" FriendlyName="fiddrv64.sys Hash Page Sha256" Hash="2D48414647A7F9DEA30F19074EBF8F17E55E9031B8604794CEB88369C8C52532" />
+    <Deny ID="ID_DENY_FIDPCIDRV_SHA1" FriendlyName="fidpcidrv.sys Hash Sha1" Hash="08596732304351B311970FF96B21F451F23B1E25" />
+    <Deny ID="ID_DENY_FIDPCIDRV_SHA256" FriendlyName="fidpcidrv.sys Hash Sha256" Hash="7B7E0E1453E733050B586A6FAC91883DBB85AE0775C84C4CEB967CFC9B4EFD10" />
+    <Deny ID="ID_DENY_FIDPCIDRV_SHA1_PAGE" FriendlyName="fidpcidrv.sys Hash Page Sha1" Hash="7838FB56FDAB816BC1900A4720EEA2FC9972EF7A" />
+    <Deny ID="ID_DENY_FIDPCIDRV_SHA256_PAGE" FriendlyName="fidpcidrv.sys Hash Page Sha256" Hash="0893E186E236315FE78A7EF41ED71617E75D90D2D14FE93911E0D9344BEAF69F" />
+    <Deny ID="ID_DENY_FIDPCIDRV64_SHA1" FriendlyName="fidpcidrv64.sys Hash Sha1" Hash="4789B910023A667BEE70FF1F1A8F369CFFB10FE8" />
+    <Deny ID="ID_DENY_FIDPCIDRV64_SHA256" FriendlyName="fidpcidrv64.sys Hash Sha256" Hash="7FB0F6FC5BDD22D53F8532CB19DA666A77A66FFB1CF3919A2E22B66C13B415B7" />
+    <Deny ID="ID_DENY_FIDPCIDRV64_SHA1_PAGE" FriendlyName="fidpcidrv64.sys Hash Page Sha1" Hash="EEFF4EC4EBC12C6ACD2C930DC2EAAF877CFEC7EC" />
+    <Deny ID="ID_DENY_FIDPCIDRV64_SHA256_PAGE" FriendlyName="fidpcidrv64.sys Hash Page Sha256" Hash="B98E008DFEA10EC74C89D08F12F31C12F52234BE6FFFF06B6B9E749BFEA6CBED" />
+    <Deny ID="ID_DENY_GDRV" FriendlyName="gdrv.sys" FileName="gdrv.sys" />
+    <Deny ID="ID_DENY_GLCKIO2_SHA1" FriendlyName="GLCKIO2.sys Hash Sha1" Hash="D99B80B3269D735CAC43AF5E43483E64CA7961C3" />
+    <Deny ID="ID_DENY_GLCKIO2_SHA256" FriendlyName="GLCKIO2.sys Hash Sha256" Hash="47DBA240967FD0088BE618163672DFBDDF0138178CCCD45B54037F622B221220" />
+    <Deny ID="ID_DENY_GLCKIO2_SHA1_PAGE" FriendlyName="GLCKIO2.sys Hash Page Sha1" Hash="51E0740AAEE5AE76B0095C92908C97B817DB8BEA" />
+    <Deny ID="ID_DENY_GLCKIO2_SHA256_PAGE" FriendlyName="GLCKIO2.sys Hash Page Sha256" Hash="E7F011E9857C7DB5AACBD424612CD7E3D12C363FDC8F072DDFAF9E2E5C85F5F3" />
+    <Deny ID="ID_DENY_GVCIDRV64_SHA1" FriendlyName="GVCIDrv64.sys Hash Sha1" Hash="4EAE38E9DC262EB7B6EDE4B3D3F4AD068933845E" />
+    <Deny ID="ID_DENY_GVCIDRV64_SHA256" FriendlyName="GVCIDrv64.sys Hash Sha256" Hash="2FF09BB919A9909068166C30322C4E904BEFEBA5429E9A11D011297FB8A73C07" />
+    <Deny ID="ID_DENY_GVCIDRV64_SHA1_PAGE" FriendlyName="GVCIDrv64.sys Hash Page Sha1" Hash="6980122AEF4E2D5D7A6DDDB6DA76A166C460E0A1" />
+    <Deny ID="ID_DENY_GVCIDRV64_SHA256_PAGE" FriendlyName="GVCIDrv64.sys Hash Page Sha256" Hash="A69247025DD32DC15E06FEE362B494BCC6105D34B8D7091F7EC3D9000BD71501" />
+    <Deny ID="ID_DENY_WINFLASH64_SHA1" FriendlyName="WinFlash64.sys Hash Sha1" Hash="DA21F5889F8374C3961856D681ADEC3D663D2964" />
+    <Deny ID="ID_DENY_WINFLASH64_SHA256" FriendlyName="WinFlash64.sys Hash Sha256" Hash="F2B51FBEEAD17F5EE34D5B4A3A83C848FB76F8F0E80769212E137A7AA539A3BC" />
+    <Deny ID="ID_DENY_WINFLASH64_SHA1_PAGE" FriendlyName="WinFlash64.sys Hash Page Sha1" Hash="C5057A4FD3C9B58F4C9AB9FE356081DF8804BF98" />
+    <Deny ID="ID_DENY_WINFLASH64_SHA256_PAGE" FriendlyName="WinFlash64.sys Hash Page Sha256" Hash="C8FA1EC3D03050FBC1AA677F2C0348690521291219E8D2E94F0EA9E9174B9156" />
+    <Deny ID="ID_DENY_AMIFLDRV64_SHA1" FriendlyName="amifldrv64.sys Hash Sha1" Hash="B0EC7D971DA8AE84C0ED8F88A5D46B23996E636C" />
+    <Deny ID="ID_DENY_AMIFLDRV64_SHA256C" FriendlyName="amifldrv64.sys Hash Sha256" Hash="038F39558035292F1D794B7CF49F8E751E8633DAEC31454FE85CCCBEA83BA3FB" />
+    <Deny ID="ID_DENY_AMIFLDRV64_SHA1_PAGE" FriendlyName="amifldrv64.sys Hash Page Sha1" Hash="C9CC3779ED67755220DBF9592EC2AC0E1DE363DC" />
+    <Deny ID="ID_DENY_AMIFLDRV64_SHA256_PAGE" FriendlyName="amifldrv64.sys Hash Page Sha256" Hash="AA594D977312A944B14351C075634E7C59B42687928FBCDA8E2C4CEA46686DD9" />
+    <Deny ID="ID_DENY_ASUPIO64_SHA1F" FriendlyName="AsUpIO64.sys Hash Sha1" Hash="2A95F882DD9BAFCC57F144A2708A7EC67DD7844C" />
+    <Deny ID="ID_DENY_ASUPIO64_SHA256" FriendlyName="AsUpIO64.sys Hash Sha256" Hash="7F75D91844B0C162EEB24D14BCF63B7F230E111DAA7B0A26EAA489EEB22D9057" />
+    <Deny ID="ID_DENY_ASUPIO64_SHA1_PAGE" FriendlyName="AsUpIO64.sys Hash Page Sha1" Hash="316E7872A227F0EAD483D244805E9FF4D3569F6F" />
+    <Deny ID="ID_DENY_ASUPIO64_SHA256_PAGE" FriendlyName="AsUpIO64.sys Hash Page Sha256" Hash="5958CBE6CF7170C4B66893777BDE66343F5536A98610BD188E10D47DB84BC04C" />
+    <Deny ID="ID_DENY_BSFLASH64_SHA1" FriendlyName="BS_Flash64.sys Hash Sha1" Hash="5107438A02164E1BCEDD556A786F37F59CD04231" />
+    <Deny ID="ID_DENY_BSFLASH64_SHA256" FriendlyName="BS_Flash64.sys Hash Sha256" Hash="543C3F024E4AFFD0AAFA3A229FA19DBE7A70972BB18ED6347D3492DD174EDAC5" />
+    <Deny ID="ID_DENY_BSFLASH64_SHA1_PAGE" FriendlyName="BS_Flash64.sys Hash Page Sha1" Hash="26C398B86FD33B3E6C4348F780C4CF758C99C8FD" />
+    <Deny ID="ID_DENY_BSFLASH64_SHA256_PAGE" FriendlyName="BS_Flash64.sys Hash Page Sha256" Hash="8BF958AFA751D7AB66EBB1FAE25679E6F0FDE72078AEFC09F1824EEFA526005E" />
+    <Deny ID="ID_DENY_BSHWMIO64_SHA1" FriendlyName="BS_HWMIo64.sys Hash Sha1" Hash="3281135748C9C7A9DDACE55C648C720AF810475F" />
+    <Deny ID="ID_DENY_BSHWMIO64_SHA256" FriendlyName="BS_HWMIo64.sys Hash Sha256" Hash="3DE51A3102DB7297D96B4DE5B60ACA5F3A07E8577BBBED7F755F1DE9A9C38E75" />
+    <Deny ID="ID_DENY_BSHWMIO64_SHA1_PAGE" FriendlyName="BS_HWMIo64.sys Hash Page Sha1" Hash="FC5F231383FE72E298893010A9A3714B205C4110" />
+    <Deny ID="ID_DENY_BSHWMIO64_SHA256_PAGE" FriendlyName="BS_HWMIo64.sys Hash Page Sha256" Hash="6AD3624CA1DC38ECEEC75234E50934B1BAD7C72621DC57DEAB09044D0135877D" />
+    <Deny ID="ID_DENY_MSIO64_SHA1" FriendlyName="MsIo64.sys Hash Sha1" Hash="7E732ACB7CFAD9BA043A9350CDEFF25D742BECB8" />
+    <Deny ID="ID_DENY_MSIO64_SHA256" FriendlyName="MsIo64.sys Hash Sha256" Hash="7018D515A6C781EA6097CA71D0F0603AD0D689F7EC99DB27FCACD492A9E86027" />
+    <Deny ID="ID_DENY_MSIO64_SHA1_PAGE" FriendlyName="MsIo64.sys Hash Page Sha1" Hash="CDE1A50E1DF7870F8E4AFD8631E45A847C714C0A" />
+    <Deny ID="ID_DENY_MSIO64_SHA256_PAGE" FriendlyName="MsIo64.sys Hash Page Sha256" Hash="05736AB8B48DF84D81CB2CC0FBDC9D3DA34C22DB67A3E71C6F4B6B3923740DD5" />
+    <Deny ID="ID_DENY_PIDDRV_SHA1" FriendlyName="piddrv.sys Hash Sha1" Hash="877C6C36A155109888FE1F9797B93CB30B4957EF" />
+    <Deny ID="ID_DENY_PIDDRV_SHA256" FriendlyName="piddrv.sys Hash Sha256" Hash="4E19D4CE649C28DD947424483796BEACE3656284FB0379D97DDDD320AA602BBC" />
+    <Deny ID="ID_DENY_PIDDRV_SHA1_PAGE" FriendlyName="piddrv.sys Hash Page Sha1" Hash="A7D827A41B2C4B7638495CD1D77926F1BA902978" />
+    <Deny ID="ID_DENY_PIDDRV_SHA256_PAGE" FriendlyName="piddrv.sys Hash Page Sha256" Hash="EAC7316089DBAF7DF79A531355547BBDA22FA0921E31BBA0D27BCC88234E9ED3" />
+    <Deny ID="ID_DENY_PIDDRV64_SHA1" FriendlyName="piddrv64.sys Hash Sha1" Hash="0C2599D738D01A82EC91725F499ACEBBCFB47CC9" />
+    <Deny ID="ID_DENY_PIDDRV64_SHA256" FriendlyName="piddrv64.sys Hash Sha256" Hash="B97F870C501714FA453CF18AE8A30C87D08FF1E6D784AFDBB0121AEA3DA2DC28" />
+    <Deny ID="ID_DENY_PIDDRV64_SHA1_PAGE" FriendlyName="piddrv64.sys Hash Page Sha1" Hash="C978063E678233C5EFB8F002FEF000FD479CC632" />
+    <Deny ID="ID_DENY_PIDDRV64_SHA256_PAGE" FriendlyName="piddrv64.sys Hash Page Sha256" Hash="1081CCD57FD35998634103AE1E736638D82351092ACD30FE75084EA6A08CA0F7" />
+    <Deny ID="ID_DENY_SEMAV6MSR64_SHA1" FriendlyName="semav6msr64.sys Hash Sha1" Hash="E3DBE2AA03847DF621591A4CAD69A5609DE5C237" />
+    <Deny ID="ID_DENY_SEMAV6MSR64_SHA256" FriendlyName="semav6msr64.sys Hash Sha256" Hash="EB71A8ECEF692E74AE356E8CB734029B233185EE5C2CCB6CC87CC6B36BEA65CF" />
+    <Deny ID="ID_DENY_SEMAV6MSR64_SHA1_PAGE" FriendlyName="semav6msr64.sys Hash Page Sha1" Hash="F3821EC0AEF270F749DF9F44FBA91AFA5C8C38E8" />
+    <Deny ID="ID_DENY_SEMAV6MSR64_SHA256_PAGE" FriendlyName="semav6msr64.sys Hash Page Sha256" Hash="4F12EE563E7496E7105D67BF64AF6B436902BE4332033AF0B5A242B206372CB7" />
+    <FileAttrib ID="ID_FILEATTRIB_CPUZ_DRIVER" FriendlyName="" FileName="cpuz.sys" MinimumFileVersion="0.0.0.0" MaximumFileVersion="1.0.4.3" />
+    <FileAttrib ID="ID_FILEATTRIB_ELBY_DRIVER" FriendlyName="" FileName="ElbyCDIO.sys" MinimumFileVersion="0.0.0.0" MaximumFileVersion="6.0.3.2" />
+    <FileAttrib ID="ID_FILEATTRIB_LIBNICM_DRIVER" FriendlyName="" FileName="libnicm.sys" MinimumFileVersion="0.0.0.0" MaximumFileVersion="3.1.12.0" />
+    <FileAttrib ID="ID_FILEATTRIB_MTCBSV64" FriendlyName="mtcBSv64.sys FileAttribute" FileName="mtcBSv64.sys" MinimumFileVersion="0.0.0.0" MaximumFileVersion="21.2.0.0" />
+    <FileAttrib ID="ID_FILEATTRIB_NICM_DRIVER" FriendlyName="" FileName="NICM.SYS" MinimumFileVersion="0.0.0.0" MaximumFileVersion="3.1.12.0" />
+    <FileAttrib ID="ID_FILEATTRIB_NSCM_DRIVER" FriendlyName="" FileName="nscm.sys" MinimumFileVersion="0.0.0.0" MaximumFileVersion="3.1.12.0" />
+    <FileAttrib ID="ID_FILEATTRIB_SANDRA_DRIVER" FriendlyName="" FileName="sandra.sys" MinimumFileVersion="0.0.0.0" MaximumFileVersion="10.12.0.0" />
+    <FileAttrib ID="ID_FILEATTRIB_RTKIO64_DRIVER" FriendlyName="" FileName="rtkio64.sys " MinimumFileVersion="65535.65535.65535.65535" />
+    <FileAttrib ID="ID_FILEATTRIB_RTKIOW10X64_DRIVER" FriendlyName="" FileName="rtkiow10x64.sys " MinimumFileVersion="65535.65535.65535.65535" />
+    <FileAttrib ID="ID_FILEATTRIB_RTKIOW8X64_DRIVER" FriendlyName="" FileName="rtkiow8x64.sys " MinimumFileVersion="65535.65535.65535.65535" />
+    <FileAttrib ID="ID_FILEATTRIB_BSMI" FriendlyName="" FileName="BSMI.sys" MinimumFileVersion="0.0.0.0" MaximumFileVersion="1.0.0.3" />
+    <FileAttrib ID="ID_FILEATTRIB_BS_HWMIO64" FriendlyName="" FileName="BS_HWMIO64_W10.sys" MinimumFileVersion="0.0.0.0" MaximumFileVersion="10.0.1806.2200" />
+    <FileAttrib ID="ID_FILEATTRIB_BS_I2CIO" FriendlyName="" FileName="BS_I2cIo.sys"  MinimumFileVersion="0.0.0.0" MaximumFileVersion="1.1.0.0" />
+    <FileAttrib ID="ID_FILEATTRIB_NTIOLIB" FriendlyName="" FileName="NTIOLib.sys"  MinimumFileVersion="0.0.0.0" MaximumFileVersion="1.0.0.0" />
+    <FileAttrib ID="ID_FILEATTRIB_NCHGBIOS2X64" FriendlyName="" FileName="NCHGBIOS2x64.SYS"  MinimumFileVersion="0.0.0.0" MaximumFileVersion="4.2.4.0" />
+    <FileAttrib ID="ID_FILEATTRIB_SEGWINDRVX64" FriendlyName="segwindrvx64.sys FileAttribute" FileName="segwindrvx64.sys" MinimumFileVersion="0.0.0.0" MaximumFileVersion="100.0.7.2" />
+  </FileRules>
+  <!--Signers-->
+  <Signers>
+     <Signer ID="ID_SIGNER_F_1" Name="VeriSign Class 3 Code Signing 2010 CA">
+      <CertRoot Type="TBS" Value="4843A82ED3B1F2BFBEE9671960E1940C942F688D" />
+      <CertPublisher Value="CPUID" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_CPUZ_DRIVER" />
+    </Signer>
+    <Signer ID="ID_SIGNER_F_2" Name="Microsoft Windows Third Party Component CA 2014">
+      <CertRoot Type="TBS" Value="D8BE9E4D9074088EF818BC6F6FB64955E90378B2754155126FEEBBBD969CF0AE" />
+      <CertPublisher Value="Microsoft Windows Hardware Compatibility Publisher" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_CPUZ_DRIVER" />
+    </Signer>
+    <Signer ID="ID_SIGNER_CPUZ" Name="DigiCert EV Code Signing CA (SHA2)">
+      <CertRoot Type="TBS" Value="EEC58131DC11CD7F512501B15FDBC6074C603B68CA91F7162D5A042054EDB0CF" />
+      <CertPublisher Value="CPUID" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_CPUZ_DRIVER" />
+    </Signer>
+    <Signer ID="ID_SIGNER_ELBY" Name="GlobalSign Primary Object Publishing CA">
+      <CertRoot Type="TBS" Value="041750993D7C9E063F02DFE74699598640911AAB" />
+      <CertPublisher Value="Elaborate Bytes AG" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_ELBY_DRIVER" />
+    </Signer>
+    <Signer ID="ID_SIGNER_NOVELL" Name="VeriSign Class 3 Code Signing 2009-2 CA">
+      <CertRoot Type="TBS" Value="4CDC38C800761463749C3CBD94A12F32E49877BF" />
+      <CertPublisher Value="Novell, Inc." />
+      <FileAttribRef RuleID="ID_FILEATTRIB_LIBNICM_DRIVER" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_NICM_DRIVER" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_NSCM_DRIVER" />
+    </Signer>
+    <Signer ID="ID_SIGNER_SANDRA" Name="GeoTrust TrustCenter CodeSigning CA I">
+      <CertRoot Type="TBS" Value="172F39BCA3DDA7C6D5169C96B34A5FE7E96FF0BD" />
+      <CertPublisher Value="SiSoftware Ltd" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_SANDRA_DRIVER" />
+    </Signer>
+    <Signer ID="ID_SIGNER_MIMIKATZ_KERNEL" Name="GlobalSign CodeSigning CA - G2">
+      <CertRoot Type="TBS" Value="589A7D4DF869395601BA7538A65AFAE8C4616385" />
+      <CertPublisher Value="Benjamin Delpy" />
+    </Signer>
+    <Signer ID="ID_SIGNER_MIMIKATZ_USER" Name="Certum Code Signing CA SHA2">
+      <CertRoot Type="TBS" Value="F7B6EEB3A567223000A61F68C53B458193557C17E5D512D2825BCB13E5FC9BE5" />
+      <CertPublisher Value="Open Source Developer, Benjamin Delpy" />
+    </Signer>
+    <Signer ID="ID_SIGNER_SPEEDFAN" Name="VeriSign Class 3 Code Signing 2004 CA">
+      <CertRoot Type="TBS" Value="C7FC1727F5B75A6421A1F95C73BBDB23580C48E5" />
+      <CertPublisher Value="Sokno S.R.L." />
+    </Signer>
+      <Signer ID="ID_SIGNER_RWEVERY" Name="GlobalSign CodeSigning CA - G2">
+      <CertRoot Type="TBS" Value="589A7D4DF869395601BA7538A65AFAE8C4616385" />
+      <CertPublisher Value="ChongKim Chan" />
+    </Signer>
+    <Signer ID="ID_SIGNER_VBOX" Name="GlobalSign Primary Object Publishing CA">
+      <CertRoot Type="TBS" Value="041750993D7C9E063F02DFE74699598640911AAB" />
+      <CertPublisher Value="innotek GmbH" />
+    </Signer>
+    <Signer ID="ID_SIGNER_REALTEK" Name="DigiCert EV Code Signing CA">
+      <CertRoot Type="TBS" Value="2D54C16A8F8B69CCDEA48D0603C132F547A5CF75" />
+      <CertPublisher Value="Realtek Semiconductor Corp." />
+      <FileAttribRef RuleID="ID_FILEATTRIB_RTKIO64_DRIVER" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_RTKIOW10X64_DRIVER" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_RTKIOW8X64_DRIVER" />
+    </Signer>
+    <Signer ID="ID_SIGNER_REALTEK_2" Name="DigiCert EV Code Signing CA (SHA2)">
+      <CertRoot Type="TBS" Value="EEC58131DC11CD7F512501B15FDBC6074C603B68CA91F7162D5A042054EDB0CF" />
+      <CertPublisher Value="Realtek Semiconductor Corp." />
+      <FileAttribRef RuleID="ID_FILEATTRIB_RTKIO64_DRIVER" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_RTKIOW10X64_DRIVER" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_RTKIOW8X64_DRIVER" />
+    </Signer>
+    <Signer ID="ID_SIGNER_WINDOWS_3RD_PARTY_2014" Name="Microsoft Windows Third Party Component CA 2014">
+      <CertRoot Type="TBS" Value="D8BE9E4D9074088EF818BC6F6FB64955E90378B2754155126FEEBBBD969CF0AE" />
+      <CertPublisher Value="Microsoft Windows Hardware Compatibility Publisher" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_RTKIOW10X64_DRIVER" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_BS_HWMIO64" />
+    </Signer>
+    <Signer ID="ID_SIGNER_VERISIGN_2004" Name="VeriSign Class 3 Code Signing 2004 CA">
+      <CertRoot Type="TBS" Value="C7FC1727F5B75A6421A1F95C73BBDB23580C48E5" />
+      <CertPublisher Value="Mitac Technology Corporation" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_MTCBSV64" />
+      </Signer>
+    <Signer ID="ID_SIGNER_VERISIGN_2009" Name="VeriSign Class 3 Code Signing 2009-2 CA">
+      <CertRoot Type="TBS" Value="4CDC38C800761463749C3CBD94A12F32E49877BF" />
+      <CertPublisher Value="BIOSTAR MICROTECH INT'L CORP" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_BSMI" />
+    </Signer>
+    <Signer ID="ID_SIGNER_VERISIGN_BIOSTAR" Name="VeriSign Class 3 Code Signing 2004 CA">
+      <CertRoot Type="TBS" Value="C7FC1727F5B75A6421A1F95C73BBDB23580C48E5" />
+      <CertPublisher Value="BIOSTAR MICROTECH INT'L CORP" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_BS_I2CIO" />
+    </Signer>
+    <Signer ID="ID_SIGNER_GLOBALSIGN_G2_MICROSTAR" Name="GlobalSign CodeSigning CA - G2">
+      <CertRoot Type="TBS" Value="589A7D4DF869395601BA7538A65AFAE8C4616385" />
+      <CertPublisher Value="MICRO-STAR INTERNATIONAL CO., LTD." />
+      <FileAttribRef RuleID="ID_FILEATTRIB_NTIOLIB" />
+    </Signer>
+    <Signer ID="ID_SIGNER_VERISIGN_TOSHIBA" Name="VeriSign Class 3 Code Signing 2010 CA">
+      <CertRoot Type="TBS" Value="4843A82ED3B1F2BFBEE9671960E1940C942F688D" />
+      <CertPublisher Value="TOSHIBA CORPORATION" />
+      <FileAttribRef RuleID="ID_FILEATTRIB_NCHGBIOS2X64" />
+    </Signer>
+    <Signer ID="ID_SIGNER_GLOBALSIGN_MICROSTAR" Name="GlobalSign Primary Object Publishing CA">
+      <CertRoot Type="TBS" Value="041750993D7C9E063F02DFE74699598640911AAB" />
+      <CertPublisher Value="Micro-Star Int'l Co. Ltd." />
+      <FileAttribRef RuleID="ID_FILEATTRIB_NTIOLIB" />
+    </Signer>
+    <Signer ID="ID_SIGNER_VERISIGN_INSYDE" Name="VeriSign Class 3 Code Signing 2010 CA">
+      <CertRoot Type="TBS" Value="4843A82ED3B1F2BFBEE9671960E1940C942F688D" />
+      <CertPublisher Value="Insyde Software Corp." />
+      <FileAttribRef RuleID="ID_FILEATTRIB_SEGWINDRVX64" />
+    </Signer>
+  </Signers>
+  <!--Driver Signing Scenarios-->
+  <SigningScenarios>
+    <SigningScenario Value="131" ID="ID_SIGNINGSCENARIO_DENIED_VULN_MAL_SIGNERS" FriendlyName="Signers of known vulnerable or malicious drivers">
+      <ProductSigners>
+        <DeniedSigners>
+          <DeniedSigner SignerId="ID_SIGNER_MIMIKATZ_KERNEL" />
+          <DeniedSigner SignerId="ID_SIGNER_MIMIKATZ_USER" />
+          <DeniedSigner SignerId="ID_SIGNER_NOVELL" />
+          <DeniedSigner SignerId="ID_SIGNER_RWEVERY" />
+          <DeniedSigner SignerId="ID_SIGNER_SANDRA" />
+          <DeniedSigner SignerId="ID_SIGNER_SPEEDFAN" />
+          <DeniedSigner SignerId="ID_SIGNER_VBOX" />
+          <DeniedSigner SignerId="ID_SIGNER_CPUZ" />
+          <DeniedSigner SignerId="ID_SIGNER_ELBY" />
+          <DeniedSigner SignerId="ID_SIGNER_F_1" />
+          <DeniedSigner SignerId="ID_SIGNER_F_2" />
+          <DeniedSigner SignerId="ID_SIGNER_REALTEK" />
+          <DeniedSigner SignerId="ID_SIGNER_REALTEK_2" />
+          <DeniedSigner SignerId="ID_SIGNER_VERISIGN_2004" />
+          <DeniedSigner SignerId="ID_SIGNER_WINDOWS_3RD_PARTY_2014" />
+          <DeniedSigner SignerId="ID_SIGNER_VERISIGN_2009" />
+          <DeniedSigner SignerId="ID_SIGNER_VERISIGN_BIOSTAR" />
+          <DeniedSigner SignerId="ID_SIGNER_GLOBALSIGN_G2_MICROSTAR" />
+          <DeniedSigner SignerId="ID_SIGNER_VERISIGN_TOSHIBA" />
+          <DeniedSigner SignerId="ID_SIGNER_GLOBALSIGN_MICROSTAR" />
+          <DeniedSigner SignerId="ID_SIGNER_VERISIGN_INSYDE" />
+        </DeniedSigners>
+        <FileRulesRef>        
+            <FileRuleRef RuleID="ID_ALLOW_ALL_1"/>
+            <FileRuleRef RuleID="ID_DENY_BANDAI_SHA1" />
+            <FileRuleRef RuleID="ID_DENY_BANDAI_SHA256" />
+            <FileRuleRef RuleID="ID_DENY_BANDAI_SHA1_PAGE" />
+            <FileRuleRef RuleID="ID_DENY_BANDAI_SHA256_PAGE" />
+            <FileRuleRef RuleID="ID_DENY_CAPCOM_SHA1" />
+            <FileRuleRef RuleID="ID_DENY_CAPCOM_SHA256" />
+            <FileRuleRef RuleID="ID_DENY_CAPCOM_SHA1_PAGE" />
+            <FileRuleRef RuleID="ID_DENY_CAPCOM_SHA256_PAGE" />
+            <FileRuleRef RuleID="ID_DENY_FIDDRV_SHA1"/>
+            <FileRuleRef RuleID="ID_DENY_FIDDRV_SHA256"/>
+            <FileRuleRef RuleID="ID_DENY_FIDDRV_SHA1_PAGE"/>
+            <FileRuleRef RuleID="ID_DENY_FIDDRV_SHA256_PAGE"/>
+            <FileRuleRef RuleID="ID_DENY_FIDDRV64_SHA1"/>
+            <FileRuleRef RuleID="ID_DENY_FIDDRV64_SHA256"/>
+            <FileRuleRef RuleID="ID_DENY_FIDDRV64_SHA1_PAGE"/>
+            <FileRuleRef RuleID="ID_DENY_FIDDRV64_SHA256_PAGE"/>
+            <FileRuleRef RuleID="ID_DENY_FIDPCIDRV_SHA1"/>
+            <FileRuleRef RuleID="ID_DENY_FIDPCIDRV_SHA256"/>
+            <FileRuleRef RuleID="ID_DENY_FIDPCIDRV_SHA1_PAGE"/>
+            <FileRuleRef RuleID="ID_DENY_FIDPCIDRV_SHA256_PAGE"/>
+            <FileRuleRef RuleID="ID_DENY_FIDPCIDRV64_SHA1"/>
+            <FileRuleRef RuleID="ID_DENY_FIDPCIDRV64_SHA256"/>
+            <FileRuleRef RuleID="ID_DENY_FIDPCIDRV64_SHA1_PAGE"/>
+            <FileRuleRef RuleID="ID_DENY_FIDPCIDRV64_SHA256_PAGE"/>
+            <FileRuleRef RuleID="ID_DENY_GDRV" />
+            <FileRuleRef RuleID="ID_DENY_GLCKIO2_SHA1"/>
+            <FileRuleRef RuleID="ID_DENY_GLCKIO2_SHA256"/>
+            <FileRuleRef RuleID="ID_DENY_GLCKIO2_SHA1_PAGE"/>
+            <FileRuleRef RuleID="ID_DENY_GLCKIO2_SHA256_PAGE"/>
+            <FileRuleRef RuleID="ID_DENY_GVCIDRV64_SHA1"/>
+            <FileRuleRef RuleID="ID_DENY_GVCIDRV64_SHA256"/>
+            <FileRuleRef RuleID="ID_DENY_GVCIDRV64_SHA1_PAGE"/>
+            <FileRuleRef RuleID="ID_DENY_GVCIDRV64_SHA256_PAGE"/>
+            <FileRuleRef RuleID="ID_DENY_WINFLASH64_SHA1"/>
+            <FileRuleRef RuleID="ID_DENY_WINFLASH64_SHA256"/>
+            <FileRuleRef RuleID="ID_DENY_WINFLASH64_SHA1_PAGE"/>
+            <FileRuleRef RuleID="ID_DENY_WINFLASH64_SHA256_PAGE"/>
+            <FileRuleRef RuleID="ID_DENY_AMIFLDRV64_SHA1"/>
+            <FileRuleRef RuleID="ID_DENY_AMIFLDRV64_SHA256C"/>
+            <FileRuleRef RuleID="ID_DENY_AMIFLDRV64_SHA1_PAGE"/>
+            <FileRuleRef RuleID="ID_DENY_AMIFLDRV64_SHA256_PAGE"/>
+            <FileRuleRef RuleID="ID_DENY_ASUPIO64_SHA1F" />
+            <FileRuleRef RuleID="ID_DENY_ASUPIO64_SHA256" />
+            <FileRuleRef RuleID="ID_DENY_ASUPIO64_SHA1_PAGE"/>
+            <FileRuleRef RuleID="ID_DENY_ASUPIO64_SHA256_PAGE"/>
+            <FileRuleRef RuleID="ID_DENY_BSFLASH64_SHA1"/>
+            <FileRuleRef RuleID="ID_DENY_BSFLASH64_SHA256"/>
+            <FileRuleRef RuleID="ID_DENY_BSFLASH64_SHA1_PAGE"/>
+            <FileRuleRef RuleID="ID_DENY_BSFLASH64_SHA256_PAGE"/>
+            <FileRuleRef RuleID="ID_DENY_BSHWMIO64_SHA1" />
+            <FileRuleRef RuleID="ID_DENY_BSHWMIO64_SHA256"/>
+            <FileRuleRef RuleID="ID_DENY_BSHWMIO64_SHA1_PAGE"/>
+            <FileRuleRef RuleID="ID_DENY_BSHWMIO64_SHA256_PAGE"/>
+            <FileRuleRef RuleID="ID_DENY_MSIO64_SHA1"/>
+            <FileRuleRef RuleID="ID_DENY_MSIO64_SHA256"/>
+            <FileRuleRef RuleID="ID_DENY_MSIO64_SHA1_PAGE"/>
+            <FileRuleRef RuleID="ID_DENY_MSIO64_SHA256_PAGE"/>
+            <FileRuleRef RuleID="ID_DENY_PIDDRV_SHA1"/>
+            <FileRuleRef RuleID="ID_DENY_PIDDRV_SHA256"/>
+            <FileRuleRef RuleID="ID_DENY_PIDDRV_SHA1_PAGE"/>
+            <FileRuleRef RuleID="ID_DENY_PIDDRV_SHA256_PAGE"/>
+            <FileRuleRef RuleID="ID_DENY_PIDDRV64_SHA1"/>
+            <FileRuleRef RuleID="ID_DENY_PIDDRV64_SHA256"/>
+            <FileRuleRef RuleID="ID_DENY_PIDDRV64_SHA1_PAGE"/>
+            <FileRuleRef RuleID="ID_DENY_PIDDRV64_SHA256_PAGE"/>
+            <FileRuleRef RuleID="ID_DENY_SEMAV6MSR64_SHA1"/>
+            <FileRuleRef RuleID="ID_DENY_SEMAV6MSR64_SHA256"/>
+            <FileRuleRef RuleID="ID_DENY_SEMAV6MSR64_SHA1_PAGE"/>
+            <FileRuleRef RuleID="ID_DENY_SEMAV6MSR64_SHA256_PAGE"/>
+        </FileRulesRef>
+      </ProductSigners>
+    </SigningScenario>
+    <SigningScenario Value="12" ID="ID_SIGNINGSCENARIO_WINDOWS" FriendlyName="">
+      <ProductSigners>
+        <FileRulesRef>
+          <FileRuleRef RuleID="ID_ALLOW_ALL_2" />
+        </FileRulesRef>
+      </ProductSigners>
+    </SigningScenario>
+  </SigningScenarios>
+  <UpdatePolicySigners />
+  <CiSigners />
+  <HvciOptions>0</HvciOptions>
+  <Settings>
+    <Setting Provider="PolicyInfo" Key="Information" ValueName="Name">
+      <Value>
+        <String>Microsoft Windows Driver Policy</String>
+      </Value>
+    </Setting>
+    <Setting Provider="PolicyInfo" Key="Information" ValueName="Id">
+      <Value>
+        <String>10.0.19565.0</String>
+      </Value>
+    </Setting>
+  </Settings>
+</SiPolicy>
+```
+<br />
+
+
+## More information
+
+- [Merge Windows Defender Application Control policies](merge-windows-defender-application-control-policies.md)
diff --git a/windows/security/threat-protection/windows-defender-application-control/wdac-and-applocker-overview.md b/windows/security/threat-protection/windows-defender-application-control/wdac-and-applocker-overview.md
index f076b612e7..9fe4c819a1 100644
--- a/windows/security/threat-protection/windows-defender-application-control/wdac-and-applocker-overview.md
+++ b/windows/security/threat-protection/windows-defender-application-control/wdac-and-applocker-overview.md
@@ -44,10 +44,12 @@ Note that prior to Windows 10, version 1709, Windows Defender Application Contro
 
 ### WDAC System Requirements
 
-WDAC policies can only be created on devices running Windows 10 build 1903+ on any SKU, pre-1903 Windows 10 Enterprise, or Windows Server 2016 and above.
+WDAC policies can be created on any client edition of Windows 10 build 1903+ or on Windows Server 2016 and above.
 
 WDAC policies can be applied to devices running any edition of Windows 10 or Windows Server 2016 and above via a Mobile Device Management (MDM) solution like Intune, a management interface like Configuration Manager, or a script host like PowerShell. Group Policy can also be used to deploy WDAC policies to Windows 10 Enterprise edition or Windows Server 2016 and above, but cannot deploy policies to devices running non-Enterprise SKUs of Windows 10.
 
+For more information on which individual WDAC features are available on which WDAC builds, see [WDAC feature availability](feature-availability.md).
+
 ## AppLocker
 
 AppLocker was introduced with Windows 7 and allows organizations to control which applications are allowed to run on their Windows clients. AppLocker helps to prevent end users from running unapproved software on their computers, but it does not meet the servicing criteria for being a security feature.
@@ -65,12 +67,13 @@ AppLocker policies can be deployed using Group Policy or MDM.
 
 ## Choose when to use WDAC or AppLocker
 
-Generally, it is recommended that customers who are able to implement application control using WDAC rather than AppLocker do so. WDAC is undergoing continual improvements and will be getting added support from Microsoft management platforms. AppLocker is a legacy technology which will continue to receive security fixes but will not undergo new feature improvements.
+Generally, it is recommended that customers who are able to implement application control using WDAC rather than AppLocker do so. WDAC is undergoing continual improvements and will be getting added support from Microsoft management platforms. Although AppLocker will continue to receive security fixes, it will not undergo new feature improvements.
 
 In some cases, however, AppLocker may be the more appropriate technology for your organization. AppLocker is best when:
 
 - You have a mixed Windows operating system (OS) environment and need to apply the same policy controls to Windows 10 and earlier versions of the OS.
 - You need to apply different policies for different users or groups on shared computers.
+- You do not want to enforce application control on application files such as DLLs or drivers.
 
 AppLocker can also be deployed as a complement to WDAC to add user- or group-specific rules for shared device scenarios where it is important to prevent some users from running specific apps.
 As a best practice, you should enforce WDAC at the most restrictive level possible for your organization, and then you can use AppLocker to further fine-tune the restrictions.
diff --git a/windows/security/threat-protection/windows-firewall/TOC.md b/windows/security/threat-protection/windows-firewall/TOC.md
index e5edff503e..34b7c1beb1 100644
--- a/windows/security/threat-protection/windows-firewall/TOC.md
+++ b/windows/security/threat-protection/windows-firewall/TOC.md
@@ -96,6 +96,7 @@
 
 
 ## [Best practices]()
+### [Configuring the firewall](best-practices-configuring.md)
 ### [Securing IPsec](securing-end-to-end-ipsec-connections-by-using-ikev2.md)
 ### [PowerShell](windows-firewall-with-advanced-security-administration-with-windows-powershell.md)
 ### [Isolating Microsoft Store Apps on Your Network](isolating-apps-on-your-network.md)
diff --git a/windows/security/threat-protection/windows-firewall/best-practices-configuring.md b/windows/security/threat-protection/windows-firewall/best-practices-configuring.md
new file mode 100644
index 0000000000..274baf82d2
--- /dev/null
+++ b/windows/security/threat-protection/windows-firewall/best-practices-configuring.md
@@ -0,0 +1,212 @@
+---
+title: Best practices for configuring Windows Defender Firewall
+description: Learn about best practices for configuring Windows Defender Firewall
+
+keywords: firewall, best practices, security, network security, network, rules, filters,
+
+ms.prod: w10
+ms.mktglfcycl: deploy
+ms.sitesec: library
+ms.pagetype: security
+ms.author: maccruz
+author: schmurky
+ms.localizationpriority: medium
+manager: dansimp
+audience: ITPro
+ms.collection: M365-security-compliance 
+ms.topic: article
+
+---
+
+# Best practices for configuring Windows Defender Firewall
+
+**Applies to**
+
+-   Windows operating systems including Windows 10
+
+-   Windows Server Operating Systems
+
+Windows Defender Firewall with Advanced Security provides host-based, two-way
+network traffic filtering and blocks unauthorized network traffic flowing into
+or out of the local device. Configuring your Windows Firewall based on the
+following best practices can help you optimize protection for devices in your
+network. These recommendations cover a wide range of deployments including home
+networks and enterprise desktop/server systems.
+
+To open Windows Firewall, go to the **Start** menu, select **Run**,
+type **WF.msc**, and then select **OK**. See also [Open Windows Firewall](https://docs.microsoft.com/windows/security/threat-protection/windows-firewall/open-windows-firewall-with-advanced-security).
+
+## Keep default settings
+
+When you open the Windows Defender Firewall for the first time, you can see the default settings applicable to the local computer. The Overview panel displays security settings for each type of network to which the device can connect.
+
+![Windows Defender Firewall with Advanced Security first time opening](images/fw01-profiles.png)
+
+*Figure 1: Windows Defender Firewall*
+
+1.  **Domain profile**: Used for networks where there is a system of account authentication against a domain controller (DC), such as an Azure Active Directory DC
+
+2.  **Private profile**: Designed for and best used
+    in private networks such as a home network
+
+3.  **Public profile**: Designed with higher security in mind
+    for public networks like Wi-Fi hotspots, coffee shops, airports, hotels, or stores
+
+View detailed settings for each profile by right-clicking the top-level **Windows Defender Firewall with Advanced Security** node in the left pane and then selecting **Properties**.
+
+Maintain the default settings in Windows Defender
+Firewall whenever possible. These settings have been designed to secure your device for use in most network scenarios. One key example is the default Block behavior for Inbound connections. 
+
+![A screenshot of a cell phone Description automatically generated](images/fw03-defaults.png)
+
+*Figure 2: Default inbound/outbound settings*
+
+> [!IMPORTANT]
+> To maintain maximum security, do not change the default Block setting for inbound connections.
+
+For more on configuring basic firewall settings, see [Turn on Windows Firewall and Configure Default Behavior](https://docs.microsoft.com/windows/security/threat-protection/windows-firewall/turn-on-windows-firewall-and-configure-default-behavior) and [Checklist: Configuring Basic Firewall Settings](https://docs.microsoft.com/windows/security/threat-protection/windows-firewall/checklist-configuring-basic-firewall-settings).
+
+## Understand rule precedence for inbound rules
+
+In many cases, a next step for administrators will be to customize these profiles using rules (sometimes called filters) so that they can work with user apps or other types of software. For example, an administrator or user may choose to add a rule to accommodate a program, open a port or protocol, or allow a predefined type of traffic.
+
+This can be accomplished by right-clicking either **Inbound Rules** or **Outbound Rules**, and selecting **New Rule**. The interface for adding a new rule looks like this:
+
+![Rule creation wizard](images/fw02-createrule.png)
+
+*Figure 3: Rule Creation Wizard*
+
+> [!NOTE]
+>This article does not cover step-by-step rule
+configuration. See the [Windows Firewall with Advanced Security Deployment
+Guide](https://docs.microsoft.com/windows/security/threat-protection/windows-firewall/windows-firewall-with-advanced-security-deployment-guide)
+for general guidance on policy creation.
+
+In many cases, allowing specific types of inbound traffic will be required for
+applications to function in the network. Administrators should keep the following rule precedence behaviors in mind when
+allowing these inbound exceptions.
+
+1.  Explicitly defined allow rules will take precedence over the default block setting.
+
+2.  Explicit block rules will take precedence over any conflicting allow rules.
+
+3.  More specific rules will take precedence over less specific rules, except in the case of explicit block rules as mentioned in 2. (For example, if the parameters of rule 1 includes an IP address range, while the parameters of rule 2 include a single IP host address, rule 2 will take precedence.)
+
+Because of 1 and 2, it is important that, when designing a set of policies, you make sure that there are no other explicit block rules in place that could inadvertently overlap, thus preventing the traffic flow you wish to allow.
+
+A general security best practice when creating inbound rules is to be as specific as possible. However, when new rules must be made that use ports or IP addresses, consider using consecutive ranges or subnets instead of individual addresses or ports where possible. This avoids creation of multiple filters under the hood, reduces complexity, and helps to avoid performance degradation.
+
+> [!NOTE] 
+> Windows Defender Firewall does not support traditional weighted, administrator-assigned rule ordering. An effective policy set with expected behaviors can be created by keeping in mind the few, consistent, and logical rule behaviors described above. 
+
+## Create rules for new applications before first launch
+
+### Inbound allow rules
+
+When first installed, networked applications and services issue a listen call specifying the protocol/port information required for them to function properly. As there is a default block action in Windows Defender Firewall, it is necessary to create inbound exception rules to allow this traffic. It is common for the app or the app installer itself to add this firewall rule. Otherwise, the user (or firewall admin on behalf of the user) needs to manually create a rule.
+
+If there are no active application or administrator-defined allow rule(s), a dialog box will prompt the user to either allow or block an application's packets the first time the app is launched or tries to communicate in the network.
+
+- If the user has admin permissions, they will be prompted. If they respond *No* or cancel the prompt, block rules will be created. Two rules are typically created, one each for TCP and UDP traffic.
+
+- If the user is not a local admin, they will not be prompted. In most cases, block rules will be created.
+
+In either of the scenarios above, once these rules are added they must be deleted in order to generate the prompt again. If not, the traffic will continue to be blocked.
+
+> [!NOTE]
+> The firewall's default settings are designed for security. Allowing all inbound connections by default introduces the network to various threats. Therefore, creating exceptions for inbound connections from third-party software should be determined by trusted app developers, the user, or the admin on behalf of the user. 
+
+
+### Known issues with automatic rule creation
+
+When designing a set of firewall policies for your network, it is a best practice to configure allow rules for any networked applications deployed on the host. Having these rules in place before the user first launches the application will help ensure a seamless experience.
+
+The absence of these staged rules does not necessarily mean that in the end an application will be unable to communicate on the network. However, the behaviors involved in the automatic creation of application rules at runtime requires user interaction. 
+
+To determine why some applications are blocked from communicating in the network, check for the following:
+
+1.  A user with sufficient privileges receives a query notification advising them that the application needs to make a change to the firewall policy. Not fully understanding the prompt, the user cancels or dismisses the prompt.
+
+2.  A user lacks sufficient privileges and is therefore not prompted to allow the application to make the appropriate policy changes.
+
+3.  Local Policy Merge is disabled, preventing the application or network service from creating local rules.
+
+![Windows Firewall prompt](images/fw04-userquery.png)
+
+*Figure 4: Dialog box to allow access*
+
+See also [Checklist: Creating Inbound Firewall Rules](https://docs.microsoft.com/windows/security/threat-protection/windows-firewall/checklist-creating-inbound-firewall-rules).
+
+## Establish local policy merge and application rules
+
+Firewall rules can be deployed:
+1. Locally using the Firewall snap-in (**WF.msc**) 
+2. Locally using PowerShell 
+3. Remotely using Group Policy if the device is a member of an Active Directory Name, System  Center Configuration Manager (SCCM), or Intune (using workplace join)
+
+Rule merging settings control how rules from different policy sources can be combined. Administrators can configure different merge behaviors for Domain, Private, and Public profiles.
+
+The rule merging settings either allow or prevent local admins from creating their own firewall rules in addition to those obtained from Group Policy.
+
+![Customize settings](images/fw05-rulemerge.png)
+
+*Figure 5: Rule merging setting*
+
+> [!TIP]
+> In the firewall [configuration service provider](https://docs.microsoft.com/windows/client-management/mdm/firewall-csp), the
+equivalent setting is *AllowLocalPolicyMerge*. This setting can be found under each respective profile node, *DomainProfile*, *PrivateProfile*, and *PublicProfile*. 
+
+If merging of local policies is disabled, centralized deployment of rules is required for any app that needs inbound connectivity.
+
+Admins may disable *LocalPolicyMerge* in high security environments to maintain tighter control over endpoints. This can impact some apps and services that automatically generate a local firewall policy upon installation as discussed above. For these types of apps and services to work, admins should push rules centrally via group policy (GP), Mobile Device
+Management (MDM), or both (for hybrid or co-management environments).
+
+[Firewall CSP](https://docs.microsoft.com/windows/client-management/mdm/firewall-csp) and [Policy CSP](https://docs.microsoft.com/windows/client-management/mdm/policy-configuration-service-provider) also have settings that can affect rule merging.
+
+As a best practice, it is important to list and log such apps, including the network ports used for communications. Typically, you can find what ports must be open for a given service on the app's website. For more complex or customer application deployments, a more thorough analysis may be needed using network packet capture tools. 
+
+In general, to maintain maximum security, admins should only push firewall exceptions for apps and services determined to serve legitimate purposes.
+
+
+
+> [!NOTE]
+> The use of wildcard patterns, such as *C:\*\\teams.exe* is not
+supported in application rules. We currently only support rules created using the full path to the application(s).
+
+## Know how to use "shields up" mode for active attacks
+
+An important firewall feature you can use to mitigate damage during an active attack is the "shields up" mode. It is an informal term referring to an easy method a firewall administrator can use to temporarily increase security in the face of an active attack.
+
+Shields up can be achieved by checking **Block all
+incoming connections, including those in the list of allowed apps** setting found in either the Windows Settings app or the legacy file *firewall.cpl*.
+
+![Incoming connections](images/fw06-block.png)
+
+*Figure 6: Windows settings App/Windows Security/Firewall Protection/Network Type*
+
+![Firewall cpl](images/fw07-legacy.png)
+
+*Figure 7: Legacy firewall.cpl*
+
+By default, the Windows Defender Firewall will block everything unless there is an exception rule created. This setting overrides the exceptions. 
+
+For example, the Remote Desktop feature automatically creates firewall rules when enabled. However, if there is an active exploit using multiple ports and services on a host, you can, instead of disabling individual rules, use the shields up mode to block all inbound connections, overriding previous exceptions, including the rules for Remote Desktop. The Remote Desktop rules remain intact but remote access will not work as long as shields up is activated.
+
+Once the emergency is over, uncheck the setting to restore regular network traffic.
+
+## Create outbound rules
+
+What follows are a few general guidelines for configuring outbound rules.
+
+- The default configuration of Blocked for Outbound rules can be
+    considered for certain highly secure environments. However, the Inbound rule configuration should never be changed in a way that Allows traffic by default.
+
+- It is recommended to Allow Outbound by default for most deployments for the sake of simplification around app deployments, unless the enterprise prefers tight security controls over ease-of-use.
+
+- In high security environments, an inventory of all enterprise-spanning apps must be taken and logged by the administrator or administrators. Records must include whether an app used requires network connectivity. Administrators will need to create new rules specific to each app that needs network connectivity and push those rules centrally, via group policy (GP), Mobile Device Management (MDM), or both (for hybrid or co-management environments).
+
+For tasks related to creating outbound rules, see [Checklist: Creating Outbound Firewall Rules](https://docs.microsoft.com/windows/security/threat-protection/windows-firewall/checklist-creating-outbound-firewall-rules).
+
+## Document your changes
+
+When creating an inbound or outbound rule, you should specify details about the app itself, the port range used, and important notes like creation date. Rules must be well-documented for ease of review both by you and other admins. We highly encourage taking the time  to make the work of reviewing your firewall rules at a later date easier. And *never* create unnecessary holes in your firewall.
diff --git a/windows/security/threat-protection/windows-firewall/images/fw01-profiles.png b/windows/security/threat-protection/windows-firewall/images/fw01-profiles.png
new file mode 100644
index 0000000000..c1aa416fdf
Binary files /dev/null and b/windows/security/threat-protection/windows-firewall/images/fw01-profiles.png differ
diff --git a/windows/security/threat-protection/windows-firewall/images/fw02-createrule.png b/windows/security/threat-protection/windows-firewall/images/fw02-createrule.png
new file mode 100644
index 0000000000..5c8f858f52
Binary files /dev/null and b/windows/security/threat-protection/windows-firewall/images/fw02-createrule.png differ
diff --git a/windows/security/threat-protection/windows-firewall/images/fw03-defaults.png b/windows/security/threat-protection/windows-firewall/images/fw03-defaults.png
new file mode 100644
index 0000000000..cfc1daea37
Binary files /dev/null and b/windows/security/threat-protection/windows-firewall/images/fw03-defaults.png differ
diff --git a/windows/security/threat-protection/windows-firewall/images/fw04-userquery.png b/windows/security/threat-protection/windows-firewall/images/fw04-userquery.png
new file mode 100644
index 0000000000..85f7485479
Binary files /dev/null and b/windows/security/threat-protection/windows-firewall/images/fw04-userquery.png differ
diff --git a/windows/security/threat-protection/windows-firewall/images/fw05-rulemerge.png b/windows/security/threat-protection/windows-firewall/images/fw05-rulemerge.png
new file mode 100644
index 0000000000..74c49fab7b
Binary files /dev/null and b/windows/security/threat-protection/windows-firewall/images/fw05-rulemerge.png differ
diff --git a/windows/security/threat-protection/windows-firewall/images/fw06-block.png b/windows/security/threat-protection/windows-firewall/images/fw06-block.png
new file mode 100644
index 0000000000..2909fa51d3
Binary files /dev/null and b/windows/security/threat-protection/windows-firewall/images/fw06-block.png differ
diff --git a/windows/security/threat-protection/windows-firewall/images/fw07-legacy.png b/windows/security/threat-protection/windows-firewall/images/fw07-legacy.png
new file mode 100644
index 0000000000..a8d15e6e31
Binary files /dev/null and b/windows/security/threat-protection/windows-firewall/images/fw07-legacy.png differ
diff --git a/windows/security/threat-protection/windows-firewall/troubleshooting-uwp-firewall.md b/windows/security/threat-protection/windows-firewall/troubleshooting-uwp-firewall.md
index 6071427eda..00bdfd5630 100644
--- a/windows/security/threat-protection/windows-firewall/troubleshooting-uwp-firewall.md
+++ b/windows/security/threat-protection/windows-firewall/troubleshooting-uwp-firewall.md
@@ -10,7 +10,9 @@ ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-ms.collection: M365-security-compliance
+ms.collection: 
+- m365-security-compliance
+- m365-initiative-windows-security
 ms.topic: troubleshooting
 ---
 
diff --git a/windows/security/threat-protection/windows-firewall/windows-firewall-with-advanced-security.md b/windows/security/threat-protection/windows-firewall/windows-firewall-with-advanced-security.md
index 9718aa85cf..00b1374150 100644
--- a/windows/security/threat-protection/windows-firewall/windows-firewall-with-advanced-security.md
+++ b/windows/security/threat-protection/windows-firewall/windows-firewall-with-advanced-security.md
@@ -12,7 +12,7 @@ manager: dansimp
 audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
-ms.date: 10/13/2017
+ms.date: 10/21/2020
 ms.reviewer: 
 ms.custom: asr
 ---
@@ -20,8 +20,9 @@ ms.custom: asr
 # Windows Defender Firewall with Advanced Security
 
 **Applies to**
--   Windows 10
--   Windows Server 2016
+- Windows 10
+- Windows Server 2016
+- Windows Server 2019
 
 This is an overview of the Windows Defender Firewall with Advanced Security (WFAS) and Internet Protocol security (IPsec) features.
 
@@ -48,4 +49,3 @@ To help address your organizational network security challenges, Windows Defende
 
 -   **Extends the value of existing investments.**  Because Windows Defender Firewall is a host-based firewall that is included with the operating system, there is no additional hardware or software required. Windows Defender Firewall is also designed to complement existing non-Microsoft network security solutions through a documented application programming interface (API).
 
-
diff --git a/windows/whats-new/TOC.md b/windows/whats-new/TOC.md
index edb6146667..9be4f860e1 100644
--- a/windows/whats-new/TOC.md
+++ b/windows/whats-new/TOC.md
@@ -1,11 +1,12 @@
 # [What's new in Windows 10](index.md)
+## [What's new in Windows 10, version 20H2](whats-new-windows-10-version-20H2.md)
 ## [What's new in Windows 10, version 2004](whats-new-windows-10-version-2004.md)
 ## [What's new in Windows 10, version 1909](whats-new-windows-10-version-1909.md)
 ## [What's new in Windows 10, version 1903](whats-new-windows-10-version-1903.md)
 ## [What's new in Windows 10, version 1809](whats-new-windows-10-version-1809.md)
 ## [What's new in Windows 10, version 1803](whats-new-windows-10-version-1803.md)
-## [What's new in Windows 10, version 1709](whats-new-windows-10-version-1709.md)
 ## Previous versions
+### [What's new in Windows 10, version 1709](whats-new-windows-10-version-1709.md)
 ### [What's new in Windows 10, version 1703](whats-new-windows-10-version-1703.md)
 ### [What's new in Windows 10, version 1607](whats-new-windows-10-version-1607.md)
 ### [What's new in Windows 10, versions 1507 and 1511](whats-new-windows-10-version-1507-and-1511.md)
diff --git a/windows/whats-new/index.md b/windows/whats-new/index.md
index 6f809cdf89..559ab66233 100644
--- a/windows/whats-new/index.md
+++ b/windows/whats-new/index.md
@@ -18,16 +18,17 @@ Windows 10 provides IT professionals with advanced protection against modern sec
 
 ## In this section
 
+- [What's new in Windows 10, version 20H2](whats-new-windows-10-version-20H2.md)
 - [What's new in Windows 10, version 2004](whats-new-windows-10-version-2004.md)
 - [What's new in Windows 10, version 1909](whats-new-windows-10-version-1909.md)
 - [What's new in Windows 10, version 1903](whats-new-windows-10-version-1903.md)
 - [What's new in Windows 10, version 1809](whats-new-windows-10-version-1809.md)
 - [What's new in Windows 10, version 1803](whats-new-windows-10-version-1803.md)
-- [What's new in Windows 10, version 1709](whats-new-windows-10-version-1709.md)
+
 
 ## Learn more
 
-- [Windows 10 release information](https://technet.microsoft.com/windows/release-info)
+- [Windows 10 release information](https://docs.microsoft.com/windows/release-information/)
 - [Windows 10 release health dashboard](https://docs.microsoft.com/windows/release-information/status-windows-10-2004)
 - [Windows 10 update history](https://support.microsoft.com/help/4555932/windows-10-update-history)
 - [What’s new for business in Windows 10 Insider Preview Builds](https://docs.microsoft.com/windows-insider/at-work-pro/wip-4-biz-whats-new)
diff --git a/windows/whats-new/whats-new-windows-10-version-20H2.md b/windows/whats-new/whats-new-windows-10-version-20H2.md
new file mode 100644
index 0000000000..8600af198f
--- /dev/null
+++ b/windows/whats-new/whats-new-windows-10-version-20H2.md
@@ -0,0 +1,152 @@
+---
+title: What's new in Windows 10, version 20H2
+description: New and updated features in Windows 10, version 20H2 (also known as the Windows 10 October 2020 Update).
+keywords: ["What's new in Windows 10", "Windows 10", "October 2020 Update"]
+ms.prod: w10
+ms.mktglfcycl: deploy
+ms.sitesec: library
+audience: itpro
+author: greg-lindsay
+ms.author: greglin
+manager: laurawi
+ms.localizationpriority: high
+ms.topic: article
+---
+
+# What's new in Windows 10, version 20H2 for IT Pros
+
+**Applies to**
+-   Windows 10, version 20H2
+
+This article lists new and updated features and content that is of interest to IT Pros for Windows 10, version 20H2, also known as the Windows 10 October 2020 Update. This update also contains all features and fixes included in previous cumulative updates to Windows 10, version 2004.
+
+> [!NOTE]
+> With this release and future releases, the Windows 10 release nomenclature is changing from a year and month pattern (YYMM) to a year and half-year pattern (YYH1, YYH2).
+
+As with previous fall releases, Windows 10, version 20H2 is a scoped set of features for select performance improvements, enterprise features, and quality enhancements. As an [H2-targeted release](https://support.microsoft.com/help/13853/windows-lifecycle-fact-sheet), 20H2 is serviced for 30 months from the release date for devices running Windows 10 Enterprise or Windows 10 Education editions. 
+
+To download and install Windows 10, version 20H2, use Windows Update (**Settings > Update & Security > Windows Update**). For more information, including a video, see [How to get the Windows 10 October 2020 Update](https://community.windows.com/videos/how-to-get-the-windows-10-october-2020-update/7c7_mWN0wi8). 
+
+## Microsoft Edge
+
+This release automatically includes the new Chromium-based [Microsoft Edge](https://www.microsoft.com/edge/business) browser instead of the legacy version of Edge.  For more information, see the [Microsoft Edge documentation](https://docs.microsoft.com/microsoft-edge/).
+
+## Servicing
+
+### Windows Update
+
+There are several changes that help improve the security of devices that scan Windows Server Update Services (WSUS) for updates. For more information, see [Changes to improve security for Windows devices scanning WSUS](https://techcommunity.microsoft.com/t5/windows-it-pro-blog/changes-to-improve-security-for-windows-devices-scanning-wsus/ba-p/1645547).
+
+Starting with Windows 10, version 20H2, LCUs and SSUs have been combined into a single cumulative monthly update, available via Microsoft Catalog or Windows Server Update Services. For more information, see [Simplifying on-premises deployment of servicing stack updates](https://techcommunity.microsoft.com/t5/windows-it-pro-blog/simplifying-on-premises-deployment-of-servicing-stack-updates/ba-p/1646039).
+
+## Deployment
+
+New guidance is available to help prepare a [servicing strategy](https://docs.microsoft.com/windows/deployment/update/waas-servicing-strategy-windows-10-updates) and move your devices to the latest version of Windows 10 quickly and as seamlessly as possible. 
+
+Activities are grouped into the following phases: **Plan** > **Prepare** > **Deploy**:
+
+**Plan** your deployment by evaluating and understanding essential activities: 
+- Create a [phased deployment plan](https://docs.microsoft.com/windows/deployment/update/create-deployment-plan)
+- Assign [roles and responsibilities](https://docs.microsoft.com/windows/deployment/update/plan-define-readiness#process-manager) within your organization
+- Set [criteria](https://docs.microsoft.com/windows/deployment/update/plan-define-readiness#set-criteria-for-rating-apps) to establish readiness for the upgrade process
+- Evaluate your [infrastructure and tools](https://docs.microsoft.com/windows/deployment/update/eval-infra-tools)
+- Determine [readiness](https://docs.microsoft.com/windows/deployment/update/plan-determine-app-readiness) for your business applications
+- Create an effective, schedule-based [servicing strategy](https://docs.microsoft.com/windows/deployment/update/plan-define-strategy)
+
+**Prepare** your devices and environment for deployment by performing necessary actions:
+- Update [infrastructure and tools](https://docs.microsoft.com/windows/deployment/update/prepare-deploy-windows#prepare-infrastructure-and-environment)
+- Ensure the needed [services](https://docs.microsoft.com/windows/deployment/update/prepare-deploy-windows#prepare-applications-and-devices) are available
+- Resolve issues with [unhealthy devices](https://docs.microsoft.com/windows/deployment/update/prepare-deploy-windows#address-unhealthy-devices)
+- Ensure that [users are ready](https://docs.microsoft.com/windows/deployment/update/prepare-deploy-windows) for updates
+
+**Deploy** and manage Windows 10 strategically in your organization:
+- Use [Windows Autopilot](https://docs.microsoft.com/mem/autopilot/windows-autopilot) to streamline the set up, configuration, and delivery of new devices
+- Use [Configuration Manager](https://docs.microsoft.com/windows/deployment/deploy-windows-cm/prepare-for-zero-touch-installation-of-windows-10-with-configuration-manager) or [MDT](https://docs.microsoft.com/windows/deployment/deploy-windows-mdt/prepare-for-windows-deployment-with-mdt) to deploy new devices and update existing devices
+- Use [Windows Update for Business](https://docs.microsoft.com/windows/deployment/update/waas-configure-wufb) with Group Policy to [customize update settings](https://docs.microsoft.com/windows/deployment/update/waas-wufb-group-policy) for your devices
+- [Deploy Windows updates](https://docs.microsoft.com/windows/deployment/update/waas-manage-updates-wsus) with Windows Server Update Services (WSUS)
+- Manage bandwidth for updates with [Delivery Optimization](https://docs.microsoft.com/windows/deployment/update/waas-delivery-optimization)
+- [Monitor Windows Updates](https://docs.microsoft.com/windows/deployment/update/update-compliance-monitor) with Update Compliance
+
+### Windows Autopilot
+
+Enhancements to Windows Autopilot since the last release of Windows 10 include:
+- [Windows Autopilot for HoloLens](https://techcommunity.microsoft.com/t5/windows-it-pro-blog/windows-autopilot-for-hololens-2/ba-p/1371494): Set up HoloLens 2 devices with Windows Autopilot for HoloLens 2 self-deploying mode.
+- [Windows Autopilot with co-management](https://docs.microsoft.com/mem/configmgr/comanage/quickstart-autopilot): Co-management and Autopilot together can help you reduce cost and improve the end user experience.
+- Enhancements to Windows Autopilot deployment reporting are in preview. From the Microsoft Endpoint Manager admin center (endpoint.microsoft.com), select **Devices** > **Monitor** and scroll down to the **Enrollment** section. Click **Autopilot deployment (preview)**.
+
+### Windows Assessment and Deployment Toolkit (ADK)
+
+There is no new ADK for Windows 10, version 20H2. The ADK for Windows 10, version 2004 will also work with Windows 10, version 20H2.  For more information, see [Download and install the Windows ADK](https://docs.microsoft.com/windows-hardware/get-started/adk-install).
+
+## Device management
+
+Modern Device Management (MDM) policy is extended with new [Local Users and Groups settings](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-localusersandgroups) that match the options available for devices managed through Group Policy.
+
+For more information about what's new in MDM, see [What's new in mobile device enrollment and management](https://docs.microsoft.com/windows/client-management/mdm/new-in-windows-mdm-enrollment-management)
+
+## Security
+
+### Microsoft Defender Advanced Threat Protection (ATP) 
+
+This release includes improved support for non-ASCII file paths has been added for Microsoft Defender ATP Auto Incident Response (IR).
+
+The [DisableAntiSpyware](https://docs.microsoft.com/windows-hardware/customize/desktop/unattend/security-malware-windows-defender-disableantispyware) parameter is deprecated in this release.
+
+### Microsoft Defender Application Guard for Office
+
+Microsoft Defender Application Guard now supports Office: With [Microsoft Defender Application Guard for Office](https://docs.microsoft.com/microsoft-365/security/office-365-security/install-app-guard), you can launch untrusted Office documents (from outside the Enterprise) in an isolated container to prevent potentially malicious content from compromising your device.
+
+### Windows Hello
+
+With specialized hardware and software components available on devices shipping with Windows 10, version 20H2 configured out of factory, Windows Hello now offers added support for virtualization-based security with supporting fingerprint and face sensors. This feature isolates and secures a user's biometric authentication data.
+
+## Virtualization
+
+### Windows Sandbox
+
+New polices for [Windows Sandbox](https://docs.microsoft.com/windows/security/threat-protection/windows-sandbox/windows-sandbox-overview) are available in this release. For more information, see [Policy CSP - WindowsSandbox](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-windowssandbox).
+
+### Windows Virtual Desktop (WVD)
+
+> **Note**: WVD is not tied directly to a Windows 10 release, but it is included here as an evolving capability of Windows.
+
+New capabilities in WVD were announced at Ignite 2020. For more information, see [Announcing new management, security, and monitoring capabilities in Windows Virtual Desktop](https://aka.ms/wvd-ignite2020-blogpost).
+
+In addition, [Windows Virtual Desktop is now generally available in the Azure Government cloud](https://azure.microsoft.com/updates/windows-virtual-desktop-is-now-generally-available-in-the-azure-government-cloud/).
+
+## Windows Shell
+
+Some enhancements to the Windows 10 user interface are implemented in this release:
+
+- With this release, the solid color behind tiles on the Start menu is replaced with a partially transparent background. Tiles are also theme-aware. 
+- Icons on the Start menu no longer have a square outline around each icon.
+- Notifications are slightly updated in appearance.
+- You can now change the monitor refresh rate on advanced display settings.
+- Alt+Tab now shows Edge browser tabs by default. You can edit this setting under **Settings** > **System** > **Multitasking**: **Alt+Tab**.
+- The System control panel under System and Security has been updated to the Settings > About page. Links to Device Manager, Remote desktop, System protection, Advanced system settings, and Rename this PC are moved to the About page.
+
+### 2-in-1 PCs
+
+On a 2-in-1 device, Windows will now automatically switch to tablet mode when you detach the screen.
+
+## Surface
+
+Windows 10 Pro and Enterprise are now [available on Surface Hub 2](https://techcommunity.microsoft.com/t5/surface-it-pro-blog/announcing-the-availability-of-windows-10-pro-and-enterprise-on/ba-p/1624107).  For more information, see [What's new in Surface Hub 2S for IT admins](https://docs.microsoft.com/surface-hub/surface-hub-2s-whats-new).
+
+## Desktop Analytics
+
+[Desktop Analytics](https://docs.microsoft.com/configmgr/desktop-analytics/overview) is a cloud-connected service, integrated with Configuration Manager that provides data-driven insights to the management of Windows endpoints in your organization. Desktop Analytics requires a Windows E3 or E5 license, or a Microsoft 365 E3 or E5 license. 
+
+For information about Desktop Analytics and this release of Windows 10, see [What's new in Desktop Analytics](https://docs.microsoft.com/mem/configmgr/desktop-analytics/whats-new).
+
+## See Also
+
+[What’s new for IT pros in Windows 10, version 20H2](https://techcommunity.microsoft.com/t5/windows-it-pro-blog/what-s-new-for-it-pros-in-windows-10-version-20h2/ba-p/1800132)<br>
+[Get started with the October 2020 update to Windows 10](https://www.linkedin.com/learning/windows-10-october-2020-update-new-features-2/get-started-with-the-october-2020-update-to-windows-10)<br>
+[Learn Windows 10 with the October 2020 Update](https://www.linkedin.com/learning/windows-10-october-2020-update-essential-training/learn-windows-10-with-the-october-2020-update)<br>
+[What's New in Windows Server](https://docs.microsoft.com/windows-server/get-started/whats-new-in-windows-server): New and updated features in Windows Server.<br>
+[Windows 10 Features](https://www.microsoft.com/windows/features): General information about Windows 10 features.<br>
+[What's New in Windows 10](https://docs.microsoft.com/windows/whats-new/): See what’s new in other versions of Windows 10.<br>
+[Announcing more ways we’re making app development easier on Windows](https://blogs.windows.com/windowsdeveloper/2020/09/22/kevin-gallo-microsoft-ignite-2020/): Simplifying app development in Windows.<br>
+[Features and functionality removed in Windows 10](https://docs.microsoft.com/windows/deployment/planning/windows-10-removed-features): Removed features.<br>
+[Windows 10 features we’re no longer developing](https://docs.microsoft.com/windows/deployment/planning/windows-10-deprecated-features): Features that are not being developed.<br>