From 100a71a76311e5582389479daf7c1e542a149ac1 Mon Sep 17 00:00:00 2001
From: Denise Vangel-MSFT <deniseb@microsoft.com>
Date: Tue, 8 Dec 2020 19:01:10 -0800
Subject: [PATCH] Update attack-surface-reduction.md

---
 .../attack-surface-reduction.md               | 32 +++++++++----------
 1 file changed, 16 insertions(+), 16 deletions(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/attack-surface-reduction.md b/windows/security/threat-protection/microsoft-defender-atp/attack-surface-reduction.md
index 8d6ba4c1f2..7ec2e7d5af 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/attack-surface-reduction.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/attack-surface-reduction.md
@@ -364,6 +364,22 @@ Configuration Manager name: Not applicable
 
 GUID: `d1e49aac-8f56-4280-b9ba-993a6d77406c`
 
+### Block untrusted and unsigned processes that run from USB
+
+With this rule, admins can prevent unsigned or untrusted executable files from running from USB removable drives, including SD cards. Blocked file types include executable files (such as .exe, .dll, or .scr)
+
+This rule was introduced in: 
+- [Windows 10, version 1803](https://docs.microsoft.com/windows/whats-new/whats-new-windows-10-version-1803)
+- [Windows Server, version 1809](https://docs.microsoft.com/windows-server/get-started/whats-new-in-windows-server-1809)
+- [Windows Server 2019](https://docs.microsoft.com/windows-server/get-started-19/whats-new-19)
+- [Configuration Manager CB 1802](https://docs.microsoft.com/configmgr/core/servers/manage/updates)
+
+Intune name: Untrusted and unsigned processes that run from USB
+
+Configuration Manager name: Block untrusted and unsigned processes that run from USB
+
+GUID: `b2b3f03d-6a65-4f7b-a9c7-1c7ef74a9ba4`
+
 
 
 
@@ -406,22 +422,6 @@ GUID: `c1db55ab-c21a-4637-bb3f-a12568109d35`
 
 
 
-### Block untrusted and unsigned processes that run from USB
-
-With this rule, admins can prevent unsigned or untrusted executable files from running from USB removable drives, including SD cards. Blocked file types include executable files (such as .exe, .dll, or .scr)
-
-This rule was introduced in: 
-- [Windows 10, version 1803](https://docs.microsoft.com/windows/whats-new/whats-new-windows-10-version-1803)
-- [Windows Server, version 1809](https://docs.microsoft.com/windows-server/get-started/whats-new-in-windows-server-1809)
-- [Windows Server 2019](https://docs.microsoft.com/windows-server/get-started-19/whats-new-19)
-- [Configuration Manager CB 1802](https://docs.microsoft.com/configmgr/core/servers/manage/updates)
-
-Intune name: Untrusted and unsigned processes that run from USB
-
-Configuration Manager name: Block untrusted and unsigned processes that run from USB
-
-GUID: `b2b3f03d-6a65-4f7b-a9c7-1c7ef74a9ba4`
-
 
 
 ## Related topics