diff --git a/windows/client-management/mdm/new-in-windows-mdm-enrollment-management.md b/windows/client-management/mdm/new-in-windows-mdm-enrollment-management.md
index dffaa28270..80e2da378b 100644
--- a/windows/client-management/mdm/new-in-windows-mdm-enrollment-management.md
+++ b/windows/client-management/mdm/new-in-windows-mdm-enrollment-management.md
@@ -10,7 +10,7 @@ ms.topic: article
ms.prod: w10
ms.technology: windows
author: nickbrower
-ms.date: 07/12/2017
+ms.date: 07/26/2017
---
# What's new in MDM enrollment and management
@@ -979,6 +979,7 @@ For details about Microsoft mobile device management protocols for Windows 10 s
Defender/EnableNetworkProtection
Defender/GuardedFoldersAllowedApplications
Defender/GuardedFoldersList
+Security/ClearTPMIfNotReady
Update/ScheduledInstallEveryWeek
Update/ScheduledInstallFirstWeek
Update/ScheduledInstallFourthWeek
@@ -1299,6 +1300,7 @@ The DM agent for [push-button reset](https://msdn.microsoft.com/windows/hardware
|
Added the following new policies for Windows 10, version 1709:
+- Security/ClearTPMIfNotReady
- WindowsDefenderSecurityCenter/CompanyName
- WindowsDefenderSecurityCenter/DisableAppBrowserUI
- WindowsDefenderSecurityCenter/DisableEnhancedNotifications
diff --git a/windows/client-management/mdm/policy-configuration-service-provider.md b/windows/client-management/mdm/policy-configuration-service-provider.md
index 4966860dd5..a6d634b097 100644
--- a/windows/client-management/mdm/policy-configuration-service-provider.md
+++ b/windows/client-management/mdm/policy-configuration-service-provider.md
@@ -7,7 +7,7 @@ ms.topic: article
ms.prod: w10
ms.technology: windows
author: nickbrower
-ms.date: 07/07/2017
+ms.date: 07/26/2017
---
# Policy CSP
@@ -2295,6 +2295,9 @@ The following diagram shows the Policy configuration service provider in tree fo
-
Security/AntiTheftMode
+ -
+ Security/ClearTPMIfNotReady
+
-
Security/PreventAutomaticDeviceEncryptionForAzureADJoinedDevices
diff --git a/windows/client-management/mdm/policy-csp-security.md b/windows/client-management/mdm/policy-csp-security.md
index da65b16788..5b0f36a599 100644
--- a/windows/client-management/mdm/policy-csp-security.md
+++ b/windows/client-management/mdm/policy-csp-security.md
@@ -6,7 +6,7 @@ ms.topic: article
ms.prod: w10
ms.technology: windows
author: nickbrower
-ms.date: 07/14/2017
+ms.date: 07/26/2017
---
# Policy CSP - Security
@@ -258,6 +258,45 @@ ms.date: 07/14/2017
- 0 (default) – Encryption enabled.
- 1 – Encryption disabled.
+
+
+
+**Security/ClearTPMIfNotReady**
+
+
+
+
+ | Home |
+ Pro |
+ Business |
+ Enterprise |
+ Education |
+ Mobile |
+ Mobile Enterprise |
+
+
+ |
+  3 |
+ 3 |
+ 3 |
+ 3 |
+  |
+ |
+
+
+
+
+
+> [!NOTE]
+> This policy is only enforced in Windows 10 for desktop and not supported in Windows 10 Mobile.
+
+Added in Windows 10, version 1709. Admin access is required. The prompt will appear on first admin logon after a reboot when the TPM is in a non-ready state that can be remediated with a TPM Clear. The prompt will have a description of what clearing the TPM does and that it requires a reboot. The user can dismiss it, but it will appear on next admin logon after restart.
+
+The following list shows the supported values:
+
+- 0 (default) – Will not force recovery from a non-ready TPM state.
+- 1 – Will prompt to clear the TPM if the TPM is in a non-ready state (or reduced functionality) which can be remediated with a TPM Clear.
+
|