Merge branch 'master' into patch-22

2025-06-20 04:43:37 +00:00 · 2019-07-23 09:31:57 +03:00
parent 96b1b48c86 84fecf3c6d
commit 1509dfe274
15 changed files with 246 additions and 61 deletions
--- a/.openpublishing.redirection.json
+++ b/.openpublishing.redirection.json
@ -14156,6 +14156,116 @@
 "redirect_document_id": true
 },
 {
 "source_path": "windows/client-management/mdm/create-a-custom-configuration-service-provider.md",
 "redirect_url": "/windows/client-management/mdm/configuration-service-provider-reference",
 "redirect_document_id": true
 },
 {
 "source_path": "windows/client-management/mdm/design-a-custom-windows-csp.md",
 "redirect_url": "/windows/client-management/mdm/configuration-service-provider-reference",
 "redirect_document_id": false
 },
 {
 "source_path": "windows/client-management/mdm/iconfigserviceprovider2.md",
 "redirect_url": "/windows/client-management/mdm/configuration-service-provider-reference",
 "redirect_document_id": false
 },
 {
 "source_path": "windows/client-management/mdm/iconfigserviceprovider2configmanagernotification.md",
 "redirect_url": "/windows/client-management/mdm/configuration-service-provider-reference",
 "redirect_document_id": false
 },
 {
 "source_path": "windows/client-management/mdm/iconfigserviceprovider2getnode.md",
 "redirect_url": "/windows/client-management/mdm/configuration-service-provider-reference",
 "redirect_document_id": false
 },
 {
 "source_path": "windows/client-management/mdm/icspnode.md",
 "redirect_url": "/windows/client-management/mdm/configuration-service-provider-reference",
 "redirect_document_id": false
 },
 {
 "source_path": "windows/client-management/mdm/icspnodeadd.md",
 "redirect_url": "/windows/client-management/mdm/configuration-service-provider-reference",
 "redirect_document_id": false
 },
 {
 "source_path": "windows/client-management/mdm/icspnodeclear.md",
 "redirect_url": "/windows/client-management/mdm/configuration-service-provider-reference",
 "redirect_document_id": false
 },
 {
 "source_path": "windows/client-management/mdm/icspnodecopy.md",
 "redirect_url": "/windows/client-management/mdm/configuration-service-provider-reference",
 "redirect_document_id": false
 },
 {
 "source_path": "windows/client-management/mdm/icspnodedeletechild.md",
 "redirect_url": "/windows/client-management/mdm/configuration-service-provider-reference",
 "redirect_document_id": false
 },
 {
 "source_path": "windows/client-management/mdm/icspnodedeleteproperty.md",
 "redirect_url": "/windows/client-management/mdm/configuration-service-provider-reference",
 "redirect_document_id": false
 },
 {
 "source_path": "windows/client-management/mdm/icspnodeexecute.md",
 "redirect_url": "/windows/client-management/mdm/configuration-service-provider-reference",
 "redirect_document_id": false
 },
 {
 "source_path": "windows/client-management/mdm/icspnodegetchildnodenames.md",
 "redirect_url": "/windows/client-management/mdm/configuration-service-provider-reference",
 "redirect_document_id": false
 },
 {
 "source_path": "windows/client-management/mdm/icspnodegetproperty.md",
 "redirect_url": "/windows/client-management/mdm/configuration-service-provider-reference",
 "redirect_document_id": false
 },
 {
 "source_path": "windows/client-management/mdm/icspnodegetpropertyidentifiers.md",
 "redirect_url": "/windows/client-management/mdm/configuration-service-provider-reference",
 "redirect_document_id": false
 },
 {
 "source_path": "windows/client-management/mdm/icspnodegetvalue.md",
 "redirect_url": "/windows/client-management/mdm/configuration-service-provider-reference",
 "redirect_document_id": false
 },
 {
 "source_path": "windows/client-management/mdm/icspnodemove.md",
 "redirect_url": "/windows/client-management/mdm/configuration-service-provider-reference",
 "redirect_document_id": false
 },
 {
 "source_path": "windows/client-management/mdm/icspnodesetproperty.md",
 "redirect_url": "/windows/client-management/mdm/configuration-service-provider-reference",
 "redirect_document_id": false
 },
 {
 "source_path": "windows/client-management/mdm/icspnodesetvalue.md",
 "redirect_url": "/windows/client-management/mdm/configuration-service-provider-reference",
 "redirect_document_id": false
 },
 {
 "source_path": "windows/client-management/mdm/icspnodetransactioning.md",
 "redirect_url": "/windows/client-management/mdm/configuration-service-provider-reference",
 "redirect_document_id": false
 },
 {
 "source_path": "windows/client-management/mdm/icspvalidate.md",
 "redirect_url": "/windows/client-management/mdm/configuration-service-provider-reference",
 "redirect_document_id": false
 },
 {
 "source_path": "windows/client-management/mdm/samples-for-writing-a-custom-configuration-service-provider.md",
 "redirect_url": "/windows/client-management/mdm/configuration-service-provider-reference",
 "redirect_document_id": false
 },
 {
 "source_path": "windows/keep-secure/collect-wip-audit-event-logs.md",
 "redirect_url": "/windows/threat-protection/windows-information-protection/collect-wip-audit-event-logs",
 "redirect_document_id": true
--- a/windows/deployment/mbr-to-gpt.md
+++ b/windows/deployment/mbr-to-gpt.md
@ -427,7 +427,7 @@ To fix this issue, mount the Windows PE image (WIM), copy the missing file from
   **Command 1:**
   ```cmd
-   copy "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Setup\amd64\Sources\ReAgnet*.*" "C:\WinPE_Mount\Windows\System32"
+   copy "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Setup\amd64\Sources\ReAgent*.*" "C:\WinPE_Mount\Windows\System32"
   ```
   This command copies three files:
@ -437,7 +437,7 @@ To fix this issue, mount the Windows PE image (WIM), copy the missing file from
   **Command 2:**
   ```cmd
-   copy "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Setup\amd64\Sources\En-Us\ReAgnet*.*" "C:\WinPE_Mount\Windows\System32\En-Us"
+   copy "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Setup\amd64\Sources\En-Us\ReAgent*.*" "C:\WinPE_Mount\Windows\System32\En-Us"
   ```   
   This command copies two files:
   * ReAgent.adml
--- a/windows/deployment/update/waas-morenews.md
+++ b/windows/deployment/update/waas-morenews.md
@ -16,6 +16,8 @@ ms.topic: article
 Here's more news about [Windows as a service](windows-as-a-service.md):
 <ul>
  <li><a href="https://blogs.windows.com/windowsexperience/2019/04/04/improving-the-windows-10-update-experience-with-control-quality-and-transparency">Improving the Windows 10 update experience with control, quality and transparency</a> - April 4, 2019</li>
 <li><a href="https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Call-to-action-review-your-Windows-Update-for-Business-deferral/ba-p/394244">Call to action: review your Windows Update for Business deferral values</a> - April 3, 2019</li>
  <li><a href="https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Windows-10-version-1809-designated-for-broad-deployment/ba-p/389540">Windows 10, version 1809 designated for broad deployment</a> - March 28, 2019</li>
 <li><a href="https://blogs.windows.com/windowsexperience/2019/03/06/data-insights-and-listening-to-improve-the-customer-experience">Data, insights and listening to improve the customer experience</a> - March 6, 2019</li>
 <li><a href="https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Getting-to-know-the-Windows-update-history-pages/ba-p/355079">Getting to know the Windows update history pages</a> - February 21, 2019</li>
--- a/windows/deployment/update/windows-as-a-service.md
+++ b/windows/deployment/update/windows-as-a-service.md
@ -27,13 +27,13 @@ Everyone wins when transparency is a top priority. We want you to know when upda
 The latest news:
 <ul compact style="list-style: none"> 
 <li><a href="https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Upgrading-Windows-10-devices-with-installation-media-different/ba-p/746126">Upgrading Windows 10 devices with installation media different than the original OS install language</a> - July 9, 2019</li>
 <li><a href="https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Moving-to-the-next-Windows-10-feature-update-for-commercial/ba-p/732968">Moving to the next Windows 10 feature update for commercial customers</a> - July 1, 2019</li>
 <li><a href="https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Updating-Windows-10-version-1903-using-Configuration-Manager-or/ba-p/639100">Updating Windows 10, version 1903 using Configuration Manager or WSUS</a> - May 23, 2019</li>
 <li><a href="https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/What-s-new-in-Windows-Update-for-Business-in-Windows-10-version/ba-p/622064">What’s new in Windows Update for Business in Windows 10, version 1903</a> - May 21, 2019</li>
 <li><a href="https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/What-s-new-for-IT-pros-in-Windows-10-version-1903/ba-p/622024">What’s new for IT pros in Windows 10, version 1903</a> - May 21, 2019</li>
 <li><a href="https://blogs.windows.com/windowsexperience/2019/05/21/how-to-get-the-windows-10-may-2019-update">How to get the Windows 10 May 2019 Update</a> - May 21, 2019</li>
-<li><a href="https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/The-benefits-of-Windows-10-Dynamic-Update/ba-p/467847">The benefits of Windows 10 Dynamic Update</a> - April 17, 2019</li>
+ <li><a href="https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/The-benefits-of-Windows-10-Dynamic-Update/ba-p/467847">The benefits of Windows 10 Dynamic Update</a> - April 17, 2019</li>
 <li><a href="https://blogs.windows.com/windowsexperience/2019/04/04/improving-the-windows-10-update-experience-with-control-quality-and-transparency">Improving the Windows 10 update experience with control, quality and transparency</a> - April 4, 2019</li>
 <li><a href="https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Call-to-action-review-your-Windows-Update-for-Business-deferral/ba-p/394244">Call to action: review your Windows Update for Business deferral values</a> - April 3, 2019</li>
 </ul>
 [See more news](waas-morenews.md). You can also check out the [Windows 10 blog](https://techcommunity.microsoft.com/t5/Windows-10-Blog/bg-p/Windows10Blog).
@ -43,7 +43,11 @@ Written by IT pros for IT pros, sharing real world examples and scenarios for Wi
 <img src="images/champs-2.png" alt="" width="640" height="320">
-<a href="https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Deployment-rings-The-hidden-strategic-gem-of-Windows-as-a/ba-p/659622">**NEW** Deployment rings: The hidden [strategic] gem of Windows as a service</a>
+<a href="https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Tactical-considerations-for-creating-Windows-deployment-rings/ba-p/746979">**NEW** Tactical considerations for creating Windows deployment rings</a>
 <a href="https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Windows-10-Enterprise-vs-Windows-10-Pro-Modern-management/ba-p/720445">**NEW** Windows 10 Enterprise vs. Windows 10 Pro: Modern management considerations for your organization</a>
 <a href="https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Deployment-rings-The-hidden-strategic-gem-of-Windows-as-a/ba-p/659622">Deployment rings: The hidden [strategic] gem of Windows as a service</a>
 <a href="https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Classifying-Windows-updates-in-common-deployment-tools/ba-p/331175">Classifying Windows updates in common deployment tools</a>
--- a/windows/deployment/upgrade/windows-10-upgrade-paths.md
+++ b/windows/deployment/upgrade/windows-10-upgrade-paths.md
@ -27,9 +27,9 @@ This topic provides a summary of available upgrade paths to Windows 10. You can
 > 
 > **Windows 10 LTSC/LTSB**: Due to [naming changes](https://docs.microsoft.com/windows/deployment/update/waas-overview#naming-changes), product versions that display Windows 10 LTSB will be replaced with Windows 10 LTSC in subsequent feature updates. The term LTSC is used here to refer to all long term servicing versions.
 > 
-> In-place upgrade from Windows 7, Windows 8.1, or Windows 10 semi-annual channel to Windows 10 LTSC is not supported.  **Note**: Windows 10 LTSC 2015 did not block this upgrade path.  This was corrected in the Windows 10 LTSC 2016 release, which will now only allow data-only and clean install options. You can upgrade from Windows 10 LTSC to Windows 10 semi-annual channel, provided that you upgrade to the same or a newer build version. For example, Windows 10 Enterprise 2016 LTSB can be upgraded to Windows 10 Enterprise version 1607 or later. Upgrade is supported using the in-place upgrade process (using Windows setup). 
+> In-place upgrade from Windows 7, Windows 8.1, or [Windows 10 semi-annual channel](https://docs.microsoft.com/windows/release-information/) to Windows 10 LTSC is not supported.  **Note**: Windows 10 LTSC 2015 did not block this upgrade path.  This was corrected in the Windows 10 LTSC 2016 release, which will now only allow data-only and clean install options. You can upgrade from Windows 10 LTSC to Windows 10 semi-annual channel, provided that you upgrade to the same or a newer build version. For example, Windows 10 Enterprise 2016 LTSB can be upgraded to Windows 10 Enterprise version 1607 or later. Upgrade is supported using the in-place upgrade process (using Windows setup). 
 > 
-> **Windows N/KN**: Windows "N" and "KN" SKUs follow the same upgrade paths shown below. If the pre-upgrade and post-upgrade editions are not the same type (e.g. Windows 8.1 Pro N to Windows 10 Pro), personal data will be kept but applications and settings will be removed during the upgrade process.
+> **Windows N/KN**: Windows "N" and "KN" SKUs (editions without media-related functionality) follow the same upgrade paths shown below. If the pre-upgrade and post-upgrade editions are not the same type (e.g. Windows 8.1 Pro N to Windows 10 Pro), personal data will be kept but applications and settings will be removed during the upgrade process.
 > 
 > **Windows 8.0**: You cannot upgrade directly from Windows 8.0 to Windows 10. To upgrade from Windows 8.0, you must first install the [Windows 8.1 update](https://support.microsoft.com/help/15356/windows-8-install-update-kb-2919355).
@ -61,7 +61,6 @@ D = Edition downgrade; personal data is maintained, applications and settings ar
        <td></td>
        <td></td>
        <td></td>
        <td></td>
    </tr>
    <tr>
        <td>Home Basic</td>
@ -72,7 +71,6 @@ D = Edition downgrade; personal data is maintained, applications and settings ar
        <td></td>
        <td></td>
        <td></td>
        <td></td>
    </tr>
    <tr>
        <td>Home Premium</td>
@ -83,7 +81,6 @@ D = Edition downgrade; personal data is maintained, applications and settings ar
        <td></td>
        <td></td>
        <td></td>
        <td></td>
    </tr>
    <tr>
        <td>Professional</td>
@ -94,7 +91,6 @@ D = Edition downgrade; personal data is maintained, applications and settings ar
        <td>✔</td>
        <td></td>
        <td></td>
        <td></td>
    </tr>
    <tr>
        <td>Ultimate</td>
@ -105,7 +101,6 @@ D = Edition downgrade; personal data is maintained, applications and settings ar
        <td>✔</td>
        <td></td>
        <td></td>
        <td></td>
    </tr>
    <tr>
        <td>Enterprise</td>
@ -116,7 +111,6 @@ D = Edition downgrade; personal data is maintained, applications and settings ar
        <td>✔</td>
        <td></td>
        <td></td>
        <td></td>
    </tr>
    <tr>
        <td rowspan="10" nowrap="nowrap">Windows 8.1</td>
@ -130,7 +124,6 @@ D = Edition downgrade; personal data is maintained, applications and settings ar
        <td></td>
        <td></td>
        <td></td>
        <td></td>
    </tr>
    <tr>
        <td>Connected</td>
@ -141,7 +134,6 @@ D = Edition downgrade; personal data is maintained, applications and settings ar
        <td></td>
        <td></td>
        <td></td>
        <td></td>
    </tr>
    <tr>
        <td>Pro</td>
@ -152,7 +144,6 @@ D = Edition downgrade; personal data is maintained, applications and settings ar
        <td>✔</td>
        <td></td>
        <td></td>
        <td></td>
    </tr>
    <tr>
        <td>Pro Student</td>
@ -163,7 +154,6 @@ D = Edition downgrade; personal data is maintained, applications and settings ar
        <td>✔</td>
        <td></td>
        <td></td>
        <td></td>
    </tr>
    <tr>
        <td>Pro WMC</td>
@ -174,7 +164,6 @@ D = Edition downgrade; personal data is maintained, applications and settings ar
        <td>✔</td>
        <td></td>
        <td></td>
        <td></td>
    </tr>
    <tr>
        <td>Enterprise</td>
@ -185,7 +174,6 @@ D = Edition downgrade; personal data is maintained, applications and settings ar
        <td>✔</td>
        <td></td>
        <td></td>
        <td></td>
    </tr>
    <tr>
        <td>Embedded Industry</td>
@ -196,7 +184,6 @@ D = Edition downgrade; personal data is maintained, applications and settings ar
        <td>✔</td>
        <td></td>
        <td></td>
        <td></td>
    </tr>
    <tr>
        <td>Windows RT</td>
@ -207,7 +194,6 @@ D = Edition downgrade; personal data is maintained, applications and settings ar
        <td></td>
        <td></td>
        <td></td>
        <td></td>
    </tr>
    <tr>
        <td>Windows Phone 8.1</td>
@ -218,18 +204,16 @@ D = Edition downgrade; personal data is maintained, applications and settings ar
        <td></td>
        <td></td>
        <td>✔</td>
        <td></td>
    </tr>
    <tr>
        <td rowspan="8" nowrap="nowrap">Windows 10</td>
    </tr>
    <tr>
        <td>Home</td>
        <td>✔</td>
        <td>✔</td>
        <td>✔</td>
        <td>✔</td>
        <td></td>
        <td>✔</td>
        <td>✔</td>
        <td>✔</td>
        <td></td>
        <td></td>
        <td></td>
@ -237,11 +221,10 @@ D = Edition downgrade; personal data is maintained, applications and settings ar
    <tr>
        <td>Pro</td>
        <td>D</td>
        <td>✔</td>
        <td>✔</td>
        <td>✔</td>
        <td>✔</td>
        <td></td>
        <td>✔</td>
        <td>✔</td>
        <td>✔</td>
        <td></td>
        <td></td>
    </tr>
@ -250,9 +233,8 @@ D = Edition downgrade; personal data is maintained, applications and settings ar
        <td></td>
        <td></td>
        <td></td>
        <td>✔</td>
        <td>D</td>
        <td></td>
        <td>D</td>
        <td></td>
        <td></td>
    </tr>
@ -262,7 +244,6 @@ D = Edition downgrade; personal data is maintained, applications and settings ar
        <td></td>
        <td></td>
        <td>✔</td>
        <td>✔</td>
        <td></td>
        <td></td>
        <td></td>
@ -276,7 +257,6 @@ D = Edition downgrade; personal data is maintained, applications and settings ar
        <td></td>
        <td></td>
        <td>✔</td>
        <td>✔</td>
    </tr>
    <tr>
        <td>Mobile Enterprise</td>
@ -285,9 +265,8 @@ D = Edition downgrade; personal data is maintained, applications and settings ar
        <td></td>
        <td></td>
        <td></td>
        <td></td>
        <td>D</td>
-        <td>✔</td>
+        <td></td>
    </tr>
 </table>
--- a/windows/deployment/windows-autopilot/windows-autopilot-scenarios.md
+++ b/windows/deployment/windows-autopilot/windows-autopilot-scenarios.md
@ -26,14 +26,13 @@ Windows Autopilot includes support for a growing list of scenarios, designed to
 The following Windows Autopilot scenarios are described in this guide:
-<table>
+| Scenario | More information |
-<th>Scenario<th>More information
+| --- | --- |
-<tr><td>Deploy devices that will be set up by a member of the organization and configured for that person<td>[Windows Autopilot user-driven mode](user-driven.md)
+| Deploy devices that will be set up by a member of the organization and configured for that person | [Windows Autopilot user-driven mode](user-driven.md) |
-<tr><td>Deploy devices that will be automatically configured for shared use, as a kiosk, or as a digital signage device.<td>[Windows Autopilot self-deploying mode](self-deploying.md)
+| Deploy devices that will be automatically configured for shared use, as a kiosk, or as a digital signage device.| [Windows Autopilot self-deploying mode](self-deploying.md) |
-<tr><td>Re-deploy a device in a business-ready state.<td>[Windows Autopilot Reset](windows-autopilot-reset.md)
+| Re-deploy a device in a business-ready state.| [Windows Autopilot Reset](windows-autopilot-reset.md) |
-<tr><td>Pre-provision a device with up-to-date applications, policies and settings.<td>[White glove](white-glove.md)
+| Pre-provision a device with up-to-date applications, policies and settings.| [White glove](white-glove.md) |
-<tr><td>Deploy Windows 10 on an existing Windows 7 or 8.1 device<td>[Windows Autopilot for existing devices](existing-devices.md)
+| Deploy Windows 10 on an existing Windows 7 or 8.1 device | [Windows Autopilot for existing devices](existing-devices.md) |
 </table>
 ## Windows Autopilot capabilities
--- a/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-trust-prereqs.md
+++ b/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-trust-prereqs.md
@ -112,6 +112,9 @@ Organizations wanting to deploy hybrid certificate trust need their domain joine
 Hybrid certificate trust deployments need the device write back feature.  Authentication to the Windows Server 2016 Active Directory Federation Services needs both the user and the computer to authenticate. Typically the users are synchronized, but not devices.  This prevents AD FS from authenticating the computer and results in Windows Hello for Business certificate enrollment failures.  For this reason, Windows Hello for Business deployments need device writeback, which is an Azure Active Directory premium feature.
 > [!NOTE]
 > Windows Hello for Business is tied between a user and a device. Both the user and device need to be synchronized between Azure Active Directory and Active Directory, and therefore the device writeback is used to update the msDS-KeyCredentialLink on the computer object.
 ### Section Checklist ###
 > [!div class="checklist"]
 > * Azure Active Directory Device writeback
--- a/windows/security/threat-protection/TOC.md
+++ b/windows/security/threat-protection/TOC.md
@ -3,6 +3,19 @@
 ## [Overview]()
 ### [What is Microsoft Defender Advanced Threat Protection?](microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md)
 ### [Overview of Microsoft Defender ATP capabilities](microsoft-defender-atp/overview.md)
 ### [Threat & Vulnerability Management]()
 #### [Next-generation capabilities](microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md)
 #### [What's in the dashboard and what it means for my organization](microsoft-defender-atp/tvm-dashboard-insights.md)
 #### [Exposure score](microsoft-defender-atp/tvm-exposure-score.md)
 #### [Configuration score](microsoft-defender-atp/configuration-score.md)
 #### [Security recommendation](microsoft-defender-atp/tvm-security-recommendation.md)
 #### [Remediation](microsoft-defender-atp/tvm-remediation.md)
 #### [Software inventory](microsoft-defender-atp/tvm-software-inventory.md)
 #### [Weaknesses](microsoft-defender-atp/tvm-weaknesses.md)
 #### [Scenarios](microsoft-defender-atp/threat-and-vuln-mgt-scenarios.md)
 ### [Attack surface reduction]()
 #### [Hardware-based isolation]()
 ##### [Hardware-based isolation in Windows 10](microsoft-defender-atp/overview-hardware-based-isolation.md)
@ -433,7 +446,6 @@
 #### [Configure managed security service provider (MSSP) support](microsoft-defender-atp/configure-mssp-support.md)
 ### [Configure and manage Microsoft Threat Experts capabilities](microsoft-defender-atp/configure-microsoft-threat-experts.md)
 ### [Configure Microsoft threat protection integration]()
 #### [Configure conditional access](microsoft-defender-atp/configure-conditional-access.md)
--- a/windows/security/threat-protection/device-control/control-usb-devices-using-intune.md
+++ b/windows/security/threat-protection/device-control/control-usb-devices-using-intune.md
@ -6,11 +6,12 @@ ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.pagetype: security
 ms.localizationpriority: medium
-ms.author: dansimp
+ms.author: daniha
-author: dansimp
+author: danihalfin
 ms.date: 02/22/2019
 ms.reviewer: 
 manager: dansimp
 audience: ITPro
 ---
 # How to control USB devices and other removable media using Windows Defender ATP
@ -31,7 +32,7 @@ Microsoft recommends [a layered approach to securing removable media](https://ak
   - Granular configuration to deny write access to removable disks and approve or deny devices by USB vendor code, product code, device IDs, or a combination. 
   - Flexible policy assignment of device installation settings based on an individual or group of Azure Active Directory (Azure AD) users and devices. 
-
+![Create device configuration profile]
 These threat reduction measures help prevent malware from coming into your environment. To protect enterprise data from leaving your environment, you can also configure data loss prevention measures. For example, on Windows 10 devices you can configure [BitLocker](https://docs.microsoft.com/windows/security/information-protection/bitlocker/bitlocker-overview) and [Windows Information Protection](https://docs.microsoft.com/windows/security/information-protection/windows-information-protection/create-wip-policy-using-intune-azure), which will encrypt company data even if it is stored on a personal device, or use the [Storage/RemovableDiskDenyWriteAccess CSP](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-storage#storage-removablediskdenywriteaccess) to deny write access to removable disks. Additionally, you can [classify and protect files on Windows devices](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/information-protection-in-windows-overview) (including their mounted USB devices) by using Windows Defender ATP and Azure Information Protection.
@ -102,6 +103,72 @@ DMA attacks can lead to disclosure of sensitive information residing on a PC, or
   - [Block DMA until a user signs in](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-dataprotection#dataprotection-allowdirectmemoryaccess)
   - [Block all connections via the Thunderbolt ports (including USB devices)](https://support.microsoft.com/help/2516445/blocking-the-sbp-2-driver-and-thunderbolt-controllers-to-reduce-1394-d)
 ### Restrict USB Drives and Other Peripherals
 To prevent malware infections or data loss, an organization may restrict USB drives and other peripherals. The following table describes the ways Microsoft Defender Advanced Threat Protection can help prevent installation and usage of USB drives and other peripherals.
 | Control  | Description |
 |----------|-------------|
 | Allow installation and usage of USB drives and other peripherals | Allow users to install only the USB drives and other peripherals included on a list of authorized devices or device types |
 | Prevent installation and usage of USB drives and other peripherals| Prevent users from installing USB drives and other peripherals included on a list of unauthorized devices and device types |
 All of the above controls can be set through the Intune [Administrative Templates](https://docs.microsoft.com/en-us/intune/administrative-templates-windows). The relevant policies are located here in the Intune Administrator Templates:
 ![Admintemplates](https://github.com/MicrosoftDocs/windows-docs-pr/blob/v-jowirt-updates/windows/security/threat-protection/windows-defender-antivirus/images/admintemplates.png)
 >[!Note]
 >Using Intune, you can apply device configuration policies to AAD user and/or device groups.
 The above policies can also be set through the [Device Installation CSP settings](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-deviceinstallation) and the [Device Installation GPOs](https://docs.microsoft.com/en-us/previous-versions/dotnet/articles/bb530324(v=msdn.10)).
 >[!Note]
 >Always test and refine these settings with a pilot group of users and devices first before applying them in production.
 For more information about controlling USB devices, see the [Microsoft Secure blog "WDATP has protections for USB and removable devices"](https://www.microsoft.com/security/blog/2018/12/19/windows-defender-atp-has-protections-for-usb-and-removable-devices/).
 ### Allow installation and usage of USB drives and other peripherals
 One way to approach allowing installation and usage of USB drives and other peripherals is to start by allowing everything. Afterwards, you can start reducing the allowable USB drivers and other peripherals. 
 >[!Note]
 >Because an unauthorized USB peripheral can have firmware that spoofs its USB properties, we recommend only allowing specifically approved USB peripherals and limiting the users who can access them.
 >1.	Enable **prevent installation of devices not described by other policy settings** to all users.
 >2.	Enable **allow installation of devices using drivers that match these device setup classes** for all [device setup classes](https://docs.microsoft.com/en-us/windows-hardware/drivers/install/system-defined-device-setup-classes-available-to-vendors).
 To enforce the policy for already installed devices, apply the prevent policies that have this setting.
 If you want to restrict to certain devices, remove the device setup class of the peripheral that you want to limit. Then add the device id that you want to add. For example,
 1.	Remove class USBDevice from the **allow installation of devices using drivers that match these device setup**
 2.	Add the VID/PID to allow in the **allow installation of device that match any of these device IDs**
 >[!Note]
 >How to locate the VID/PID: Using Device Manager; right click on the device and select properties.  Click details tab, click property drop down list, and choose hardware Ids. Right click the top ID value and select copy.
 >Using PowerShell: Get-WMIObject -Class Win32_DiskDrive |
 Select-Object -Property *  
 >For the typical format for the USB ID please reference the following link; (https://docs.microsoft.com/en-us/windows-hardware/drivers/install/standard-usb-identifiers)
 ### Prevent installation and usage of USB drives and other peripherals
 If you want to prevent a device class or certain devices, you can use the prevent device installation policies. 
 1.	Enable **Prevent installation of devices that match any of these device IDs**. 
 2.	Enable the **Prevent installation of devices that match these device setup classes policy**.
 >[!Note]
 >The prevent device installation policies take precedence over the allow device installation policies. 
 ### Security Baseline
 The Microsoft Defender Advanced Threat Protection (ATP) baseline settings, represent the recommended configuration for ATP.  Configuration settings for baseline are located here in the edit profile page of the configuration settings.
 ![Baselines](https://github.com/MicrosoftDocs/windows-docs-pr/blob/v-jowirt-updates/windows/security/threat-protection/windows-defender-antivirus/images/baselines.png)
 ### Bluetooth
 Using Intune, you can limited the services that can use Bluetooth through the “Bluetooth allowed services”. The default state of “Bluetooth allowed services” settings means everything is allowed.  As soon as a service is added, that becomes the allowed list. If the customer adds the Keyboards and Mice values, and don’t add the file transfer GUIDs, file transfer should be blocked. 
 ![Bluetooth](https://github.com/MicrosoftDocs/windows-docs-pr/blob/v-jowirt-updates/windows/security/threat-protection/windows-defender-antivirus/images/bluetooth.png)
 ## Detect plug and play connected events
@ -156,11 +223,6 @@ For more information about controlling USB devices, see the [Microsoft Secure bl
 ### Only allow installation and usage of specifically approved peripherals
 Windows Defender ATP allows installation and usage of only specifically approved peripherals by creating a custom profile in Intune and configuring [DeviceInstallation policies](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-deviceinstallation).
 For example, this custom profile allows installation and usage of USB devices with hardware IDs "USBSTOR\DiskVendorCo" and "USBSTOR\DiskSanDisk_Cruzer_Glide_3.0".
 ![Custom profile](images/custom-profile-allow-device-ids.png)
 Peripherals that are allowed to be installed can be specified by their [hardware identity](https://docs.microsoft.com/windows-hardware/drivers/install/device-identification-strings). For a list of common identifier structures, see [Device Identifier Formats](https://docs.microsoft.com/windows-hardware/drivers/install/device-identifier-formats). Test the configuration prior to rolling it out to ensure it blocks and allows the devices expected. Ideally test various instances of the hardware. For example, test multiple USB keys rather than only one.
 For a SyncML example that allows installation of specific device IDs, see [DeviceInstallation/AllowInstallationOfMatchingDeviceIDs CSP](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-deviceinstallation#deviceinstallation-allowinstallationofmatchingdeviceids). To allow specific device classes, see [DeviceInstallation/AllowInstallationOfMatchingDeviceSetupClasses CSP](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-deviceinstallation#deviceinstallation-allowinstallationofmatchingdevicesetupclasses).
--- a/windows/security/threat-protection/windows-defender-antivirus/configure-block-at-first-sight-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/configure-block-at-first-sight-windows-defender-antivirus.md
@ -11,7 +11,6 @@ ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 ms.author: dansimp
 ms.date: 05/01/2019
 ms.reviewer: 
 manager: dansimp
 ---
@ -37,6 +36,9 @@ You can also [customize the message displayed on users' desktops](https://docs.m
 When Windows Defender Antivirus encounters a suspicious but undetected file, it queries our cloud protection backend. The cloud backend applies heuristics, machine learning, and automated analysis of the file to determine whether the files are malicious or clean.
 Windows Defender Antivirus uses multiple detection and prevention technologies to deliver accurate, real-time, and intelligent protection. [Get to know the advanced technologies at the core of Microsoft Defender ATP next generation protection](https://www.microsoft.com/security/blog/2019/06/24/inside-out-get-to-know-the-advanced-technologies-at-the-core-of-microsoft-defender-atp-next-generation-protection/).
 ![List of Windows Defender AV engines](images/microsoft-defender-atp-next-generation-protection-engines.png)  
 In Windows 10, version 1803, block at first sight can now block non-portable executable files (such as JS, VBS, or macros) as well as executable files.
 Block at first sight only uses the cloud protection backend for executable files and non-portable executable files that are downloaded from the Internet, or that originate from the Internet zone. A hash value of the .exe file is checked via the cloud backend to determine if this is a previously undetected file.
--- a/windows/security/threat-protection/windows-defender-antivirus/enable-cloud-protection-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/enable-cloud-protection-windows-defender-antivirus.md
@ -11,7 +11,6 @@ ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 ms.author: dansimp
 ms.date: 09/03/2018
 ms.reviewer: 
 manager: dansimp
 ---
@ -25,6 +24,9 @@ manager: dansimp
 >[!NOTE]
 >The Windows Defender Antivirus cloud service is a mechanism for delivering updated protection to your network and endpoints. Although it is called a cloud service, it is not simply protection for files stored in the cloud; rather, it uses distributed resources and machine learning to deliver protection to your endpoints at a rate that is far faster than traditional Security intelligence updates.
 Windows Defender Antivirus uses multiple detection and prevention technologies to deliver accurate, real-time, and intelligent protection. [Get to know the advanced technologies at the core of Microsoft Defender ATP next generation protection](https://www.microsoft.com/security/blog/2019/06/24/inside-out-get-to-know-the-advanced-technologies-at-the-core-of-microsoft-defender-atp-next-generation-protection/).
 ![List of Windows Defender AV engines](images/microsoft-defender-atp-next-generation-protection-engines.png)  
 You can enable or disable Windows Defender Antivirus cloud-delivered protection with Microsoft Intune, System Center Configuration Manager, Group Policy, PowerShell cmdlets, or on individual clients in the Windows Security app.
 See [Use Microsoft cloud-delivered protection](utilize-microsoft-cloud-protection-windows-defender-antivirus.md) for an overview of Windows Defender Antivirus cloud-delivered protection.
--- a/windows/security/threat-protection/windows-defender-antivirus/images/microsoft-defender-atp-next-generation-protection-engines.png
+++ b/windows/security/threat-protection/windows-defender-antivirus/images/microsoft-defender-atp-next-generation-protection-engines.png
--- a/windows/security/threat-protection/windows-defender-antivirus/utilize-microsoft-cloud-protection-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/utilize-microsoft-cloud-protection-windows-defender-antivirus.md
@ -11,7 +11,6 @@ ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 ms.author: dansimp
 ms.date: 09/03/2018
 ms.reviewer: 
 manager: dansimp
 ---
@ -24,8 +23,10 @@ manager: dansimp
 Microsoft next-gen technologies in Windows Defender Antivirus provide near-instant, automated protection against new and emerging threats. To dynamically identify new threats, these technologies work with large sets of interconnected data in the Microsoft Intelligent Security Graph and powerful artificial intelligence (AI) systems driven by advanced machine learning models.  
-To take advantage of the power and speed of these next-gen technologies, Windows Defender Antivirus works seamlessly with Microsoft cloud services. These cloud protection services, also referred to as Microsoft Advanced Protection Service (MAPS), enhances standard real-time protection, providing arguably the best antivirus defense. 
+Windows Defender Antivirus uses multiple detection and prevention technologies to deliver accurate, real-time, and intelligent protection. [Get to know the advanced technologies at the core of Microsoft Defender ATP next generation protection](https://www.microsoft.com/security/blog/2019/06/24/inside-out-get-to-know-the-advanced-technologies-at-the-core-of-microsoft-defender-atp-next-generation-protection/).
 ![List of Windows Defender AV engines](images/microsoft-defender-atp-next-generation-protection-engines.png)  
 To take advantage of the power and speed of these next-gen technologies, Windows Defender Antivirus works seamlessly with Microsoft cloud services. These cloud protection services, also referred to as Microsoft Advanced Protection Service (MAPS), enhances standard real-time protection, providing arguably the best antivirus defense. 
 >[!NOTE]
 >The Windows Defender Antivirus cloud service is a mechanism for delivering updated protection to your network and endpoints. Although it is called a cloud service, it is not simply protection for files stored in the cloud, rather it uses distributed resources and machine learning to deliver protection to your endpoints at a rate that is far faster than traditional Security intelligence updates.
--- a/windows/security/threat-protection/windows-defender-antivirus/windows-defender-antivirus-compatibility.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/windows-defender-antivirus-compatibility.md
@ -24,9 +24,9 @@ manager: dansimp
 Windows Defender Antivirus is automatically enabled and installed on endpoints and devices that are running Windows 10.
-However, on endpoints and devices that are protected with a non-Microsoft antivirus or antimalware app, Windows Defender Antivirus will automatically disable itself. You can then choose to enable an optional, limited protection feature, called [limited periodic scanning](limited-periodic-scanning-windows-defender-antivirus.md).
+However, on endpoints and devices that are protected with a non-Microsoft antivirus or antimalware app, Windows Defender Antivirus will automatically disable itself.
-If you are also using Microsoft Defender Advanced Threat Protection, then Windows Defender AV will enter a passive mode.
+If you are also using Microsoft Defender Advanced Threat Protection, then Windows Defender AV will enter a passive mode. Important: Real time protection and and threats will not be remediated by Windows Defender AV.
 The following matrix illustrates the states that Windows Defender AV will enter when third-party antivirus products or Microsoft Defender ATP are also used. 
--- a/windows/security/threat-protection/windows-defender-antivirus/windows-defender-antivirus-in-windows-10.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/windows-defender-antivirus-in-windows-10.md
@ -11,7 +11,6 @@ ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 ms.author: dansimp
 ms.date: 09/03/2018
 ms.reviewer: 
 manager: dansimp
 ---
@ -29,6 +28,9 @@ Windows Defender Antivirus includes:
 - [Always-on scanning](configure-real-time-protection-windows-defender-antivirus.md), using advanced file and process behavior monitoring and other heuristics (also known as "real-time protection")
 - [Dedicated protection updates](manage-updates-baselines-windows-defender-antivirus.md) based on machine-learning, human and automated big-data analysis, and in-depth threat resistance research
 Windows Defender Antivirus uses multiple detection and prevention technologies to deliver accurate, real-time, and intelligent protection. [Get to know the advanced technologies at the core of Microsoft Defender ATP next generation protection](https://www.microsoft.com/security/blog/2019/06/24/inside-out-get-to-know-the-advanced-technologies-at-the-core-of-microsoft-defender-atp-next-generation-protection/).
 ![List of Windows Defender AV engines](images/microsoft-defender-atp-next-generation-protection-engines.png)  
 You can configure and manage Windows Defender Antivirus with:
 - System Center Configuration Manager (as System Center Endpoint Protection, or SCEP) 
 - Microsoft Intune
@ -45,6 +47,7 @@ You can configure and manage Windows Defender Antivirus with:
 > [!NOTE]
 > For more information regarding what's new in each Windows version, please refer to [What's new in Microsoft Defender ATP](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/whats-new-in-microsoft-defender-atp).
 =======
 <a id="sysreq"></a>
 ## Minimum system requirements
@ -54,6 +57,12 @@ Windows Defender AV has the same hardware requirements as Windows 10. For more i
 Functionality, configuration, and management is largely the same when using Windows Defender AV on Windows Server 2016; however, [there are some differences](windows-defender-antivirus-on-windows-server-2016.md).
 >[!TIP]
 >You can visit the Windows Defender Testground website at [demo.wd.microsoft.com](https://demo.wd.microsoft.com?ocid=cx-wddocs-testground) to confirm the following features are working and see how they work:
 >- Cloud-delivered protection
 >- Fast learning (including Block at first sight)
 >- Potentially unwanted application blocking
 ## Related topics
 - [Windows Defender AV in the Windows Security app](windows-defender-security-center-antivirus.md)