update images with alt text

windows/threat-protection/windows-defender-antivirus/windows-defender-antivirus-on-windows-server-2016.md

@@ -61,7 +61,7 @@ By default, Windows Defender AV is installed and functional on Windows Server 20
 
 If the interface is not installed, you can add it in the **Add Roles and Features Wizard** at the **Features** step, under **Windows Defender Features** by selecting the **GUI for Windows Defender** option.
 
-![](images/server-add-gui.png)
+![Add roles and feature wizard showing the GUI for Windows Defender option](images/server-add-gui.png)
 
 See the [Install or uninstall roles, role services, or features](https://docs.microsoft.com/en-us/windows-server/administration/server-manager/install-or-uninstall-roles-role-services-or-features) topic for information on using the wizard.
 

windows/threat-protection/windows-defender-exploit-guard/event-views-exploit-guard.md

@@ -73,7 +73,7 @@ You can also manually navigate to the event area that corresponds to the Windows
 
 3. On the left panel, under **Actions**, click **Create Custom View...**
 
-    ![Animation highlighting the create cusomt view option on the Event viewer window ](images/events-create.gif)
+    ![Animation highlighting the create custom view option on the Event viewer window ](images/events-create.gif)
 
 4. Go to the XML tab and click **Edit query manually**. You'll see a warning that you won't be able to edit the query using the **Filter** tab if you use the XML option. Click **Yes**.
 

windows/threat-protection/windows-defender-exploit-guard/exploit-protection-exploit-guard.md

@@ -76,7 +76,7 @@ You can review the Windows event log to see events that are created when Exploit
 
 3. On the left panel, under **Actions**, click **Import custom view...**
 
-    ![](images/events-import.gif)
+    ![Antimated GIF highlighting the import custom view button on the right pane ](images/events-import.gif)
 
 4. Navigate to where you extracted *ep-events.xml* and select it. Alternatively, [copy the XML directly](event-views-exploit-guard.md).
 

windows/threat-protection/windows-defender-exploit-guard/import-export-exploit-protection-emet-xml.md

@@ -66,16 +66,16 @@ When you have configured Exploit protection to your desired state (including bot
 ### Use the Windows Defender Security Center app to export a configuration file
 
 
-1. Open the Windows Defender Security Center by clicking the shield icon in the task bar or searching the start menu for **Defender**.
+1. Open the Windows Defender Security Center app by clicking the shield icon in the task bar or searching the start menu for **Defender**.
 
 2. Click the **App & browser control** tile (or the app icon on the left menu bar) and then click **Exploit protection settings**:
 
-    ![](images/wdsc-exp-prot.png)
+    ![Highlight of the Exploit protection settings option in the Windows Defender Security Center app](images/wdsc-exp-prot.png)
         
 3. At the bottom of the **Exploit protection** section, click **Export settings** and then choose the location and name of the XML file where you want the configuration to be saved.
 
 
-    ![](images/wdsc-exp-prot-export.png)
+    ![Highlight of the Export Settings option](images/wdsc-exp-prot-export.png)
 
 >[!NOTE]
 >When you export the settings, all settings for both app-level and system-level mitigations are saved. This means you don't need to export a file from both the **System settings** and **Program settings** sections - either section will export all settings.
@@ -151,7 +151,7 @@ You can use Group Policy to deploy the configuration you've created to multiple
 
 5.  Expand the tree to **Windows components > Windows Defender Exploit Guard > Exploit protection**.
 
-    ![](images/exp-prot-gp.png)
+    ![Screenshot of the group policy setting for exploit protection](images/exp-prot-gp.png)
 
 6. Double-click the **Use a common set of Exploit protection settings** setting and set the option to **Enabled**. 
 

windows/threat-protection/windows-defender-exploit-guard/network-protection-exploit-guard.md

@@ -70,7 +70,7 @@ You can review the Windows event log to see events that are created when Network
 
 2. On the left panel, under **Actions**, click **Import custom view...**
 
-    ![](images/events-import.gif)
+    ![Antimation of the import custom view option](images/events-import.gif)
 
 3. Navigate to the Exploit Guard Evaluation Package, and select the file *np-events.xml*. Alternatively, [copy the XML directly](event-views-exploit-guard.md).
 

windows/threat-protection/windows-defender-security-center/windows-defender-security-center.md

@@ -125,11 +125,11 @@ See the following links for more information on the features in the Windows Defe
 
 You can customize notifcations so they show information to users about how to get more help from your organization's help desk.
 
-![](images/security-center-custom-notif.png)
+![Sample notification that says Action blocked: Contos caused Windows Defender Security Center to block this action. Contact your IT help desk.](images/security-center-custom-notif.png)
 
 This information will also appear as a pop-out window on the Windows Defender Security Center app.
 
-![](images/security-center-custom-flyout.png)
+![Screenshot of the Windows Defender Security Center app showing sample phone number and email address to contact support on the bottom right of the app](images/security-center-custom-flyout.png)
 
 Users can click on the displayed information to get more help:
 - Clicking **Call** or the phone number will open Skype to start a call to the displayed number