From b5b3409bae7cb27964af42a1b4f0d65dbddbd109 Mon Sep 17 00:00:00 2001
From: VLG17 <41186174+VLG17@users.noreply.github.com>
Date: Tue, 25 Jan 2022 13:18:03 +0200
Subject: [PATCH 1/8] Update BITS and Windows Update Security Descriptors

https://github.com/MicrosoftDocs/windows-itpro-docs/issues/10076
---
 windows/deployment/update/windows-update-resources.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/windows/deployment/update/windows-update-resources.md b/windows/deployment/update/windows-update-resources.md
index fedd94b39a..8173d6ca5b 100644
--- a/windows/deployment/update/windows-update-resources.md
+++ b/windows/deployment/update/windows-update-resources.md
@@ -84,8 +84,8 @@ If all else fails, try resetting the Windows Update Agent by running these comma
    ```
    2. Reset the **BITS service** and the **Windows Update service** to the default security descriptor. To do this, type the following commands at a command prompt. Press ENTER after you type each command.
    ``` console
-   sc.exe sdset bits D:(A;;CCLCSWRPWPDTLOCRRC;;;SY)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCLCSWLOCRRC;;;AU)(A;;CCLCSWRPWPDTLOCRRC;;;PU)
-   sc.exe sdset wuauserv D:(A;;CCLCSWRPWPDTLOCRRC;;;SY)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCLCSWLOCRRC;;;AU)(A;;CCLCSWRPWPDTLOCRRC;;;PU)
+   sc.exe sdset bits D:(A;CI;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;SY)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCLCSWLOCRRC;;;IU)(A;;CCLCSWLOCRRC;;;SU)
+   sc.exe sdset wuauserv D:(A;;CCLCSWRPLORC;;;AU)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;SY)
    ```
 5. Type the following command at a command prompt, and then press ENTER:
    ``` console

From d3498261914b12786a2cee379f596eb024904a11 Mon Sep 17 00:00:00 2001
From: valemieux <98555474+valemieux@users.noreply.github.com>
Date: Mon, 31 Jan 2022 13:22:41 -0800
Subject: [PATCH 2/8] Fixed Title to WDAC secure settings link

---
 .../windows-defender-application-control/TOC.yml                | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/windows-defender-application-control/TOC.yml b/windows/security/threat-protection/windows-defender-application-control/TOC.yml
index 4bfabc7ffe..b142eb885e 100644
--- a/windows/security/threat-protection/windows-defender-application-control/TOC.yml
+++ b/windows/security/threat-protection/windows-defender-application-control/TOC.yml
@@ -22,7 +22,7 @@
               href: understand-windows-defender-application-control-policy-design-decisions.md
             - name: Understand WDAC policy rules and file rules
               href: select-types-of-rules-to-create.md
-            - name: Understand WDAC secure settings
+            - name: Understand WDAC policy rules and file rules
               href: understanding-wdac-policy-settings.md
               items: 
                 - name: Allow apps installed by a managed installer

From 98f13fc36f77b77bdff73d99e87359de15434f2a Mon Sep 17 00:00:00 2001
From: valemieux <98555474+valemieux@users.noreply.github.com>
Date: Mon, 31 Jan 2022 15:39:45 -0800
Subject: [PATCH 3/8] Change Title to Understand WDAC Policy Settings

---
 .../windows-defender-application-control/TOC.yml                | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/windows-defender-application-control/TOC.yml b/windows/security/threat-protection/windows-defender-application-control/TOC.yml
index b142eb885e..2a1262cda0 100644
--- a/windows/security/threat-protection/windows-defender-application-control/TOC.yml
+++ b/windows/security/threat-protection/windows-defender-application-control/TOC.yml
@@ -22,7 +22,7 @@
               href: understand-windows-defender-application-control-policy-design-decisions.md
             - name: Understand WDAC policy rules and file rules
               href: select-types-of-rules-to-create.md
-            - name: Understand WDAC policy rules and file rules
+            - name: Understand WDAC policy settings
               href: understanding-wdac-policy-settings.md
               items: 
                 - name: Allow apps installed by a managed installer

From 9be5c1c9df9e548dc1d8b2dec5a46448df53f7d6 Mon Sep 17 00:00:00 2001
From: valemieux <98555474+valemieux@users.noreply.github.com>
Date: Mon, 31 Jan 2022 16:41:53 -0800
Subject: [PATCH 4/8] Moved "Understanding WDAC Policy Settings" to be child of
 "Understand WDAC Policy Rules and File Rules"

---
 .../windows-defender-application-control/TOC.yml              | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/windows/security/threat-protection/windows-defender-application-control/TOC.yml b/windows/security/threat-protection/windows-defender-application-control/TOC.yml
index 2a1262cda0..383ac38442 100644
--- a/windows/security/threat-protection/windows-defender-application-control/TOC.yml
+++ b/windows/security/threat-protection/windows-defender-application-control/TOC.yml
@@ -22,8 +22,6 @@
               href: understand-windows-defender-application-control-policy-design-decisions.md
             - name: Understand WDAC policy rules and file rules
               href: select-types-of-rules-to-create.md
-            - name: Understand WDAC policy settings
-              href: understanding-wdac-policy-settings.md
               items: 
                 - name: Allow apps installed by a managed installer
                   href: configure-authorized-apps-deployed-with-a-managed-installer.md
@@ -37,6 +35,8 @@
                   href: manage-packaged-apps-with-windows-defender-application-control.md
                 - name: Use WDAC to control specific plug-ins, add-ins, and modules
                   href: use-windows-defender-application-control-policy-to-control-specific-plug-ins-add-ins-and-modules.md
+                - name: Understand WDAC policy settings
+                  href: understanding-wdac-policy-settings.md
             - name: Use multiple WDAC policies
               href: deploy-multiple-windows-defender-application-control-policies.md
         - name: Create your WDAC policy

From f1f1fa06919761c4717d5dc7cf4228473c0d7658 Mon Sep 17 00:00:00 2001
From: Priya Rakshith <96460485+PriyaRakshith@users.noreply.github.com>
Date: Fri, 4 Feb 2022 21:51:15 +0530
Subject: [PATCH 5/8] Updated-5774816

Replaced the community link.
---
 .../windows-security-baselines.md                               | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/windows-security-configuration-framework/windows-security-baselines.md b/windows/security/threat-protection/windows-security-configuration-framework/windows-security-baselines.md
index ebdec42441..0142c1ca7f 100644
--- a/windows/security/threat-protection/windows-security-configuration-framework/windows-security-baselines.md
+++ b/windows/security/threat-protection/windows-security-configuration-framework/windows-security-baselines.md
@@ -69,7 +69,7 @@ There are several ways to get and use security baselines:
 
 ## Community
 
-[![Microsoft Security Guidance Blog.](./../images/community.png)](/archive/blogs/secguide/) 
+[https://techcommunity.microsoft.com/t5/microsoft-security-baselines/bg-p/Microsoft-Security-Baselines]
 
 ## Related Videos
 

From 8da203e9ce3126b34b1165c56f7d8bc4c60b48bc Mon Sep 17 00:00:00 2001
From: Priya Rakshith <96460485+PriyaRakshith@users.noreply.github.com>
Date: Mon, 7 Feb 2022 11:32:21 +0530
Subject: [PATCH 6/8] Update windows-security-baselines.md

---
 .../windows-security-baselines.md                               | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/windows-security-configuration-framework/windows-security-baselines.md b/windows/security/threat-protection/windows-security-configuration-framework/windows-security-baselines.md
index 0142c1ca7f..6d4c993655 100644
--- a/windows/security/threat-protection/windows-security-configuration-framework/windows-security-baselines.md
+++ b/windows/security/threat-protection/windows-security-configuration-framework/windows-security-baselines.md
@@ -69,7 +69,7 @@ There are several ways to get and use security baselines:
 
 ## Community
 
-[https://techcommunity.microsoft.com/t5/microsoft-security-baselines/bg-p/Microsoft-Security-Baselines]
+[![Microsoft Security Guidance Blog.](./../images/community.png)](https://techcommunity.microsoft.com/t5/microsoft-security-baselines/bg-p/Microsoft-Security-Baselines)
 
 ## Related Videos
 

From 4293bf0fc6c270109bc5b01a51a70e20d967723b Mon Sep 17 00:00:00 2001
From: Florian Stosse <Harvester57@users.noreply.github.com>
Date: Wed, 9 Feb 2022 19:38:28 +0100
Subject: [PATCH 7/8] WDAC-Addins: fix a typo in executable name used in
 example

---
 ...l-policy-to-control-specific-plug-ins-add-ins-and-modules.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/windows-defender-application-control/use-windows-defender-application-control-policy-to-control-specific-plug-ins-add-ins-and-modules.md b/windows/security/threat-protection/windows-defender-application-control/use-windows-defender-application-control-policy-to-control-specific-plug-ins-add-ins-and-modules.md
index e00de62409..8128c51262 100644
--- a/windows/security/threat-protection/windows-defender-application-control/use-windows-defender-application-control-policy-to-control-specific-plug-ins-add-ins-and-modules.md
+++ b/windows/security/threat-protection/windows-defender-application-control/use-windows-defender-application-control-policy-to-control-specific-plug-ins-add-ins-and-modules.md
@@ -42,7 +42,7 @@ For example, to create a WDAC policy allowing **addin1.dll** and **addin2.dll**
 
 ```powershell
 $rule = New-CIPolicyRule -DriverFilePath '.\temp\addin1.dll' -Level FileName -AppID '.\ERP1.exe'
-$rule += New-CIPolicyRule -DriverFilePath '.\temp\addin2.dll' -Level FileName -AppID '.\ERP2.exe'
+$rule += New-CIPolicyRule -DriverFilePath '.\temp\addin2.dll' -Level FileName -AppID '.\ERP1.exe'
 New-CIPolicy -Rules $rule -FilePath ".\AllowERPAddins.xml" -UserPEs
 ```
 

From 7dc7d44f5d0361bd1bfbf17d845d0381b61cf5d8 Mon Sep 17 00:00:00 2001
From: Denise Vangel-MSFT <deniseb@microsoft.com>
Date: Thu, 10 Feb 2022 08:35:48 -0800
Subject: [PATCH 8/8] Update
 use-windows-defender-application-control-policy-to-control-specific-plug-ins-add-ins-and-modules.md

---
 ...l-policy-to-control-specific-plug-ins-add-ins-and-modules.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/windows-defender-application-control/use-windows-defender-application-control-policy-to-control-specific-plug-ins-add-ins-and-modules.md b/windows/security/threat-protection/windows-defender-application-control/use-windows-defender-application-control-policy-to-control-specific-plug-ins-add-ins-and-modules.md
index 8128c51262..47d1c3fb7d 100644
--- a/windows/security/threat-protection/windows-defender-application-control/use-windows-defender-application-control-policy-to-control-specific-plug-ins-add-ins-and-modules.md
+++ b/windows/security/threat-protection/windows-defender-application-control/use-windows-defender-application-control-policy-to-control-specific-plug-ins-add-ins-and-modules.md
@@ -14,7 +14,7 @@ audience: ITPro
 ms.collection: M365-security-compliance
 author: jsuther1974
 ms.reviewer: isbrahm
-ms.date: 08/12/2021
+ms.date: 02/10/2022
 ms.technology: windows-sec
 ---