From ff7db07bed62b5ad381e88bb7b6dc83f99284ee4 Mon Sep 17 00:00:00 2001
From: valemieux <98555474+valemieux@users.noreply.github.com>
Date: Tue, 8 Mar 2022 20:49:20 -0800
Subject: [PATCH 01/20] Update the Recommended blocklist with new blocks
38430645
---
...icrosoft-recommended-driver-block-rules.md | 22 +++++--------------
1 file changed, 5 insertions(+), 17 deletions(-)
diff --git a/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-driver-block-rules.md b/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-driver-block-rules.md
index a47682f38e..ddc5e3e2fe 100644
--- a/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-driver-block-rules.md
+++ b/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-driver-block-rules.md
@@ -110,7 +110,7 @@ Microsoft recommends enabling [HVCI](/windows/security/threat-protection/device-
-
+
@@ -402,7 +402,7 @@ Microsoft recommends enabling [HVCI](/windows/security/threat-protection/device-
-
+
@@ -413,7 +413,7 @@ Microsoft recommends enabling [HVCI](/windows/security/threat-protection/device-
-
+
@@ -448,13 +448,6 @@ Microsoft recommends enabling [HVCI](/windows/security/threat-protection/device-
-
-
-
-
-
-
-
@@ -575,7 +568,7 @@ Microsoft recommends enabling [HVCI](/windows/security/threat-protection/device-
-
+
@@ -629,7 +622,7 @@ Microsoft recommends enabling [HVCI](/windows/security/threat-protection/device-
-
+
@@ -1153,11 +1146,6 @@ Microsoft recommends enabling [HVCI](/windows/security/threat-protection/device-
10.0.25070.0
-
-
- true
-
-
```
From e62f8b8804125a9baddbbbd87ca7f63c8e2fb1c4 Mon Sep 17 00:00:00 2001
From: Sunny Zankharia <67922512+sazankha@users.noreply.github.com>
Date: Wed, 9 Mar 2022 12:26:47 -0800
Subject: [PATCH 02/20] Update configure-md-app-guard.md
---
.../configure-md-app-guard.md | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/windows/security/threat-protection/microsoft-defender-application-guard/configure-md-app-guard.md b/windows/security/threat-protection/microsoft-defender-application-guard/configure-md-app-guard.md
index 725a653863..3fbdf21757 100644
--- a/windows/security/threat-protection/microsoft-defender-application-guard/configure-md-app-guard.md
+++ b/windows/security/threat-protection/microsoft-defender-application-guard/configure-md-app-guard.md
@@ -63,3 +63,8 @@ These settings, located at `Computer Configuration\Administrative Templates\Wind
|Allow camera and microphone access in Microsoft Defender Application Guard|Windows 10 Enterprise, 1809 or higher
Windows 10 Pro, 1809 or higherWindows 11|Determines whether to allow camera and microphone access inside Microsoft Defender Application Guard.|**Enabled.** Applications inside Microsoft Defender Application Guard are able to access the camera and microphone on the user's device. **Important:** Be aware that enabling this policy with a potentially compromised container could bypass camera and microphone permissions and access the camera and microphone without the user's knowledge.
**Disabled or not configured.** Applications inside Microsoft Defender Application Guard are unable to access the camera and microphone on the user's device.|
|Allow Microsoft Defender Application Guard to use Root Certificate Authorities from a user's device|Windows 10 Enterprise, 1809 or higher
Windows 10 Pro, 1809 or higher
Windows 11|Determines whether Root Certificates are shared with Microsoft Defender Application Guard.|**Enabled.** Certificates matching the specified thumbprint are transferred into the container. Use a comma to separate multiple certificates.
**Disabled or not configured.** Certificates are not shared with Microsoft Defender Application Guard.|
|Allow auditing events in Microsoft Defender Application Guard|Windows 10 Enterprise, 1809 or higher
Windows 10 Pro, 1809 or higher
Windows 11|This policy setting allows you to decide whether auditing events can be collected from Microsoft Defender Application Guard.|**Enabled.** Application Guard inherits auditing policies from your device and logs system events from the Application Guard container to your host.
**Disabled or not configured.** event logs aren't collected from your Application Guard container.|
+
+## Application Guard support dialogue settings
+
+These settings are located at `Administrative Templates -> Windows Components -> Windows Security -> Enterprise Customization`. If an error is encountered, the user is presented with a dialog. By default, this dialog only contains the error information and a button for them to report it to Microsoft via feedback hub. However, it is possible to supplement additional information in the dialog.
+[Use Group Policy to enable and customize contact information](/windows/security/threat-protection/windows-defender-security-center/wdsc-customize-contact-information#use-group-policy-to-enable-and-customize-contact-information).
From 2b80ed166f95b35bfe265364a682f10a13f56a51 Mon Sep 17 00:00:00 2001
From: Sunny Zankharia <67922512+sazankha@users.noreply.github.com>
Date: Wed, 9 Mar 2022 12:31:01 -0800
Subject: [PATCH 03/20] Update configure-md-app-guard.md
---
.../configure-md-app-guard.md | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/windows/security/threat-protection/microsoft-defender-application-guard/configure-md-app-guard.md b/windows/security/threat-protection/microsoft-defender-application-guard/configure-md-app-guard.md
index 3fbdf21757..6d5e6b568d 100644
--- a/windows/security/threat-protection/microsoft-defender-application-guard/configure-md-app-guard.md
+++ b/windows/security/threat-protection/microsoft-defender-application-guard/configure-md-app-guard.md
@@ -67,4 +67,4 @@ These settings, located at `Computer Configuration\Administrative Templates\Wind
## Application Guard support dialogue settings
These settings are located at `Administrative Templates -> Windows Components -> Windows Security -> Enterprise Customization`. If an error is encountered, the user is presented with a dialog. By default, this dialog only contains the error information and a button for them to report it to Microsoft via feedback hub. However, it is possible to supplement additional information in the dialog.
-[Use Group Policy to enable and customize contact information](/windows/security/threat-protection/windows-defender-security-center/wdsc-customize-contact-information#use-group-policy-to-enable-and-customize-contact-information).
+[Use Group Policy to enable and customize contact information](https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-security-center/wdsc-customize-contact-information#use-group-policy-to-enable-and-customize-contact-information).
From 0e9ffcc471e4393680a72cf92d335857800ac64d Mon Sep 17 00:00:00 2001
From: Sunny Zankharia <67922512+sazankha@users.noreply.github.com>
Date: Wed, 9 Mar 2022 12:32:33 -0800
Subject: [PATCH 04/20] Update configure-md-app-guard.md
---
.../configure-md-app-guard.md | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/windows/security/threat-protection/microsoft-defender-application-guard/configure-md-app-guard.md b/windows/security/threat-protection/microsoft-defender-application-guard/configure-md-app-guard.md
index 6d5e6b568d..0b3c1ef222 100644
--- a/windows/security/threat-protection/microsoft-defender-application-guard/configure-md-app-guard.md
+++ b/windows/security/threat-protection/microsoft-defender-application-guard/configure-md-app-guard.md
@@ -66,5 +66,5 @@ These settings, located at `Computer Configuration\Administrative Templates\Wind
## Application Guard support dialogue settings
-These settings are located at `Administrative Templates -> Windows Components -> Windows Security -> Enterprise Customization`. If an error is encountered, the user is presented with a dialog. By default, this dialog only contains the error information and a button for them to report it to Microsoft via feedback hub. However, it is possible to supplement additional information in the dialog.
+These settings are located at `Administrative Templates\Windows Components\Windows Security\Enterprise Customization`. If an error is encountered, the user is presented with a dialog. By default, this dialog only contains the error information and a button for them to report it to Microsoft via feedback hub. However, it is possible to supplement additional information in the dialog.
[Use Group Policy to enable and customize contact information](https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-security-center/wdsc-customize-contact-information#use-group-policy-to-enable-and-customize-contact-information).
From 218b04c43762a3e2712914c1fda85a319e8f19d2 Mon Sep 17 00:00:00 2001
From: Michael Mardahl
Date: Wed, 9 Mar 2022 23:50:24 +0100
Subject: [PATCH 05/20] Update
bitlocker-device-encryption-overview-windows-10.md
Added information about deprecation that is VERY important to point out, and removed links to get MBAM.
Added new links and relevant information.
#ATCP
---
.../bitlocker-device-encryption-overview-windows-10.md | 7 ++++++-
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/windows/security/information-protection/bitlocker/bitlocker-device-encryption-overview-windows-10.md b/windows/security/information-protection/bitlocker/bitlocker-device-encryption-overview-windows-10.md
index 2b18579a8c..0d310a2a0b 100644
--- a/windows/security/information-protection/bitlocker/bitlocker-device-encryption-overview-windows-10.md
+++ b/windows/security/information-protection/bitlocker/bitlocker-device-encryption-overview-windows-10.md
@@ -144,4 +144,9 @@ Part of the Microsoft Desktop Optimization Pack, MBAM makes it easier to manage
* Offers an IT-customizable recovery user experience.
* Supports Windows 10.
-For more information about MBAM, including how to obtain it, see [Microsoft BitLocker Administration and Monitoring](/microsoft-desktop-optimization-pack/) on the MDOP TechCenter.
+> [!IMPORTANT]
+>Enterprises can use Microsoft BitLocker Administration and Monitoring (MBAM) to manage client computers with BitLocker that are domain-joined on-premises until mainstream support ends in July 2019 or they can receive extended support until April 2026
+
+Going forward, the functionality of MBAM will be incorporated into Microsoft Endpoint Manager Config Manager (MEMCM), see [Features in Configuration Manager technical preview version 1909](/mem/configmgr/core/get-started/2019/technical-preview-1909#bkmk_bitlocker)
+
+Customers not using Config Manager can utilize the built-in features of Azure AD and Microsoft Endpoint Manager Microsoft Intune (MEMMI) for administration and monitoring, see [Monitor device encryption with Intune](/mem/intune/protect/encryption-monitor)
From 7aaefada29f6bb1423da04a3f86736f30a369c6b Mon Sep 17 00:00:00 2001
From: MaratMussabekov <48041687+MaratMussabekov@users.noreply.github.com>
Date: Thu, 10 Mar 2022 11:11:21 +0500
Subject: [PATCH 06/20] Update phishing.md
---
windows/security/threat-protection/intelligence/phishing.md | 6 +-----
1 file changed, 1 insertion(+), 5 deletions(-)
diff --git a/windows/security/threat-protection/intelligence/phishing.md b/windows/security/threat-protection/intelligence/phishing.md
index 36de3f06bf..f3ef00e9da 100644
--- a/windows/security/threat-protection/intelligence/phishing.md
+++ b/windows/security/threat-protection/intelligence/phishing.md
@@ -81,11 +81,7 @@ If you feel you've been a victim of a phishing attack:
- **Microsoft Office Outlook**: While in the suspicious message, select **Report message** from the ribbon, and then select **Phishing**.
-- **Microsoft**: Create a new, blank email message with the one of the following recipients:
- - Junk: junk@office365.microsoft.com
- - Phishing: phish@office365.microsoft.com
-
- Drag and drop the junk or phishing message into the new message. This will save the junk or phishing message as an attachment in the new message. Don't copy and paste the content of the message or forward the message (we need the original message so we can inspect the message headers). For more information, see [Report messages and files to Microsoft](/microsoft-365/security/office-365-security/report-junk-email-messages-to-microsoft).
+- **Microsoft 365**: Use [Submissions portal in Microsoft 365 Defender](/microsoft-365/security/office-365-security/report-junk-email-messages-to-microsoft) to submit the junk or phishing sample to Microsoft for analysis. For more information, see [Report messages and files to Microsoft](/microsoft-365/security/office-365-security/report-junk-email-messages-to-microsoft).
- **Anti-Phishing Working Group**: phishing-report@us-cert.gov. The group uses reports generated from emails sent to fight phishing scams and hackers. ISPs, security vendors, financial institutions, and law enforcement agencies are involved.
From d107f8c791ec08ca6b2a800721ff72d639c31486 Mon Sep 17 00:00:00 2001
From: MaratMussabekov <48041687+MaratMussabekov@users.noreply.github.com>
Date: Thu, 10 Mar 2022 11:42:17 +0500
Subject: [PATCH 07/20] Update windows-sandbox-overview.md
---
.../windows-sandbox/windows-sandbox-overview.md | 3 +++
1 file changed, 3 insertions(+)
diff --git a/windows/security/threat-protection/windows-sandbox/windows-sandbox-overview.md b/windows/security/threat-protection/windows-sandbox/windows-sandbox-overview.md
index 2a3f6d6dc3..3e04906f6d 100644
--- a/windows/security/threat-protection/windows-sandbox/windows-sandbox-overview.md
+++ b/windows/security/threat-protection/windows-sandbox/windows-sandbox-overview.md
@@ -29,6 +29,9 @@ Windows Sandbox has the following properties:
- **Secure**: Uses hardware-based virtualization for kernel isolation. It relies on the Microsoft hypervisor to run a separate kernel that isolates Windows Sandbox from the host.
- **Efficient:** Uses the integrated kernel scheduler, smart memory management, and virtual GPU.
+ > [!IMPORTANT]
+ > Sandbox has enabled network connection by default. It can be disabled using [Sandbox Configuration file](/windows/security/threat-protection/windows-sandbox/windows-sandbox-configure-using-wsb-file#networking).
+
The following video provides an overview of Windows Sandbox.
> [!VIDEO https://www.microsoft.com/videoplayer/embed/RE4rFAo]
From a4bdeb6e0140a6758aa5403b1be351bf122f5c98 Mon Sep 17 00:00:00 2001
From: MaratMussabekov <48041687+MaratMussabekov@users.noreply.github.com>
Date: Thu, 10 Mar 2022 12:29:29 +0500
Subject: [PATCH 08/20] Update credential-guard.md
---
.../credential-guard/credential-guard.md | 6 +-----
1 file changed, 1 insertion(+), 5 deletions(-)
diff --git a/windows/security/identity-protection/credential-guard/credential-guard.md b/windows/security/identity-protection/credential-guard/credential-guard.md
index 2c6e89c1e2..f1da3ea8c0 100644
--- a/windows/security/identity-protection/credential-guard/credential-guard.md
+++ b/windows/security/identity-protection/credential-guard/credential-guard.md
@@ -38,12 +38,8 @@ By enabling Windows Defender Credential Guard, the following features and soluti
## Related topics
-- [Isolated User Mode in Windows 10 with Dave Probert (Channel 9)](https://channel9.msdn.com/Blogs/Seth-Juarez/Isolated-User-Mode-in-Windows-10-with-Dave-Probert)
-- [Isolated User Mode Processes and Features in Windows 10 with Logan Gabriel (Channel 9)](https://channel9.msdn.com/Blogs/Seth-Juarez/Isolated-User-Mode-Processes-and-Features-in-Windows-10-with-Logan-Gabriel)
-- [More on Processes and Features in Windows 10 Isolated User Mode with Dave Probert (Channel 9)](https://channel9.msdn.com/Blogs/Seth-Juarez/More-on-Processes-and-Features-in-Windows-10-Isolated-User-Mode-with-Dave-Probert)
-- [Mitigating Credential Theft using the Windows 10 Isolated User Mode (Channel 9)](https://channel9.msdn.com/Blogs/Seth-Juarez/Mitigating-Credential-Theft-using-the-Windows-10-Isolated-User-Mode)
- [Protecting network passwords with Windows Defender Credential Guard](https://www.microsoft.com/itshowcase/Article/Content/831/Protecting-network-passwords-with-Windows-10-Credential-Guard)
- [Enabling Strict KDC Validation in Windows Kerberos](https://www.microsoft.com/download/details.aspx?id=6382)
- [What's New in Kerberos Authentication for Windows Server 2012](/previous-versions/windows/it-pro/windows-server-2012-R2-and-2012/hh831747(v=ws.11))
- [Authentication Mechanism Assurance for AD DS in Windows Server 2008 R2 Step-by-Step Guide](/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/dd378897(v=ws.10))
-- [Trusted Platform Module](/windows/device-security/tpm/trusted-platform-module-overview)
\ No newline at end of file
+- [Trusted Platform Module](/windows/device-security/tpm/trusted-platform-module-overview)
From 187fa93a705a42a699d679d4968dc6d0d6158d5c Mon Sep 17 00:00:00 2001
From: Michael Mardahl
Date: Thu, 10 Mar 2022 12:28:21 +0100
Subject: [PATCH 09/20] Update
windows/security/information-protection/bitlocker/bitlocker-device-encryption-overview-windows-10.md
Co-authored-by: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com>
---
.../bitlocker-device-encryption-overview-windows-10.md | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/windows/security/information-protection/bitlocker/bitlocker-device-encryption-overview-windows-10.md b/windows/security/information-protection/bitlocker/bitlocker-device-encryption-overview-windows-10.md
index 0d310a2a0b..fbd429a2fb 100644
--- a/windows/security/information-protection/bitlocker/bitlocker-device-encryption-overview-windows-10.md
+++ b/windows/security/information-protection/bitlocker/bitlocker-device-encryption-overview-windows-10.md
@@ -149,4 +149,4 @@ Part of the Microsoft Desktop Optimization Pack, MBAM makes it easier to manage
Going forward, the functionality of MBAM will be incorporated into Microsoft Endpoint Manager Config Manager (MEMCM), see [Features in Configuration Manager technical preview version 1909](/mem/configmgr/core/get-started/2019/technical-preview-1909#bkmk_bitlocker)
-Customers not using Config Manager can utilize the built-in features of Azure AD and Microsoft Endpoint Manager Microsoft Intune (MEMMI) for administration and monitoring, see [Monitor device encryption with Intune](/mem/intune/protect/encryption-monitor)
+Enterprises not using Configuration Manager can use the built-in features of Azure AD and Microsoft Intune in Microsoft Endpoint Manager for administration and monitoring. For more details, see [Monitor device encryption with Intune](/mem/intune/protect/encryption-monitor).
From c3f38f0b8e48f055281d78e966db418b95ddd193 Mon Sep 17 00:00:00 2001
From: Michael Mardahl
Date: Thu, 10 Mar 2022 12:28:28 +0100
Subject: [PATCH 10/20] Update
windows/security/information-protection/bitlocker/bitlocker-device-encryption-overview-windows-10.md
Co-authored-by: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com>
---
.../bitlocker-device-encryption-overview-windows-10.md | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/windows/security/information-protection/bitlocker/bitlocker-device-encryption-overview-windows-10.md b/windows/security/information-protection/bitlocker/bitlocker-device-encryption-overview-windows-10.md
index fbd429a2fb..8ad54f3f43 100644
--- a/windows/security/information-protection/bitlocker/bitlocker-device-encryption-overview-windows-10.md
+++ b/windows/security/information-protection/bitlocker/bitlocker-device-encryption-overview-windows-10.md
@@ -145,7 +145,7 @@ Part of the Microsoft Desktop Optimization Pack, MBAM makes it easier to manage
* Supports Windows 10.
> [!IMPORTANT]
->Enterprises can use Microsoft BitLocker Administration and Monitoring (MBAM) to manage client computers with BitLocker that are domain-joined on-premises until mainstream support ends in July 2019 or they can receive extended support until April 2026
+> Enterprises could use MBAM to manage client computers with BitLocker that are domain-joined on-premises until mainstream support ended in July 2019, or they could receive extended support until April 2026.
Going forward, the functionality of MBAM will be incorporated into Microsoft Endpoint Manager Config Manager (MEMCM), see [Features in Configuration Manager technical preview version 1909](/mem/configmgr/core/get-started/2019/technical-preview-1909#bkmk_bitlocker)
From b6c4a357af12760583e9775740a1497032d002c0 Mon Sep 17 00:00:00 2001
From: Michael Mardahl
Date: Thu, 10 Mar 2022 12:28:33 +0100
Subject: [PATCH 11/20] Update
windows/security/information-protection/bitlocker/bitlocker-device-encryption-overview-windows-10.md
Co-authored-by: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com>
---
.../bitlocker-device-encryption-overview-windows-10.md | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/windows/security/information-protection/bitlocker/bitlocker-device-encryption-overview-windows-10.md b/windows/security/information-protection/bitlocker/bitlocker-device-encryption-overview-windows-10.md
index 8ad54f3f43..5af5cc77cf 100644
--- a/windows/security/information-protection/bitlocker/bitlocker-device-encryption-overview-windows-10.md
+++ b/windows/security/information-protection/bitlocker/bitlocker-device-encryption-overview-windows-10.md
@@ -147,6 +147,6 @@ Part of the Microsoft Desktop Optimization Pack, MBAM makes it easier to manage
> [!IMPORTANT]
> Enterprises could use MBAM to manage client computers with BitLocker that are domain-joined on-premises until mainstream support ended in July 2019, or they could receive extended support until April 2026.
-Going forward, the functionality of MBAM will be incorporated into Microsoft Endpoint Manager Config Manager (MEMCM), see [Features in Configuration Manager technical preview version 1909](/mem/configmgr/core/get-started/2019/technical-preview-1909#bkmk_bitlocker)
+Going forward, the functionality of MBAM will be incorporated into Configuration Manager. For more details, see [Features in Configuration Manager technical preview version 1909](/mem/configmgr/core/get-started/2019/technical-preview-1909#bkmk_bitlocker).
Enterprises not using Configuration Manager can use the built-in features of Azure AD and Microsoft Intune in Microsoft Endpoint Manager for administration and monitoring. For more details, see [Monitor device encryption with Intune](/mem/intune/protect/encryption-monitor).
From e056d54062b29ee7713e401490791f41da458176 Mon Sep 17 00:00:00 2001
From: Sunny Zankharia <67922512+sazankha@users.noreply.github.com>
Date: Thu, 10 Mar 2022 08:58:10 -0800
Subject: [PATCH 12/20] Update
windows/security/threat-protection/microsoft-defender-application-guard/configure-md-app-guard.md
Co-authored-by: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com>
---
.../configure-md-app-guard.md | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/windows/security/threat-protection/microsoft-defender-application-guard/configure-md-app-guard.md b/windows/security/threat-protection/microsoft-defender-application-guard/configure-md-app-guard.md
index 0b3c1ef222..50b4a55457 100644
--- a/windows/security/threat-protection/microsoft-defender-application-guard/configure-md-app-guard.md
+++ b/windows/security/threat-protection/microsoft-defender-application-guard/configure-md-app-guard.md
@@ -66,5 +66,5 @@ These settings, located at `Computer Configuration\Administrative Templates\Wind
## Application Guard support dialogue settings
-These settings are located at `Administrative Templates\Windows Components\Windows Security\Enterprise Customization`. If an error is encountered, the user is presented with a dialog. By default, this dialog only contains the error information and a button for them to report it to Microsoft via feedback hub. However, it is possible to supplement additional information in the dialog.
+These settings are located at `Administrative Templates\Windows Components\Windows Security\Enterprise Customization`. If an error is encountered, you are presented with a dialog box. By default, this dialog box only contains the error information and a button for you to report it to Microsoft via the feedback hub. However, it is possible to provide additional information in the dialog box.
[Use Group Policy to enable and customize contact information](https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-security-center/wdsc-customize-contact-information#use-group-policy-to-enable-and-customize-contact-information).
From 604e862ce8b352566d62f9a1ce1177a9c727f51c Mon Sep 17 00:00:00 2001
From: Sunny Zankharia <67922512+sazankha@users.noreply.github.com>
Date: Thu, 10 Mar 2022 08:58:20 -0800
Subject: [PATCH 13/20] Update
windows/security/threat-protection/microsoft-defender-application-guard/configure-md-app-guard.md
Co-authored-by: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com>
---
.../configure-md-app-guard.md | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/windows/security/threat-protection/microsoft-defender-application-guard/configure-md-app-guard.md b/windows/security/threat-protection/microsoft-defender-application-guard/configure-md-app-guard.md
index 50b4a55457..f7d0af983d 100644
--- a/windows/security/threat-protection/microsoft-defender-application-guard/configure-md-app-guard.md
+++ b/windows/security/threat-protection/microsoft-defender-application-guard/configure-md-app-guard.md
@@ -67,4 +67,5 @@ These settings, located at `Computer Configuration\Administrative Templates\Wind
## Application Guard support dialogue settings
These settings are located at `Administrative Templates\Windows Components\Windows Security\Enterprise Customization`. If an error is encountered, you are presented with a dialog box. By default, this dialog box only contains the error information and a button for you to report it to Microsoft via the feedback hub. However, it is possible to provide additional information in the dialog box.
-[Use Group Policy to enable and customize contact information](https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-security-center/wdsc-customize-contact-information#use-group-policy-to-enable-and-customize-contact-information).
+
+[Use Group Policy to enable and customize contact information](/windows/security/threat-protection/windows-defender-security-center/wdsc-customize-contact-information#use-group-policy-to-enable-and-customize-contact-information).
From d7eaf38736c154b98f4fd91de7736eca04c65e7f Mon Sep 17 00:00:00 2001
From: Sunny Zankharia <67922512+sazankha@users.noreply.github.com>
Date: Thu, 10 Mar 2022 08:58:29 -0800
Subject: [PATCH 14/20] Update
windows/security/threat-protection/microsoft-defender-application-guard/configure-md-app-guard.md
Co-authored-by: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com>
---
.../configure-md-app-guard.md | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/windows/security/threat-protection/microsoft-defender-application-guard/configure-md-app-guard.md b/windows/security/threat-protection/microsoft-defender-application-guard/configure-md-app-guard.md
index f7d0af983d..c1d1935482 100644
--- a/windows/security/threat-protection/microsoft-defender-application-guard/configure-md-app-guard.md
+++ b/windows/security/threat-protection/microsoft-defender-application-guard/configure-md-app-guard.md
@@ -64,7 +64,7 @@ These settings, located at `Computer Configuration\Administrative Templates\Wind
|Allow Microsoft Defender Application Guard to use Root Certificate Authorities from a user's device|Windows 10 Enterprise, 1809 or higher
Windows 10 Pro, 1809 or higherWindows 11|Determines whether Root Certificates are shared with Microsoft Defender Application Guard.|**Enabled.** Certificates matching the specified thumbprint are transferred into the container. Use a comma to separate multiple certificates.
**Disabled or not configured.** Certificates are not shared with Microsoft Defender Application Guard.|
|Allow auditing events in Microsoft Defender Application Guard|Windows 10 Enterprise, 1809 or higher
Windows 10 Pro, 1809 or higher
Windows 11|This policy setting allows you to decide whether auditing events can be collected from Microsoft Defender Application Guard.|**Enabled.** Application Guard inherits auditing policies from your device and logs system events from the Application Guard container to your host.
**Disabled or not configured.** event logs aren't collected from your Application Guard container.|
-## Application Guard support dialogue settings
+## Application Guard support dialog settings
These settings are located at `Administrative Templates\Windows Components\Windows Security\Enterprise Customization`. If an error is encountered, you are presented with a dialog box. By default, this dialog box only contains the error information and a button for you to report it to Microsoft via the feedback hub. However, it is possible to provide additional information in the dialog box.
From 1a8d0c06003383739252b94da42202583d322246 Mon Sep 17 00:00:00 2001
From: Denise Vangel-MSFT
Date: Thu, 10 Mar 2022 09:59:42 -0800
Subject: [PATCH 15/20] Update configure-md-app-guard.md
---
.../configure-md-app-guard.md | 10 +++++-----
1 file changed, 5 insertions(+), 5 deletions(-)
diff --git a/windows/security/threat-protection/microsoft-defender-application-guard/configure-md-app-guard.md b/windows/security/threat-protection/microsoft-defender-application-guard/configure-md-app-guard.md
index c1d1935482..99819da4d5 100644
--- a/windows/security/threat-protection/microsoft-defender-application-guard/configure-md-app-guard.md
+++ b/windows/security/threat-protection/microsoft-defender-application-guard/configure-md-app-guard.md
@@ -8,7 +8,7 @@ ms.pagetype: security
ms.localizationpriority: medium
author: denisebmsft
ms.author: deniseb
-ms.date: 09/20/2021
+ms.date: 03/10/2022
ms.reviewer:
manager: dansimp
ms.custom: asr
@@ -31,13 +31,13 @@ Application Guard uses both network isolation and application-specific settings.
These settings, located at `Computer Configuration\Administrative Templates\Network\Network Isolation`, help you define and manage your organization's network boundaries. Application Guard uses this information to automatically transfer any requests to access the non-corporate resources into the Application Guard container.
> [!NOTE]
-> You must configure either the Enterprise resource domains hosted in the cloud or Private network ranges for apps settings on your employee devices to successfully turn on Application Guard using enterprise mode. Proxy servers must be a neutral resource listed in the "Domains categorized as both work and personal" policy.
+> You must configure either the Enterprise resource domains hosted in the cloud or Private network ranges for apps settings on your employee devices to successfully turn on Application Guard using enterprise mode. Proxy servers must be a neutral resource listed in the **Domains categorized as both work and personal** policy.
|Policy name|Supported versions|Description|
|-----------|------------------|-----------|
|Private network ranges for apps | At least Windows Server 2012, Windows 8, or Windows RT| A comma-separated list of IP address ranges that are in your corporate network. Included endpoints or endpoints that are included within a specified IP address range, are rendered using Microsoft Edge and won't be accessible from the Application Guard environment.|
-|Enterprise resource domains hosted in the cloud| At least Windows Server 2012, Windows 8, or Windows RT|A pipe-separated (\|) list of your domain cloud resources. Included endpoints are rendered using Microsoft Edge and won't be accessible from the Application Guard environment. **NOTE**: This list supports the wildcards detailed in the [Network isolation settings wildcards](#network-isolation-settings-wildcards) table.|
-|Domains categorized as both work and personal| At least Windows Server 2012, Windows 8, or Windows RT|A comma-separated list of domain names used as both work or personal resources. Included endpoints are rendered using Microsoft Edge and will be accessible from the Application Guard and regular Edge environment.
**NOTE**: This list supports the wildcards detailed in the [Network isolation settings wildcards](#network-isolation-settings-wildcards) table.|
+|Enterprise resource domains hosted in the cloud| At least Windows Server 2012, Windows 8, or Windows RT|A pipe-separated (`|`) list of your domain cloud resources. Included endpoints are rendered using Microsoft Edge and won't be accessible from the Application Guard environment.
Note that this list supports the wildcards detailed in the [Network isolation settings wildcards](#network-isolation-settings-wildcards) table.|
+|Domains categorized as both work and personal| At least Windows Server 2012, Windows 8, or Windows RT|A comma-separated list of domain names used as both work or personal resources. Included endpoints are rendered using Microsoft Edge and will be accessible from the Application Guard and regular Edge environment.
Note that this list supports the wildcards detailed in the [Network isolation settings wildcards](#network-isolation-settings-wildcards) table.|
## Network isolation settings wildcards
@@ -49,7 +49,7 @@ These settings, located at `Computer Configuration\Administrative Templates\Netw
|`..contoso.com`|2|Trust all levels of the domain hierarchy that are to the left of the dot. Matching sites include `shop.contoso.com`, `us.shop.contoso.com`, `www.us.shop.contoso.com`, but NOT `contoso.com` itself.|
## Application-specific settings
-These settings, located at `Computer Configuration\Administrative Templates\Windows Components\Microsoft Defender Application Guard`, can help you to manage your company's implementation of Application Guard.
+These settings, located at `Computer Configuration\Administrative Templates\Windows Components\Microsoft Defender Application Guard`, can help you to manage your organization's implementation of Application Guard.
|Name|Supported versions|Description|Options|
|-----------|------------------|-----------|-------|
From 00b832976d583de4acc9a7db867f45daf84475ac Mon Sep 17 00:00:00 2001
From: Denise Vangel-MSFT
Date: Thu, 10 Mar 2022 10:14:10 -0800
Subject: [PATCH 16/20] Update
bitlocker-device-encryption-overview-windows-10.md
---
.../bitlocker-device-encryption-overview-windows-10.md | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/windows/security/information-protection/bitlocker/bitlocker-device-encryption-overview-windows-10.md b/windows/security/information-protection/bitlocker/bitlocker-device-encryption-overview-windows-10.md
index 5af5cc77cf..708a928453 100644
--- a/windows/security/information-protection/bitlocker/bitlocker-device-encryption-overview-windows-10.md
+++ b/windows/security/information-protection/bitlocker/bitlocker-device-encryption-overview-windows-10.md
@@ -14,7 +14,7 @@ ms.collection:
- M365-security-compliance
- highpri
ms.topic: conceptual
-ms.date: 02/28/2019
+ms.date: 03/10/2022
ms.custom: bitlocker
---
@@ -64,6 +64,7 @@ Microsoft includes instrumentation in Windows 11 and Windows 10 that enable the
## Deploy hard drive encryption
BitLocker is capable of encrypting entire hard drives, including both system and data drives. BitLocker pre-provisioning can drastically reduce the time required to provision new PCs with BitLocker enabled. With Windows 11 and Windows 10, administrators can turn on BitLocker and the TPM from within the Windows Preinstallation Environment before they install Windows or as part of an automated deployment task sequence without any user interaction. Combined with Used Disk Space Only encryption and a mostly empty drive (because Windows is not yet installed), it takes only a few seconds to enable BitLocker.
+
With earlier versions of Windows, administrators had to enable BitLocker after Windows had been installed. Although this process could be automated, BitLocker would need to encrypt the entire drive, a process that could take anywhere from several hours to more than a day depending on drive size and performance, which significantly delayed deployment. Microsoft has improved this process through multiple features in Windows 11 and Windows 10.
## BitLocker Device Encryption
@@ -130,7 +131,7 @@ For more information about how to configure Network Unlock, see [BitLocker: How
## Microsoft BitLocker Administration and Monitoring
-Part of the Microsoft Desktop Optimization Pack, MBAM makes it easier to manage and support BitLocker and BitLocker To Go. MBAM 2.5 with Service Pack 1, the latest version, has the following key features:
+Part of the Microsoft Desktop Optimization Pack, Microsoft BitLocker Administration and Monitoring (MBAM) makes it easier to manage and support BitLocker and BitLocker To Go. MBAM 2.5 with Service Pack 1, the latest version, has the following key features:
* Enables administrators to automate the process of encrypting volumes on client computers across the enterprise.
* Enables security officers to quickly determine the compliance state of individual computers or even of the enterprise itself.
From 632cae29956f3f6faec2cc9f564d5d3abe994e0a Mon Sep 17 00:00:00 2001
From: Denise Vangel-MSFT
Date: Thu, 10 Mar 2022 10:15:35 -0800
Subject: [PATCH 17/20] Update
windows/security/threat-protection/intelligence/phishing.md
Co-authored-by: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com>
---
windows/security/threat-protection/intelligence/phishing.md | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/windows/security/threat-protection/intelligence/phishing.md b/windows/security/threat-protection/intelligence/phishing.md
index f3ef00e9da..960336ca09 100644
--- a/windows/security/threat-protection/intelligence/phishing.md
+++ b/windows/security/threat-protection/intelligence/phishing.md
@@ -81,7 +81,7 @@ If you feel you've been a victim of a phishing attack:
- **Microsoft Office Outlook**: While in the suspicious message, select **Report message** from the ribbon, and then select **Phishing**.
-- **Microsoft 365**: Use [Submissions portal in Microsoft 365 Defender](/microsoft-365/security/office-365-security/report-junk-email-messages-to-microsoft) to submit the junk or phishing sample to Microsoft for analysis. For more information, see [Report messages and files to Microsoft](/microsoft-365/security/office-365-security/report-junk-email-messages-to-microsoft).
+- **Microsoft 365**: Use the [Submissions portal in Microsoft 365 Defender](/microsoft-365/security/office-365-security/report-junk-email-messages-to-microsoft) to submit the junk or phishing sample to Microsoft for analysis. For more information, see [Report messages and files to Microsoft](/microsoft-365/security/office-365-security/report-junk-email-messages-to-microsoft).
- **Anti-Phishing Working Group**: phishing-report@us-cert.gov. The group uses reports generated from emails sent to fight phishing scams and hackers. ISPs, security vendors, financial institutions, and law enforcement agencies are involved.
From 872eb1ca830bba26eef8ffc0a33b294ed4f61f5f Mon Sep 17 00:00:00 2001
From: Denise Vangel-MSFT
Date: Thu, 10 Mar 2022 10:17:25 -0800
Subject: [PATCH 18/20] Update
windows/security/threat-protection/windows-sandbox/windows-sandbox-overview.md
Co-authored-by: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com>
---
.../windows-sandbox/windows-sandbox-overview.md | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/windows/security/threat-protection/windows-sandbox/windows-sandbox-overview.md b/windows/security/threat-protection/windows-sandbox/windows-sandbox-overview.md
index 3e04906f6d..65b8c21047 100644
--- a/windows/security/threat-protection/windows-sandbox/windows-sandbox-overview.md
+++ b/windows/security/threat-protection/windows-sandbox/windows-sandbox-overview.md
@@ -30,7 +30,7 @@ Windows Sandbox has the following properties:
- **Efficient:** Uses the integrated kernel scheduler, smart memory management, and virtual GPU.
> [!IMPORTANT]
- > Sandbox has enabled network connection by default. It can be disabled using [Sandbox Configuration file](/windows/security/threat-protection/windows-sandbox/windows-sandbox-configure-using-wsb-file#networking).
+ > Windows Sandbox enables network connection by default. It can be disabled using the [Windows Sandbox configuration file](/windows/security/threat-protection/windows-sandbox/windows-sandbox-configure-using-wsb-file#networking).
The following video provides an overview of Windows Sandbox.
From 3152525e9afbd5cacfd513e83bfaaaed4b8084a5 Mon Sep 17 00:00:00 2001
From: Denise Vangel-MSFT
Date: Thu, 10 Mar 2022 10:18:38 -0800
Subject: [PATCH 19/20] Update credential-guard.md
---
.../identity-protection/credential-guard/credential-guard.md | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/windows/security/identity-protection/credential-guard/credential-guard.md b/windows/security/identity-protection/credential-guard/credential-guard.md
index f1da3ea8c0..4153f5223b 100644
--- a/windows/security/identity-protection/credential-guard/credential-guard.md
+++ b/windows/security/identity-protection/credential-guard/credential-guard.md
@@ -16,7 +16,7 @@ ms.collection:
- M365-identity-device-management
- highpri
ms.topic: article
-ms.date: 08/17/2017
+ms.date: 03/10/2022
---
# Protect derived domain credentials with Windows Defender Credential Guard
From 7f1b5caf13f5613692fd59638930b62d0947d1af Mon Sep 17 00:00:00 2001
From: Diana Hanson
Date: Thu, 10 Mar 2022 11:53:51 -0700
Subject: [PATCH 20/20] Update
bitlocker-device-encryption-overview-windows-10.md
---
.../bitlocker-device-encryption-overview-windows-10.md | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/windows/security/information-protection/bitlocker/bitlocker-device-encryption-overview-windows-10.md b/windows/security/information-protection/bitlocker/bitlocker-device-encryption-overview-windows-10.md
index 708a928453..26f5413422 100644
--- a/windows/security/information-protection/bitlocker/bitlocker-device-encryption-overview-windows-10.md
+++ b/windows/security/information-protection/bitlocker/bitlocker-device-encryption-overview-windows-10.md
@@ -135,7 +135,7 @@ Part of the Microsoft Desktop Optimization Pack, Microsoft BitLocker Administrat
* Enables administrators to automate the process of encrypting volumes on client computers across the enterprise.
* Enables security officers to quickly determine the compliance state of individual computers or even of the enterprise itself.
-* Provides centralized reporting and hardware management with Microsoft Microsoft Endpoint Configuration Manager.
+* Provides centralized reporting and hardware management with Microsoft Endpoint Configuration Manager.
* Reduces the workload on the help desk to assist end users with BitLocker recovery requests.
* Enables end users to recover encrypted devices independently by using the Self-Service Portal.
* Enables security officers to easily audit access to recovery key information.