From 864049b0d8b2b1469fdea8b90f57a81b2798898d Mon Sep 17 00:00:00 2001 From: Nimisha Satapathy Date: Fri, 7 Jan 2022 17:42:56 +0530 Subject: [PATCH 01/14] Update policy-csp-browser.md --- windows/client-management/mdm/policy-csp-browser.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/client-management/mdm/policy-csp-browser.md b/windows/client-management/mdm/policy-csp-browser.md index ba8ac722c2..7bab2b690f 100644 --- a/windows/client-management/mdm/policy-csp-browser.md +++ b/windows/client-management/mdm/policy-csp-browser.md @@ -15,7 +15,7 @@ ms.localizationpriority: medium # Policy CSP - Browser > [!NOTE] -> You've reached the documentation for Microsoft Edge version 45 and earlier. To see the documentation for Microsoft Edge version 77 or later, go to the [Microsoft Edge documentation landing page](/DeployEdge/). +> These settings are for the previous version of Microsoft Edge and are deprecated. These settings will be removed in a future Windows release. Microsoft recommends updating your version of Microsoft Edge and use the appropriate CSPs for the Chromium version of the Microsoft Edge browser. Learn more about how to [Configure Microsoft Edge using Mobile Device Management](https://docs.microsoft.com/deployedge/configure-edge-with-mdm). ## Browser policies From f4e2c4ee26ae295581d2e6b3052363f3d4f02242 Mon Sep 17 00:00:00 2001 From: Nimisha Satapathy Date: Sat, 8 Jan 2022 00:36:02 +0530 Subject: [PATCH 02/14] Update policy-csp-browser.md --- windows/client-management/mdm/policy-csp-browser.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/windows/client-management/mdm/policy-csp-browser.md b/windows/client-management/mdm/policy-csp-browser.md index 7bab2b690f..7b3f0a6fb4 100644 --- a/windows/client-management/mdm/policy-csp-browser.md +++ b/windows/client-management/mdm/policy-csp-browser.md @@ -15,7 +15,8 @@ ms.localizationpriority: medium # Policy CSP - Browser > [!NOTE] -> These settings are for the previous version of Microsoft Edge and are deprecated. These settings will be removed in a future Windows release. Microsoft recommends updating your version of Microsoft Edge and use the appropriate CSPs for the Chromium version of the Microsoft Edge browser. Learn more about how to [Configure Microsoft Edge using Mobile Device Management](https://docs.microsoft.com/deployedge/configure-edge-with-mdm). +> These settings are for the previous version of Microsoft Edge (version 45 and earlier) and are deprecated. These settings will be removed in a future Windows release. Microsoft recommends updating your version of Microsoft Edge to version 77 or later and use the ADMX Ingestion function for management. Learn more about how to [Configure Microsoft Edge using Mobile Device Management](https://docs.microsoft.com/deployedge/configure-edge-with-mdm). + ## Browser policies From 8c6c0790d2c9caa886ac3d8a3fd7eaa83f2e36cb Mon Sep 17 00:00:00 2001 From: Nimisha Satapathy Date: Sat, 8 Jan 2022 00:42:50 +0530 Subject: [PATCH 03/14] Update policy-csp-browser.md --- windows/client-management/mdm/policy-csp-browser.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/client-management/mdm/policy-csp-browser.md b/windows/client-management/mdm/policy-csp-browser.md index 7b3f0a6fb4..3ab4a15f8d 100644 --- a/windows/client-management/mdm/policy-csp-browser.md +++ b/windows/client-management/mdm/policy-csp-browser.md @@ -15,7 +15,7 @@ ms.localizationpriority: medium # Policy CSP - Browser > [!NOTE] -> These settings are for the previous version of Microsoft Edge (version 45 and earlier) and are deprecated. These settings will be removed in a future Windows release. Microsoft recommends updating your version of Microsoft Edge to version 77 or later and use the ADMX Ingestion function for management. Learn more about how to [Configure Microsoft Edge using Mobile Device Management](https://docs.microsoft.com/deployedge/configure-edge-with-mdm). +> These settings are for the previous version of Microsoft Edge (version 45 and earlier) and are deprecated. These settings will be removed in a future Windows release. Microsoft recommends updating your version of Microsoft Edge to version 77 or later and use the ADMX Ingestion function for management. Learn more about how to [Configure Microsoft Edge using Mobile Device Management](deployedge/configure-edge-with-mdm). From da7399f346a57f55461383014aa39a5632ede6d0 Mon Sep 17 00:00:00 2001 From: Nimisha Satapathy Date: Mon, 10 Jan 2022 15:28:32 +0530 Subject: [PATCH 04/14] Update policy-csp-browser.md --- windows/client-management/mdm/policy-csp-browser.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/client-management/mdm/policy-csp-browser.md b/windows/client-management/mdm/policy-csp-browser.md index 3ab4a15f8d..7b3f0a6fb4 100644 --- a/windows/client-management/mdm/policy-csp-browser.md +++ b/windows/client-management/mdm/policy-csp-browser.md @@ -15,7 +15,7 @@ ms.localizationpriority: medium # Policy CSP - Browser > [!NOTE] -> These settings are for the previous version of Microsoft Edge (version 45 and earlier) and are deprecated. These settings will be removed in a future Windows release. Microsoft recommends updating your version of Microsoft Edge to version 77 or later and use the ADMX Ingestion function for management. Learn more about how to [Configure Microsoft Edge using Mobile Device Management](deployedge/configure-edge-with-mdm). +> These settings are for the previous version of Microsoft Edge (version 45 and earlier) and are deprecated. These settings will be removed in a future Windows release. Microsoft recommends updating your version of Microsoft Edge to version 77 or later and use the ADMX Ingestion function for management. Learn more about how to [Configure Microsoft Edge using Mobile Device Management](https://docs.microsoft.com/deployedge/configure-edge-with-mdm). From 02af56b64a72a8ac99155346a85ffd126a2df8b7 Mon Sep 17 00:00:00 2001 From: Nimisha Satapathy Date: Mon, 10 Jan 2022 15:35:47 +0530 Subject: [PATCH 05/14] Update policy-csp-browser.md --- windows/client-management/mdm/policy-csp-browser.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/client-management/mdm/policy-csp-browser.md b/windows/client-management/mdm/policy-csp-browser.md index 7b3f0a6fb4..cbf9ef190b 100644 --- a/windows/client-management/mdm/policy-csp-browser.md +++ b/windows/client-management/mdm/policy-csp-browser.md @@ -15,7 +15,7 @@ ms.localizationpriority: medium # Policy CSP - Browser > [!NOTE] -> These settings are for the previous version of Microsoft Edge (version 45 and earlier) and are deprecated. These settings will be removed in a future Windows release. Microsoft recommends updating your version of Microsoft Edge to version 77 or later and use the ADMX Ingestion function for management. Learn more about how to [Configure Microsoft Edge using Mobile Device Management](https://docs.microsoft.com/deployedge/configure-edge-with-mdm). +> These settings are for the previous version of Microsoft Edge (version 45 and earlier) and are deprecated. These settings will be removed in a future Windows release. Microsoft recommends updating your version of Microsoft Edge to version 77 or later and use the ADMX Ingestion function for management. Learn more about how to [Configure Microsoft Edge using Mobile Device Management](/deployedge/configure-edge-with-mdm). From 6d2d48751f5c93be28772a5f81e44916ded8d032 Mon Sep 17 00:00:00 2001 From: sravanigannavarapu <95500630+sravanigannavarapu@users.noreply.github.com> Date: Tue, 11 Jan 2022 18:26:47 -0800 Subject: [PATCH 06/14] Update audit-registry.md --- windows/security/threat-protection/auditing/audit-registry.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/windows/security/threat-protection/auditing/audit-registry.md b/windows/security/threat-protection/auditing/audit-registry.md index ace2bfd284..39a62a47c9 100644 --- a/windows/security/threat-protection/auditing/audit-registry.md +++ b/windows/security/threat-protection/auditing/audit-registry.md @@ -48,6 +48,6 @@ If success auditing is enabled, an audit entry is generated each time any accoun > [!NOTE] -> On creating a subkey for a parent (RegCreateKey), the expectation is to see an event for opening a handle for the newly created object (event 4656) issued by the object manager. You will see this event only when "Audit Object Access" is enabled under **Local Policies** > **Audit Policy** in Local Security Policy. This event is not generated while using precisely defined settings for seeing only registry-related events under **Advanced Audit Policy Configurations** > **Object Access** > **Audit Registry** in Local Security Policy. For example, you will not see this event with the setting to just see the registry-related auditing events using "auditpol.exe /set /subcategory:{0CCE921E-69AE-11D9-BED3-505054503030} /success:enable". +> On creating a subkey for a parent (RegCreateKey), the expectation is to see an event for opening a handle for the newly created object (event 4656) issued by the object manager. You will see this event only when "Audit Object Access" is enabled under **Local Policies** > **Audit Policy** in Local Security Policy. This event is not generated while using precisely defined settings for seeing only registry-related events under **Advanced Audit Policy Configurations** > **Object Access** > **Audit Registry** in Local Security Policy. For example, you will not see this event with the setting to just see the registry-related auditing events using "auditpol.exe /set /subcategory:{0CCE921E-69AE-11D9-BED3-505054503030} /success:enable". This behaviour is expected only on the newer versions of the OS (Windows 11 / Windows Server 2022 and above). On older versions, 4656 events are not generated during subkey creation. > -> Calls to Registry APIs to access an open key object to perform an operation such as RegSetValue, RegEnumValue, and RegRenameKey would trigger an event to access the object (event 4663). For example, creating a subkey using regedit.exe would not trigger a 4663 event, but renaming it would. +> Calls to Registry APIs to access an open key object to perform an operation such as RegSetValue, RegEnumValue, and RegRenameKey would trigger an event to access the object (event 4663). For example, creating a subkey using regedit.exe would not trigger a 4663 event, but renaming it would. From 8281e9088bed93059163888022a781746a111729 Mon Sep 17 00:00:00 2001 From: MaratMussabekov <48041687+MaratMussabekov@users.noreply.github.com> Date: Mon, 17 Jan 2022 16:00:52 +0500 Subject: [PATCH 07/14] Update change-the-tpm-owner-password.md --- .../information-protection/tpm/change-the-tpm-owner-password.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/information-protection/tpm/change-the-tpm-owner-password.md b/windows/security/information-protection/tpm/change-the-tpm-owner-password.md index a43a8f75e9..c973d67343 100644 --- a/windows/security/information-protection/tpm/change-the-tpm-owner-password.md +++ b/windows/security/information-protection/tpm/change-the-tpm-owner-password.md @@ -46,7 +46,7 @@ Instead of changing your owner password, you can also use the following options ## Change the TPM owner password -With Windows 10, version 1507 or 1511, or Windows 11, if you have opted specifically to preserve the TPM owner password, you can use the saved password to change to a new password. +With Windows 10, version 1507 or 1511, if you have opted specifically to preserve the TPM owner password, you can use the saved password to change to a new password. To change to a new TPM owner password, in TPM.msc, click **Change Owner Password**, and follow the instructions. You will be prompted to provide the owner password file or to type the password. Then you can create a new password, either automatically or manually, and save the password in a file or as a printout. From f935d970854ba4eee34e4a6603516f25d62f314f Mon Sep 17 00:00:00 2001 From: VARADHARAJAN K <3296790+RAJU2529@users.noreply.github.com> Date: Tue, 18 Jan 2022 20:37:27 +0530 Subject: [PATCH 08/14] removed invalid link, added correct link as per user report #10287 , so i added correct link --- .../protect-devices-from-unwanted-network-traffic.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/windows-firewall/protect-devices-from-unwanted-network-traffic.md b/windows/security/threat-protection/windows-firewall/protect-devices-from-unwanted-network-traffic.md index c0a822af53..527df8967f 100644 --- a/windows/security/threat-protection/windows-firewall/protect-devices-from-unwanted-network-traffic.md +++ b/windows/security/threat-protection/windows-firewall/protect-devices-from-unwanted-network-traffic.md @@ -27,7 +27,7 @@ ms.technology: windows-sec Although network perimeter firewalls provide important protection to network resources from external threats, there are network threats that a perimeter firewall cannot protect against. Some attacks might successfully penetrate the perimeter firewall, and at that point what can stop it? Other attacks might originate from inside the network, such as malware that is brought in on portable media and run on a trusted device. Portable device are often taken outside the network and connected directly to the Internet, without adequate protection between the device and security threats. -Reports of targeted attacks against organizations, governments, and individuals have become more widespread in recent years. For a general overview of these threats, also known as advanced persistent threats (APT), see the [Microsoft Security Intelligence Report](https://www.microsoft.com/security/sir/default.aspx). +Reports of targeted attacks against organizations, governments, and individuals have become more widespread in recent years. For a general overview of these threats, also known as advanced persistent threats (APT), see the [Microsoft Security Intelligence Report](https://www.microsoft.com/security/business/microsoft-digital-defense-report). Running a host-based firewall on every device that your organization manages is an important layer in a "defense-in-depth" security strategy. A host-based firewall can help protect against attacks that originate from inside the network and also provide additional protection against attacks from outside the network that manage to penetrate the perimeter firewall. It also travels with a portable device to provide protection when it is away from the organization's network. From d3d2a324970d2232e05dbe959dbd023acfd966b0 Mon Sep 17 00:00:00 2001 From: Sergii Cherkashyn Date: Tue, 18 Jan 2022 10:34:32 -0500 Subject: [PATCH 09/14] Removing groups option from Windows 10 version 2004 After working the case and talking to PG, Ravi Vennapusa, confirmed we cant add groups to Remote Desktop Users. Only users can be added as mentioned in the linked in this section article. Also submitting change request to this branch, since not able to access Review one, getting 404 error. --- windows/client-management/connect-to-remote-aadj-pc.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/client-management/connect-to-remote-aadj-pc.md b/windows/client-management/connect-to-remote-aadj-pc.md index 138861993b..3fbf21a37a 100644 --- a/windows/client-management/connect-to-remote-aadj-pc.md +++ b/windows/client-management/connect-to-remote-aadj-pc.md @@ -66,7 +66,7 @@ Ensure [Remote Credential Guard](/windows/access-protection/remote-credential-gu - Adding users using policy - Starting in Windows 10, version 2004, you can add users or Azure AD groups to the Remote Desktop Users using MDM policies as described in [How to manage the local administrators group on Azure AD joined devices](/azure/active-directory/devices/assign-local-admin#manage-administrator-privileges-using-azure-ad-groups-preview). + Starting in Windows 10, version 2004, you can add users to the Remote Desktop Users using MDM policies as described in [How to manage the local administrators group on Azure AD joined devices](/azure/active-directory/devices/assign-local-admin#manage-administrator-privileges-using-azure-ad-groups-preview). > [!TIP] > When you connect to the remote PC, enter your account name in this format: AzureAD\yourloginid@domain.com. From 132f4a861ef1776530f1c0866e4bec32ab6d7c30 Mon Sep 17 00:00:00 2001 From: Dan Pandre <54847950+DanPandre@users.noreply.github.com> Date: Tue, 18 Jan 2022 10:45:16 -0500 Subject: [PATCH 10/14] NetworkProxy CSP missing inadvertently from Hub --- .../mdm/configuration-service-provider-reference.md | 1 + 1 file changed, 1 insertion(+) diff --git a/windows/client-management/mdm/configuration-service-provider-reference.md b/windows/client-management/mdm/configuration-service-provider-reference.md index 8f140c8f43..47a47c403e 100644 --- a/windows/client-management/mdm/configuration-service-provider-reference.md +++ b/windows/client-management/mdm/configuration-service-provider-reference.md @@ -1135,6 +1135,7 @@ The following list shows the CSPs supported in HoloLens devices: - [EnterpriseModernAppManagement CSP](enterprisemodernappmanagement-csp.md) - [Firewall-CSP](firewall-csp.md) - [HealthAttestation CSP](healthattestation-csp.md) +- [NetworkProxy CSP](networkproxy-csp.md) - [NetworkQoSPolicy CSP](networkqospolicy-csp.md) - [NodeCache CSP](nodecache-csp.md) - [PassportForWork CSP](passportforwork-csp.md) From eba33af05dbccb3bfc7a44516b08bea914e13a0a Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Tue, 18 Jan 2022 09:11:03 -0800 Subject: [PATCH 11/14] Update connect-to-remote-aadj-pc.md --- windows/client-management/connect-to-remote-aadj-pc.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/client-management/connect-to-remote-aadj-pc.md b/windows/client-management/connect-to-remote-aadj-pc.md index 3fbf21a37a..ec54bee4ae 100644 --- a/windows/client-management/connect-to-remote-aadj-pc.md +++ b/windows/client-management/connect-to-remote-aadj-pc.md @@ -9,7 +9,7 @@ ms.pagetype: devices author: dansimp ms.localizationpriority: medium ms.author: dansimp -ms.date: 01/14/2022 +ms.date: 01/18/2022 ms.reviewer: manager: dansimp ms.topic: article From a938ac3cd2a9a158ac9871db93b048a46614458f Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Tue, 18 Jan 2022 09:12:29 -0800 Subject: [PATCH 12/14] Update protect-devices-from-unwanted-network-traffic.md --- .../protect-devices-from-unwanted-network-traffic.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/windows-firewall/protect-devices-from-unwanted-network-traffic.md b/windows/security/threat-protection/windows-firewall/protect-devices-from-unwanted-network-traffic.md index 527df8967f..d64c7e44ba 100644 --- a/windows/security/threat-protection/windows-firewall/protect-devices-from-unwanted-network-traffic.md +++ b/windows/security/threat-protection/windows-firewall/protect-devices-from-unwanted-network-traffic.md @@ -14,7 +14,7 @@ manager: dansimp audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual -ms.date: 09/08/2021 +ms.date: 01/18/2022 ms.technology: windows-sec --- From 73f3ae01d93331eccf92a26e6b104138b42d001d Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Tue, 18 Jan 2022 09:13:46 -0800 Subject: [PATCH 13/14] Update change-the-tpm-owner-password.md --- .../information-protection/tpm/change-the-tpm-owner-password.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/information-protection/tpm/change-the-tpm-owner-password.md b/windows/security/information-protection/tpm/change-the-tpm-owner-password.md index c973d67343..7260afb4d5 100644 --- a/windows/security/information-protection/tpm/change-the-tpm-owner-password.md +++ b/windows/security/information-protection/tpm/change-the-tpm-owner-password.md @@ -13,7 +13,7 @@ manager: dansimp audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual -ms.date: 12/03/2021 +ms.date: 01/18/2022 --- # Change the TPM owner password From 832752a80dba8a5c69ba3b80793e18ebd1dc5c91 Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Tue, 18 Jan 2022 09:14:40 -0800 Subject: [PATCH 14/14] Update windows/security/threat-protection/auditing/audit-registry.md Co-authored-by: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com> --- windows/security/threat-protection/auditing/audit-registry.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/auditing/audit-registry.md b/windows/security/threat-protection/auditing/audit-registry.md index 39a62a47c9..a9559b8677 100644 --- a/windows/security/threat-protection/auditing/audit-registry.md +++ b/windows/security/threat-protection/auditing/audit-registry.md @@ -48,6 +48,6 @@ If success auditing is enabled, an audit entry is generated each time any accoun > [!NOTE] -> On creating a subkey for a parent (RegCreateKey), the expectation is to see an event for opening a handle for the newly created object (event 4656) issued by the object manager. You will see this event only when "Audit Object Access" is enabled under **Local Policies** > **Audit Policy** in Local Security Policy. This event is not generated while using precisely defined settings for seeing only registry-related events under **Advanced Audit Policy Configurations** > **Object Access** > **Audit Registry** in Local Security Policy. For example, you will not see this event with the setting to just see the registry-related auditing events using "auditpol.exe /set /subcategory:{0CCE921E-69AE-11D9-BED3-505054503030} /success:enable". This behaviour is expected only on the newer versions of the OS (Windows 11 / Windows Server 2022 and above). On older versions, 4656 events are not generated during subkey creation. +> On creating a subkey for a parent (RegCreateKey), the expectation is to see an event for opening a handle for the newly created object (event 4656) issued by the object manager. You will see this event only when "Audit Object Access" is enabled under **Local Policies** > **Audit Policy** in Local Security Policy. This event is not generated while using precisely defined settings for seeing only registry-related events under **Advanced Audit Policy Configurations** > **Object Access** > **Audit Registry** in Local Security Policy. For example, you will not see this event with the setting to just see the registry-related auditing events using "auditpol.exe /set /subcategory:{0CCE921E-69AE-11D9-BED3-505054503030} /success:enable". This behavior is expected only on later versions of the operating system (Windows 11, Windows Server 2022, and later). On previous versions, 4656 events are not generated during subkey creation. > > Calls to Registry APIs to access an open key object to perform an operation such as RegSetValue, RegEnumValue, and RegRenameKey would trigger an event to access the object (event 4663). For example, creating a subkey using regedit.exe would not trigger a 4663 event, but renaming it would.