Add notes about disabling local list merge.

windows/security/threat-protection/windows-defender-antivirus/configure-local-policy-overrides-windows-defender-antivirus.md

@@ -9,9 +9,9 @@ ms.mktglfcycl: manage
 ms.sitesec: library
 ms.pagetype: security
 ms.localizationpriority: medium
-author: iaanw
-ms.author: iawilt
-ms.date: 08/26/2017
+author: andreabichsel
+ms.author: v-anbic
+ms.date: 04/17/2018
 ---
 
 # Prevent or allow users to locally modify Windows Defender AV policy settings
@@ -47,7 +47,7 @@ To configure these settings:
 
 3. In the **Group Policy Management Editor** go to **Computer configuration**.
 
-4. Click **Policies** then **Administrative templates**.
+4. Click **Administrative templates**.
 
 5. Expand the tree to **Windows components > Windows Defender Antivirus** and then the **Location** specified in the table below.
 
@@ -91,12 +91,14 @@ You can disable this setting to ensure that only globally defined lists (such as
 
 3.  In the **Group Policy Management Editor** go to **Computer configuration**.
 
-4.  Click **Policies** then **Administrative templates**.
+4.  Click **Administrative templates**.
 
 5.  Expand the tree to **Windows components > Windows Defender Antivirus**.
 
 6. Double-click the **Configure local administrator merge behavior for lists** setting and set the option to **Enabled**. Click **OK**. 
 
+[!NOTE]
+> If you disable local list merging, it will override Controlled folder access settings in Windows Defender Exploit Guard. It also overrides any protected folders or allowed apps set by the local administrator. For more information about Controlled folder access settings, see [Enable Controlled folder access](https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-exploit-guard/enable-controlled-folders-exploit-guard).
 
 
 ## Related topics

windows/security/threat-protection/windows-defender-exploit-guard/enable-controlled-folders-exploit-guard.md

@@ -9,9 +9,9 @@ ms.mktglfcycl: manage
 ms.sitesec: library
 ms.pagetype: security
 localizationpriority: medium
-author: iaanw
-ms.author: iawilt
-ms.date: 12/01/2017
+author: andreabichsel
+ms.author: v-anbic
+ms.date: 04/17/2018
 ---
 
 
@@ -21,7 +21,7 @@ ms.date: 12/01/2017
 
 **Applies to:**
 
-- Windows 10, version 1709
+- Windows 10, version 1709 and later
 
 
 
@@ -54,7 +54,10 @@ For further details on how audit mode works, and when you might want to use it,
 >If the feature is configured with Group Policy, PowerShell, or MDM CSPs, the state will change in the Windows Defender Security Center app after a restart of the device.
 >If the feature is set to **Audit mode** with any of those tools, the Windows Defender Security Center app will show the state as **Off**.
 >See [Use audit mode to evaluate Windows Defender Exploit Guard features](audit-windows-defender-exploit-guard.md) for more details on how audit mode works.
-
+>Group Policy settings that disable local administrator list merging will override Controlled folder access settings. They also override protected folders and allowed apps set by the local administrator through Controlled folder access. These policies include:
+>- Windows Defender Antivirus **Configure local administrator merge behavior for lists**
+>- System Center Endpoint Protection **Allow users to add exclusions and overrides**
+>For more information about disabling local list merging, see [Prevent or allow users to locally modify Windows Defender AV policy settings](https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-antivirus/configure-local-policy-overrides-windows-defender-antivirus#configure-how-locally-and-globally-defined-threat-remediation-and-exclusions-lists-are-merged).
 
 ### Use the Windows Defender Security app to enable Controlled folder access