From b8dbc9f77aa1cc31d0c7eaa7506e244a58b2a12b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jonas=20B=C3=BClow=20Knudsen?= Date: Tue, 25 May 2021 10:33:09 -0700 Subject: [PATCH 01/48] Fix wrong RID of WinRMRemoteWMIUsers__ The RID of WinRMRemoteWMIUsers__ is not always 1000. I seen many domains where it is not. --- .../access-control/active-directory-security-groups.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/windows/security/identity-protection/access-control/active-directory-security-groups.md b/windows/security/identity-protection/access-control/active-directory-security-groups.md index ec30cea998..9b9c40977d 100644 --- a/windows/security/identity-protection/access-control/active-directory-security-groups.md +++ b/windows/security/identity-protection/access-control/active-directory-security-groups.md @@ -3716,7 +3716,7 @@ This security group was introduced in Windows Server 2012, and it has not chang

Well-Known SID/RID

-

S-1-5-21-<domain>-1000

+

S-1-5-21-<domain>-<variable RID>

Type

@@ -3760,4 +3760,4 @@ This security group was introduced in Windows Server 2012, and it has not chang - [Special Identities](special-identities.md) -- [Access Control Overview](access-control.md) \ No newline at end of file +- [Access Control Overview](access-control.md) From 2af58b3c0500007ee32bdae18efa70245ffc00c8 Mon Sep 17 00:00:00 2001 From: Rick Munck <33725928+jmunck@users.noreply.github.com> Date: Mon, 26 Jul 2021 10:58:58 -0500 Subject: [PATCH 02/48] Update security-compliance-toolkit-10.md Updating Edge baseline version we are posting now --- .../threat-protection/security-compliance-toolkit-10.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/security-compliance-toolkit-10.md b/windows/security/threat-protection/security-compliance-toolkit-10.md index 2a578d07ab..2ec5067168 100644 --- a/windows/security/threat-protection/security-compliance-toolkit-10.md +++ b/windows/security/threat-protection/security-compliance-toolkit-10.md @@ -45,7 +45,7 @@ The Security Compliance Toolkit consists of: - Microsoft 365 Apps for enterprise, Version 2104 - Microsoft Edge security baseline - - Version 88 + - Version 92 - Windows Update security baseline - Windows 10 20H2 and below (October 2020 Update) From f87da7e4ea4093caa59f525b40bd61add5d3c362 Mon Sep 17 00:00:00 2001 From: VARADHARAJAN K <3296790+RAJU2529@users.noreply.github.com> Date: Wed, 28 Jul 2021 16:22:08 +0530 Subject: [PATCH 03/48] added windows 11 , added tpm link and added one column as per user feedback #9853, so i added windows 11 , added tpm link and added one column --- .../tpm/trusted-platform-module-overview.md | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/windows/security/information-protection/tpm/trusted-platform-module-overview.md b/windows/security/information-protection/tpm/trusted-platform-module-overview.md index 3261c5f549..e1638ef797 100644 --- a/windows/security/information-protection/tpm/trusted-platform-module-overview.md +++ b/windows/security/information-protection/tpm/trusted-platform-module-overview.md @@ -20,6 +20,7 @@ ms.date: 11/29/2018 # Trusted Platform Module Technology Overview **Applies to** +- Windows 11 - Windows 10 - Windows Server 2016 - Windows Server 2019 @@ -28,7 +29,7 @@ This topic for the IT professional describes the Trusted Platform Module (TPM) a ## Feature description -Trusted Platform Module (TPM) technology is designed to provide hardware-based, security-related functions. A TPM chip is a secure crypto-processor that is designed to carry out cryptographic operations. The chip includes multiple physical security mechanisms to make it tamper resistant, and malicious software is unable to tamper with the security functions of the TPM. Some of the key advantages of using TPM technology are that you can: +[Trusted Platform Module (TPM)](https://docs.microsoft.com/windows/security/information-protection/tpm/trusted-platform-module-top-node) technology is designed to provide hardware-based, security-related functions. A TPM chip is a secure crypto-processor that is designed to carry out cryptographic operations. The chip includes multiple physical security mechanisms to make it tamper resistant, and malicious software is unable to tamper with the security functions of the TPM. Some of the key advantages of using TPM technology are that you can: - Generate, store, and limit the use of cryptographic keys. @@ -54,7 +55,7 @@ Certificates can be installed or created on computers that are using the TPM. Af Automated provisioning in the TPM reduces the cost of TPM deployment in an enterprise. New APIs for TPM management can determine if TPM provisioning actions require physical presence of a service technician to approve TPM state change requests during the boot process. -Antimalware software can use the boot measurements of the operating system start state to prove the integrity of a computer running Windows 10 or Windows Server 2016. These measurements include the launch of Hyper-V to test that datacenters using virtualization are not running untrusted hypervisors. With BitLocker Network Unlock, IT administrators can push an update without concerns that a computer is waiting for PIN entry. +Antimalware software can use the boot measurements of the operating system start state to prove the integrity of a computer running Windows 10 and later editions or Windows Server 2016. These measurements include the launch of Hyper-V to test that datacenters using virtualization are not running untrusted hypervisors. With BitLocker Network Unlock, IT administrators can push an update without concerns that a computer is waiting for PIN entry. The TPM has several Group Policy settings that might be useful in certain enterprise scenarios. For more info, see [TPM Group Policy Settings](trusted-platform-module-services-group-policy-settings.md). @@ -75,14 +76,14 @@ Some things that you can check on the device are: - Is SecureBoot supported and enabled? > [!NOTE] -> Windows 10, Windows Server 2016 and Windows Server 2019 support Device Health Attestation with TPM 2.0. Support for TPM 1.2 was added beginning with Windows version 1607 (RS1). TPM 2.0 requires UEFI firmware. A computer with legacy BIOS and TPM 2.0 won't work as expected. +> Windows 11, Windows 10, Windows Server 2016 and Windows Server 2019 support Device Health Attestation with TPM 2.0. Support for TPM 1.2 was added beginning with Windows version 1607 (RS1). TPM 2.0 requires UEFI firmware. A computer with legacy BIOS and TPM 2.0 won't work as expected. ## Supported versions for device health attestation -| TPM version | Windows 10 | Windows Server 2016 | Windows Server 2019 | -|-------------|-------------|---------------------|---------------------| -| TPM 1.2 | >= ver 1607 | >= ver 1607 | Yes | -| TPM 2.0 | Yes | Yes | Yes | +| TPM version | Windows 11 | Windows 10 | Windows Server 2016 | Windows Server 2019 | +|-------------|-------------|-------------|---------------------|---------------------| +| TPM 1.2 | | >= ver 1607 | >= ver 1607 | Yes | +| TPM 2.0 | Yes | Yes | Yes | Yes | ## Related topics From 97eb61919de22d42922b189746c7b0b99ee536bc Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Wed, 28 Jul 2021 08:24:44 -0700 Subject: [PATCH 04/48] Update trusted-platform-module-overview.md --- .../tpm/trusted-platform-module-overview.md | 1 - 1 file changed, 1 deletion(-) diff --git a/windows/security/information-protection/tpm/trusted-platform-module-overview.md b/windows/security/information-protection/tpm/trusted-platform-module-overview.md index e1638ef797..503d582aca 100644 --- a/windows/security/information-protection/tpm/trusted-platform-module-overview.md +++ b/windows/security/information-protection/tpm/trusted-platform-module-overview.md @@ -14,7 +14,6 @@ manager: dansimp audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual -ms.date: 11/29/2018 --- # Trusted Platform Module Technology Overview From 27127d6e6bab4d75f43a80e10eb583ae4dd97615 Mon Sep 17 00:00:00 2001 From: VARADHARAJAN K <3296790+RAJU2529@users.noreply.github.com> Date: Thu, 29 Jul 2021 11:59:32 +0530 Subject: [PATCH 05/48] Update windows/security/information-protection/tpm/trusted-platform-module-overview.md accepted Co-authored-by: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com> --- .../tpm/trusted-platform-module-overview.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/information-protection/tpm/trusted-platform-module-overview.md b/windows/security/information-protection/tpm/trusted-platform-module-overview.md index 503d582aca..dac70009f7 100644 --- a/windows/security/information-protection/tpm/trusted-platform-module-overview.md +++ b/windows/security/information-protection/tpm/trusted-platform-module-overview.md @@ -28,7 +28,7 @@ This topic for the IT professional describes the Trusted Platform Module (TPM) a ## Feature description -[Trusted Platform Module (TPM)](https://docs.microsoft.com/windows/security/information-protection/tpm/trusted-platform-module-top-node) technology is designed to provide hardware-based, security-related functions. A TPM chip is a secure crypto-processor that is designed to carry out cryptographic operations. The chip includes multiple physical security mechanisms to make it tamper resistant, and malicious software is unable to tamper with the security functions of the TPM. Some of the key advantages of using TPM technology are that you can: +[Trusted Platform Module (TPM)](/windows/security/information-protection/tpm/trusted-platform-module-top-node) technology is designed to provide hardware-based, security-related functions. A TPM chip is a secure crypto-processor that is designed to carry out cryptographic operations. The chip includes multiple physical security mechanisms to make it tamper-resistant, and malicious software is unable to tamper with the security functions of the TPM. Some of the key advantages of using TPM technology are that you can: - Generate, store, and limit the use of cryptographic keys. From 22a104016f46f75ad9dfb1b94c7b2e0635181534 Mon Sep 17 00:00:00 2001 From: VARADHARAJAN K <3296790+RAJU2529@users.noreply.github.com> Date: Thu, 29 Jul 2021 12:00:07 +0530 Subject: [PATCH 06/48] Update windows/security/information-protection/tpm/trusted-platform-module-overview.md accepted Co-authored-by: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com> --- .../tpm/trusted-platform-module-overview.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/information-protection/tpm/trusted-platform-module-overview.md b/windows/security/information-protection/tpm/trusted-platform-module-overview.md index dac70009f7..248decde2f 100644 --- a/windows/security/information-protection/tpm/trusted-platform-module-overview.md +++ b/windows/security/information-protection/tpm/trusted-platform-module-overview.md @@ -75,7 +75,7 @@ Some things that you can check on the device are: - Is SecureBoot supported and enabled? > [!NOTE] -> Windows 11, Windows 10, Windows Server 2016 and Windows Server 2019 support Device Health Attestation with TPM 2.0. Support for TPM 1.2 was added beginning with Windows version 1607 (RS1). TPM 2.0 requires UEFI firmware. A computer with legacy BIOS and TPM 2.0 won't work as expected. +> Windows 11, Windows 10, Windows Server 2016, and Windows Server 2019 support Device Health Attestation with TPM 2.0. Support for TPM 1.2 was added beginning with Windows version 1607 (RS1). TPM 2.0 requires UEFI firmware. A computer with legacy BIOS and TPM 2.0 won't work as expected. ## Supported versions for device health attestation From 9a4b46e52674cd808f41de3cf4d3d2624a7fa448 Mon Sep 17 00:00:00 2001 From: Dan Pandre <54847950+DanPandre@users.noreply.github.com> Date: Fri, 30 Jul 2021 15:09:47 -0400 Subject: [PATCH 07/48] Update CurrentBackgroundPath description --- windows/client-management/mdm/surfacehub-csp.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/windows/client-management/mdm/surfacehub-csp.md b/windows/client-management/mdm/surfacehub-csp.md index 9755457f60..d7176692d7 100644 --- a/windows/client-management/mdm/surfacehub-csp.md +++ b/windows/client-management/mdm/surfacehub-csp.md @@ -295,7 +295,7 @@ SurfaceHub

The data type is boolean. Supported operation is Get and Replace. **InBoxApps/Welcome/CurrentBackgroundPath** -

Background image for the welcome screen. To set this, specify an https URL to a PNG file (only PNGs are supported for security reasons). If any certificate authorities need to be trusted in order to access the URL, please ensure they are valid and installed on the Hub, otherwise it may not be able to load the image. +

Download location for image to be used as the background during user sessions and on the welcome screen. To set this, specify an https URL to a PNG file (only PNGs are supported for security reasons). If any certificate authorities need to be trusted in order to access the URL, please ensure they are valid and installed on the Hub, otherwise it may not be able to load the image.

The data type is string. Supported operation is Get and Replace. @@ -317,12 +317,12 @@ SurfaceHub

The data type is boolean. Supported operation is Get and Replace. -**InBoxApps/Whiteboard/SigninDisabled** +InBoxApps/Whiteboard/SigninDisabled

Sign-ins from the Whiteboard app are not allowed.

The data type is boolean. Supported operation is Get and Replace. -**InBoxApps/Whiteboard/TelemeteryDisabled** +InBoxApps/Whiteboard/TelemeteryDisabled

Telemetry collection from the Whiteboard app is not allowed.

The data type is boolean. Supported operation is Get and Replace. @@ -572,7 +572,7 @@ SurfaceHub

The data type is boolean. Supported operation is Get and Replace. -**Properties/ProxyServers** +Properties/ProxyServers

Added in KB4499162 for Windows 10, version 1703. Specifies FQDNs of proxy servers to provide device account credentials to before any user interaction (if AllowAutoProxyAuth is enabled). This is a semi-colon separated list of server names, without any additional prefixes (e.g. https://).

The data type is string. Supported operation is Get and Replace. From da682650dba634c8555c679fb21ca3632b722478 Mon Sep 17 00:00:00 2001 From: Dan Pandre <54847950+DanPandre@users.noreply.github.com> Date: Fri, 30 Jul 2021 15:11:16 -0400 Subject: [PATCH 08/48] Fix bolding --- windows/client-management/mdm/surfacehub-csp.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/windows/client-management/mdm/surfacehub-csp.md b/windows/client-management/mdm/surfacehub-csp.md index d7176692d7..c6fe3027f0 100644 --- a/windows/client-management/mdm/surfacehub-csp.md +++ b/windows/client-management/mdm/surfacehub-csp.md @@ -317,12 +317,12 @@ SurfaceHub

The data type is boolean. Supported operation is Get and Replace. -InBoxApps/Whiteboard/SigninDisabled +**InBoxApps/Whiteboard/SigninDisabled**

Sign-ins from the Whiteboard app are not allowed.

The data type is boolean. Supported operation is Get and Replace. -InBoxApps/Whiteboard/TelemeteryDisabled +**InBoxApps/Whiteboard/TelemeteryDisabled**

Telemetry collection from the Whiteboard app is not allowed.

The data type is boolean. Supported operation is Get and Replace. @@ -571,8 +571,8 @@ SurfaceHub

If this setting is true, the device account will be used for proxy authentication. If false, a separate account will be used.

The data type is boolean. Supported operation is Get and Replace. - -Properties/ProxyServers + +**Properties/ProxyServers**

Added in KB4499162 for Windows 10, version 1703. Specifies FQDNs of proxy servers to provide device account credentials to before any user interaction (if AllowAutoProxyAuth is enabled). This is a semi-colon separated list of server names, without any additional prefixes (e.g. https://).

The data type is string. Supported operation is Get and Replace. From 4fb981d4e5c91052220c5a7b20c39b2753c53e47 Mon Sep 17 00:00:00 2001 From: Dan Pandre <54847950+DanPandre@users.noreply.github.com> Date: Fri, 30 Jul 2021 15:18:37 -0400 Subject: [PATCH 09/48] Fix bolding --- windows/client-management/mdm/surfacehub-csp.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/windows/client-management/mdm/surfacehub-csp.md b/windows/client-management/mdm/surfacehub-csp.md index c6fe3027f0..7c0a2bd53f 100644 --- a/windows/client-management/mdm/surfacehub-csp.md +++ b/windows/client-management/mdm/surfacehub-csp.md @@ -316,12 +316,12 @@ SurfaceHub

Invitations to collaborate from the Whiteboard app are not allowed.

The data type is boolean. Supported operation is Get and Replace. - + **InBoxApps/Whiteboard/SigninDisabled**

Sign-ins from the Whiteboard app are not allowed.

The data type is boolean. Supported operation is Get and Replace. - + **InBoxApps/Whiteboard/TelemeteryDisabled**

Telemetry collection from the Whiteboard app is not allowed. From 2774b33b4171a2521b777459c6a6580d0d1e7df4 Mon Sep 17 00:00:00 2001 From: VLG17 <41186174+VLG17@users.noreply.github.com> Date: Mon, 2 Aug 2021 16:45:58 +0300 Subject: [PATCH 10/48] Add info about 0x80090010 https://github.com/MicrosoftDocs/windows-itpro-docs/issues/9551 --- .../hello-for-business/hello-errors-during-pin-creation.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/windows/security/identity-protection/hello-for-business/hello-errors-during-pin-creation.md b/windows/security/identity-protection/hello-for-business/hello-errors-during-pin-creation.md index 717d082664..476aed7683 100644 --- a/windows/security/identity-protection/hello-for-business/hello-errors-during-pin-creation.md +++ b/windows/security/identity-protection/hello-for-business/hello-errors-during-pin-creation.md @@ -82,6 +82,7 @@ For errors listed in this table, contact Microsoft Support for assistance. |-------------|---------| | 0X80072F0C | Unknown | | 0x80070057 | Invalid parameter or argument is passed. | +| 0x80090010 | NTE_PERM | | 0x80090020 | NTE\_FAIL | | 0x80090027 | Caller provided a wrong parameter. If third-party code receives this error, they must change their code. | | 0x8009002D | NTE\_INTERNAL\_ERROR | @@ -110,4 +111,4 @@ For errors listed in this table, contact Microsoft Support for assistance. - [Prepare people to use Windows Hello](hello-prepare-people-to-use.md) - [Windows Hello and password changes](hello-and-password-changes.md) - [Event ID 300 - Windows Hello successfully created](hello-event-300.md) -- [Windows Hello biometrics in the enterprise](hello-biometrics-in-enterprise.md) \ No newline at end of file +- [Windows Hello biometrics in the enterprise](hello-biometrics-in-enterprise.md) From a1bf5c0280eeb670b19aa412cdd719f2036801fe Mon Sep 17 00:00:00 2001 From: nimishasatapathy <75668234+nimishasatapathy@users.noreply.github.com> Date: Tue, 3 Aug 2021 15:25:24 +0530 Subject: [PATCH 11/48] Update defender-csp.md --- windows/client-management/mdm/defender-csp.md | 166 ++++++++++++++++++ 1 file changed, 166 insertions(+) diff --git a/windows/client-management/mdm/defender-csp.md b/windows/client-management/mdm/defender-csp.md index c66d28ae30..8546b958f3 100644 --- a/windows/client-management/mdm/defender-csp.md +++ b/windows/client-management/mdm/defender-csp.md @@ -35,6 +35,18 @@ Defender ------------InitialDetectionTime ------------LastThreatStatusChangeTime ------------NumberOfDetections +----EnableNetworkProtection +--------AllowNetworkProtectionDownLevel +--------AllowNetworkProtectionOnWinServer +--------DisableNetworkProtectionPerfTelemetry +--------DisableDatagramProcessing +--------DisableInboundConnectionFiltering +--------EnableDnsSinkhole +--------DisableDnsOverTcpParsing +--------DisableHttpParsing +--------DisableRdpParsing +--------DisableSshParsing +--------DisableTlsParsing ----Health --------ProductStatus (Added in Windows 10 version 1809) --------ComputerState @@ -189,6 +201,27 @@ The following list shows the supported values: Supported operation is Get. +**Detections/*ThreatId*/CurrentStatus** +Information about the current status of the threat. + +The data type is integer. + +The following list shows the supported values: + +- 0 = Active +- 1 = Action failed +- 2 = Manual steps required +- 3 = Full scan required +- 4 = Reboot required +- 5 = Remediated with noncritical failures +- 6 = Quarantined +- 7 = Removed +- 8 = Cleaned +- 9 = Allowed +- 10 = No Status ( Cleared) + +Supported operation is Get. + **Detections/*ThreatId*/ExecutionStatus** Information about the execution status of the threat. @@ -217,6 +250,139 @@ The data type is integer. Supported operation is Get. +**EnableNetworkProtection** + +The Network Protection Service is a network filter that helps to protect you against web-based malicious threats, including phishing and malware. The Network Protection service contacts the SmartScreen URL reputation service to validate the safety of connections to web resources. +The acceptable values for this parameter are: +- 0: Disabled. The Network Protection service will not block navigations to malicious websites, or contact the SmartScreen URL reputation service. It will still send connection metadata to the antimalware engine if behavior monitoring is enabled, to enhance AV Detections. +- 1: Enabled. The Network Protection service will block connections to malicious websites based on URL Reputation from the SmartScreen URL reputation service. +- 2: AuditMode. As above, but the Network Protection service will not block connections to malicious websites, but will instead log the access to the event log. + +Accepted values: Disabled, Enabled, and AuditMode +Position: Named +Default value: Disabled +Accept pipeline input: False +Accept wildcard characters: False + +**EnableNetworkProtection/AllowNetworkProtectionDownLevel** + +By default, network protection is not allowed to be enabled on Windows versions before 1709, regardless of the setting of the EnableNetworkProtection configuration. Set this configuration to "$true" to override that behavior and allow Network Protection to be set to Enabled or Audit Mode. +- Type: Boolean +- Position: Named +- Default value: False +- Accept pipeline input: False +- Accept wildcard characters: False + +**EnableNetworkProtection/AllowNetworkProtectionOnWinServer** + +By default, network protection is not allowed to be enabled on Windows Server, regardless of the setting of the EnableNetworkProtection configuration. Set this configuration to "$true" to override that behavior and allow Network Protection to be set to Enabled or Audit Mode. + +- Type: Boolean +- Position: Named +- Default value: False +- Accept pipeline input: False +- Accept wildcard characters: False + +**EnableNetworkProtection/DisableNetworkProtectionPerfTelemetry** + +Network Protection sends up anonymized performance statistics about its connection monitoring to improve our product and help to find bugs. You can disable this behavior by setting this configuration to "$true". + +- Type: Boolean +- Position: Named +- Default value: False +- Accept pipeline input: False +- Accept wildcard characters: False + +**EnableNetworkProtection/DisableDatagramProcessing** + +Network Protection inspects UDP connections allowing us to find malicious DNS or other UDP Traffic. To disable this functionality, set this configuration to "$true". + +- Type: Boolean +- Position: Named +- Default value: False +- Accept pipeline input: False +- Accept wildcard characters: False + +**EnableNetworkProtection/DisableInboundConnectionFiltering** + +Network Protection inspects and can block both connections that originates from the host machine, as well as those that originates from outside the machine. To have network connection to inspect only outbound connections, set this configuration to "$true". + +- Type: Boolean +- Position: Named +- Default value: False +- Accept pipeline input: False +- Accept wildcard characters: False + +**EnableNetworkProtection/EnableDnsSinkhole** + +Network Protection can inspect the DNS traffic of a machine and, in conjunction with behavior monitoring, detect and sinkhole DNS exfiltration attempts and other DNS based malicious attacks. Set this configuration to "$true" to enable this feature. + +- Type: Boolean +- Position: Named +- Default value: False +- Accept pipeline input: False +- Accept wildcard characters: False + +**EnableNetworkProtection/DisableDnsOverTcpParsing** + +Network Protection inspects DNS traffic that occurs over a TCP channel, to provide metadata for Anti-malware Behavior Monitoring or to allow for DNS Sinkholing if the -EnableDnsSinkhole configuration is set. This can be disabled by setting this value to "$true". + +- Type: Boolean +- Position: Named +- Default value: False +- Accept pipeline input: False +- Accept wildcard characters: False + +**EnableNetworkProtection/DisableDnsParsing** + +Network Protection inspects DNS traffic that occurs over a UDP channel, to provide metadata for Anti-malware Behavior Monitoring or to allow for DNS Sinkholing if the -EnableDnsSinkhole configuration is set. This can be disabled by setting this value to "$true". + +- Type: Boolean +- Position: Named +- Default value: False +- Accept pipeline input: False +- Accept wildcard characters: False + +**EnableNetworkProtection/DisableHttpParsing** + +Network Protection inspects HTTP traffic to see if a connection is being made to a malicious website, and to provide metadata to Behavior Monitoring. HTTP connections to malicious websites can also be blocked if -EnableNetworkProtection is set to enabled. HTTP inspection can be disabled by setting this value to "$true". + +- Type: Boolean +- Position: Named +- Default value: False +- Accept pipeline input: False +- Accept wildcard characters: False + +**EnableNetworkProtection/DisableRdpParsing** + +Network Protection inspects RDP traffic so that it can block connections from known malicious hosts if -EnableNetworkProtection is set to enabled, and to provide metadata to behavior monitoring. RDP inspection can be disabled by setting this value to "$true". + +- Type: Boolean +- Position: Named +- Default value: False +- Accept pipeline input: False +- Accept wildcard characters: False + +**EnableNetworkProtection/DisableSshParsing** + +Network Protection inspects SSH traffic, so that it can block connections from known malicious hosts. if -EnableNetworkProtection is set to enabled, and to provide metadata to behavior monitoring. SSH inspection can be disabled by setting this value to "$true". + +- Type: Boolean +- Position: Named +- Default value: False +- Accept pipeline input: False +- Accept wildcard characters: False + +**EnableNetworkProtection/DisableTlsParsing** + +Network Protection inspects TLS traffic (also known as HTTPS traffic) to see if a connection is being made to a malicious website, and to provide metadata to Behavior Monitoring. TLS connections to malicious websites can also be blocked if -EnableNetworkProtection is set to enabled. HTTP inspection can be disabled by setting this value to "$true". + +- Type: Boolean +- Position: Named +- Default value: False +- Accept pipeline input: False +- Accept wildcard characters: False + **Health** An interior node to group information about Windows Defender health status. From aaf41ed62fe38999860050bb8d44e7a699552867 Mon Sep 17 00:00:00 2001 From: nimishasatapathy <75668234+nimishasatapathy@users.noreply.github.com> Date: Tue, 3 Aug 2021 15:50:28 +0530 Subject: [PATCH 12/48] Updated --- windows/client-management/mdm/defender-csp.md | 26 +++++++++---------- 1 file changed, 13 insertions(+), 13 deletions(-) diff --git a/windows/client-management/mdm/defender-csp.md b/windows/client-management/mdm/defender-csp.md index 8546b958f3..3acf1cca00 100644 --- a/windows/client-management/mdm/defender-csp.md +++ b/windows/client-management/mdm/defender-csp.md @@ -137,7 +137,7 @@ The following table describes the supported values: | 7 | Remote access Trojan | | 8 | Trojan | | 9 | Email flooder | -| 10 | Keylogger | +| 10 | Key logger | | 11 | Dialer | | 12 | Monitoring software | | 13 | Browser modifier | @@ -197,7 +197,7 @@ The following list shows the supported values: - 7 = Removed - 8 = Cleaned - 9 = Allowed -- 10 = No Status ( Cleared) +- 10 = No Status (Cleared) Supported operation is Get. @@ -218,7 +218,7 @@ The following list shows the supported values: - 7 = Removed - 8 = Cleaned - 9 = Allowed -- 10 = No Status ( Cleared) +- 10 = No Status (Cleared) Supported operation is Get. @@ -254,7 +254,7 @@ Supported operation is Get. The Network Protection Service is a network filter that helps to protect you against web-based malicious threats, including phishing and malware. The Network Protection service contacts the SmartScreen URL reputation service to validate the safety of connections to web resources. The acceptable values for this parameter are: -- 0: Disabled. The Network Protection service will not block navigations to malicious websites, or contact the SmartScreen URL reputation service. It will still send connection metadata to the antimalware engine if behavior monitoring is enabled, to enhance AV Detections. +- 0: Disabled. The Network Protection service will not block navigation to malicious websites, or contact the SmartScreen URL reputation service. It will still send connection metadata to the antimalware engine if behavior monitoring is enabled, to enhance AV Detections. - 1: Enabled. The Network Protection service will block connections to malicious websites based on URL Reputation from the SmartScreen URL reputation service. - 2: AuditMode. As above, but the Network Protection service will not block connections to malicious websites, but will instead log the access to the event log. @@ -305,7 +305,7 @@ Network Protection inspects UDP connections allowing us to find malicious DNS or **EnableNetworkProtection/DisableInboundConnectionFiltering** -Network Protection inspects and can block both connections that originates from the host machine, as well as those that originates from outside the machine. To have network connection to inspect only outbound connections, set this configuration to "$true". +Network Protection inspects and can block both connections that originate from the host machine, as well as those that originates from outside the machine. To have network connection to inspect only outbound connections, set this configuration to "$true". - Type: Boolean - Position: Named @@ -315,7 +315,7 @@ Network Protection inspects and can block both connections that originates from **EnableNetworkProtection/EnableDnsSinkhole** -Network Protection can inspect the DNS traffic of a machine and, in conjunction with behavior monitoring, detect and sinkhole DNS exfiltration attempts and other DNS based malicious attacks. Set this configuration to "$true" to enable this feature. +Network Protection can inspect the DNS traffic of a machine and, in conjunction with behavior monitoring, detect and sink hole DNS exfiltration attempts and other DNS based malicious attacks. Set this configuration to "$true" to enable this feature. - Type: Boolean - Position: Named @@ -325,7 +325,7 @@ Network Protection can inspect the DNS traffic of a machine and, in conjunction **EnableNetworkProtection/DisableDnsOverTcpParsing** -Network Protection inspects DNS traffic that occurs over a TCP channel, to provide metadata for Anti-malware Behavior Monitoring or to allow for DNS Sinkholing if the -EnableDnsSinkhole configuration is set. This can be disabled by setting this value to "$true". +Network Protection inspects DNS traffic that occurs over a TCP channel, to provide metadata for Anti-malware Behavior Monitoring or to allow for DNS sink holing if the -EnableDnsSinkhole configuration is set. This can be disabled by setting this value to "$true". - Type: Boolean - Position: Named @@ -335,7 +335,7 @@ Network Protection inspects DNS traffic that occurs over a TCP channel, to provi **EnableNetworkProtection/DisableDnsParsing** -Network Protection inspects DNS traffic that occurs over a UDP channel, to provide metadata for Anti-malware Behavior Monitoring or to allow for DNS Sinkholing if the -EnableDnsSinkhole configuration is set. This can be disabled by setting this value to "$true". +Network Protection inspects DNS traffic that occurs over a UDP channel, to provide metadata for Anti-malware Behavior Monitoring or to allow for DNS sink holing if the -EnableDnsSinkhole configuration is set. This can be disabled by setting this value to "$true". - Type: Boolean - Position: Named @@ -355,7 +355,7 @@ Network Protection inspects HTTP traffic to see if a connection is being made to **EnableNetworkProtection/DisableRdpParsing** -Network Protection inspects RDP traffic so that it can block connections from known malicious hosts if -EnableNetworkProtection is set to enabled, and to provide metadata to behavior monitoring. RDP inspection can be disabled by setting this value to "$true". +Network Protection inspects RDP traffic so that it can block connections from known malicious hosts if -EnableNetworkProtection is set to be enabled, and to provide metadata to behavior monitoring. RDP inspection can be disabled by setting this value to "$true". - Type: Boolean - Position: Named @@ -365,7 +365,7 @@ Network Protection inspects RDP traffic so that it can block connections from kn **EnableNetworkProtection/DisableSshParsing** -Network Protection inspects SSH traffic, so that it can block connections from known malicious hosts. if -EnableNetworkProtection is set to enabled, and to provide metadata to behavior monitoring. SSH inspection can be disabled by setting this value to "$true". +Network Protection inspects SSH traffic, so that it can block connections from known malicious hosts. If -EnableNetworkProtection is set to be enabled, and to provide metadata to behavior monitoring. SSH inspection can be disabled by setting this value to "$true". - Type: Boolean - Position: Named @@ -414,7 +414,7 @@ Supported product status values: - Service is shutting down as part of system shutdown = 1 << 16 - Threat remediation failed critically = 1 << 17 - Threat remediation failed non-critically = 1 << 18 -- No status flags set (well initialized state) = 1 << 19 +- No status flags set (well-initialized state) = 1 << 19 - Platform is out of date = 1 << 20 - Platform update is in progress = 1 << 21 - Platform is about to be outdated = 1 << 22 @@ -698,7 +698,7 @@ Beta Channel: Devices set to this channel will be the first to receive new updat Current Channel (Preview): Devices set to this channel will be offered updates earliest during the monthly gradual release cycle. Suggested for pre-production/validation environments. -Current Channel (Staged): Devices will be offered updates after the monthly gradual release cycle. Suggested to apply to a small, representative part of your production population (~10%). +Current Channel (Staged): Devices will be offered updates after the monthly gradual release cycle. Suggested applying to a small, representative part of your production population (~10%). Current Channel (Broad): Devices will be offered updates only after the gradual release cycle completes. Suggested to apply to a broad set of devices in your production population (~10-100%). @@ -727,7 +727,7 @@ Beta Channel: Devices set to this channel will be the first to receive new updat Current Channel (Preview): Devices set to this channel will be offered updates earliest during the monthly gradual release cycle. Suggested for pre-production/validation environments. -Current Channel (Staged): Devices will be offered updates after the monthly gradual release cycle. Suggested to apply to a small, representative part of your production population (~10%). +Current Channel (Staged): Devices will be offered updates after the monthly gradual release cycle. Suggested applying to a small, representative part of your production population (~10%). Current Channel (Broad): Devices will be offered updates only after the gradual release cycle completes. Suggested to apply to a broad set of devices in your production population (~10-100%). From 75c51df5c33dd87ec6df3a717bcfd0a75fd781bc Mon Sep 17 00:00:00 2001 From: Anna-Li <70676128+v-lianna@users.noreply.github.com> Date: Thu, 5 Aug 2021 17:10:14 +0800 Subject: [PATCH 13/48] CI_153986_Update_credential-guard-known-issues --- .../credential-guard-known-issues.md | 21 +++++++++++++++++-- 1 file changed, 19 insertions(+), 2 deletions(-) diff --git a/windows/security/identity-protection/credential-guard/credential-guard-known-issues.md b/windows/security/identity-protection/credential-guard/credential-guard-known-issues.md index 703848eaf3..4aa8190429 100644 --- a/windows/security/identity-protection/credential-guard/credential-guard-known-issues.md +++ b/windows/security/identity-protection/credential-guard/credential-guard-known-issues.md @@ -21,16 +21,33 @@ ms.reviewer: **Applies to** - Windows 10 - Windows Server 2016 +- Windows Server 2019 Windows Defender Credential Guard has certain application requirements. Windows Defender Credential Guard blocks specific authentication capabilities. Therefore applications that require such capabilities will not function when it is enabled. For further information, see [Application requirements](/windows/access-protection/credential-guard/credential-guard-requirements#application-requirements). The following known issue has been fixed in the [Cumulative Security Update for November 2017](https://support.microsoft.com/help/4051033): -- Scheduled tasks with stored credentials fail to run when Credential Guard is enabled. The task fails and reports Event ID 104 with the following message:
+- Scheduled tasks with domain user stored credentials fail to run when Credential Guard is enabled. The task fails and reports Event ID 104 with the following message:
"Task Scheduler failed to log on ‘\Test’ .
Failure occurred in ‘LogonUserExEx’ .
User Action: Ensure the credentials for the task are correctly specified.
Additional Data: Error Value: 2147943726. 2147943726 : ERROR\_LOGON\_FAILURE (The user name or password is incorrect)." +- When enabling NTLM audit on the domain controller, an Event ID 8004 with an indecipherable username format is logged. For example: + > Log Name: Microsoft-Windows-NTLM/Operational + Source: Microsoft-Windows-Security-Netlogon + Event ID: 8004 + Task Category: Auditing NTLM + Level: Information + Description: + Domain Controller Blocked Audit: Audit NTLM authentication to this domain controller. + Secure Channel name: \ + User name: + @@CyBAAAAUBQYAMHArBwUAMGAoBQZAQGA1BAbAUGAyBgOAQFAhBwcAsGA6AweAgDA2AQQAMEAwAANAgDA1AQLAIEADBQRAADAtAANAYEA1AwQA0CA5AAOAMEAyAQLAYDAxAwQAEDAEBwMAMEAwAgMAMDACBgRA0HA + Domain name: NULL + + - This event stems from a scheduled task running under local user context with the Cumulative Security Update for November 2017 or later and happens when Credential Guard is enabled. + - The username appears in an unusual format because local accounts aren’t protected by Credential Guard. The task also fails to execute. + - As a workaround, run the scheduled task under a domain user or the computer's SYSTEM account. The following known issues have been fixed by servicing releases made available in the Cumulative Security Updates for April 2017: @@ -107,4 +124,4 @@ Windows Defender Credential Guard is not supported by either these products, pro This is not a comprehensive list. Check whether your product vendor, product version, or computer system, supports Windows Defender Credential Guard on systems that run Windows 10 or specific versions of Windows 10. Specific computer system models may be incompatible with Windows Defender Credential Guard. - Microsoft encourages third-party vendors to contribute to this page by providing relevant product support information and by adding links to their own product support statements. \ No newline at end of file + Microsoft encourages third-party vendors to contribute to this page by providing relevant product support information and by adding links to their own product support statements. From d87e2064a67955cfb4dfec85e80dcedb50642ed2 Mon Sep 17 00:00:00 2001 From: Anna-Li <70676128+v-lianna@users.noreply.github.com> Date: Fri, 6 Aug 2021 09:55:53 +0800 Subject: [PATCH 14/48] Update credential-guard-known-issues.md --- .../credential-guard/credential-guard-known-issues.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/windows/security/identity-protection/credential-guard/credential-guard-known-issues.md b/windows/security/identity-protection/credential-guard/credential-guard-known-issues.md index 4aa8190429..310e1ceb6d 100644 --- a/windows/security/identity-protection/credential-guard/credential-guard-known-issues.md +++ b/windows/security/identity-protection/credential-guard/credential-guard-known-issues.md @@ -28,8 +28,8 @@ Windows Defender Credential Guard has certain application requirements. Windows The following known issue has been fixed in the [Cumulative Security Update for November 2017](https://support.microsoft.com/help/4051033): - Scheduled tasks with domain user stored credentials fail to run when Credential Guard is enabled. The task fails and reports Event ID 104 with the following message:
- "Task Scheduler failed to log on ‘\Test’ .
- Failure occurred in ‘LogonUserExEx’ .
+ "Task Scheduler failed to log on ‘\Test’.
+ Failure occurred in ‘LogonUserExEx’.
User Action: Ensure the credentials for the task are correctly specified.
Additional Data: Error Value: 2147943726. 2147943726 : ERROR\_LOGON\_FAILURE (The user name or password is incorrect)." - When enabling NTLM audit on the domain controller, an Event ID 8004 with an indecipherable username format is logged. For example: From dfd6e8298d586031631a8c782ef515a3fcb906c8 Mon Sep 17 00:00:00 2001 From: Anna-Li <70676128+v-lianna@users.noreply.github.com> Date: Fri, 6 Aug 2021 10:01:13 +0800 Subject: [PATCH 15/48] Update credential-guard-known-issues.md --- .../credential-guard/credential-guard-known-issues.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/identity-protection/credential-guard/credential-guard-known-issues.md b/windows/security/identity-protection/credential-guard/credential-guard-known-issues.md index 310e1ceb6d..8333c51074 100644 --- a/windows/security/identity-protection/credential-guard/credential-guard-known-issues.md +++ b/windows/security/identity-protection/credential-guard/credential-guard-known-issues.md @@ -31,7 +31,7 @@ The following known issue has been fixed in the [Cumulative Security Update for "Task Scheduler failed to log on ‘\Test’.
Failure occurred in ‘LogonUserExEx’.
User Action: Ensure the credentials for the task are correctly specified.
- Additional Data: Error Value: 2147943726. 2147943726 : ERROR\_LOGON\_FAILURE (The user name or password is incorrect)." + Additional Data: Error Value: 2147943726. 2147943726: ERROR\_LOGON\_FAILURE (The user name or password is incorrect)." - When enabling NTLM audit on the domain controller, an Event ID 8004 with an indecipherable username format is logged. For example: > Log Name: Microsoft-Windows-NTLM/Operational Source: Microsoft-Windows-Security-Netlogon From 199619b596d875344723b496fd26bc7891db7e8f Mon Sep 17 00:00:00 2001 From: Anna-Li <70676128+v-lianna@users.noreply.github.com> Date: Fri, 6 Aug 2021 10:04:26 +0800 Subject: [PATCH 16/48] Update credential-guard-known-issues.md --- .../credential-guard/credential-guard-known-issues.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/windows/security/identity-protection/credential-guard/credential-guard-known-issues.md b/windows/security/identity-protection/credential-guard/credential-guard-known-issues.md index 8333c51074..e53c4a5315 100644 --- a/windows/security/identity-protection/credential-guard/credential-guard-known-issues.md +++ b/windows/security/identity-protection/credential-guard/credential-guard-known-issues.md @@ -45,9 +45,9 @@ The following known issue has been fixed in the [Cumulative Security Update for @@CyBAAAAUBQYAMHArBwUAMGAoBQZAQGA1BAbAUGAyBgOAQFAhBwcAsGA6AweAgDA2AQQAMEAwAANAgDA1AQLAIEADBQRAADAtAANAYEA1AwQA0CA5AAOAMEAyAQLAYDAxAwQAEDAEBwMAMEAwAgMAMDACBgRA0HA Domain name: NULL - - This event stems from a scheduled task running under local user context with the Cumulative Security Update for November 2017 or later and happens when Credential Guard is enabled. - - The username appears in an unusual format because local accounts aren’t protected by Credential Guard. The task also fails to execute. - - As a workaround, run the scheduled task under a domain user or the computer's SYSTEM account. + - This event stems from a scheduled task running under local user context with the Cumulative Security Update for November 2017 or later and happens when Credential Guard is enabled. + - The username appears in an unusual format because local accounts aren’t protected by Credential Guard. The task also fails to execute. + - As a workaround, run the scheduled task under a domain user or the computer's SYSTEM account. The following known issues have been fixed by servicing releases made available in the Cumulative Security Updates for April 2017: From dd0aef630113becb2bad7c9a6bd099af1c61aada Mon Sep 17 00:00:00 2001 From: Anna-Li <70676128+v-lianna@users.noreply.github.com> Date: Fri, 6 Aug 2021 10:06:32 +0800 Subject: [PATCH 17/48] Update credential-guard-known-issues.md --- .../credential-guard/credential-guard-known-issues.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/windows/security/identity-protection/credential-guard/credential-guard-known-issues.md b/windows/security/identity-protection/credential-guard/credential-guard-known-issues.md index e53c4a5315..06cd090471 100644 --- a/windows/security/identity-protection/credential-guard/credential-guard-known-issues.md +++ b/windows/security/identity-protection/credential-guard/credential-guard-known-issues.md @@ -45,9 +45,9 @@ The following known issue has been fixed in the [Cumulative Security Update for @@CyBAAAAUBQYAMHArBwUAMGAoBQZAQGA1BAbAUGAyBgOAQFAhBwcAsGA6AweAgDA2AQQAMEAwAANAgDA1AQLAIEADBQRAADAtAANAYEA1AwQA0CA5AAOAMEAyAQLAYDAxAwQAEDAEBwMAMEAwAgMAMDACBgRA0HA Domain name: NULL - - This event stems from a scheduled task running under local user context with the Cumulative Security Update for November 2017 or later and happens when Credential Guard is enabled. - - The username appears in an unusual format because local accounts aren’t protected by Credential Guard. The task also fails to execute. - - As a workaround, run the scheduled task under a domain user or the computer's SYSTEM account. + - This event stems from a scheduled task running under local user context with the Cumulative Security Update for November 2017 or later and happens when Credential Guard is enabled. + - The username appears in an unusual format because local accounts aren’t protected by Credential Guard. The task also fails to execute. + - As a workaround, run the scheduled task under a domain user or the computer's SYSTEM account. The following known issues have been fixed by servicing releases made available in the Cumulative Security Updates for April 2017: From 126366ef5f210122052db4d957beb02dd5903083 Mon Sep 17 00:00:00 2001 From: Anna-Li <70676128+v-lianna@users.noreply.github.com> Date: Fri, 6 Aug 2021 10:12:19 +0800 Subject: [PATCH 18/48] Update credential-guard-known-issues.md --- .../credential-guard/credential-guard-known-issues.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/windows/security/identity-protection/credential-guard/credential-guard-known-issues.md b/windows/security/identity-protection/credential-guard/credential-guard-known-issues.md index 06cd090471..5d76d6be7c 100644 --- a/windows/security/identity-protection/credential-guard/credential-guard-known-issues.md +++ b/windows/security/identity-protection/credential-guard/credential-guard-known-issues.md @@ -40,12 +40,12 @@ The following known issue has been fixed in the [Cumulative Security Update for Level: Information Description: Domain Controller Blocked Audit: Audit NTLM authentication to this domain controller. - Secure Channel name: \ + Secure Channel name: \ User name: @@CyBAAAAUBQYAMHArBwUAMGAoBQZAQGA1BAbAUGAyBgOAQFAhBwcAsGA6AweAgDA2AQQAMEAwAANAgDA1AQLAIEADBQRAADAtAANAYEA1AwQA0CA5AAOAMEAyAQLAYDAxAwQAEDAEBwMAMEAwAgMAMDACBgRA0HA Domain name: NULL - - This event stems from a scheduled task running under local user context with the Cumulative Security Update for November 2017 or later and happens when Credential Guard is enabled. + - This event stems from a scheduled task running under local user context with the [Cumulative Security Update for November 2017](https://support.microsoft.com/topic/november-27-2017-kb4051033-os-build-14393-1914-447b6b88-e75d-0a24-9ab9-5dcda687aaf4) or later and happens when Credential Guard is enabled. - The username appears in an unusual format because local accounts aren’t protected by Credential Guard. The task also fails to execute. - As a workaround, run the scheduled task under a domain user or the computer's SYSTEM account. From 933f9505c5ec297338632ad41dca9de4fd46fce1 Mon Sep 17 00:00:00 2001 From: v-lianna Date: Fri, 6 Aug 2021 17:39:55 +0800 Subject: [PATCH 19/48] CI_153058_update TOC --- windows/client-management/toc.yml | 6 ++++++ windows/client-management/troubleshoot-tcpip.md | 3 +++ 2 files changed, 9 insertions(+) diff --git a/windows/client-management/toc.yml b/windows/client-management/toc.yml index 633a032f7c..29e2a5af47 100644 --- a/windows/client-management/toc.yml +++ b/windows/client-management/toc.yml @@ -55,6 +55,12 @@ items: items: - name: Collect data using Network Monitor href: troubleshoot-tcpip-netmon.md + - name: "Part 1: TCP/IP performance overview" + href: /troubleshoot/windows-server/networking/overview-of-tcpip-performance + - name: "Part 2: TCP/IP performance underlying network issues" + href: /troubleshoot/windows-server/networking/troubleshooting-tcpip-performance-underlying-network + - name: "Part 3: TCP/IP performance known issues" + href: /troubleshoot/windows-server/networking/tcpip-performance-known-issues - name: Troubleshoot TCP/IP connectivity href: troubleshoot-tcpip-connectivity.md - name: Troubleshoot port exhaustion diff --git a/windows/client-management/troubleshoot-tcpip.md b/windows/client-management/troubleshoot-tcpip.md index 48a95cd4e0..1ffd3f1dc2 100644 --- a/windows/client-management/troubleshoot-tcpip.md +++ b/windows/client-management/troubleshoot-tcpip.md @@ -17,6 +17,9 @@ manager: dansimp In these topics, you will learn how to troubleshoot common problems in a TCP/IP network environment. - [Collect data using Network Monitor](troubleshoot-tcpip-netmon.md) +- [Part 1: TCP/IP performance overview](/troubleshoot/windows-server/networking/overview-of-tcpip-performance) +- [Part 2: TCP/IP performance underlying network issues](/troubleshoot/windows-server/networking/troubleshooting-tcpip-performance-underlying-network) +- [Part 3: TCP/IP performance known issues](/troubleshoot/windows-server/networking/tcpip-performance-known-issues) - [Troubleshoot TCP/IP connectivity](troubleshoot-tcpip-connectivity.md) - [Troubleshoot port exhaustion issues](troubleshoot-tcpip-port-exhaust.md) - [Troubleshoot Remote Procedure Call (RPC) errors](troubleshoot-tcpip-rpc-errors.md) From 4960f266b9d149bf45af15c8e5da63711c5acb00 Mon Sep 17 00:00:00 2001 From: Kim Klein Date: Mon, 9 Aug 2021 10:45:43 -0700 Subject: [PATCH 20/48] Created a new section Deploy Managed Installer. --- ...-apps-deployed-with-a-managed-installer.md | 99 +++++++++++++++++-- 1 file changed, 91 insertions(+), 8 deletions(-) diff --git a/windows/security/threat-protection/windows-defender-application-control/configure-authorized-apps-deployed-with-a-managed-installer.md b/windows/security/threat-protection/windows-defender-application-control/configure-authorized-apps-deployed-with-a-managed-installer.md index 5028f2de9f..2b1f04c83c 100644 --- a/windows/security/threat-protection/windows-defender-application-control/configure-authorized-apps-deployed-with-a-managed-installer.md +++ b/windows/security/threat-protection/windows-defender-application-control/configure-authorized-apps-deployed-with-a-managed-installer.md @@ -93,27 +93,86 @@ Currently, neither the AppLocker policy creation UI in GPO Editor nor the PowerS ``` -An example of a valid Managed Installer rule collection using Microsoft Endpoint Config Manager (MEMCM) is shown below. +An example of a valid Managed Installer rule collection, using Microsoft Endpoint Config Manager (MEMCM), MEM (Intune), Powershell, and Powershell ISE, is shown below. Remove any rules that you do not wish to designate as a Managed Installer. ```xml - - + + + + - - + + - + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + - + + + + + + + + + + + + + + + + ``` - ### Enable service enforcement in AppLocker policy Since many installation processes rely on services, it is typically necessary to enable tracking of services. @@ -214,3 +273,27 @@ Ea Value Length: 7e ## Enabling managed installer logging events Refer to [Understanding Application Control Events](event-id-explanations.md#optional-intelligent-security-graph-isg-or-managed-installer-mi-diagnostic-events) for information on enabling optional managed installer diagnostic events. + +## Deploying the Managed Installer + +Once you've completed configuring your chosen Managed Installer, by specifying which to use in the AppLocker policy, enabling the service enforcement of it, and by enabling the Managed Installer option in a WDAC policy, you'll need to deploy it. + +1. Using the following command to deploy the policy. + ```powershell + Set-AppLockerPolicy -XmlPolicy $policyFile -Merge -ErrorAction SilentlyContinue + ``` + +2. Verify policy deployment + ```powershell + Get-AppLockerPolicy -Local + + Version RuleCollections RuleCollectionTypes + ------- --------------- ------------------- + 1 {0, 0, 0, 0...} {Appx, Dll, Exe, ManagedInstaller...} + ``` + Notice the output shows the ManagedInstaller rule is there. + +3. Get the policy XML (optional) using PS: + ```powershell + Get-AppLockerPolicy -Effective -Xml -ErrorVariable ev -ErrorAction SilentlyContinue + ``` \ No newline at end of file From 40db0defb89e68c9f6cddc97f6bb9f537b145272 Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Tue, 10 Aug 2021 11:57:33 -0700 Subject: [PATCH 21/48] Update configure-authorized-apps-deployed-with-a-managed-installer.md --- ...igure-authorized-apps-deployed-with-a-managed-installer.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/windows/security/threat-protection/windows-defender-application-control/configure-authorized-apps-deployed-with-a-managed-installer.md b/windows/security/threat-protection/windows-defender-application-control/configure-authorized-apps-deployed-with-a-managed-installer.md index 2b1f04c83c..980f12be1b 100644 --- a/windows/security/threat-protection/windows-defender-application-control/configure-authorized-apps-deployed-with-a-managed-installer.md +++ b/windows/security/threat-protection/windows-defender-application-control/configure-authorized-apps-deployed-with-a-managed-installer.md @@ -14,7 +14,7 @@ author: jsuther1974 ms.reviewer: isbrahm ms.author: dansimp manager: dansimp -ms.date: 07/15/2021 +ms.date: 08/10/2021 ms.technology: mde --- @@ -296,4 +296,4 @@ Once you've completed configuring your chosen Managed Installer, by specifying w 3. Get the policy XML (optional) using PS: ```powershell Get-AppLockerPolicy -Effective -Xml -ErrorVariable ev -ErrorAction SilentlyContinue - ``` \ No newline at end of file + ``` From 79374e0892df854a1538d3555622f25b7bdb0c51 Mon Sep 17 00:00:00 2001 From: Kim Klein Date: Tue, 10 Aug 2021 12:05:54 -0700 Subject: [PATCH 22/48] Implemented Jordan's suggested edits. --- ...-authorized-apps-deployed-with-a-managed-installer.md | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/windows/security/threat-protection/windows-defender-application-control/configure-authorized-apps-deployed-with-a-managed-installer.md b/windows/security/threat-protection/windows-defender-application-control/configure-authorized-apps-deployed-with-a-managed-installer.md index 980f12be1b..3d3dfe707c 100644 --- a/windows/security/threat-protection/windows-defender-application-control/configure-authorized-apps-deployed-with-a-managed-installer.md +++ b/windows/security/threat-protection/windows-defender-application-control/configure-authorized-apps-deployed-with-a-managed-installer.md @@ -283,17 +283,22 @@ Once you've completed configuring your chosen Managed Installer, by specifying w Set-AppLockerPolicy -XmlPolicy $policyFile -Merge -ErrorAction SilentlyContinue ``` -2. Verify policy deployment +2. Verify Deployment of the Rule set was successful ```powershell + $policyFile= + @" + Raw_AppLocker_Policy_XML + "@ Get-AppLockerPolicy -Local Version RuleCollections RuleCollectionTypes ------- --------------- ------------------- 1 {0, 0, 0, 0...} {Appx, Dll, Exe, ManagedInstaller...} ``` - Notice the output shows the ManagedInstaller rule is there. + Verify the output shows the ManagedInstaller rule set. 3. Get the policy XML (optional) using PS: ```powershell Get-AppLockerPolicy -Effective -Xml -ErrorVariable ev -ErrorAction SilentlyContinue ``` + This command will show the raw XML to verify the individual rules that were set. \ No newline at end of file From 26ecad46c2b81d9cb37340ce6b7e187f76ddef09 Mon Sep 17 00:00:00 2001 From: Kim Klein Date: Tue, 10 Aug 2021 12:10:16 -0700 Subject: [PATCH 23/48] Made one correction and place policy file declaration in proper location. --- ...horized-apps-deployed-with-a-managed-installer.md | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/windows/security/threat-protection/windows-defender-application-control/configure-authorized-apps-deployed-with-a-managed-installer.md b/windows/security/threat-protection/windows-defender-application-control/configure-authorized-apps-deployed-with-a-managed-installer.md index 3d3dfe707c..0ab03f97aa 100644 --- a/windows/security/threat-protection/windows-defender-application-control/configure-authorized-apps-deployed-with-a-managed-installer.md +++ b/windows/security/threat-protection/windows-defender-application-control/configure-authorized-apps-deployed-with-a-managed-installer.md @@ -280,22 +280,22 @@ Once you've completed configuring your chosen Managed Installer, by specifying w 1. Using the following command to deploy the policy. ```powershell + $policyFile= + @" + Raw_AppLocker_Policy_XML + "@ Set-AppLockerPolicy -XmlPolicy $policyFile -Merge -ErrorAction SilentlyContinue ``` 2. Verify Deployment of the Rule set was successful ```powershell - $policyFile= - @" - Raw_AppLocker_Policy_XML - "@ Get-AppLockerPolicy -Local Version RuleCollections RuleCollectionTypes ------- --------------- ------------------- - 1 {0, 0, 0, 0...} {Appx, Dll, Exe, ManagedInstaller...} + 1 {0, 0, 0, 0...} {Appx, Dll, Exe, ManagedInstaller...} ``` - Verify the output shows the ManagedInstaller rule set. + Verify the output shows the ManagedInstaller rule set. 3. Get the policy XML (optional) using PS: ```powershell From 01063e623a6271d263612f3adb292ccf0525aa9a Mon Sep 17 00:00:00 2001 From: MandiOhlinger Date: Tue, 10 Aug 2021 16:30:56 -0400 Subject: [PATCH 24/48] Added sections to match article content --- windows/deployment/TOC.yml | 224 ++++++++++++++++++++----------------- 1 file changed, 122 insertions(+), 102 deletions(-) diff --git a/windows/deployment/TOC.yml b/windows/deployment/TOC.yml index 048a630323..2d99e3080b 100644 --- a/windows/deployment/TOC.yml +++ b/windows/deployment/TOC.yml @@ -321,57 +321,69 @@ - name: Active Directory-Based Activation Overview href: volume-activation/active-directory-based-activation-overview.md - name: Install and Configure VAMT - href: volume-activation/install-configure-vamt.md - - name: VAMT Requirements - href: volume-activation/vamt-requirements.md - - name: Install VAMT - href: volume-activation/install-vamt.md - - name: Configure Client Computers - href: volume-activation/configure-client-computers-vamt.md + items: + - name: Overview + href: volume-activation/install-configure-vamt.md + - name: VAMT Requirements + href: volume-activation/vamt-requirements.md + - name: Install VAMT + href: volume-activation/install-vamt.md + - name: Configure Client Computers + href: volume-activation/configure-client-computers-vamt.md - name: Add and Manage Products - href: volume-activation/add-manage-products-vamt.md - - name: Add and Remove Computers - href: volume-activation/add-remove-computers-vamt.md - - name: Update Product Status - href: volume-activation/update-product-status-vamt.md - - name: Remove Products - href: volume-activation/remove-products-vamt.md + items: + - name: Overview + href: volume-activation/add-manage-products-vamt.md + - name: Add and Remove Computers + href: volume-activation/add-remove-computers-vamt.md + - name: Update Product Status + href: volume-activation/update-product-status-vamt.md + - name: Remove Products + href: volume-activation/remove-products-vamt.md - name: Manage Product Keys - href: volume-activation/manage-product-keys-vamt.md - - name: Add and Remove a Product Key - href: volume-activation/add-remove-product-key-vamt.md - - name: Install a Product Key - href: volume-activation/install-product-key-vamt.md - - name: Install a KMS Client Key - href: volume-activation/install-kms-client-key-vamt.md + items: + - name: Overview + href: volume-activation/manage-product-keys-vamt.md + - name: Add and Remove a Product Key + href: volume-activation/add-remove-product-key-vamt.md + - name: Install a Product Key + href: volume-activation/install-product-key-vamt.md + - name: Install a KMS Client Key + href: volume-activation/install-kms-client-key-vamt.md - name: Manage Activations - href: volume-activation/manage-activations-vamt.md - - name: Perform Online Activation - href: volume-activation/online-activation-vamt.md - - name: Perform Proxy Activation - href: volume-activation/proxy-activation-vamt.md - - name: Perform KMS Activation - href: volume-activation/kms-activation-vamt.md - - name: Perform Local Reactivation - href: volume-activation/local-reactivation-vamt.md - - name: Activate an Active Directory Forest Online - href: volume-activation/activate-forest-vamt.md - - name: Activate by Proxy an Active Directory Forest - href: volume-activation/activate-forest-by-proxy-vamt.md + items: + - name: Overview + href: volume-activation/manage-activations-vamt.md + - name: Perform Online Activation + href: volume-activation/online-activation-vamt.md + - name: Perform Proxy Activation + href: volume-activation/proxy-activation-vamt.md + - name: Perform KMS Activation + href: volume-activation/kms-activation-vamt.md + - name: Perform Local Reactivation + href: volume-activation/local-reactivation-vamt.md + - name: Activate an Active Directory Forest Online + href: volume-activation/activate-forest-vamt.md + - name: Activate by Proxy an Active Directory Forest + href: volume-activation/activate-forest-by-proxy-vamt.md - name: Manage VAMT Data - href: volume-activation/manage-vamt-data.md - - name: Import and Export VAMT Data - href: volume-activation/import-export-vamt-data.md - - name: Use VAMT in Windows PowerShell - href: volume-activation/use-vamt-in-windows-powershell.md + items: + - name: Overview + href: volume-activation/manage-vamt-data.md + - name: Import and Export VAMT Data + href: volume-activation/import-export-vamt-data.md + - name: Use VAMT in Windows PowerShell + href: volume-activation/use-vamt-in-windows-powershell.md - name: VAMT Step-by-Step Scenarios - href: volume-activation/vamt-step-by-step.md - - name: "Scenario 1: Online Activation" - href: volume-activation/scenario-online-activation-vamt.md - - name: "Scenario 2: Proxy Activation" - href: volume-activation/scenario-proxy-activation-vamt.md - - name: "Scenario 3: KMS Client Activation" - href: volume-activation/scenario-kms-activation-vamt.md + items: + - name: Overview + href: volume-activation/vamt-step-by-step.md + - name: "Scenario 1: Online Activation" + href: volume-activation/scenario-online-activation-vamt.md + - name: "Scenario 2: Proxy Activation" + href: volume-activation/scenario-proxy-activation-vamt.md + - name: "Scenario 3: KMS Client Activation" + href: volume-activation/scenario-kms-activation-vamt.md - name: VAMT Known Issues href: volume-activation/vamt-known-issues.md @@ -486,67 +498,75 @@ - name: Application Compatibility Toolkit (ACT) Technical Reference items: - name: SUA User's Guide - href: planning/sua-users-guide.md - - name: Using the SUA Wizard - href: planning/using-the-sua-wizard.md - - name: Using the SUA Tool - href: planning/using-the-sua-tool.md - - name: Tabs on the SUA Tool Interface - href: planning/tabs-on-the-sua-tool-interface.md - - name: Showing Messages Generated by the SUA Tool - href: planning/showing-messages-generated-by-the-sua-tool.md - - name: Applying Filters to Data in the SUA Tool - href: planning/applying-filters-to-data-in-the-sua-tool.md - - name: Fixing Applications by Using the SUA Tool - href: planning/fixing-applications-by-using-the-sua-tool.md + items: + - name: Overview + href: planning/sua-users-guide.md + - name: Using the SUA Wizard + href: planning/using-the-sua-wizard.md + - name: Using the SUA Tool + href: planning/using-the-sua-tool.md + - name: Tabs on the SUA Tool Interface + href: planning/tabs-on-the-sua-tool-interface.md + - name: Showing Messages Generated by the SUA Tool + href: planning/showing-messages-generated-by-the-sua-tool.md + - name: Applying Filters to Data in the SUA Tool + href: planning/applying-filters-to-data-in-the-sua-tool.md + - name: Fixing Applications by Using the SUA Tool + href: planning/fixing-applications-by-using-the-sua-tool.md - name: Compatibility Fixes for Windows 10, Windows 8, Windows 7, and Windows Vista href: planning/compatibility-fixes-for-windows-8-windows-7-and-windows-vista.md - name: Compatibility Administrator User's Guide - href: planning/compatibility-administrator-users-guide.md - - name: Using the Compatibility Administrator Tool - href: planning/using-the-compatibility-administrator-tool.md - - name: Available Data Types and Operators in Compatibility Administrator - href: planning/available-data-types-and-operators-in-compatibility-administrator.md - - name: Searching for Fixed Applications in Compatibility Administrator - href: planning/searching-for-fixed-applications-in-compatibility-administrator.md - - name: Searching for Installed Compatibility Fixes with the Query Tool in Compatibility Administrator - href: planning/searching-for-installed-compatibility-fixes-with-the-query-tool-in-compatibility-administrator.md - - name: Creating a Custom Compatibility Fix in Compatibility Administrator - href: planning/creating-a-custom-compatibility-fix-in-compatibility-administrator.md - - name: Creating a Custom Compatibility Mode in Compatibility Administrator - href: planning/creating-a-custom-compatibility-mode-in-compatibility-administrator.md - - name: Creating an AppHelp Message in Compatibility Administrator - href: planning/creating-an-apphelp-message-in-compatibility-administrator.md - - name: Viewing the Events Screen in Compatibility Administrator - href: planning/viewing-the-events-screen-in-compatibility-administrator.md - - name: Enabling and Disabling Compatibility Fixes in Compatibility Administrator - href: planning/enabling-and-disabling-compatibility-fixes-in-compatibility-administrator.md - - name: Installing and Uninstalling Custom Compatibility Databases in Compatibility Administrator - href: planning/installing-and-uninstalling-custom-compatibility-databases-in-compatibility-administrator.md + items: + - name: Overview + href: planning/compatibility-administrator-users-guide.md + - name: Using the Compatibility Administrator Tool + href: planning/using-the-compatibility-administrator-tool.md + - name: Available Data Types and Operators in Compatibility Administrator + href: planning/available-data-types-and-operators-in-compatibility-administrator.md + - name: Searching for Fixed Applications in Compatibility Administrator + href: planning/searching-for-fixed-applications-in-compatibility-administrator.md + - name: Searching for Installed Compatibility Fixes with the Query Tool in Compatibility Administrator + href: planning/searching-for-installed-compatibility-fixes-with-the-query-tool-in-compatibility-administrator.md + - name: Creating a Custom Compatibility Fix in Compatibility Administrator + href: planning/creating-a-custom-compatibility-fix-in-compatibility-administrator.md + - name: Creating a Custom Compatibility Mode in Compatibility Administrator + href: planning/creating-a-custom-compatibility-mode-in-compatibility-administrator.md + - name: Creating an AppHelp Message in Compatibility Administrator + href: planning/creating-an-apphelp-message-in-compatibility-administrator.md + - name: Viewing the Events Screen in Compatibility Administrator + href: planning/viewing-the-events-screen-in-compatibility-administrator.md + - name: Enabling and Disabling Compatibility Fixes in Compatibility Administrator + href: planning/enabling-and-disabling-compatibility-fixes-in-compatibility-administrator.md + - name: Installing and Uninstalling Custom Compatibility Databases in Compatibility Administrator + href: planning/installing-and-uninstalling-custom-compatibility-databases-in-compatibility-administrator.md - name: Managing Application-Compatibility Fixes and Custom Fix Databases - href: planning/managing-application-compatibility-fixes-and-custom-fix-databases.md - - name: Understanding and Using Compatibility Fixes - href: planning/understanding-and-using-compatibility-fixes.md - - name: Compatibility Fix Database Management Strategies and Deployment - href: planning/compatibility-fix-database-management-strategies-and-deployment.md - - name: Testing Your Application Mitigation Packages - href: planning/testing-your-application-mitigation-packages.md - - name: Using the Sdbinst.exe Command-Line Tool - href: planning/using-the-sdbinstexe-command-line-tool.md + items: + - name: Overview + href: planning/managing-application-compatibility-fixes-and-custom-fix-databases.md + - name: Understanding and Using Compatibility Fixes + href: planning/understanding-and-using-compatibility-fixes.md + - name: Compatibility Fix Database Management Strategies and Deployment + href: planning/compatibility-fix-database-management-strategies-and-deployment.md + - name: Testing Your Application Mitigation Packages + href: planning/testing-your-application-mitigation-packages.md + - name: Using the Sdbinst.exe Command-Line Tool + href: planning/using-the-sdbinstexe-command-line-tool.md - name: Volume Activation - href: volume-activation/volume-activation-windows-10.md - - name: Plan for volume activation - href: volume-activation/plan-for-volume-activation-client.md - - name: Activate using Key Management Service - href: volume-activation/activate-using-key-management-service-vamt.md - - name: Activate using Active Directory-based activation - href: volume-activation/activate-using-active-directory-based-activation-client.md - - name: Activate clients running Windows 10 - href: volume-activation/activate-windows-10-clients-vamt.md - - name: Monitor activation - href: volume-activation/monitor-activation-client.md - - name: Use the Volume Activation Management Tool - href: volume-activation/use-the-volume-activation-management-tool-client.md + items: + - name: Overview + href: volume-activation/volume-activation-windows-10.md + - name: Plan for volume activation + href: volume-activation/plan-for-volume-activation-client.md + - name: Activate using Key Management Service + href: volume-activation/activate-using-key-management-service-vamt.md + - name: Activate using Active Directory-based activation + href: volume-activation/activate-using-active-directory-based-activation-client.md + - name: Activate clients running Windows 10 + href: volume-activation/activate-windows-10-clients-vamt.md + - name: Monitor activation + href: volume-activation/monitor-activation-client.md + - name: Use the Volume Activation Management Tool + href: volume-activation/use-the-volume-activation-management-tool-client.md - name: "Appendix: Information sent to Microsoft during activation " href: volume-activation/appendix-information-sent-to-microsoft-during-activation-client.md From 2eceffbb693ee8d757a4d18379ebd269da8acf06 Mon Sep 17 00:00:00 2001 From: MandiOhlinger Date: Tue, 10 Aug 2021 16:49:01 -0400 Subject: [PATCH 25/48] review updates --- windows/deployment/TOC.yml | 46 +++++++++++++++++++------------------- 1 file changed, 23 insertions(+), 23 deletions(-) diff --git a/windows/deployment/TOC.yml b/windows/deployment/TOC.yml index 2d99e3080b..d61509c788 100644 --- a/windows/deployment/TOC.yml +++ b/windows/deployment/TOC.yml @@ -273,7 +273,7 @@ href: upgrade/windows-10-upgrade-paths.md - name: Deploy Windows 10 with Microsoft 365 href: deploy-m365.md - - name: Understanding the Unified Update Platform + - name: Understand the Unified Update Platform href: update/windows-update-overview.md - name: Servicing stack updates href: update/servicing-stack-updates.md @@ -354,13 +354,13 @@ items: - name: Overview href: volume-activation/manage-activations-vamt.md - - name: Perform Online Activation + - name: Run Online Activation href: volume-activation/online-activation-vamt.md - - name: Perform Proxy Activation + - name: Run Proxy Activation href: volume-activation/proxy-activation-vamt.md - - name: Perform KMS Activation + - name: Run KMS Activation href: volume-activation/kms-activation-vamt.md - - name: Perform Local Reactivation + - name: Run Local Reactivation href: volume-activation/local-reactivation-vamt.md - name: Activate an Active Directory Forest Online href: volume-activation/activate-forest-vamt.md @@ -501,17 +501,17 @@ items: - name: Overview href: planning/sua-users-guide.md - - name: Using the SUA Wizard + - name: Use the SUA Wizard href: planning/using-the-sua-wizard.md - - name: Using the SUA Tool + - name: Use the SUA Tool href: planning/using-the-sua-tool.md - name: Tabs on the SUA Tool Interface href: planning/tabs-on-the-sua-tool-interface.md - - name: Showing Messages Generated by the SUA Tool + - name: Show Messages Generated by the SUA Tool href: planning/showing-messages-generated-by-the-sua-tool.md - - name: Applying Filters to Data in the SUA Tool + - name: Apply Filters to Data in the SUA Tool href: planning/applying-filters-to-data-in-the-sua-tool.md - - name: Fixing Applications by Using the SUA Tool + - name: Fix apps using the SUA Tool href: planning/fixing-applications-by-using-the-sua-tool.md - name: Compatibility Fixes for Windows 10, Windows 8, Windows 7, and Windows Vista href: planning/compatibility-fixes-for-windows-8-windows-7-and-windows-vista.md @@ -519,37 +519,37 @@ items: - name: Overview href: planning/compatibility-administrator-users-guide.md - - name: Using the Compatibility Administrator Tool + - name: Use the Compatibility Administrator Tool href: planning/using-the-compatibility-administrator-tool.md - name: Available Data Types and Operators in Compatibility Administrator href: planning/available-data-types-and-operators-in-compatibility-administrator.md - - name: Searching for Fixed Applications in Compatibility Administrator + - name: Search for Fixed Applications in Compatibility Administrator href: planning/searching-for-fixed-applications-in-compatibility-administrator.md - - name: Searching for Installed Compatibility Fixes with the Query Tool in Compatibility Administrator + - name: Search for Installed Compatibility Fixes with the Query Tool in Compatibility Administrator href: planning/searching-for-installed-compatibility-fixes-with-the-query-tool-in-compatibility-administrator.md - - name: Creating a Custom Compatibility Fix in Compatibility Administrator + - name: Create a Custom Compatibility Fix in Compatibility Administrator href: planning/creating-a-custom-compatibility-fix-in-compatibility-administrator.md - - name: Creating a Custom Compatibility Mode in Compatibility Administrator + - name: Create a Custom Compatibility Mode in Compatibility Administrator href: planning/creating-a-custom-compatibility-mode-in-compatibility-administrator.md - - name: Creating an AppHelp Message in Compatibility Administrator + - name: Create an AppHelp Message in Compatibility Administrator href: planning/creating-an-apphelp-message-in-compatibility-administrator.md - - name: Viewing the Events Screen in Compatibility Administrator + - name: View the Events Screen in Compatibility Administrator href: planning/viewing-the-events-screen-in-compatibility-administrator.md - - name: Enabling and Disabling Compatibility Fixes in Compatibility Administrator + - name: Enable and Disable Compatibility Fixes in Compatibility Administrator href: planning/enabling-and-disabling-compatibility-fixes-in-compatibility-administrator.md - - name: Installing and Uninstalling Custom Compatibility Databases in Compatibility Administrator + - name: Install and Uninstall Custom Compatibility Databases in Compatibility Administrator href: planning/installing-and-uninstalling-custom-compatibility-databases-in-compatibility-administrator.md - - name: Managing Application-Compatibility Fixes and Custom Fix Databases + - name: Manage Application-Compatibility Fixes and Custom Fix Databases items: - name: Overview href: planning/managing-application-compatibility-fixes-and-custom-fix-databases.md - - name: Understanding and Using Compatibility Fixes + - name: Understand and Use Compatibility Fixes href: planning/understanding-and-using-compatibility-fixes.md - name: Compatibility Fix Database Management Strategies and Deployment href: planning/compatibility-fix-database-management-strategies-and-deployment.md - - name: Testing Your Application Mitigation Packages + - name: Test Your Application Mitigation Packages href: planning/testing-your-application-mitigation-packages.md - - name: Using the Sdbinst.exe Command-Line Tool + - name: Use the Sdbinst.exe Command-Line Tool href: planning/using-the-sdbinstexe-command-line-tool.md - name: Volume Activation items: From 89a32e3a8fbd106cdc17d8e7cd3293cf43a56aad Mon Sep 17 00:00:00 2001 From: Daniel Simpson Date: Tue, 10 Aug 2021 17:28:07 -0700 Subject: [PATCH 26/48] updating applies To --- ...able-virtualization-based-protection-of-code-integrity.md | 3 ++- ...-for-virtualization-based-protection-of-code-integrity.md | 3 ++- .../configure-md-app-guard.md | 2 +- .../faq-md-app-guard.yml | 3 ++- .../install-md-app-guard.md | 2 +- .../md-app-guard-overview.md | 3 ++- .../reqs-md-app-guard.md | 5 +++-- .../test-scenarios-md-app-guard.md | 2 +- 8 files changed, 14 insertions(+), 9 deletions(-) diff --git a/windows/security/threat-protection/device-guard/enable-virtualization-based-protection-of-code-integrity.md b/windows/security/threat-protection/device-guard/enable-virtualization-based-protection-of-code-integrity.md index 429cc12f93..1ede3ef4ed 100644 --- a/windows/security/threat-protection/device-guard/enable-virtualization-based-protection-of-code-integrity.md +++ b/windows/security/threat-protection/device-guard/enable-virtualization-based-protection-of-code-integrity.md @@ -17,7 +17,8 @@ ms.technology: mde # Enable virtualization-based protection of code integrity -**Applies to:** [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2069559) +**Applies to** +- Windows 10 This topic covers different ways to enable Hypervisor-protected code integrity (HVCI) on Windows 10. Some applications, including device drivers, may be incompatible with HVCI. diff --git a/windows/security/threat-protection/device-guard/requirements-and-deployment-planning-guidelines-for-virtualization-based-protection-of-code-integrity.md b/windows/security/threat-protection/device-guard/requirements-and-deployment-planning-guidelines-for-virtualization-based-protection-of-code-integrity.md index 21b9780bc2..4065b2122a 100644 --- a/windows/security/threat-protection/device-guard/requirements-and-deployment-planning-guidelines-for-virtualization-based-protection-of-code-integrity.md +++ b/windows/security/threat-protection/device-guard/requirements-and-deployment-planning-guidelines-for-virtualization-based-protection-of-code-integrity.md @@ -18,7 +18,8 @@ ms.technology: mde # Baseline protections and additional qualifications for virtualization-based protection of code integrity -**Applies to** [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2069559) +**Applies to** +- Windows 10 Computers must meet certain hardware, firmware, and software requirements in order to take advantage of all of the virtualization-based security (VBS) features in [Windows Defender Device Guard](../device-guard/introduction-to-device-guard-virtualization-based-security-and-windows-defender-application-control.md). Computers lacking these requirements can still be protected by Windows Defender Application Control (WDAC) policies—the difference is that those computers will not be as hardened against certain threats. diff --git a/windows/security/threat-protection/microsoft-defender-application-guard/configure-md-app-guard.md b/windows/security/threat-protection/microsoft-defender-application-guard/configure-md-app-guard.md index 593984f0dc..d2ee8b1f7a 100644 --- a/windows/security/threat-protection/microsoft-defender-application-guard/configure-md-app-guard.md +++ b/windows/security/threat-protection/microsoft-defender-application-guard/configure-md-app-guard.md @@ -19,7 +19,7 @@ ms.technology: mde **Applies to:** -- [Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/) +- Windows 10 Microsoft Defender Application Guard (Application Guard) works with Group Policy to help you manage your organization's computer settings. By using Group Policy, you can configure a setting once, and then copy it onto many computers. For example, you can set up multiple security settings in a Group Policy Object, which is linked to a domain, and then apply all those settings to every endpoint in the domain. diff --git a/windows/security/threat-protection/microsoft-defender-application-guard/faq-md-app-guard.yml b/windows/security/threat-protection/microsoft-defender-application-guard/faq-md-app-guard.yml index 7a2cd61939..f9e4018321 100644 --- a/windows/security/threat-protection/microsoft-defender-application-guard/faq-md-app-guard.yml +++ b/windows/security/threat-protection/microsoft-defender-application-guard/faq-md-app-guard.yml @@ -17,7 +17,8 @@ metadata: title: Frequently asked questions - Microsoft Defender Application Guard summary: | - **Applies to:** [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2069559) + **Applies to** +- Windows 10 This article lists frequently asked questions with answers for Microsoft Defender Application Guard (Application Guard). Questions span features, integration with the Windows operating system, and general configuration. diff --git a/windows/security/threat-protection/microsoft-defender-application-guard/install-md-app-guard.md b/windows/security/threat-protection/microsoft-defender-application-guard/install-md-app-guard.md index f3cbd518da..994ade09de 100644 --- a/windows/security/threat-protection/microsoft-defender-application-guard/install-md-app-guard.md +++ b/windows/security/threat-protection/microsoft-defender-application-guard/install-md-app-guard.md @@ -18,7 +18,7 @@ ms.technology: mde # Prepare to install Microsoft Defender Application Guard **Applies to:** -- [Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/) +- - Windows 10 ## Review system requirements diff --git a/windows/security/threat-protection/microsoft-defender-application-guard/md-app-guard-overview.md b/windows/security/threat-protection/microsoft-defender-application-guard/md-app-guard-overview.md index 83850f5a21..de798293db 100644 --- a/windows/security/threat-protection/microsoft-defender-application-guard/md-app-guard-overview.md +++ b/windows/security/threat-protection/microsoft-defender-application-guard/md-app-guard-overview.md @@ -17,7 +17,8 @@ ms.technology: mde # Microsoft Defender Application Guard overview -**Applies to:** [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2069559) +**Applies to** +- Windows 10 Microsoft Defender Application Guard (Application Guard) is designed to help prevent old and newly emerging attacks to help keep employees productive. Using our unique hardware isolation approach, our goal is to destroy the playbook that attackers use by making current attack methods obsolete. diff --git a/windows/security/threat-protection/microsoft-defender-application-guard/reqs-md-app-guard.md b/windows/security/threat-protection/microsoft-defender-application-guard/reqs-md-app-guard.md index a54f8667cd..fb162b5632 100644 --- a/windows/security/threat-protection/microsoft-defender-application-guard/reqs-md-app-guard.md +++ b/windows/security/threat-protection/microsoft-defender-application-guard/reqs-md-app-guard.md @@ -1,5 +1,5 @@ --- -title: System requirements for Microsoft Defender Application Guard (Windows 10) +title: System requirements for Microsoft Defender Application Guard description: Learn about the system requirements for installing and running Microsoft Defender Application Guard. ms.prod: m365-security ms.mktglfcycl: manage @@ -17,7 +17,8 @@ ms.technology: mde # System requirements for Microsoft Defender Application Guard -**Applies to:** [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2069559) +**Applies to** +- Windows 10 The threat landscape is continually evolving. While hackers are busy developing new techniques to breach enterprise networks by compromising workstations, phishing schemes remain one of the top ways to lure employees into social engineering attacks. Microsoft Defender Application Guard is designed to help prevent old, and newly emerging attacks, to help keep employees productive. diff --git a/windows/security/threat-protection/microsoft-defender-application-guard/test-scenarios-md-app-guard.md b/windows/security/threat-protection/microsoft-defender-application-guard/test-scenarios-md-app-guard.md index 9baa7baa78..74525211f8 100644 --- a/windows/security/threat-protection/microsoft-defender-application-guard/test-scenarios-md-app-guard.md +++ b/windows/security/threat-protection/microsoft-defender-application-guard/test-scenarios-md-app-guard.md @@ -19,7 +19,7 @@ ms.technology: mde **Applies to:** -- [Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/) +- Windows 10 We've come up with a list of scenarios that you can use to test hardware-based isolation in your organization. From d24bdc73626de3a3dfb506915c006e87927a3fd1 Mon Sep 17 00:00:00 2001 From: Daniel Simpson Date: Tue, 10 Aug 2021 17:33:51 -0700 Subject: [PATCH 27/48] fixing yml --- .../microsoft-defender-application-guard/faq-md-app-guard.yml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-application-guard/faq-md-app-guard.yml b/windows/security/threat-protection/microsoft-defender-application-guard/faq-md-app-guard.yml index f9e4018321..9ad53a26f5 100644 --- a/windows/security/threat-protection/microsoft-defender-application-guard/faq-md-app-guard.yml +++ b/windows/security/threat-protection/microsoft-defender-application-guard/faq-md-app-guard.yml @@ -17,8 +17,7 @@ metadata: title: Frequently asked questions - Microsoft Defender Application Guard summary: | - **Applies to** -- Windows 10 + This article lists frequently asked questions with answers for Microsoft Defender Application Guard (Application Guard). Questions span features, integration with the Windows operating system, and general configuration. From c05ee20c3ab1efa5fa3f7f3ba0592b35274287ce Mon Sep 17 00:00:00 2001 From: Gary Moore Date: Tue, 10 Aug 2021 17:46:10 -0700 Subject: [PATCH 28/48] Corrected horizontal presentation of bulleted list --- windows/client-management/mdm/defender-csp.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/windows/client-management/mdm/defender-csp.md b/windows/client-management/mdm/defender-csp.md index 614c91e54a..73237ce6c0 100644 --- a/windows/client-management/mdm/defender-csp.md +++ b/windows/client-management/mdm/defender-csp.md @@ -803,8 +803,8 @@ The data type is integer. Supported operations are Add, Delete, Get, Replace. Valid values are: -• 1 – Enabled. -• 0 (default) – Not Configured. +- 1 – Enabled. +- 0 (default) – Not Configured. More details: From 492a885e63e626e87947100b26f994e18585d52b Mon Sep 17 00:00:00 2001 From: Sinead O'Sullivan Date: Wed, 11 Aug 2021 18:06:47 +0100 Subject: [PATCH 29/48] Update changes-to-windows-diagnostic-data-collection.md --- .../privacy/changes-to-windows-diagnostic-data-collection.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/privacy/changes-to-windows-diagnostic-data-collection.md b/windows/privacy/changes-to-windows-diagnostic-data-collection.md index 86e8ebcf13..826c5527fe 100644 --- a/windows/privacy/changes-to-windows-diagnostic-data-collection.md +++ b/windows/privacy/changes-to-windows-diagnostic-data-collection.md @@ -52,7 +52,7 @@ Starting in Windows 10, version 1903 and newer, both the **Out-of-Box-Experience In an upcoming release of Windows 10, we’re simplifying your diagnostic data controls by moving from four diagnostic data controls to three: **Diagnostic data off**, **Required**, and **Optional**. If your devices are set to **Enhanced** when they are upgraded, the device settings will be evaluated to be at the more privacy-preserving setting of **Required diagnostic data**, which means that analytic services that leverage enhanced data collection may not work properly. For a list of services, see [Services that rely on Enhanced diagnostic data](#services-that-rely-on-enhanced-diagnostic-data). Administrators should read through the details and determine whether to apply these new policies to restore the same collection settings as they had before this change. For a list of steps, see [Configure a Windows 11 device to limit crash dumps and logs](#configure-a-windows-11-device-to-limit-crash-dumps-and-logs). For more information on services that rely on Enhanced diagnostic data, see [Services that rely on Enhanced diagnostic data](#services-that-rely-on-enhanced-diagnostic-data). -Additionally, you will see the following policy changes in an upcoming release of Windows 10: +Additionally, you will see the following policy changes in an upcoming release of Windows Holographic, version 21H1 (HoloLens 2), Windows Server 2022 and Windows 11: | Policy type | Current policy | Renamed policy | | --- | --- | --- | From 664cd58e1cfefdd7101dc651d54d76aaf36c9ac9 Mon Sep 17 00:00:00 2001 From: Kim Klein Date: Wed, 11 Aug 2021 12:30:04 -0700 Subject: [PATCH 30/48] Applied addition edit suggestions. --- ...horized-apps-deployed-with-a-managed-installer.md | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/windows/security/threat-protection/windows-defender-application-control/configure-authorized-apps-deployed-with-a-managed-installer.md b/windows/security/threat-protection/windows-defender-application-control/configure-authorized-apps-deployed-with-a-managed-installer.md index 0ab03f97aa..15639fd8d3 100644 --- a/windows/security/threat-protection/windows-defender-application-control/configure-authorized-apps-deployed-with-a-managed-installer.md +++ b/windows/security/threat-protection/windows-defender-application-control/configure-authorized-apps-deployed-with-a-managed-installer.md @@ -93,7 +93,7 @@ Currently, neither the AppLocker policy creation UI in GPO Editor nor the PowerS ``` -An example of a valid Managed Installer rule collection, using Microsoft Endpoint Config Manager (MEMCM), MEM (Intune), Powershell, and Powershell ISE, is shown below. Remove any rules that you do not wish to designate as a Managed Installer. +An example of a valid Managed Installer rule collection, using Microsoft Endpoint Config Manager (MEMCM), MEM (Intune), Powershell, and PowerShell ISE, is shown below. Remove any rules that you do not wish to designate as a Managed Installer. ```xml @@ -274,11 +274,11 @@ Ea Value Length: 7e Refer to [Understanding Application Control Events](event-id-explanations.md#optional-intelligent-security-graph-isg-or-managed-installer-mi-diagnostic-events) for information on enabling optional managed installer diagnostic events. -## Deploying the Managed Installer +## Deploying the Managed Installer rule collection -Once you've completed configuring your chosen Managed Installer, by specifying which to use in the AppLocker policy, enabling the service enforcement of it, and by enabling the Managed Installer option in a WDAC policy, you'll need to deploy it. +Once you've completed configuring your chosen Managed Installer, by specifying which option to use in the AppLocker policy, enabling the service enforcement of it, and by enabling the Managed Installer option in a WDAC policy, you'll need to deploy it. -1. Using the following command to deploy the policy. +1. Use the following command to deploy the policy. ```powershell $policyFile= @" @@ -287,7 +287,7 @@ Once you've completed configuring your chosen Managed Installer, by specifying w Set-AppLockerPolicy -XmlPolicy $policyFile -Merge -ErrorAction SilentlyContinue ``` -2. Verify Deployment of the Rule set was successful +2. Verify Deployment of the ruleset was successful ```powershell Get-AppLockerPolicy -Local @@ -297,7 +297,7 @@ Once you've completed configuring your chosen Managed Installer, by specifying w ``` Verify the output shows the ManagedInstaller rule set. -3. Get the policy XML (optional) using PS: +3. Get the policy XML (optional) using PowerShell: ```powershell Get-AppLockerPolicy -Effective -Xml -ErrorVariable ev -ErrorAction SilentlyContinue ``` From e1458768eeba27674b4f43668776f7f3ef848f0c Mon Sep 17 00:00:00 2001 From: MandiOhlinger Date: Wed, 11 Aug 2021 20:47:09 -0400 Subject: [PATCH 31/48] updated tables; reworked TOC --- .../apps-in-windows-10.md | 742 +++++++++++++++--- .../sideload-apps-in-windows-10.md | 2 +- windows/application-management/toc.yml | 8 +- 3 files changed, 637 insertions(+), 115 deletions(-) diff --git a/windows/application-management/apps-in-windows-10.md b/windows/application-management/apps-in-windows-10.md index 42a25f2be3..5a145fb951 100644 --- a/windows/application-management/apps-in-windows-10.md +++ b/windows/application-management/apps-in-windows-10.md @@ -16,145 +16,667 @@ ms.topic: article >Applies to: Windows 10 -The following types of apps run on Windows 10: -- Windows apps - introduced in Windows 8, primarily installed from the Store app. -- Universal Windows Platform (UWP) apps - designed to work across platforms, can be installed on multiple platforms including Windows client, Windows Phone, and Xbox. All UWP apps are also Windows apps, but not all Windows apps are UWP apps. -- "Win32" apps - traditional Windows applications. +On your Windows 10 devices, you can run the following app types: -Digging into the Windows apps, there are two categories: -- Apps - All other apps, installed in C:\Program Files\WindowsApps. There are two classes of apps: - - Provisioned: Installed in user account the first time you sign in with a new user account. - - Installed: Installed as part of the OS. -- System apps - Apps that are installed in the C:\Windows\* directory. These apps are integral to the OS. +- **Windows apps**: These apps are included with the Windows OS, and are also installed from the Microsoft Store app. There are two categories: -The following tables list the system apps, installed Windows apps, and provisioned Windows apps in a standard Windows 10 Enterprise installation. (If you have a custom image, your specific apps might differ.) The tables list the app, the full name, show the app's status in Windows 10 version 1709, 1803, and 1809 and indicate whether an app can be uninstalled through the UI. + - **Apps**: All apps installed in `C:\Program Files\WindowsApps`. There are two classes of apps: -Some of the apps show up in multiple tables - that's because their status changed between versions. Make sure to check the version column for the version you are currently running. + - **Provisioned**: Installed in user account the first time you sign in with a new user account. + - **Installed**: Installed as part of the OS. + + - **System apps**: Apps installed in the `C:\Windows\` directory. These apps are part of the Windows OS. + +- **Universal Windows Platform (UWP) apps**: These apps run and can be installed on many Windows platforms, including tablets, Microsoft HoloLens, Xbox, and more. All UWP apps are Windows apps. But, not all Windows apps are UWP apps. +- **Win32 apps**: These apps are traditional Windows applications. + +This article lists the system apps, installed Windows apps, and provisioned Windows apps in a standard Windows 10 Enterprise installation. If you use custom images, your specific apps might be different. + +Some of the apps show up in multiple areas. That's because their status changed between versions. Make sure to check the version column for the version you're currently running. ## Provisioned Windows apps -You can list all provisioned Windows apps with this PowerShell command: +The first time a user signs into a Windows device, some apps are automatically provisioned. To get a list of all provisioned Windows apps, run the following Windows PowerShell command: ```Powershell Get-AppxProvisionedPackage -Online | Format-Table DisplayName, PackageName ``` -Here are the provisioned Windows apps in Windows 10 versions 1803, 1809, 1903, 1909, and 2004. +The following information lists the provisioned apps on the supported Windows 10 OS versions: -
+- [3D Builder](ms-windows-store://pdp/?PFN=Microsoft.3DBuilder_8wekyb3d8bbwe) | Package name: Microsoft.3DBuilder -| Package name | App name | 1803 | 1809 | 1903 | 1909 | 2004 | Uninstall through UI? | -|----------------------------------------------|--------------------------------------------------------------------------------------------------------------------|:----:|:----:|:----:|:----:|:----:|:---------------------:| -| Microsoft.3DBuilder | [3D Builder](ms-windows-store://pdp/?PFN=Microsoft.3DBuilder_8wekyb3d8bbwe) | | | | | | Yes | -| Microsoft.BingWeather | [MSN Weather](ms-windows-store://pdp/?PFN=Microsoft.BingWeather_8wekyb3d8bbwe) | x | x | x | x | x | Yes | -| Microsoft.DesktopAppInstaller | [App Installer](ms-windows-store://pdp/?PFN=Microsoft.DesktopAppInstaller_8wekyb3d8bbwe) | x | x | x | x | x | Via Settings App | -| Microsoft.GetHelp | [Get Help](ms-windows-store://pdp/?PFN=Microsoft.Gethelp_8wekyb3d8bbwe) | x | x | x | x | x | No | -| Microsoft.Getstarted | [Microsoft Tips](ms-windows-store://pdp/?PFN=Microsoft.Getstarted_8wekyb3d8bbwe) | x | x | x | x | x | No | -| Microsoft.HEIFImageExtension | [HEIF Image Extensions](ms-windows-store://pdp/?PFN=Microsoft.HEIFImageExtension_8wekyb3d8bbwe) | | x | x | x | x | No | -| Microsoft.Messaging | [Microsoft Messaging](ms-windows-store://pdp/?PFN=Microsoft.Messaging_8wekyb3d8bbwe) | x | x | x | x | | No | -| Microsoft.Microsoft3DViewer | [Mixed Reality Viewer](ms-windows-store://pdp/?PFN=Microsoft.Microsoft3DViewer_8wekyb3d8bbwe) | x | x | x | x | x | No | -| Microsoft.MicrosoftOfficeHub | [Office](ms-windows-store://pdp/?PFN=Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe) | x | x | x | x | x | Yes | -| Microsoft.MicrosoftSolitaireCollection | [Microsoft Solitaire Collection](ms-windows-store://pdp/?PFN=Microsoft.MicrosoftSolitaireCollection_8wekyb3d8bbwe) | x | x | x | x | x | Yes | -| Microsoft.MicrosoftStickyNotes | [Microsoft Sticky Notes](ms-windows-store://pdp/?PFN=Microsoft.MicrosoftStickyNotes_8wekyb3d8bbwe) | x | x | x | x | x | No | -| Microsoft.MixedReality.Portal | [Mixed Reality Portal](ms-windows-store://pdp/?PFN=Microsoft.MixedReality.Portal_8wekyb3d8bbwe) | | x | x | x | x | No | -| Microsoft.MSPaint | [Paint 3D](ms-windows-store://pdp/?PFN=Microsoft.MSPaint_8wekyb3d8bbwe) | x | x | x | x | x | No | -| Microsoft.Office.OneNote | [OneNote for Windows 10](ms-windows-store://pdp/?PFN=Microsoft.Office.OneNote_8wekyb3d8bbwe) | x | x | x | x | x | Yes | -| Microsoft.OneConnect | [Mobile Plans](ms-windows-store://pdp/?PFN=Microsoft.OneConnect_8wekyb3d8bbwe) | x | x | x | x | | No | -| Microsoft.Outlook.DesktopIntegrationServices | | | | | x | | | -| Microsoft.People | [Microsoft People](ms-windows-store://pdp/?PFN=Microsoft.People_8wekyb3d8bbwe) | x | x | x | x | x | No | -| Microsoft.Print3D | [Print 3D](ms-windows-store://pdp/?PFN=Microsoft.Print3D_8wekyb3d8bbwe) | x | x | x | x | | No | -| Microsoft.ScreenSketch | [Snip & Sketch](ms-windows-store://pdp/?PFN=Microsoft.ScreenSketch_8wekyb3d8bbwe) | | x | x | x | x | No | -| Microsoft.SkypeApp | [Skype](ms-windows-store://pdp/?PFN=Microsoft.SkypeApp_kzf8qxf38zg5c) | x | x | x | x | x | No | -| Microsoft.StorePurchaseApp | [Store Purchase App](ms-windows-store://pdp/?PFN=Microsoft.StorePurchaseApp_8wekyb3d8bbwe) | x | x | x | x | x | No | -| Microsoft.VP9VideoExtensions | | | x | x | x | x | No | -| Microsoft.Wallet | [Microsoft Pay](ms-windows-store://pdp/?PFN=Microsoft.Wallet_8wekyb3d8bbwe) | x | x | x | x | x | No | -| Microsoft.WebMediaExtensions | [Web Media Extensions](ms-windows-store://pdp/?PFN=Microsoft.WebMediaExtensions_8wekyb3d8bbwe) | x | x | x | x | x | No | -| Microsoft.WebpImageExtension | [Webp Image Extension](ms-windows-store://pdp/?PFN=Microsoft.WebpImageExtension_8wekyb3d8bbwe) | | x | x | x | x | No | -| Microsoft.Windows.Photos | [Microsoft Photos](ms-windows-store://pdp/?PFN=Microsoft.Windows.Photos_8wekyb3d8bbwe) | x | x | x | x | x | No | -| Microsoft.WindowsAlarms | [Windows Alarms & Clock](ms-windows-store://pdp/?PFN=Microsoft.WindowsAlarms_8wekyb3d8bbwe) | x | x | x | x | x | No | -| Microsoft.WindowsCalculator | [Windows Calculator](ms-windows-store://pdp/?PFN=Microsoft.WindowsCalculator_8wekyb3d8bbwe) | x | x | x | x | x | No | -| Microsoft.WindowsCamera | [Windows Camera](ms-windows-store://pdp/?PFN=Microsoft.WindowsCamera_8wekyb3d8bbwe) | x | x | x | x | x | No | -| microsoft.windowscommunicationsapps | [Mail and Calendar](ms-windows-store://pdp/?PFN=microsoft.windowscommunicationsapps_8wekyb3d8bbwe) | x | x | x | x | x | No | -| Microsoft.WindowsFeedbackHub | [Feedback Hub](ms-windows-store://pdp/?PFN=Microsoft.WindowsFeedbackHub_8wekyb3d8bbwe) | x | x | x | x | x | No | -| Microsoft.WindowsMaps | [Windows Maps](ms-windows-store://pdp/?PFN=Microsoft.WindowsMaps_8wekyb3d8bbwe) | x | x | x | x | x | No | -| Microsoft.WindowsSoundRecorder | [Windows Voice Recorder](ms-windows-store://pdp/?PFN=Microsoft.WindowsSoundRecorder_8wekyb3d8bbwe) | x | x | x | x | x | No | -| Microsoft.WindowsStore | [Microsoft Store](ms-windows-store://pdp/?PFN=Microsoft.WindowsStore_8wekyb3d8bbwe) | x | x | x | x | x | No | -| Microsoft.Xbox.TCUI | [Xbox Live in-game experience](ms-windows-store://pdp/?PFN=Microsoft.Xbox.TCUI_8wekyb3d8bbwe) | x | x | x | x | x | No | -| Microsoft.XboxApp | [Xbox Console Companion](ms-windows-store://pdp/?PFN=Microsoft.XboxApp_8wekyb3d8bbwe) | x | x | x | x | x | No | -| Microsoft.XboxGameOverlay | [Xbox Game Bar Plugin](ms-windows-store://pdp/?PFN=Microsoft.XboxGameOverlay_8wekyb3d8bbwe) | x | x | x | x | x | No | -| Microsoft.XboxGamingOverlay | [Xbox Game Bar](ms-windows-store://pdp/?PFN=Microsoft.XboxGamingOverlay_8wekyb3d8bbwe) | x | x | x | x | x | No | -| Microsoft.XboxIdentityProvider | [Xbox Identity Provider](ms-windows-store://pdp/?PFN=Microsoft.XboxIdentityProvider_8wekyb3d8bbwe) | x | x | x | x | x | No | -| Microsoft.XboxSpeechToTextOverlay | | x | x | x | x | x | No | -| Microsoft.YourPhone | [Your Phone](ms-windows-store://pdp/?PFN=Microsoft.YourPhone_8wekyb3d8bbwe) | | x | x | x | x | No | -| Microsoft.ZuneMusic | [Groove Music](ms-windows-store://pdp/?PFN=Microsoft.ZuneMusic_8wekyb3d8bbwe) | x | x | x | x | x | No | -| Microsoft.ZuneVideo | [Movies & TV](ms-windows-store://pdp/?PFN=Microsoft.ZuneVideo_8wekyb3d8bbwe) | x | x | x | x | x | No | + --- + | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | + | --- | --- | --- | --- | --- | --- |--- | + | ✔️ | ✔️ | | | | | | + --- ->[!NOTE] ->The Store app can't be removed. If you want to remove and reinstall the Store app, you can only bring Store back by either restoring your system from a backup or resetting your system. Instead of removing the Store app, you should use group policies to hide or disable it. +- [Bing Weather](ms-windows-store://pdp/?PFN=Microsoft.BingWeather_8wekyb3d8bbwe) | Package name: Microsoft.BingWeather + + --- + | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | + | --- | --- | --- | --- | --- | --- |--- | + | ✔️ | ✔️ | ✔️|✔️ | ✔️| ✔️| ✔️| + --- + +- [Desktop App Installer](ms-windows-store://pdp/?PFN=Microsoft.DesktopAppInstaller_8wekyb3d8bbwe) | Package name: Microsoft.DesktopAppInstaller + + --- + | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | + | --- | --- | --- | --- | --- | --- |--- | + | Use Settings App | ✔️ | ✔️|✔️ | ✔️| ✔️| ✔️| + --- + +- [Get Help](ms-windows-store://pdp/?PFN=Microsoft.Gethelp_8wekyb3d8bbwe) | Package name: Microsoft.GetHelp + + --- + | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | + | --- | --- | --- | --- | --- | --- |--- | + | ❌ | ✔️ | ✔️|✔️ | ✔️| ✔️| ✔️| + --- + +- [Microsoft Tips](ms-windows-store://pdp/?PFN=Microsoft.Getstarted_8wekyb3d8bbwe) | Package name: Microsoft.Getstarted + + --- + | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | + | --- | --- | --- | --- | --- | --- |--- | + | ❌ | ✔️ | ✔️|✔️ | ✔️| ✔️| ✔️| + --- + +- [HEIF Image Extensions](ms-windows-store://pdp/?PFN=Microsoft.HEIFImageExtension_8wekyb3d8bbwe) | Package name: Microsoft.HEIFImageExtension + + --- + | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | + | --- | --- | --- | --- | --- | --- |--- | + | ❌ | ✔️ | ✔️|✔️ | ✔️| ✔️| ✔️| + --- + +- [Microsoft Messaging](ms-windows-store://pdp/?PFN=Microsoft.Messaging_8wekyb3d8bbwe) | Package name:Microsoft.Messaging + + --- + | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | + | --- | --- | --- | --- | --- | --- |--- | + | ❌ | ✔️ | ✔️| | ✔️| ✔️| ✔️| + --- + +- [Microsoft 3D Viewer](ms-windows-store://pdp/?PFN=Microsoft.Microsoft3DViewer_8wekyb3d8bbwe) | Package name: Microsoft.Microsoft3DViewer + + --- + | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | + | --- | --- | --- | --- | --- | --- |--- | + | ❌ | ✔️ | ✔️| ✔️ | ✔️| ✔️| ✔️| + --- + +- [Office](ms-windows-store://pdp/?PFN=Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe) | Package name: Microsoft.MicrosoftOfficeHub + + --- + | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | + | --- | --- | --- | --- | --- | --- |--- | + | ✔️ | ✔️ | ✔️| ✔️ | ✔️| ✔️| ✔️| + --- + +- [Microsoft Solitaire Collection](ms-windows-store://pdp/?PFN=Microsoft.MicrosoftSolitaireCollection_8wekyb3d8bbwe) | Package name: Microsoft.MicrosoftSolitaireCollection + + --- + | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | + | --- | --- | --- | --- | --- | --- |--- | + | ✔️ | ✔️ | ✔️| ✔️ | ✔️| ✔️| ✔️| + --- + +- [Microsoft Sticky Notes](ms-windows-store://pdp/?PFN=Microsoft.MicrosoftStickyNotes_8wekyb3d8bbwe) | Package name: Microsoft.MicrosoftStickyNotes + + --- + | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | + | --- | --- | --- | --- | --- | --- |--- | + | ❌ | ✔️ | ✔️| ✔️ | ✔️| ✔️| ✔️| + --- + +- [Mixed Reality Portal](ms-windows-store://pdp/?PFN=Microsoft.MixedReality.Portal_8wekyb3d8bbwe) | Package name: Microsoft.MixedReality.Portal + + --- + | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | + | --- | --- | --- | --- | --- | --- |--- | + | ❌ | ✔️ | ✔️| ✔️ | ✔️| ✔️| ✔️| + --- + +- [Paint 3D](ms-windows-store://pdp/?PFN=Microsoft.MSPaint_8wekyb3d8bbwe) | Package name: Microsoft.MSPaint + + --- + | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | + | --- | --- | --- | --- | --- | --- |--- | + | ❌ | ✔️ | ✔️| ✔️ | ✔️| ✔️| ✔️| + --- + +- [OneNote for Windows 10](ms-windows-store://pdp/?PFN=Microsoft.Office.OneNote_8wekyb3d8bbwe) | Package name: Microsoft.Office.OneNote + + --- + | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | + | --- | --- | --- | --- | --- | --- |--- | + | ✔️ | ✔️ | ✔️| ✔️ | ✔️| ✔️| ✔️| + --- + +- [Mobile Plans](ms-windows-store://pdp/?PFN=Microsoft.OneConnect_8wekyb3d8bbwe) | Package name: Microsoft.OneConnect + + --- + | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | + | --- | --- | --- | --- | --- | --- |--- | + | ❌ | ✔️ | ✔️| | ✔️| ✔️| ✔️| + --- + +- Microsoft.Outlook.DesktopIntegrationServices + + --- + | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | + | --- | --- | --- | --- | --- | --- |--- | + | | ✔️ | ✔️| | ✔️| | | + --- + +- [Microsoft People](ms-windows-store://pdp/?PFN=Microsoft.People_8wekyb3d8bbwe) | Package name: Microsoft.People + + --- + | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | + | --- | --- | --- | --- | --- | --- |--- | + | ❌ | ✔️ | ✔️| ✔️ | ✔️| ✔️| ✔️| + --- + +- [Print 3D](ms-windows-store://pdp/?PFN=Microsoft.Print3D_8wekyb3d8bbwe) | Package name: Microsoft.Print3D + + --- + | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | + | --- | --- | --- | --- | --- | --- |--- | + | ❌ | ✔️ | ✔️| | ✔️| ✔️| ✔️| + --- + +- [Snip & Sketch](ms-windows-store://pdp/?PFN=Microsoft.ScreenSketch_8wekyb3d8bbwe) | Package name: Microsoft.ScreenSketch + + --- + | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | + | --- | --- | --- | --- | --- | --- |--- | + | ❌ | ✔️ | ✔️| ✔️ | ✔️| ✔️| ✔️| + --- + +- [Skype](ms-windows-store://pdp/?PFN=Microsoft.SkypeApp_kzf8qxf38zg5c) | Package name: Microsoft.SkypeApp + + --- + | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | + | --- | --- | --- | --- | --- | --- |--- | + | ❌ | ✔️ | ✔️| ✔️ | ✔️| ✔️| ✔️| + --- + +- [Store Purchase App](ms-windows-store://pdp/?PFN=Microsoft.StorePurchaseApp_8wekyb3d8bbwe) | Package name: Microsoft.StorePurchaseApp + + --- + | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | + | --- | --- | --- | --- | --- | --- |--- | + | ❌ | ✔️ | ✔️| ✔️ | ✔️| ✔️| ✔️| + --- + +- Microsoft.VP9VideoExtensions + + --- + | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | + | --- | --- | --- | --- | --- | --- |--- | + | ❌ | ✔️ | ✔️| ✔️ | ✔️| ✔️| ✔️| + --- + +- [Microsoft Pay](ms-windows-store://pdp/?PFN=Microsoft.Wallet_8wekyb3d8bbwe) | Package name: Microsoft.Wallet + + --- + | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | + | --- | --- | --- | --- | --- | --- |--- | + | ❌ | ✔️ | ✔️| ✔️ | ✔️| ✔️| ✔️| + --- + +- [Web Media Extensions](ms-windows-store://pdp/?PFN=Microsoft.WebMediaExtensions_8wekyb3d8bbwe) | Package name: Microsoft.WebMediaExtensions + + --- + | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | + | --- | --- | --- | --- | --- | --- |--- | + | ❌ | ✔️ | ✔️| ✔️ | ✔️| ✔️| ✔️| + --- + +- [Webp Image Extension](ms-windows-store://pdp/?PFN=Microsoft.WebpImageExtension_8wekyb3d8bbwe) | Package name: Microsoft.WebpImageExtension + + --- + | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | + | --- | --- | --- | --- | --- | --- |--- | + | ❌ | ✔️ | ✔️| ✔️ | ✔️| ✔️| ✔️| + --- + +- [Microsoft Photos](ms-windows-store://pdp/?PFN=Microsoft.Windows.Photos_8wekyb3d8bbwe) | Package name: Microsoft.Windows.Photos + + --- + | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | + | --- | --- | --- | --- | --- | --- |--- | + | ❌ | ✔️ | ✔️| ✔️ | ✔️| ✔️| ✔️| + --- + +- [Windows Alarms & Clock](ms-windows-store://pdp/?PFN=Microsoft.WindowsAlarms_8wekyb3d8bbwe) | Package name: Microsoft.WindowsAlarms + + --- + | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | + | --- | --- | --- | --- | --- | --- |--- | + | ❌ | ✔️ | ✔️| ✔️ | ✔️| ✔️| ✔️| + --- + +- [Windows Calculator](ms-windows-store://pdp/?PFN=Microsoft.WindowsCalculator_8wekyb3d8bbwe) | Package name: Microsoft.WindowsCalculator + + --- + | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | + | --- | --- | --- | --- | --- | --- |--- | + | ❌ | ✔️ | ✔️| ✔️ | ✔️| ✔️| ✔️| + --- + +- [Windows Camera](ms-windows-store://pdp/?PFN=Microsoft.WindowsCamera_8wekyb3d8bbwe) | Package name: Microsoft.WindowsCamera + + --- + | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | + | --- | --- | --- | --- | --- | --- |--- | + | ❌ | ✔️ | ✔️| ✔️ | ✔️| ✔️| ✔️| + --- + +- [Mail and Calendar](ms-windows-store://pdp/?PFN=microsoft.windowscommunicationsapps_8wekyb3d8bbwe) | Package name: microsoft.windowscommunicationsapps + + --- + | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | + | --- | --- | --- | --- | --- | --- |--- | + | ❌ | ✔️ | ✔️| ✔️ | ✔️| ✔️| ✔️| + --- + +- [Feedback Hub](ms-windows-store://pdp/?PFN=Microsoft.WindowsFeedbackHub_8wekyb3d8bbwe) | Package name: Microsoft.WindowsFeedbackHub + + --- + | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | + | --- | --- | --- | --- | --- | --- |--- | + | ❌ | ✔️ | ✔️| ✔️ | ✔️| ✔️| ✔️| + --- + +- [Windows Maps](ms-windows-store://pdp/?PFN=Microsoft.WindowsMaps_8wekyb3d8bbwe) | Package name: Microsoft.WindowsMaps + + --- + | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | + | --- | --- | --- | --- | --- | --- |--- | + | ❌ | ✔️ | ✔️| ✔️ | ✔️| ✔️| ✔️| + --- + +- | [Windows Voice Recorder](ms-windows-store://pdp/?PFN=Microsoft.WindowsSoundRecorder_8wekyb3d8bbwe) | Package name: Microsoft.WindowsSoundRecorder + + --- + | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | + | --- | --- | --- | --- | --- | --- |--- | + | ❌ | ✔️ | ✔️| ✔️ | ✔️| ✔️| ✔️| + --- + +- [Microsoft Store](ms-windows-store://pdp/?PFN=Microsoft.WindowsStore_8wekyb3d8bbwe) | Package name: Microsoft.WindowsStore + + --- + | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | + | --- | --- | --- | --- | --- | --- |--- | + | ❌ | ✔️ | ✔️| ✔️ | ✔️| ✔️| ✔️| + --- + +- [Xbox Live in-game experience](ms-windows-store://pdp/?PFN=Microsoft.Xbox.TCUI_8wekyb3d8bbwe) | Package name: Microsoft.Xbox.TCUI + + --- + | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | + | --- | --- | --- | --- | --- | --- |--- | + | ❌ | ✔️ | ✔️| ✔️ | ✔️| ✔️| ✔️| + --- + +- [Xbox Console Companion](ms-windows-store://pdp/?PFN=Microsoft.XboxApp_8wekyb3d8bbwe) | Package name: Microsoft.XboxApp + + --- + | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | + | --- | --- | --- | --- | --- | --- |--- | + | ❌ | ✔️ | ✔️| ✔️ | ✔️| ✔️| ✔️| + --- + +- [Xbox Game Bar Plugin](ms-windows-store://pdp/?PFN=Microsoft.XboxGameOverlay_8wekyb3d8bbwe) | Package name: Microsoft.XboxGameOverlay + + --- + | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | + | --- | --- | --- | --- | --- | --- |--- | + | ❌ | ✔️ | ✔️| ✔️ | ✔️| ✔️| ✔️| + --- + +- [Xbox Identity Provider](ms-windows-store://pdp/?PFN=Microsoft.XboxIdentityProvider_8wekyb3d8bbwe) | Package name: Microsoft.XboxIdentityProvider + + --- + | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | + | --- | --- | --- | --- | --- | --- |--- | + | ❌ | ✔️ | ✔️| ✔️ | ✔️| ✔️| ✔️| + --- + +- Microsoft.XboxSpeechToTextOverlay + + --- + | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | + | --- | --- | --- | --- | --- | --- |--- | + | ❌ | ✔️ | ✔️| ✔️ | ✔️| ✔️| ✔️| + --- + +- [Your Phone](ms-windows-store://pdp/?PFN=Microsoft.YourPhone_8wekyb3d8bbwe) | Package name: Microsoft.YourPhone + + --- + | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | + | --- | --- | --- | --- | --- | --- |--- | + | ❌ | ✔️ | ✔️| ✔️ | ✔️| ✔️| ✔️| + --- + +- [Groove Music](ms-windows-store://pdp/?PFN=Microsoft.ZuneMusic_8wekyb3d8bbwe) | Package name: Microsoft.ZuneMusic + + --- + | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | + | --- | --- | --- | --- | --- | --- |--- | + | ❌ | ✔️ | ✔️| ✔️ | ✔️| ✔️| ✔️| + --- + +- [Movies & TV](ms-windows-store://pdp/?PFN=Microsoft.ZuneVideo_8wekyb3d8bbwe) | Package name: Microsoft.ZuneVideo + + --- + | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | + | --- | --- | --- | --- | --- | --- |--- | + | ❌ | ✔️ | ✔️| ✔️ | ✔️| ✔️| ✔️| + --- + +> [!NOTE] +> The Store app can't be removed. If you remove the Store app, and want to reinstall it, you can restore your system from a backup, or reset your system. Instead of removing the Store app, use group policies to hide or disable it. ## System apps -System apps are integral to the operating system. Here are the typical system apps in Windows 10 versions 1709, 1803, and 1809. - -You can list all system apps with this PowerShell command: +System apps are used by the operating system. To get a list of all the system apps, run the following Windows PowerShell command: ```Powershell Get-AppxPackage -PackageTypeFilter Main | ? { $_.SignatureKind -eq "System" } | Sort Name | Format-Table Name, InstallLocation ``` -
-| Name | Package Name | 1709 | 1803 | 1809 |Uninstall through UI? | -|----------------------------------|---------------------------------------------|:-----:|:----:|:----:|-----------------------| -| File Picker | 1527c705-839a-4832-9118-54d4Bd6a0c89 | | x | x | No | -| File Explorer | c5e2524a-ea46-4f67-841f-6a9465d9d515 | | x | x | No | -| App Resolver UX | E2A4F912-2574-4A75-9BB0-0D023378592B | | x | x | No | -| Add Suggested Folders To Library | F46D4000-FD22-4DB4-AC8E-4E1DDDE828FE | | x | x | No | -| | InputApp | x | x | x | No | -| Microsoft.AAD.Broker.Plugin | Microsoft.AAD.Broker.Plugin | x | x | x | No | -| Microsoft.AccountsControl | Microsoft.AccountsControl | x | x | x | No | -| Microsoft.AsyncTextService | Microsoft.AsyncTextService | | x | x | No | -| Hello setup UI | Microsoft.BioEnrollment | x | x | x | No | -| | Microsoft.CredDialogHost | x | x | x | No | -| | Microsoft.ECApp | x | x | x | No | -| | Microsoft.LockApp | x | x | x | No | -| Microsoft Edge | Microsoft.MicrosoftEdge | x | x | x | No | -| | Microsoft.MicrosoftEdgeDevToolsClient | | x | x | No | -| | Microsoft.PPIProjection | x | x | x | No | -| | Microsoft.Win32WebViewHost | | x | x | No | -| | Microsoft.Windows.Apprep.ChxApp | x | x | x | No | -| | Microsoft.Windows.AssignedAccessLockApp | x | x | x | No | -| | Microsoft.Windows.CapturePicker | | x | x | No | -| | Microsoft.Windows.CloudExperienceHost | x | x | x | No | -| | Microsoft.Windows.ContentDeliveryManager | x | x | x | No | -| Cortana | Microsoft.Windows.Cortana | x | x | x | No | -| | Microsoft.Windows.Holographic.FirstRun | x | x | | No | -| | Microsoft.Windows.OOBENetworkCaptivePort | x | x | x | No | -| | Microsoft.Windows.OOBENetworkConnectionFlow | x | x | x | No | -| | Microsoft.Windows.ParentalControls | x | x | x | No | -| People Hub | Microsoft.Windows.PeopleExperienceHost | x | x | x | No | -| | Microsoft.Windows.PinningConfirmationDialog | x | x | x | No | -| | Microsoft.Windows.SecHealthUI | x | x | x | No | -| | Microsoft.Windows.SecondaryTileExperience | x | | | No | -| | Microsoft.Windows.SecureAssessmentBrowser | x | x | x | No | -| Start | Microsoft.Windows.ShellExperienceHost | x | x | x | No | -| Windows Feedback | Microsoft.WindowsFeedback | * | | | No | -| | Microsoft.XboxGameCallableUI | x | x | x | No | -| | Windows.CBSPreview | | x | x | No | -| Contact Support* | Windows.ContactSupport | * | | | Via Settings App | -| Settings | Windows.immersivecontrolpanel | x | x | x | No | -| Print 3D | Windows.Print3D | | x | x | Yes | -| Print UI | Windows.PrintDialog | x | x | x | No | +The following information lists the system apps on some Windows 10 OS versions: +- File Picker | Package name: 1527c705-839a-4832-9118-54d4Bd6a0c89 -> [!NOTE] -> The Contact Support app changed to Get Help in version 1709. Get Help is a provisioned app (instead of system app like Contact Support). + --- + | Uninstall through UI? | 21H1 | 20H2 | 1809 | + | --- | --- | --- | --- | + | ❌ | ✔️ | ✔️| ✔️ | + --- + +- File Explorer | Package name: c5e2524a-ea46-4f67-841f-6a9465d9d515 + + --- + | Uninstall through UI? | 21H1 | 20H2 | 1809 | + | --- | --- | --- | --- | + | ❌ | ✔️ | ✔️| ✔️ | + --- + +- App Resolver UX | Package name: E2A4F912-2574-4A75-9BB0-0D023378592B + + --- + | Uninstall through UI? | 21H1 | 20H2 | 1809 | + | --- | --- | --- | --- | + | ❌ | ✔️ | ✔️| ✔️ | + --- + +- Add Suggested Folders To Library | Package name: F46D4000-FD22-4DB4-AC8E-4E1DDDE828FE + + --- + | Uninstall through UI? | 21H1 | 20H2 | 1809 | + | --- | --- | --- | --- | + | ❌ | ✔️ | ✔️| ✔️ | + --- + +- InputApp + + --- + | Uninstall through UI? | 21H1 | 20H2 | 1809 | + | --- | --- | --- | --- | + | ❌ | | | ✔️ | + --- + +- Microsoft.AAD.Broker.Plugin | Package name: Microsoft.AAD.Broker.Plugin + + --- + | Uninstall through UI? | 21H1 | 20H2 | 1809 | + | --- | --- | --- | --- | + | ❌ | ✔️ | ✔️| ✔️ | + --- + +- Microsoft.AccountsControl | Package name: Microsoft.AccountsControl + + --- + | Uninstall through UI? | 21H1 | 20H2 | 1809 | + | --- | --- | --- | --- | + | ❌ | ✔️ | ✔️| ✔️ | + --- + +- Microsoft.AsyncTextService | Package name: Microsoft.AsyncTextService + + --- + | Uninstall through UI? | 21H1 | 20H2 | 1809 | + | --- | --- | --- | --- | + | ❌ | ✔️ | ✔️| ✔️ | + --- + +- Hello setup UI | Microsoft.BioEnrollment + + --- + | Uninstall through UI? | 21H1 | 20H2 | 1809 | + | --- | --- | --- | --- | + | ❌ | ✔️ | ✔️| ✔️ | + --- + +- Microsoft.CredDialogHost + + --- + | Uninstall through UI? | 21H1 | 20H2 | 1809 | + | --- | --- | --- | --- | + | ❌ | ✔️ | ✔️| ✔️ | + --- + +- Microsoft.ECApp + + --- + | Uninstall through UI? | 21H1 | 20H2 | 1809 | + | --- | --- | --- | --- | + | ❌ | ✔️ | ✔️| ✔️ | + --- + +- Microsoft.LockApp + + --- + | Uninstall through UI? | 21H1 | 20H2 | 1809 | + | --- | --- | --- | --- | + | ❌ | ✔️ | ✔️| ✔️ | + --- + +- Microsoft Edge | Microsoft.MicrosoftEdge + + --- + | Uninstall through UI? | 21H1 | 20H2 | 1809 | + | --- | --- | --- | --- | + | ❌ | ✔️ | ✔️| ✔️ | + --- + +- Microsoft.MicrosoftEdgeDevToolsClient + + --- + | Uninstall through UI? | 21H1 | 20H2 | 1809 | + | --- | --- | --- | --- | + | ❌ | ✔️ | ✔️| ✔️ | + --- + +- Microsoft.PPIProjection + + --- + | Uninstall through UI? | 21H1 | 20H2 | 1809 | + | --- | --- | --- | --- | + | ❌ | | | ✔️ | + --- + +- Microsoft.Win32WebViewHost + + --- + | Uninstall through UI? | 21H1 | 20H2 | 1809 | + | --- | --- | --- | --- | + | ❌ | ✔️ | ✔️| ✔️ | + --- + +- Microsoft.Windows.Apprep.ChxApp + + --- + | Uninstall through UI? | 21H1 | 20H2 | 1809 | + | --- | --- | --- | --- | + | ❌ | ✔️ | ✔️| ✔️ | + --- + +- Microsoft.Windows.AssignedAccessLockApp + + --- + | Uninstall through UI? | 21H1 | 20H2 | 1809 | + | --- | --- | --- | --- | + | ❌ | ✔️ | ✔️| ✔️ | + --- + +- Microsoft.Windows.CapturePicker + + --- + | Uninstall through UI? | 21H1 | 20H2 | 1809 | + | --- | --- | --- | --- | + | ❌ | ✔️ | ✔️| ✔️ | + --- + +- Microsoft.Windows.CloudExperienceHost + + --- + | Uninstall through UI? | 21H1 | 20H2 | 1809 | + | --- | --- | --- | --- | + | ❌ | ✔️ | ✔️| ✔️ | + --- + +- Microsoft.Windows.ContentDeliveryManager + + --- + | Uninstall through UI? | 21H1 | 20H2 | 1809 | + | --- | --- | --- | --- | + | ❌ | ✔️ | ✔️| ✔️ | + --- + +- Cortana | Package name: Microsoft.Windows.Cortana + + --- + | Uninstall through UI? | 21H1 | 20H2 | 1809 | + | --- | --- | --- | --- | + | ❌ | | | ✔️ | + --- + +- Microsoft.Windows.OOBENetworkCaptivePort + + --- + | Uninstall through UI? | 21H1 | 20H2 | 1809 | + | --- | --- | --- | --- | + | ❌ | ✔️ | ✔️| ✔️ | + --- + +- Microsoft.Windows.OOBENetworkConnectionFlow + + --- + | Uninstall through UI? | 21H1 | 20H2 | 1809 | + | --- | --- | --- | --- | + | ❌ | ✔️ | ✔️| ✔️ | + --- + +- Microsoft.Windows.ParentalControls + + --- + | Uninstall through UI? | 21H1 | 20H2 | 1809 | + | --- | --- | --- | --- | + | ❌ | ✔️ | ✔️| ✔️ | + --- + +- People Hub | Package name: Microsoft.Windows.PeopleExperienceHost + + --- + | Uninstall through UI? | 21H1 | 20H2 | 1809 | + | --- | --- | --- | --- | + | ❌ | ✔️ | ✔️| ✔️ | + --- + +- Microsoft.Windows.PinningConfirmationDialog + + --- + | Uninstall through UI? | 21H1 | 20H2 | 1809 | + | --- | --- | --- | --- | + | ❌ | ✔️ | ✔️| ✔️ | + --- + +- Microsoft.Windows.SecHealthUI + + --- + | Uninstall through UI? | 21H1 | 20H2 | 1809 | + | --- | --- | --- | --- | + | ❌ | ✔️ | ✔️| ✔️ | + --- + +- Microsoft.Windows.SecureAssessmentBrowser + + --- + | Uninstall through UI? | 21H1 | 20H2 | 1809 | + | --- | --- | --- | --- | + | ❌ | ✔️ | ✔️| ✔️ | + --- + +- Start | Package name: Microsoft.Windows.ShellExperienceHost + + --- + | Uninstall through UI? | 21H1 | 20H2 | 1809 | + | --- | --- | --- | --- | + | ❌ | ✔️ | ✔️| ✔️ | + --- + +- Microsoft.XboxGameCallableUI + + --- + | Uninstall through UI? | 21H1 | 20H2 | 1809 | + | --- | --- | --- | --- | + | ❌ | ✔️ | ✔️| ✔️ | + --- + +- Windows.CBSPreview + + --- + | Uninstall through UI? | 21H1 | 20H2 | 1809 | + | --- | --- | --- | --- | + | ❌ | ✔️ | ✔️| ✔️ | + --- + +- Settings | Package name: Windows.immersivecontrolpanel + + --- + | Uninstall through UI? | 21H1 | 20H2 | 1809 | + | --- | --- | --- | --- | + | ❌ | ✔️ | ✔️| ✔️ | + --- + +- Print 3D | Package name: Windows.Print3D + + --- + | Uninstall through UI? | 21H1 | 20H2 | 1809 | + | --- | --- | --- | --- | + | ✔️ | | | ✔️ | + --- + +- Print UI | Package name: Windows.PrintDialog + + --- + | Uninstall through UI? | 21H1 | 20H2 | 1809 | + | --- | --- | --- | --- | + | ❌ | ✔️ | ✔️| ✔️ | + --- ## Installed Windows apps Here are the typical installed Windows apps in Windows 10 versions 1709, 1803, and 1809. -
- | Name | Full name | 1709 | 1803 | 1809 | Uninstall through UI? | |-----------------------|------------------------------------------|:----:|:----:|:----:|:---------------------:| | Remote Desktop | Microsoft.RemoteDesktop | x | | x | Yes | diff --git a/windows/application-management/sideload-apps-in-windows-10.md b/windows/application-management/sideload-apps-in-windows-10.md index fe07daba50..0aa858c888 100644 --- a/windows/application-management/sideload-apps-in-windows-10.md +++ b/windows/application-management/sideload-apps-in-windows-10.md @@ -14,10 +14,10 @@ ms.date: 05/20/2019 --- # Sideload LOB apps in Windows 10 + **Applies to** - Windows 10 -- Windows 10 Mobile > [!NOTE] > As of Windows Insider Build 18956, sideloading is enabled by default. Now, you can deploy a signed package onto a device without a special configuration. diff --git a/windows/application-management/toc.yml b/windows/application-management/toc.yml index 282bdafc46..5b921380b9 100644 --- a/windows/application-management/toc.yml +++ b/windows/application-management/toc.yml @@ -3,16 +3,16 @@ items: href: index.yml - name: Application management items: + - name: Apps in Windows 10 + href: apps-in-windows-10.md + - name: Add apps and features in Windows 10 + href: add-apps-and-features.md - name: Sideload apps href: sideload-apps-in-windows-10.md - name: Remove background task resource restrictions href: enterprise-background-activity-controls.md - name: Enable or block Windows Mixed Reality apps in the enterprise href: manage-windows-mixed-reality.md - - name: Understand apps in Windows 10 - href: apps-in-windows-10.md - - name: Add apps and features in Windows 10 - href: add-apps-and-features.md - name: Repackage win32 apps in the MSIX format href: msix-app-packaging-tool.md - name: Application Virtualization (App-V) From 442596e95561cdb5f7ccac78614a080c4d1b98e6 Mon Sep 17 00:00:00 2001 From: MandiOhlinger Date: Wed, 11 Aug 2021 20:57:47 -0400 Subject: [PATCH 32/48] testing lines to fix H2 formatting --- windows/application-management/apps-in-windows-10.md | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/windows/application-management/apps-in-windows-10.md b/windows/application-management/apps-in-windows-10.md index 5a145fb951..a59f15a40a 100644 --- a/windows/application-management/apps-in-windows-10.md +++ b/windows/application-management/apps-in-windows-10.md @@ -50,6 +50,7 @@ The following information lists the provisioned apps on the supported Windows 10 | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | | --- | --- | --- | --- | --- | --- |--- | | ✔️ | ✔️ | | | | | | + --- - [Bing Weather](ms-windows-store://pdp/?PFN=Microsoft.BingWeather_8wekyb3d8bbwe) | Package name: Microsoft.BingWeather @@ -58,6 +59,7 @@ The following information lists the provisioned apps on the supported Windows 10 | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | | --- | --- | --- | --- | --- | --- |--- | | ✔️ | ✔️ | ✔️|✔️ | ✔️| ✔️| ✔️| + --- - [Desktop App Installer](ms-windows-store://pdp/?PFN=Microsoft.DesktopAppInstaller_8wekyb3d8bbwe) | Package name: Microsoft.DesktopAppInstaller @@ -66,6 +68,7 @@ The following information lists the provisioned apps on the supported Windows 10 | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | | --- | --- | --- | --- | --- | --- |--- | | Use Settings App | ✔️ | ✔️|✔️ | ✔️| ✔️| ✔️| + --- - [Get Help](ms-windows-store://pdp/?PFN=Microsoft.Gethelp_8wekyb3d8bbwe) | Package name: Microsoft.GetHelp @@ -74,6 +77,7 @@ The following information lists the provisioned apps on the supported Windows 10 | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | | --- | --- | --- | --- | --- | --- |--- | | ❌ | ✔️ | ✔️|✔️ | ✔️| ✔️| ✔️| + --- - [Microsoft Tips](ms-windows-store://pdp/?PFN=Microsoft.Getstarted_8wekyb3d8bbwe) | Package name: Microsoft.Getstarted @@ -82,6 +86,7 @@ The following information lists the provisioned apps on the supported Windows 10 | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | | --- | --- | --- | --- | --- | --- |--- | | ❌ | ✔️ | ✔️|✔️ | ✔️| ✔️| ✔️| + --- - [HEIF Image Extensions](ms-windows-store://pdp/?PFN=Microsoft.HEIFImageExtension_8wekyb3d8bbwe) | Package name: Microsoft.HEIFImageExtension From 1e6c8e6acc86bc188ec8e1e85a6011b2900618ad Mon Sep 17 00:00:00 2001 From: MandiOhlinger Date: Wed, 11 Aug 2021 21:28:06 -0400 Subject: [PATCH 33/48] fixed spacing --- .../apps-in-windows-10.md | 575 ++++++++++-------- 1 file changed, 327 insertions(+), 248 deletions(-) diff --git a/windows/application-management/apps-in-windows-10.md b/windows/application-management/apps-in-windows-10.md index a59f15a40a..e383415ffd 100644 --- a/windows/application-management/apps-in-windows-10.md +++ b/windows/application-management/apps-in-windows-10.md @@ -45,6 +45,7 @@ Get-AppxProvisionedPackage -Online | Format-Table DisplayName, PackageName The following information lists the provisioned apps on the supported Windows 10 OS versions: - [3D Builder](ms-windows-store://pdp/?PFN=Microsoft.3DBuilder_8wekyb3d8bbwe) | Package name: Microsoft.3DBuilder + - Supported versions: --- | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | @@ -54,339 +55,416 @@ The following information lists the provisioned apps on the supported Windows 10 --- - [Bing Weather](ms-windows-store://pdp/?PFN=Microsoft.BingWeather_8wekyb3d8bbwe) | Package name: Microsoft.BingWeather + - Supported versions: - --- - | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | - | --- | --- | --- | --- | --- | --- |--- | - | ✔️ | ✔️ | ✔️|✔️ | ✔️| ✔️| ✔️| + --- + | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | + | --- | --- | --- | --- | --- | --- |--- | + | ✔️ | ✔️ | ✔️|✔️ | ✔️| ✔️| ✔️| - --- + --- - [Desktop App Installer](ms-windows-store://pdp/?PFN=Microsoft.DesktopAppInstaller_8wekyb3d8bbwe) | Package name: Microsoft.DesktopAppInstaller + - Supported versions: - --- - | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | - | --- | --- | --- | --- | --- | --- |--- | - | Use Settings App | ✔️ | ✔️|✔️ | ✔️| ✔️| ✔️| + --- + | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | + | --- | --- | --- | --- | --- | --- |--- | + | Use Settings App | ✔️ | ✔️|✔️ | ✔️| ✔️| ✔️| - --- + --- - [Get Help](ms-windows-store://pdp/?PFN=Microsoft.Gethelp_8wekyb3d8bbwe) | Package name: Microsoft.GetHelp + - Supported versions: - --- - | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | - | --- | --- | --- | --- | --- | --- |--- | - | ❌ | ✔️ | ✔️|✔️ | ✔️| ✔️| ✔️| + --- + | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | + | --- | --- | --- | --- | --- | --- |--- | + | ❌ | ✔️ | ✔️|✔️ | ✔️| ✔️| ✔️| - --- + --- - [Microsoft Tips](ms-windows-store://pdp/?PFN=Microsoft.Getstarted_8wekyb3d8bbwe) | Package name: Microsoft.Getstarted + - Supported versions: - --- - | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | - | --- | --- | --- | --- | --- | --- |--- | - | ❌ | ✔️ | ✔️|✔️ | ✔️| ✔️| ✔️| + --- + | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | + | --- | --- | --- | --- | --- | --- |--- | + | ❌ | ✔️ | ✔️|✔️ | ✔️| ✔️| ✔️| - --- + --- - [HEIF Image Extensions](ms-windows-store://pdp/?PFN=Microsoft.HEIFImageExtension_8wekyb3d8bbwe) | Package name: Microsoft.HEIFImageExtension + - Supported versions: - --- - | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | - | --- | --- | --- | --- | --- | --- |--- | - | ❌ | ✔️ | ✔️|✔️ | ✔️| ✔️| ✔️| - --- + --- + | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | + | --- | --- | --- | --- | --- | --- |--- | + | ❌ | ✔️ | ✔️|✔️ | ✔️| ✔️| ✔️| + + --- - [Microsoft Messaging](ms-windows-store://pdp/?PFN=Microsoft.Messaging_8wekyb3d8bbwe) | Package name:Microsoft.Messaging + - Supported versions: - --- - | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | - | --- | --- | --- | --- | --- | --- |--- | - | ❌ | ✔️ | ✔️| | ✔️| ✔️| ✔️| - --- + --- + | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | + | --- | --- | --- | --- | --- | --- |--- | + | ❌ | ✔️ | ✔️| | ✔️| ✔️| ✔️| + + --- - [Microsoft 3D Viewer](ms-windows-store://pdp/?PFN=Microsoft.Microsoft3DViewer_8wekyb3d8bbwe) | Package name: Microsoft.Microsoft3DViewer + - Supported versions: - --- - | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | - | --- | --- | --- | --- | --- | --- |--- | - | ❌ | ✔️ | ✔️| ✔️ | ✔️| ✔️| ✔️| - --- + --- + | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | + | --- | --- | --- | --- | --- | --- |--- | + | ❌ | ✔️ | ✔️| ✔️ | ✔️| ✔️| ✔️| + + --- - [Office](ms-windows-store://pdp/?PFN=Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe) | Package name: Microsoft.MicrosoftOfficeHub + - Supported versions: - --- - | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | - | --- | --- | --- | --- | --- | --- |--- | - | ✔️ | ✔️ | ✔️| ✔️ | ✔️| ✔️| ✔️| - --- + --- + | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | + | --- | --- | --- | --- | --- | --- |--- | + | ✔️ | ✔️ | ✔️| ✔️ | ✔️| ✔️| ✔️| + + --- - [Microsoft Solitaire Collection](ms-windows-store://pdp/?PFN=Microsoft.MicrosoftSolitaireCollection_8wekyb3d8bbwe) | Package name: Microsoft.MicrosoftSolitaireCollection + - Supported versions: - --- - | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | - | --- | --- | --- | --- | --- | --- |--- | - | ✔️ | ✔️ | ✔️| ✔️ | ✔️| ✔️| ✔️| - --- + --- + | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | + | --- | --- | --- | --- | --- | --- |--- | + | ✔️ | ✔️ | ✔️| ✔️ | ✔️| ✔️| ✔️| + + --- - [Microsoft Sticky Notes](ms-windows-store://pdp/?PFN=Microsoft.MicrosoftStickyNotes_8wekyb3d8bbwe) | Package name: Microsoft.MicrosoftStickyNotes + - Supported versions: - --- - | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | - | --- | --- | --- | --- | --- | --- |--- | - | ❌ | ✔️ | ✔️| ✔️ | ✔️| ✔️| ✔️| - --- + --- + | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | + | --- | --- | --- | --- | --- | --- |--- | + | ❌ | ✔️ | ✔️| ✔️ | ✔️| ✔️| ✔️| + + --- - [Mixed Reality Portal](ms-windows-store://pdp/?PFN=Microsoft.MixedReality.Portal_8wekyb3d8bbwe) | Package name: Microsoft.MixedReality.Portal + - Supported versions: - --- - | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | - | --- | --- | --- | --- | --- | --- |--- | - | ❌ | ✔️ | ✔️| ✔️ | ✔️| ✔️| ✔️| - --- + --- + | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | + | --- | --- | --- | --- | --- | --- |--- | + | ❌ | ✔️ | ✔️| ✔️ | ✔️| ✔️| ✔️| + + --- - [Paint 3D](ms-windows-store://pdp/?PFN=Microsoft.MSPaint_8wekyb3d8bbwe) | Package name: Microsoft.MSPaint + - Supported versions: - --- - | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | - | --- | --- | --- | --- | --- | --- |--- | - | ❌ | ✔️ | ✔️| ✔️ | ✔️| ✔️| ✔️| - --- + --- + | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | + | --- | --- | --- | --- | --- | --- |--- | + | ❌ | ✔️ | ✔️| ✔️ | ✔️| ✔️| ✔️| + + --- - [OneNote for Windows 10](ms-windows-store://pdp/?PFN=Microsoft.Office.OneNote_8wekyb3d8bbwe) | Package name: Microsoft.Office.OneNote + - Supported versions: - --- - | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | - | --- | --- | --- | --- | --- | --- |--- | - | ✔️ | ✔️ | ✔️| ✔️ | ✔️| ✔️| ✔️| - --- + --- + | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | + | --- | --- | --- | --- | --- | --- |--- | + | ✔️ | ✔️ | ✔️| ✔️ | ✔️| ✔️| ✔️| + + --- - [Mobile Plans](ms-windows-store://pdp/?PFN=Microsoft.OneConnect_8wekyb3d8bbwe) | Package name: Microsoft.OneConnect + - Supported versions: - --- - | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | - | --- | --- | --- | --- | --- | --- |--- | - | ❌ | ✔️ | ✔️| | ✔️| ✔️| ✔️| - --- + --- + | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | + | --- | --- | --- | --- | --- | --- |--- | + | ❌ | ✔️ | ✔️| | ✔️| ✔️| ✔️| + + --- - Microsoft.Outlook.DesktopIntegrationServices + - Supported versions: - --- - | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | - | --- | --- | --- | --- | --- | --- |--- | - | | ✔️ | ✔️| | ✔️| | | - --- + --- + | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | + | --- | --- | --- | --- | --- | --- |--- | + | | ✔️ | ✔️| | ✔️| | | + + --- - [Microsoft People](ms-windows-store://pdp/?PFN=Microsoft.People_8wekyb3d8bbwe) | Package name: Microsoft.People + - Supported versions: - --- - | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | - | --- | --- | --- | --- | --- | --- |--- | - | ❌ | ✔️ | ✔️| ✔️ | ✔️| ✔️| ✔️| - --- + --- + | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | + | --- | --- | --- | --- | --- | --- |--- | + | ❌ | ✔️ | ✔️| ✔️ | ✔️| ✔️| ✔️| + + --- - [Print 3D](ms-windows-store://pdp/?PFN=Microsoft.Print3D_8wekyb3d8bbwe) | Package name: Microsoft.Print3D + - Supported versions: - --- - | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | - | --- | --- | --- | --- | --- | --- |--- | - | ❌ | ✔️ | ✔️| | ✔️| ✔️| ✔️| - --- + --- + | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | + | --- | --- | --- | --- | --- | --- |--- | + | ❌ | ✔️ | ✔️| | ✔️| ✔️| ✔️| + + --- - [Snip & Sketch](ms-windows-store://pdp/?PFN=Microsoft.ScreenSketch_8wekyb3d8bbwe) | Package name: Microsoft.ScreenSketch + - Supported versions: - --- - | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | - | --- | --- | --- | --- | --- | --- |--- | - | ❌ | ✔️ | ✔️| ✔️ | ✔️| ✔️| ✔️| - --- + --- + | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | + | --- | --- | --- | --- | --- | --- |--- | + | ❌ | ✔️ | ✔️| ✔️ | ✔️| ✔️| ✔️| + + --- - [Skype](ms-windows-store://pdp/?PFN=Microsoft.SkypeApp_kzf8qxf38zg5c) | Package name: Microsoft.SkypeApp + - Supported versions: - --- - | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | - | --- | --- | --- | --- | --- | --- |--- | - | ❌ | ✔️ | ✔️| ✔️ | ✔️| ✔️| ✔️| - --- + --- + | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | + | --- | --- | --- | --- | --- | --- |--- | + | ❌ | ✔️ | ✔️| ✔️ | ✔️| ✔️| ✔️| + + --- - [Store Purchase App](ms-windows-store://pdp/?PFN=Microsoft.StorePurchaseApp_8wekyb3d8bbwe) | Package name: Microsoft.StorePurchaseApp + - Supported versions: - --- - | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | - | --- | --- | --- | --- | --- | --- |--- | - | ❌ | ✔️ | ✔️| ✔️ | ✔️| ✔️| ✔️| - --- + --- + | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | + | --- | --- | --- | --- | --- | --- |--- | + | ❌ | ✔️ | ✔️| ✔️ | ✔️| ✔️| ✔️| + + --- - Microsoft.VP9VideoExtensions + - Supported versions: - --- - | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | - | --- | --- | --- | --- | --- | --- |--- | - | ❌ | ✔️ | ✔️| ✔️ | ✔️| ✔️| ✔️| - --- + --- + | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | + | --- | --- | --- | --- | --- | --- |--- | + | ❌ | ✔️ | ✔️| ✔️ | ✔️| ✔️| ✔️| + + --- - [Microsoft Pay](ms-windows-store://pdp/?PFN=Microsoft.Wallet_8wekyb3d8bbwe) | Package name: Microsoft.Wallet + - Supported versions: - --- - | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | - | --- | --- | --- | --- | --- | --- |--- | - | ❌ | ✔️ | ✔️| ✔️ | ✔️| ✔️| ✔️| - --- + --- + | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | + | --- | --- | --- | --- | --- | --- |--- | + | ❌ | ✔️ | ✔️| ✔️ | ✔️| ✔️| ✔️| + + --- - [Web Media Extensions](ms-windows-store://pdp/?PFN=Microsoft.WebMediaExtensions_8wekyb3d8bbwe) | Package name: Microsoft.WebMediaExtensions + - Supported versions: - --- - | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | - | --- | --- | --- | --- | --- | --- |--- | - | ❌ | ✔️ | ✔️| ✔️ | ✔️| ✔️| ✔️| - --- + --- + | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | + | --- | --- | --- | --- | --- | --- |--- | + | ❌ | ✔️ | ✔️| ✔️ | ✔️| ✔️| ✔️| + + --- - [Webp Image Extension](ms-windows-store://pdp/?PFN=Microsoft.WebpImageExtension_8wekyb3d8bbwe) | Package name: Microsoft.WebpImageExtension + - Supported versions: - --- - | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | - | --- | --- | --- | --- | --- | --- |--- | - | ❌ | ✔️ | ✔️| ✔️ | ✔️| ✔️| ✔️| - --- + --- + | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | + | --- | --- | --- | --- | --- | --- |--- | + | ❌ | ✔️ | ✔️| ✔️ | ✔️| ✔️| ✔️| + + --- - [Microsoft Photos](ms-windows-store://pdp/?PFN=Microsoft.Windows.Photos_8wekyb3d8bbwe) | Package name: Microsoft.Windows.Photos + - Supported versions: - --- - | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | - | --- | --- | --- | --- | --- | --- |--- | - | ❌ | ✔️ | ✔️| ✔️ | ✔️| ✔️| ✔️| - --- + --- + | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | + | --- | --- | --- | --- | --- | --- |--- | + | ❌ | ✔️ | ✔️| ✔️ | ✔️| ✔️| ✔️| + + --- - [Windows Alarms & Clock](ms-windows-store://pdp/?PFN=Microsoft.WindowsAlarms_8wekyb3d8bbwe) | Package name: Microsoft.WindowsAlarms + - Supported versions: - --- - | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | - | --- | --- | --- | --- | --- | --- |--- | - | ❌ | ✔️ | ✔️| ✔️ | ✔️| ✔️| ✔️| - --- + --- + | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | + | --- | --- | --- | --- | --- | --- |--- | + | ❌ | ✔️ | ✔️| ✔️ | ✔️| ✔️| ✔️| + + --- - [Windows Calculator](ms-windows-store://pdp/?PFN=Microsoft.WindowsCalculator_8wekyb3d8bbwe) | Package name: Microsoft.WindowsCalculator + - Supported versions: - --- - | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | - | --- | --- | --- | --- | --- | --- |--- | - | ❌ | ✔️ | ✔️| ✔️ | ✔️| ✔️| ✔️| - --- + --- + | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | + | --- | --- | --- | --- | --- | --- |--- | + | ❌ | ✔️ | ✔️| ✔️ | ✔️| ✔️| ✔️| + + --- - [Windows Camera](ms-windows-store://pdp/?PFN=Microsoft.WindowsCamera_8wekyb3d8bbwe) | Package name: Microsoft.WindowsCamera + - Supported versions: - --- - | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | - | --- | --- | --- | --- | --- | --- |--- | - | ❌ | ✔️ | ✔️| ✔️ | ✔️| ✔️| ✔️| - --- + --- + | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | + | --- | --- | --- | --- | --- | --- |--- | + | ❌ | ✔️ | ✔️| ✔️ | ✔️| ✔️| ✔️| + + --- - [Mail and Calendar](ms-windows-store://pdp/?PFN=microsoft.windowscommunicationsapps_8wekyb3d8bbwe) | Package name: microsoft.windowscommunicationsapps + - Supported versions: - --- - | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | - | --- | --- | --- | --- | --- | --- |--- | - | ❌ | ✔️ | ✔️| ✔️ | ✔️| ✔️| ✔️| - --- + --- + | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | + | --- | --- | --- | --- | --- | --- |--- | + | ❌ | ✔️ | ✔️| ✔️ | ✔️| ✔️| ✔️| + + --- - [Feedback Hub](ms-windows-store://pdp/?PFN=Microsoft.WindowsFeedbackHub_8wekyb3d8bbwe) | Package name: Microsoft.WindowsFeedbackHub + - Supported versions: - --- - | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | - | --- | --- | --- | --- | --- | --- |--- | - | ❌ | ✔️ | ✔️| ✔️ | ✔️| ✔️| ✔️| - --- + --- + | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | + | --- | --- | --- | --- | --- | --- |--- | + | ❌ | ✔️ | ✔️| ✔️ | ✔️| ✔️| ✔️| + + --- - [Windows Maps](ms-windows-store://pdp/?PFN=Microsoft.WindowsMaps_8wekyb3d8bbwe) | Package name: Microsoft.WindowsMaps + - Supported versions: - --- - | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | - | --- | --- | --- | --- | --- | --- |--- | - | ❌ | ✔️ | ✔️| ✔️ | ✔️| ✔️| ✔️| - --- + --- + | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | + | --- | --- | --- | --- | --- | --- |--- | + | ❌ | ✔️ | ✔️| ✔️ | ✔️| ✔️| ✔️| -- | [Windows Voice Recorder](ms-windows-store://pdp/?PFN=Microsoft.WindowsSoundRecorder_8wekyb3d8bbwe) | Package name: Microsoft.WindowsSoundRecorder + --- - --- - | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | - | --- | --- | --- | --- | --- | --- |--- | - | ❌ | ✔️ | ✔️| ✔️ | ✔️| ✔️| ✔️| - --- +- [Windows Voice Recorder](ms-windows-store://pdp/?PFN=Microsoft.WindowsSoundRecorder_8wekyb3d8bbwe) | Package name: Microsoft.WindowsSoundRecorder + - Supported versions: + + --- + | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | + | --- | --- | --- | --- | --- | --- |--- | + | ❌ | ✔️ | ✔️| ✔️ | ✔️| ✔️| ✔️| + + --- - [Microsoft Store](ms-windows-store://pdp/?PFN=Microsoft.WindowsStore_8wekyb3d8bbwe) | Package name: Microsoft.WindowsStore + - Supported versions: - --- - | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | - | --- | --- | --- | --- | --- | --- |--- | - | ❌ | ✔️ | ✔️| ✔️ | ✔️| ✔️| ✔️| - --- + --- + | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | + | --- | --- | --- | --- | --- | --- |--- | + | ❌ | ✔️ | ✔️| ✔️ | ✔️| ✔️| ✔️| + + --- + + - The Store app shouldn't be removed. If you remove the Store app, and want to reinstall it, you can restore your system from a backup, or reset your system. Instead of removing the Store app, use group policies to hide or disable it. - [Xbox Live in-game experience](ms-windows-store://pdp/?PFN=Microsoft.Xbox.TCUI_8wekyb3d8bbwe) | Package name: Microsoft.Xbox.TCUI + - Supported versions: - --- - | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | - | --- | --- | --- | --- | --- | --- |--- | - | ❌ | ✔️ | ✔️| ✔️ | ✔️| ✔️| ✔️| - --- + --- + | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | + | --- | --- | --- | --- | --- | --- |--- | + | ❌ | ✔️ | ✔️| ✔️ | ✔️| ✔️| ✔️| + + --- - [Xbox Console Companion](ms-windows-store://pdp/?PFN=Microsoft.XboxApp_8wekyb3d8bbwe) | Package name: Microsoft.XboxApp + - Supported versions: - --- - | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | - | --- | --- | --- | --- | --- | --- |--- | - | ❌ | ✔️ | ✔️| ✔️ | ✔️| ✔️| ✔️| - --- + --- + | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | + | --- | --- | --- | --- | --- | --- |--- | + | ❌ | ✔️ | ✔️| ✔️ | ✔️| ✔️| ✔️| + + --- - [Xbox Game Bar Plugin](ms-windows-store://pdp/?PFN=Microsoft.XboxGameOverlay_8wekyb3d8bbwe) | Package name: Microsoft.XboxGameOverlay + - Supported versions: - --- - | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | - | --- | --- | --- | --- | --- | --- |--- | - | ❌ | ✔️ | ✔️| ✔️ | ✔️| ✔️| ✔️| - --- + --- + | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | + | --- | --- | --- | --- | --- | --- |--- | + | ❌ | ✔️ | ✔️| ✔️ | ✔️| ✔️| ✔️| + + --- - [Xbox Identity Provider](ms-windows-store://pdp/?PFN=Microsoft.XboxIdentityProvider_8wekyb3d8bbwe) | Package name: Microsoft.XboxIdentityProvider + - Supported versions: - --- - | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | - | --- | --- | --- | --- | --- | --- |--- | - | ❌ | ✔️ | ✔️| ✔️ | ✔️| ✔️| ✔️| - --- + --- + | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | + | --- | --- | --- | --- | --- | --- |--- | + | ❌ | ✔️ | ✔️| ✔️ | ✔️| ✔️| ✔️| + + --- - Microsoft.XboxSpeechToTextOverlay + - Supported versions: - --- - | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | - | --- | --- | --- | --- | --- | --- |--- | - | ❌ | ✔️ | ✔️| ✔️ | ✔️| ✔️| ✔️| - --- + --- + | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | + | --- | --- | --- | --- | --- | --- |--- | + | ❌ | ✔️ | ✔️| ✔️ | ✔️| ✔️| ✔️| + + --- - [Your Phone](ms-windows-store://pdp/?PFN=Microsoft.YourPhone_8wekyb3d8bbwe) | Package name: Microsoft.YourPhone + - Supported versions: - --- - | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | - | --- | --- | --- | --- | --- | --- |--- | - | ❌ | ✔️ | ✔️| ✔️ | ✔️| ✔️| ✔️| - --- + --- + | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | + | --- | --- | --- | --- | --- | --- |--- | + | ❌ | ✔️ | ✔️| ✔️ | ✔️| ✔️| ✔️| + + --- - [Groove Music](ms-windows-store://pdp/?PFN=Microsoft.ZuneMusic_8wekyb3d8bbwe) | Package name: Microsoft.ZuneMusic + - Supported versions: - --- - | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | - | --- | --- | --- | --- | --- | --- |--- | - | ❌ | ✔️ | ✔️| ✔️ | ✔️| ✔️| ✔️| - --- + --- + | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | + | --- | --- | --- | --- | --- | --- |--- | + | ❌ | ✔️ | ✔️| ✔️ | ✔️| ✔️| ✔️| + + --- - [Movies & TV](ms-windows-store://pdp/?PFN=Microsoft.ZuneVideo_8wekyb3d8bbwe) | Package name: Microsoft.ZuneVideo + - Supported versions: - --- - | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | - | --- | --- | --- | --- | --- | --- |--- | - | ❌ | ✔️ | ✔️| ✔️ | ✔️| ✔️| ✔️| - --- + --- + | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | + | --- | --- | --- | --- | --- | --- |--- | + | ❌ | ✔️ | ✔️| ✔️ | ✔️| ✔️| ✔️| -> [!NOTE] -> The Store app can't be removed. If you remove the Store app, and want to reinstall it, you can restore your system from a backup, or reset your system. Instead of removing the Store app, use group policies to hide or disable it. + --- ## System apps @@ -404,6 +482,7 @@ The following information lists the system apps on some Windows 10 OS versions: | Uninstall through UI? | 21H1 | 20H2 | 1809 | | --- | --- | --- | --- | | ❌ | ✔️ | ✔️| ✔️ | + --- - File Explorer | Package name: c5e2524a-ea46-4f67-841f-6a9465d9d515 @@ -412,6 +491,7 @@ The following information lists the system apps on some Windows 10 OS versions: | Uninstall through UI? | 21H1 | 20H2 | 1809 | | --- | --- | --- | --- | | ❌ | ✔️ | ✔️| ✔️ | + --- - App Resolver UX | Package name: E2A4F912-2574-4A75-9BB0-0D023378592B @@ -420,6 +500,7 @@ The following information lists the system apps on some Windows 10 OS versions: | Uninstall through UI? | 21H1 | 20H2 | 1809 | | --- | --- | --- | --- | | ❌ | ✔️ | ✔️| ✔️ | + --- - Add Suggested Folders To Library | Package name: F46D4000-FD22-4DB4-AC8E-4E1DDDE828FE @@ -428,6 +509,7 @@ The following information lists the system apps on some Windows 10 OS versions: | Uninstall through UI? | 21H1 | 20H2 | 1809 | | --- | --- | --- | --- | | ❌ | ✔️ | ✔️| ✔️ | + --- - InputApp @@ -436,6 +518,7 @@ The following information lists the system apps on some Windows 10 OS versions: | Uninstall through UI? | 21H1 | 20H2 | 1809 | | --- | --- | --- | --- | | ❌ | | | ✔️ | + --- - Microsoft.AAD.Broker.Plugin | Package name: Microsoft.AAD.Broker.Plugin @@ -444,6 +527,7 @@ The following information lists the system apps on some Windows 10 OS versions: | Uninstall through UI? | 21H1 | 20H2 | 1809 | | --- | --- | --- | --- | | ❌ | ✔️ | ✔️| ✔️ | + --- - Microsoft.AccountsControl | Package name: Microsoft.AccountsControl @@ -452,6 +536,7 @@ The following information lists the system apps on some Windows 10 OS versions: | Uninstall through UI? | 21H1 | 20H2 | 1809 | | --- | --- | --- | --- | | ❌ | ✔️ | ✔️| ✔️ | + --- - Microsoft.AsyncTextService | Package name: Microsoft.AsyncTextService @@ -460,14 +545,16 @@ The following information lists the system apps on some Windows 10 OS versions: | Uninstall through UI? | 21H1 | 20H2 | 1809 | | --- | --- | --- | --- | | ❌ | ✔️ | ✔️| ✔️ | + --- -- Hello setup UI | Microsoft.BioEnrollment +- Hello setup UI | Package name: Microsoft.BioEnrollment --- | Uninstall through UI? | 21H1 | 20H2 | 1809 | | --- | --- | --- | --- | | ❌ | ✔️ | ✔️| ✔️ | + --- - Microsoft.CredDialogHost @@ -476,6 +563,7 @@ The following information lists the system apps on some Windows 10 OS versions: | Uninstall through UI? | 21H1 | 20H2 | 1809 | | --- | --- | --- | --- | | ❌ | ✔️ | ✔️| ✔️ | + --- - Microsoft.ECApp @@ -484,6 +572,7 @@ The following information lists the system apps on some Windows 10 OS versions: | Uninstall through UI? | 21H1 | 20H2 | 1809 | | --- | --- | --- | --- | | ❌ | ✔️ | ✔️| ✔️ | + --- - Microsoft.LockApp @@ -492,14 +581,16 @@ The following information lists the system apps on some Windows 10 OS versions: | Uninstall through UI? | 21H1 | 20H2 | 1809 | | --- | --- | --- | --- | | ❌ | ✔️ | ✔️| ✔️ | + --- -- Microsoft Edge | Microsoft.MicrosoftEdge +- Microsoft Edge | Package name: Microsoft.MicrosoftEdge --- | Uninstall through UI? | 21H1 | 20H2 | 1809 | | --- | --- | --- | --- | | ❌ | ✔️ | ✔️| ✔️ | + --- - Microsoft.MicrosoftEdgeDevToolsClient @@ -508,6 +599,7 @@ The following information lists the system apps on some Windows 10 OS versions: | Uninstall through UI? | 21H1 | 20H2 | 1809 | | --- | --- | --- | --- | | ❌ | ✔️ | ✔️| ✔️ | + --- - Microsoft.PPIProjection @@ -516,6 +608,7 @@ The following information lists the system apps on some Windows 10 OS versions: | Uninstall through UI? | 21H1 | 20H2 | 1809 | | --- | --- | --- | --- | | ❌ | | | ✔️ | + --- - Microsoft.Win32WebViewHost @@ -524,6 +617,7 @@ The following information lists the system apps on some Windows 10 OS versions: | Uninstall through UI? | 21H1 | 20H2 | 1809 | | --- | --- | --- | --- | | ❌ | ✔️ | ✔️| ✔️ | + --- - Microsoft.Windows.Apprep.ChxApp @@ -532,6 +626,7 @@ The following information lists the system apps on some Windows 10 OS versions: | Uninstall through UI? | 21H1 | 20H2 | 1809 | | --- | --- | --- | --- | | ❌ | ✔️ | ✔️| ✔️ | + --- - Microsoft.Windows.AssignedAccessLockApp @@ -540,6 +635,7 @@ The following information lists the system apps on some Windows 10 OS versions: | Uninstall through UI? | 21H1 | 20H2 | 1809 | | --- | --- | --- | --- | | ❌ | ✔️ | ✔️| ✔️ | + --- - Microsoft.Windows.CapturePicker @@ -548,6 +644,7 @@ The following information lists the system apps on some Windows 10 OS versions: | Uninstall through UI? | 21H1 | 20H2 | 1809 | | --- | --- | --- | --- | | ❌ | ✔️ | ✔️| ✔️ | + --- - Microsoft.Windows.CloudExperienceHost @@ -556,6 +653,7 @@ The following information lists the system apps on some Windows 10 OS versions: | Uninstall through UI? | 21H1 | 20H2 | 1809 | | --- | --- | --- | --- | | ❌ | ✔️ | ✔️| ✔️ | + --- - Microsoft.Windows.ContentDeliveryManager @@ -564,6 +662,7 @@ The following information lists the system apps on some Windows 10 OS versions: | Uninstall through UI? | 21H1 | 20H2 | 1809 | | --- | --- | --- | --- | | ❌ | ✔️ | ✔️| ✔️ | + --- - Cortana | Package name: Microsoft.Windows.Cortana @@ -572,6 +671,7 @@ The following information lists the system apps on some Windows 10 OS versions: | Uninstall through UI? | 21H1 | 20H2 | 1809 | | --- | --- | --- | --- | | ❌ | | | ✔️ | + --- - Microsoft.Windows.OOBENetworkCaptivePort @@ -580,6 +680,7 @@ The following information lists the system apps on some Windows 10 OS versions: | Uninstall through UI? | 21H1 | 20H2 | 1809 | | --- | --- | --- | --- | | ❌ | ✔️ | ✔️| ✔️ | + --- - Microsoft.Windows.OOBENetworkConnectionFlow @@ -588,6 +689,7 @@ The following information lists the system apps on some Windows 10 OS versions: | Uninstall through UI? | 21H1 | 20H2 | 1809 | | --- | --- | --- | --- | | ❌ | ✔️ | ✔️| ✔️ | + --- - Microsoft.Windows.ParentalControls @@ -596,6 +698,7 @@ The following information lists the system apps on some Windows 10 OS versions: | Uninstall through UI? | 21H1 | 20H2 | 1809 | | --- | --- | --- | --- | | ❌ | ✔️ | ✔️| ✔️ | + --- - People Hub | Package name: Microsoft.Windows.PeopleExperienceHost @@ -604,6 +707,7 @@ The following information lists the system apps on some Windows 10 OS versions: | Uninstall through UI? | 21H1 | 20H2 | 1809 | | --- | --- | --- | --- | | ❌ | ✔️ | ✔️| ✔️ | + --- - Microsoft.Windows.PinningConfirmationDialog @@ -612,6 +716,7 @@ The following information lists the system apps on some Windows 10 OS versions: | Uninstall through UI? | 21H1 | 20H2 | 1809 | | --- | --- | --- | --- | | ❌ | ✔️ | ✔️| ✔️ | + --- - Microsoft.Windows.SecHealthUI @@ -620,6 +725,7 @@ The following information lists the system apps on some Windows 10 OS versions: | Uninstall through UI? | 21H1 | 20H2 | 1809 | | --- | --- | --- | --- | | ❌ | ✔️ | ✔️| ✔️ | + --- - Microsoft.Windows.SecureAssessmentBrowser @@ -628,6 +734,7 @@ The following information lists the system apps on some Windows 10 OS versions: | Uninstall through UI? | 21H1 | 20H2 | 1809 | | --- | --- | --- | --- | | ❌ | ✔️ | ✔️| ✔️ | + --- - Start | Package name: Microsoft.Windows.ShellExperienceHost @@ -636,6 +743,7 @@ The following information lists the system apps on some Windows 10 OS versions: | Uninstall through UI? | 21H1 | 20H2 | 1809 | | --- | --- | --- | --- | | ❌ | ✔️ | ✔️| ✔️ | + --- - Microsoft.XboxGameCallableUI @@ -644,71 +752,42 @@ The following information lists the system apps on some Windows 10 OS versions: | Uninstall through UI? | 21H1 | 20H2 | 1809 | | --- | --- | --- | --- | | ❌ | ✔️ | ✔️| ✔️ | + --- - Windows.CBSPreview --- | Uninstall through UI? | 21H1 | 20H2 | 1809 | - | --- | --- | --- | --- | + | --- | --- | --- | --- | | ❌ | ✔️ | ✔️| ✔️ | + --- - Settings | Package name: Windows.immersivecontrolpanel --- | Uninstall through UI? | 21H1 | 20H2 | 1809 | - | --- | --- | --- | --- | + | --- | --- | --- | --- | | ❌ | ✔️ | ✔️| ✔️ | + --- - Print 3D | Package name: Windows.Print3D --- | Uninstall through UI? | 21H1 | 20H2 | 1809 | - | --- | --- | --- | --- | + | --- | --- | --- | --- | | ✔️ | | | ✔️ | + --- - Print UI | Package name: Windows.PrintDialog --- | Uninstall through UI? | 21H1 | 20H2 | 1809 | - | --- | --- | --- | --- | + | --- | --- | --- | --- | | ❌ | ✔️ | ✔️| ✔️ | + --- -## Installed Windows apps - -Here are the typical installed Windows apps in Windows 10 versions 1709, 1803, and 1809. - -| Name | Full name | 1709 | 1803 | 1809 | Uninstall through UI? | -|-----------------------|------------------------------------------|:----:|:----:|:----:|:---------------------:| -| Remote Desktop | Microsoft.RemoteDesktop | x | | x | Yes | -| Code Writer | ActiproSoftwareLLC.562882FEEB491 | x | x | | Yes | -| Eclipse Manager | 46928bounde.EclipseManager | x | x | | Yes | -| Pandora | PandoraMediaInc.29680B314EFC2 | x | x | | Yes | -| Photoshop Express | AdobeSystemIncorporated. AdobePhotoshop | x | x | | Yes | -| Duolingo | D5EA27B7.Duolingo- LearnLanguagesforFree | x | x | | Yes | -| Network Speed Test | Microsoft.NetworkSpeedTest | x | x | x | Yes | -| News | Microsoft.BingNews | x | x | x | Yes | -| Sway | Microsoft.Office.Sway | x | x | x | Yes | -| Microsoft.Advertising | Microsoft.Advertising.Xaml | x | x | x | Yes | -| | Microsoft.NET.Native.Framework.1.2 | x | x | | Yes | -| | Microsoft.NET.Native.Framework.1.3 | x | x | | Yes | -| | Microsoft.NET.Native.Framework.1.6 | x | x | x | Yes | -| | Microsoft.NET.Native.Framework.1.7 | | x | x | Yes | -| | Microsoft.NET.Native.Framework.2.0 | x | x | | Yes | -| | Microsoft.NET.Native.Runtime.1.1 | x | x | | Yes | -| | Microsoft.NET.Native.Runtime.1.3 | x | | | Yes | -| | Microsoft.NET.Native.Runtime.1.4 | x | x | | Yes | -| | Microsoft.NET.Native.Runtime.1.6 | x | x | x | Yes | -| | Microsoft.NET.Native.Runtime.1.7 | x | x | x | Yes | -| | Microsoft.NET.Native.Runtime.2.0 | x | x | | Yes | -| | Microsoft.Services.Store.Engagement | x | x | | Yes | -| | Microsoft.VCLibs.120.00 | x | x | | Yes | -| | Microsoft.VCLibs.140.00 | x | x | x | Yes | -| | Microsoft.VCLibs.120.00.Universal | x | | | Yes | -| | Microsoft.VCLibs.140.00.UWPDesktop | | x | | Yes | - ---- From 9a5ff227e1d78df527904f602af4d8b055c71ebb Mon Sep 17 00:00:00 2001 From: MandiOhlinger Date: Wed, 11 Aug 2021 21:32:31 -0400 Subject: [PATCH 34/48] one last fix --- windows/application-management/apps-in-windows-10.md | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/windows/application-management/apps-in-windows-10.md b/windows/application-management/apps-in-windows-10.md index e383415ffd..cd1741e257 100644 --- a/windows/application-management/apps-in-windows-10.md +++ b/windows/application-management/apps-in-windows-10.md @@ -47,12 +47,12 @@ The following information lists the provisioned apps on the supported Windows 10 - [3D Builder](ms-windows-store://pdp/?PFN=Microsoft.3DBuilder_8wekyb3d8bbwe) | Package name: Microsoft.3DBuilder - Supported versions: - --- - | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | - | --- | --- | --- | --- | --- | --- |--- | - | ✔️ | ✔️ | | | | | | + --- + | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | + | --- | --- | --- | --- | --- | --- |--- | + | ✔️ | ✔️ | | | | | | - --- + --- - [Bing Weather](ms-windows-store://pdp/?PFN=Microsoft.BingWeather_8wekyb3d8bbwe) | Package name: Microsoft.BingWeather - Supported versions: From d53f247d7a358f2869a6371033bd467d67be0ff3 Mon Sep 17 00:00:00 2001 From: MandiOhlinger Date: Wed, 11 Aug 2021 21:49:50 -0400 Subject: [PATCH 35/48] adding missing app --- windows/application-management/apps-in-windows-10.md | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/windows/application-management/apps-in-windows-10.md b/windows/application-management/apps-in-windows-10.md index cd1741e257..bb35b3f5fc 100644 --- a/windows/application-management/apps-in-windows-10.md +++ b/windows/application-management/apps-in-windows-10.md @@ -416,6 +416,16 @@ The following information lists the provisioned apps on the supported Windows 10 --- +- [Xbox Game Bar](ms-windows-store://pdp/?PFN=Microsoft.XboxGamingOverlay_8wekyb3d8bbwe) | Package name: Microsoft.XboxGamingOverlay + - Supported versions: + + --- + | Uninstall through UI? | 21H1 | 20H2 | 2004 | 1909| 1903| 1809 | + | --- | --- | --- | --- | --- | --- |--- | + | ❌ | ✔️ | ✔️| ✔️ | ✔️| ✔️| ✔️| + + --- + - [Xbox Identity Provider](ms-windows-store://pdp/?PFN=Microsoft.XboxIdentityProvider_8wekyb3d8bbwe) | Package name: Microsoft.XboxIdentityProvider - Supported versions: From 295e48f4c5b9363a3730442c7807e7ca8330b591 Mon Sep 17 00:00:00 2001 From: Mandi Ohlinger Date: Thu, 12 Aug 2021 12:05:05 -0400 Subject: [PATCH 36/48] Minor update --- windows/application-management/apps-in-windows-10.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/windows/application-management/apps-in-windows-10.md b/windows/application-management/apps-in-windows-10.md index bb35b3f5fc..3d8a9d9f4d 100644 --- a/windows/application-management/apps-in-windows-10.md +++ b/windows/application-management/apps-in-windows-10.md @@ -1,5 +1,5 @@ --- -title: Windows 10 - Apps +title: Learn about the different app types in Windows 10 | Microsoft Docs ms.reviewer: manager: dansimp description: Use this article to understand the different types of apps that run on Windows 10, such as UWP and Win32 apps. @@ -30,7 +30,7 @@ On your Windows 10 devices, you can run the following app types: - **Universal Windows Platform (UWP) apps**: These apps run and can be installed on many Windows platforms, including tablets, Microsoft HoloLens, Xbox, and more. All UWP apps are Windows apps. But, not all Windows apps are UWP apps. - **Win32 apps**: These apps are traditional Windows applications. -This article lists the system apps, installed Windows apps, and provisioned Windows apps in a standard Windows 10 Enterprise installation. If you use custom images, your specific apps might be different. +This article lists the provisioned Windows apps and system apps installed on a standard Windows 10 Enterprise device. If you use custom images, your specific apps might be different. Some of the apps show up in multiple areas. That's because their status changed between versions. Make sure to check the version column for the version you're currently running. From ef14f044b2942c6e2cf5f6a26c6b0f805ad7d412 Mon Sep 17 00:00:00 2001 From: VARADHARAJAN K <3296790+RAJU2529@users.noreply.github.com> Date: Thu, 12 Aug 2021 22:27:45 +0530 Subject: [PATCH 37/48] updated commands as per user feedback #9892 , so I updated commands --- ...l-policy-to-control-specific-plug-ins-add-ins-and-modules.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/windows-defender-application-control/use-windows-defender-application-control-policy-to-control-specific-plug-ins-add-ins-and-modules.md b/windows/security/threat-protection/windows-defender-application-control/use-windows-defender-application-control-policy-to-control-specific-plug-ins-add-ins-and-modules.md index 5392e5253b..d4d91d5c31 100644 --- a/windows/security/threat-protection/windows-defender-application-control/use-windows-defender-application-control-policy-to-control-specific-plug-ins-add-ins-and-modules.md +++ b/windows/security/threat-protection/windows-defender-application-control/use-windows-defender-application-control-policy-to-control-specific-plug-ins-add-ins-and-modules.md @@ -38,7 +38,7 @@ For example, to create a WDAC policy allowing **addin1.dll** and **addin2.dll** ```powershell $rule = New-CIPolicyRule -DriverFilePath '.\temp\addin1.dll' -Level FileName -AppID '.\ERP1.exe' -$rule += New-CIPolicyRule -DriverFilePath '.\temp\addin1.dll' -Level FileName -AppID '.\ERP1.exe' +$rule += New-CIPolicyRule -DriverFilePath '.\temp\addin2.dll' -Level FileName -AppID '.\ERP2.exe' New-CIPolicy -Rules $rule -FilePath ".\AllowERPAddins.xml" -UserPEs ``` From 9180a1f6a39a84a9a5918d8b2f395f3675392ab4 Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Thu, 12 Aug 2021 11:26:38 -0700 Subject: [PATCH 38/48] Update use-windows-defender-application-control-policy-to-control-specific-plug-ins-add-ins-and-modules.md --- ...l-policy-to-control-specific-plug-ins-add-ins-and-modules.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/windows-defender-application-control/use-windows-defender-application-control-policy-to-control-specific-plug-ins-add-ins-and-modules.md b/windows/security/threat-protection/windows-defender-application-control/use-windows-defender-application-control-policy-to-control-specific-plug-ins-add-ins-and-modules.md index d4d91d5c31..9ffbd067e1 100644 --- a/windows/security/threat-protection/windows-defender-application-control/use-windows-defender-application-control-policy-to-control-specific-plug-ins-add-ins-and-modules.md +++ b/windows/security/threat-protection/windows-defender-application-control/use-windows-defender-application-control-policy-to-control-specific-plug-ins-add-ins-and-modules.md @@ -14,7 +14,7 @@ audience: ITPro ms.collection: M365-security-compliance author: jsuther1974 ms.reviewer: isbrahm -ms.date: 05/03/2018 +ms.date: 08/12/2021 ms.technology: mde --- From a7f7baf4bf8b67ba9a73d9d8879388b71dd5d2ca Mon Sep 17 00:00:00 2001 From: "Carlos Mayol (MSFT)" Date: Fri, 13 Aug 2021 16:32:18 -0400 Subject: [PATCH 39/48] Removing ALLOW_ALL for FileRules These rules are enabling any executable regardless of the signers policies. --- .../microsoft-recommended-driver-block-rules.md | 4 ---- 1 file changed, 4 deletions(-) diff --git a/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-driver-block-rules.md b/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-driver-block-rules.md index d409657e10..82728672e6 100644 --- a/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-driver-block-rules.md +++ b/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-driver-block-rules.md @@ -55,8 +55,6 @@ Microsoft recommends enabling [HVCI](https://docs.microsoft.com/windows/security - - @@ -315,7 +313,6 @@ Microsoft recommends enabling [HVCI](https://docs.microsoft.com/windows/security - @@ -425,7 +422,6 @@ Microsoft recommends enabling [HVCI](https://docs.microsoft.com/windows/security - From 1c8bcd351bf3efb659b3d35ff56560b8e1372cee Mon Sep 17 00:00:00 2001 From: MaratMussabekov <48041687+MaratMussabekov@users.noreply.github.com> Date: Sun, 15 Aug 2021 07:55:30 +0500 Subject: [PATCH 40/48] Update deploy-a-windows-10-image-using-mdt.md --- .../deploy-windows-mdt/deploy-a-windows-10-image-using-mdt.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/deployment/deploy-windows-mdt/deploy-a-windows-10-image-using-mdt.md b/windows/deployment/deploy-windows-mdt/deploy-a-windows-10-image-using-mdt.md index 02c175e81b..39430e41e8 100644 --- a/windows/deployment/deploy-windows-mdt/deploy-a-windows-10-image-using-mdt.md +++ b/windows/deployment/deploy-windows-mdt/deploy-a-windows-10-image-using-mdt.md @@ -316,7 +316,7 @@ On **MDT01**: ### For the HP EliteBook 8560w -For the HP EliteBook 8560w, you use HP SoftPaq Download Manager to get the drivers. The HP SoftPaq Download Manager can be accessed on the [HP Support site](https://go.microsoft.com/fwlink/p/?LinkId=619545). +For the HP EliteBook 8560w, you use HP Image Assistant to get the drivers. The HP Image Assistant can be accessed on the [HP Support site](https://ftp.ext.hp.com/pub/caps-softpaq/cmit/HPIA.html). In these steps, we assume you have downloaded and extracted the drivers for the HP EliteBook 8650w model to the **D:\\Drivers\\Windows 10 x64\\Hewlett-Packard\\HP EliteBook 8560w** folder. From 8f35a79ec111a40f09809f96ebc0d6663957521c Mon Sep 17 00:00:00 2001 From: MaratMussabekov <48041687+MaratMussabekov@users.noreply.github.com> Date: Mon, 16 Aug 2021 00:18:24 +0500 Subject: [PATCH 41/48] Update create-wmi-filters-for-the-gpo.md --- .../windows-firewall/create-wmi-filters-for-the-gpo.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/windows/security/threat-protection/windows-firewall/create-wmi-filters-for-the-gpo.md b/windows/security/threat-protection/windows-firewall/create-wmi-filters-for-the-gpo.md index 9ed555e0c8..e69a6c0c78 100644 --- a/windows/security/threat-protection/windows-firewall/create-wmi-filters-for-the-gpo.md +++ b/windows/security/threat-protection/windows-firewall/create-wmi-filters-for-the-gpo.md @@ -66,7 +66,7 @@ First, create the WMI filter and configure it to look for a specified version (o ... where Version like "6.1%" or Version like "6.2%" ``` - To restrict the query to only clients or only servers, add a clause that includes the ProductType parameter. To filter for client operating systems only, such as Windows 8 or Windows 7, use only ProductType="1". For server operating systems that are not domain controllers, use ProductType="3". For domain controllers only, use ProductType="2". This is a useful distinction, because you often want to prevent your GPOs from being applied to the domain controllers on your network. + To restrict the query to only clients or only servers, add a clause that includes the ProductType parameter. To filter for client operating systems only, such as Windows 8 or Windows 7, use only ProductType="1". For server operating systems that are not domain controllers and for Windows 10 multi-session, use ProductType="3". For domain controllers only, use ProductType="2". This is a useful distinction, because you often want to prevent your GPOs from being applied to the domain controllers on your network. The following clause returns **true** for all devices that are not domain controllers: @@ -109,4 +109,4 @@ After you have created a filter with the correct query, link the filter to the G 3. Under **WMI Filtering**, select the correct WMI filter from the list. -4. Click **Yes** to accept the filter. \ No newline at end of file +4. Click **Yes** to accept the filter. From 3a296d61ee216a413ef6988253c6f50f666a48d1 Mon Sep 17 00:00:00 2001 From: VARADHARAJAN K <3296790+RAJU2529@users.noreply.github.com> Date: Mon, 16 Aug 2021 19:29:45 +0530 Subject: [PATCH 42/48] removed old version , added new version added new version of adobe dc acrobat reader, source #9894 --- .../deploy-windows-mdt/deploy-a-windows-10-image-using-mdt.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/windows/deployment/deploy-windows-mdt/deploy-a-windows-10-image-using-mdt.md b/windows/deployment/deploy-windows-mdt/deploy-a-windows-10-image-using-mdt.md index 02c175e81b..6d3a8ea77d 100644 --- a/windows/deployment/deploy-windows-mdt/deploy-a-windows-10-image-using-mdt.md +++ b/windows/deployment/deploy-windows-mdt/deploy-a-windows-10-image-using-mdt.md @@ -145,8 +145,8 @@ When you configure your MDT Build Lab deployment share, you can also add applica On **MDT01**: -1. Download the Enterprise distribution version of [Adobe Acrobat Reader DC](https://get.adobe.com/reader/enterprise/) (AcroRdrDC1902120058_en_US.exe) to **D:\\setup\\adobe** on MDT01. -2. Extract the .exe file that you downloaded to an .msi (ex: .\AcroRdrDC1902120058_en_US.exe -sfx_o"d:\setup\adobe\install\" -sfx_ne). +1. Download the Enterprise distribution version of [Adobe Acrobat Reader DC](https://get.adobe.com/reader/enterprise/) (AcroRdrDC2100520060_en_US.exe) to **D:\\setup\\adobe** on MDT01. +2. Extract the .exe file that you downloaded to an .msi (ex: .\AcroRdrDC2100520060_en_US.exe -sfx_o"d:\setup\adobe\install\" -sfx_ne). 3. In the Deployment Workbench, expand the **MDT Production** node and navigate to the **Applications** node. 4. Right-click the **Applications** node, and create a new folder named **Adobe**. From cd9d0c1dbff3225b471e9d9e90d1acd03e75c7c2 Mon Sep 17 00:00:00 2001 From: Yuli Khodorkovskiy Date: Mon, 16 Aug 2021 12:40:57 -0400 Subject: [PATCH 43/48] Fix typo in lockout duration doc --- .../security-policy-settings/account-lockout-duration.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/security-policy-settings/account-lockout-duration.md b/windows/security/threat-protection/security-policy-settings/account-lockout-duration.md index 4df87c418a..859332a9a4 100644 --- a/windows/security/threat-protection/security-policy-settings/account-lockout-duration.md +++ b/windows/security/threat-protection/security-policy-settings/account-lockout-duration.md @@ -35,7 +35,7 @@ This policy setting is dependent on the **Account lockout threshold** policy set - A user-defined number of minutes from 0 through 99,999 - Not defined -If [Account lockout threshold](account-lockout-threshold.md) is configured, after the specified number of failed attempts, the account will be locked out. If th **Account lockout duration** is set to 0, the account will remain locked until an administrator unlocks it manually. +If [Account lockout threshold](account-lockout-threshold.md) is configured, after the specified number of failed attempts, the account will be locked out. If the **Account lockout duration** is set to 0, the account will remain locked until an administrator unlocks it manually. It is advisable to set **Account lockout duration** to approximately 15 minutes. To specify that the account will never be locked out, set the **Account lockout threshold** value to 0. From 369b5906eceb71580e0d9251a548cb8849fe4f71 Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Mon, 16 Aug 2021 10:04:36 -0700 Subject: [PATCH 44/48] Update account-lockout-duration.md --- .../security-policy-settings/account-lockout-duration.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/security-policy-settings/account-lockout-duration.md b/windows/security/threat-protection/security-policy-settings/account-lockout-duration.md index 859332a9a4..be2c2f115a 100644 --- a/windows/security/threat-protection/security-policy-settings/account-lockout-duration.md +++ b/windows/security/threat-protection/security-policy-settings/account-lockout-duration.md @@ -14,7 +14,7 @@ manager: dansimp audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual -ms.date: 04/19/2017 +ms.date: 08/16/2021 ms.technology: mde --- From ad18a586a0d80d3fe2ba335b4dc8343f20c9fa33 Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Mon, 16 Aug 2021 10:08:00 -0700 Subject: [PATCH 45/48] Update create-wmi-filters-for-the-gpo.md --- .../create-wmi-filters-for-the-gpo.md | 20 +++++++++---------- 1 file changed, 9 insertions(+), 11 deletions(-) diff --git a/windows/security/threat-protection/windows-firewall/create-wmi-filters-for-the-gpo.md b/windows/security/threat-protection/windows-firewall/create-wmi-filters-for-the-gpo.md index e69a6c0c78..78d50e3732 100644 --- a/windows/security/threat-protection/windows-firewall/create-wmi-filters-for-the-gpo.md +++ b/windows/security/threat-protection/windows-firewall/create-wmi-filters-for-the-gpo.md @@ -14,7 +14,7 @@ manager: dansimp audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual -ms.date: 05/25/2017 +ms.date: 08/16/2021 ms.technology: mde --- @@ -40,17 +40,15 @@ First, create the WMI filter and configure it to look for a specified version (o 1. Open the Group Policy Management console. -2. In the navigation pane, expand **Forest:** *YourForestName*, expand **Domains**, expand *YourDomainName*, and then click **WMI Filters**. +2. In the navigation pane, expand **Forest:** *YourForestName*, expand **Domains**, expand *YourDomainName*, and then select **WMI Filters**. -3. Click **Action**, and then click **New**. +3. Select **Action**, and then select **New**. -4. In the **Name** text box, type the name of the WMI filter. - - >**Note:**  Be sure to use a name that clearly indicates the purpose of the filter. Check to see if your organization has a naming convention. +4. In the **Name** text box, type the name of the WMI filter. Be sure to use a name that clearly indicates the purpose of the filter. Check to see if your organization has a naming convention. 5. In the **Description** text box, type a description for the WMI filter. For example, if the filter excludes domain controllers, you might consider stating that in the description. -6. Click **Add**. +6. Select **Add**. 7. Leave the **Namespace** value set to **root\\CIMv2**. @@ -92,9 +90,9 @@ First, create the WMI filter and configure it to look for a specified version (o select * from Win32_OperatingSystem where Version like "10.%" and ProductType="3" ``` -9. Click **OK** to save the query to the filter. +9. Select **OK** to save the query to the filter. -10. Click **Save** to save your completed filter. +10. Select **Save** to save your completed filter. > [!NOTE] > If you're using multiple queries in the same WMI filter, these queries must all return **TRUE** for the filter requirements to be met and for the GPO to be applied. @@ -105,8 +103,8 @@ After you have created a filter with the correct query, link the filter to the G 1. Open the Group Policy Management console. -2. In the navigation pane, find and then click the GPO that you want to modify. +2. In the navigation pane, find and then select the GPO that you want to modify. 3. Under **WMI Filtering**, select the correct WMI filter from the list. -4. Click **Yes** to accept the filter. +4. Select **Yes** to accept the filter. From 46c9c72781506e6ffee683915f1e626801a17f63 Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Mon, 16 Aug 2021 10:16:53 -0700 Subject: [PATCH 46/48] Update microsoft-recommended-driver-block-rules.md --- .../microsoft-recommended-driver-block-rules.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-driver-block-rules.md b/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-driver-block-rules.md index 82728672e6..60312b011c 100644 --- a/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-driver-block-rules.md +++ b/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-driver-block-rules.md @@ -29,7 +29,7 @@ Microsoft has strict requirements for code running in kernel. Consequently, mali - Hypervisor-protected code integrity (HVCI) enabled devices - Windows 10 in S mode (S mode) devices -Microsoft recommends enabling [HVCI](https://docs.microsoft.com/windows/security/threat-protection/device-guard/enable-virtualization-based-protection-of-code-integrity) or S mode to protect your devices against security threats. If this is not possible, Microsoft recommends blocking the following list of drivers by merging this policy with your existing Windows Defender Application Control policy. Blocking kernel drivers without sufficient testing can result in devices or software to malfunction, and in rare cases, blue screen. It is recommended to first validate this policy in [audit mode](audit-windows-defender-application-control-policies.md) and review the audit block events. +Microsoft recommends enabling [HVCI](/windows/security/threat-protection/device-guard/enable-virtualization-based-protection-of-code-integrity) or S mode to protect your devices against security threats. If this is not possible, Microsoft recommends blocking the following list of drivers by merging this policy with your existing Windows Defender Application Control policy. Blocking kernel drivers without sufficient testing can result in devices or software to malfunction, and in rare cases, blue screen. It is recommended to first validate this policy in [audit mode](audit-windows-defender-application-control-policies.md) and review the audit block events. > [!Note] > This application list will be updated with the latest vendor information as application vulnerabilities are resolved and new issues are discovered. It is recommended that this policy be first validated in audit mode before rolling the rules into enforcement mode. From b5f7a74d60add25029357295fc7510b102654adf Mon Sep 17 00:00:00 2001 From: Diana Hanson Date: Mon, 16 Aug 2021 12:09:08 -0600 Subject: [PATCH 47/48] Raise acro score Sync pr https://github.com/MicrosoftDocs/windows-docs-pr/pull/5516 --- .../microsoft-recommended-driver-block-rules.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-driver-block-rules.md b/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-driver-block-rules.md index 60312b011c..f85b75d3ad 100644 --- a/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-driver-block-rules.md +++ b/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-driver-block-rules.md @@ -24,15 +24,15 @@ ms.date: - Windows 10 - Windows Server 2016 and above -Microsoft has strict requirements for code running in kernel. Consequently, malicious actors are turning to exploit vulnerabilities in legitimate and signed kernel drivers to run malware in kernel. One of the many strengths of the Windows platform is our strong collaboration with independent hardware vendors (IHVs) and OEMs. Microsoft works closely with our IHVs and security community to ensure the highest level of driver security for our customers and when vulnerabilities in drivers do arise, that they are patched and rolled out to the ecosystem in an expedited manner. Microsoft then adds the vulnerable versions of the drivers to our ecosystem block policy which is applied to the following sets of devices: +Microsoft has strict requirements for code running in kernel. Consequently, malicious actors are turning to exploit vulnerabilities in legitimate and signed kernel drivers to run malware in kernel. One of the many strengths of the Windows platform is our strong collaboration with independent hardware vendors (IHVs) and OEMs. Microsoft works closely with our IHVs and security community to ensure the highest level of driver security for our customers and when vulnerabilities in drivers do arise, that they're patched and rolled out to the ecosystem in an expedited manner. Microsoft then adds the vulnerable versions of the drivers to our ecosystem block policy, which is applied to the following sets of devices: - Hypervisor-protected code integrity (HVCI) enabled devices - Windows 10 in S mode (S mode) devices -Microsoft recommends enabling [HVCI](/windows/security/threat-protection/device-guard/enable-virtualization-based-protection-of-code-integrity) or S mode to protect your devices against security threats. If this is not possible, Microsoft recommends blocking the following list of drivers by merging this policy with your existing Windows Defender Application Control policy. Blocking kernel drivers without sufficient testing can result in devices or software to malfunction, and in rare cases, blue screen. It is recommended to first validate this policy in [audit mode](audit-windows-defender-application-control-policies.md) and review the audit block events. +Microsoft recommends enabling [HVCI](/windows/security/threat-protection/device-guard/enable-virtualization-based-protection-of-code-integrity) or S mode to protect your devices against security threats. If this isn't possible, Microsoft recommends blocking the following list of drivers by merging this policy with your existing Windows Defender Application Control policy. Blocking kernel drivers without sufficient testing can result in devices or software to malfunction, and in rare cases, blue screen. It's recommended to first validate this policy in [audit mode](audit-windows-defender-application-control-policies.md) and review the audit block events. > [!Note] -> This application list will be updated with the latest vendor information as application vulnerabilities are resolved and new issues are discovered. It is recommended that this policy be first validated in audit mode before rolling the rules into enforcement mode. +> This application list will be updated with the latest vendor information as application vulnerabilities are resolved and new issues are discovered. It's recommended that this policy be first validated in audit mode before rolling the rules into enforcement mode. ```xml From 9246431b81b6a7781d1ab57f52fc0eae8c0fc961 Mon Sep 17 00:00:00 2001 From: Gary Moore Date: Mon, 16 Aug 2021 15:20:09 -0700 Subject: [PATCH 48/48] Removed a period that followed a question mark --- .../tpm/trusted-platform-module-overview.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/information-protection/tpm/trusted-platform-module-overview.md b/windows/security/information-protection/tpm/trusted-platform-module-overview.md index 248decde2f..5bbb8174ec 100644 --- a/windows/security/information-protection/tpm/trusted-platform-module-overview.md +++ b/windows/security/information-protection/tpm/trusted-platform-module-overview.md @@ -60,7 +60,7 @@ The TPM has several Group Policy settings that might be useful in certain enterp ## New and changed functionality -For more info on new and changed functionality for Trusted Platform Module in Windows 10, see [What's new in Trusted Platform Module?](/windows/whats-new/whats-new-windows-10-version-1507-and-1511#trusted-platform-module). +For more info on new and changed functionality for Trusted Platform Module in Windows 10, see [What's new in Trusted Platform Module?](/windows/whats-new/whats-new-windows-10-version-1507-and-1511#trusted-platform-module) ## Device health attestation