Merge branch 'main' of github.com:MicrosoftDocs/windows-docs-pr into pm-8744759-store

2025-05-12 21:37:22 +00:00 · 2024-03-12 15:47:34 -04:00 · 2024-03-12 15:47:34 -04:00 · 3e1dc1e2fe
commit 3e1dc1e2fe
parent eb0d32226b bd92de1d44
47 changed files with 219 additions and 228 deletions
--- a/windows/deployment/update/wufb-reports-schema-ucclient.md
+++ b/windows/deployment/update/wufb-reports-schema-ucclient.md
@ -11,7 +11,7 @@ manager: aaroncz
 appliesto: 
 - ✅ <a href=https://learn.microsoft.com/windows/release-health/supported-versions-windows-client target=_blank>Windows 11</a>
 - ✅ <a href=https://learn.microsoft.com/windows/release-health/supported-versions-windows-client target=_blank>Windows 10</a>
-ms.date: 12/06/2023
+ms.date: 03/12/2024
 ---
 # UCClient
@ -35,7 +35,6 @@ UCClient acts as an individual device's record. It contains data such as the cur
 | **IsVirtual** | [bool](/azure/data-explorer/kusto/query/scalar-data-types/bool) | No | `Yes, No` | Whether device is a virtual device. |
 | **LastCensusScanTime [UTC]** | [datetime](/azure/kusto/query/scalar-data-types/datetime)  | No |  `2020-05-14 09:26:03.478039` | The last time this device performed a successful census scan, if any. |
 | **LastWUScanTime [UTC]** | [datetime](/azure/kusto/query/scalar-data-types/datetime)  | No |  `2020-05-14 09:26:03.478039` | The last time this device performed a successful Windows Update scan, if any. |
 | **NewTest_CF [UTC]** | [datetime](/azure/kusto/query/scalar-data-types/datetime)  | No |  `2020-05-14 09:26:03.478039` | Currently, data isn't gathered to populate this field. |
 | **OSArchitecture** | [string](/azure/data-explorer/kusto/query/scalar-data-types/string) | Yes | `x86` | The architecture of the operating system (not the device) this device is currently on. |
 | **OSBuild** | [string](/azure/data-explorer/kusto/query/scalar-data-types/string) | No | `10.0.22621.1702` | The full operating system build installed on this device, such as Major.Minor.Build.Revision |
 | **OSBuildNumber** | [int](/azure/kusto/query/scalar-data-types/int) | No | `22621` | The major build number, in int format, the device is using. |
@ -62,18 +61,18 @@ UCClient acts as an individual device's record. It contains data such as the cur
 | **WUAutomaticUpdates** | | No |  | Currently, data isn't gathered to populate this field. Manage automatic update behavior to scan, download, and install updates. |
 | **WUDeadlineNoAutoRestart** |  | No | | Currently, data isn't gathered to populate this field. Devices won't automatically restart outside of active hours until the deadline is reached - It's 1 by default and indicates enabled, 0 indicates disabled |
 | **WUDODownloadMode** | | No |  | Currently, data isn't gathered to populate this field. The Windows Update DO DownloadMode configuration. |
-| **WUFeatureDeadlineDays** | [int](/azure/kusto/query/scalar-data-types/int) | No | `0` | CSP: ConfigureDeadlineForFeatureUpdates. The Windows Update feature update deadline configuration in days. -1 indicates not configured, 0 indicates configured but set to 0. Values > 0 indicate the deadline in days. |
+| **WUFeatureDeadlineDays** | [int](/azure/kusto/query/scalar-data-types/int) | No | `0` | CSP: ConfigureDeadlineForFeatureUpdates. The feature update deadline configuration in days. -1 indicates not configured. 0 indicates configured but set to 0. Values > 0 indicate the deadline in days. |
-| **WUFeatureDeferralDays** | [int](/azure/kusto/query/scalar-data-types/int) | No | `0` | CSP: DeferFeatureUpdates. The Windows Update feature update deferral configuration in days. -1 indicates not configured, 0 indicates configured but set to 0. Values > 0 indicate the policy setting. |
+| **WUFeatureDeferralDays** | [int](/azure/kusto/query/scalar-data-types/int) | No | `0` | CSP: DeferFeatureUpdates. The feature update deferral configuration in days. -1 indicates not configured. 0 indicates configured but set to 0. Values > 0 indicate the policy setting. |
-| **WUFeatureGracePeriodDays** | [int](/azure/kusto/query/scalar-data-types/int) | No | `7` | The Windows Update grace period for feature update in days. -1 indicates not configured, 0 indicates configured and set to 0. Values greater than 0 indicate the grace period in days. |
+| **WUFeatureGracePeriodDays** | [int](/azure/kusto/query/scalar-data-types/int) | No | `7` | The Windows Update grace period for feature update in days. -1 indicates not configured. 0 indicates configured and set to 0. Values greater than 0 indicate the grace period in days. |
-| **WUFeaturePauseEndTime [UTC]** | [datetime](/azure/kusto/query/scalar-data-types/datetime)  | No |  `2020-05-14 09:26:03.478039` | Currently, data isn't gathered to populate this field. The time Windows Update feature update pause will end, if activated, else null. |
+| **WUFeaturePauseEndTime [UTC]** | [datetime](/azure/kusto/query/scalar-data-types/datetime)  | No |  `2020-05-14 09:26:03.478039` | Currently, data isn't gathered to populate this field. The time Windows Update feature update pause ends, if activated, else null. |
 | **WUFeaturePauseStartTime [UTC]** | [datetime](/azure/kusto/query/scalar-data-types/datetime)  | No |  `2020-05-14 09:26:03.478039` | Currently, data isn't gathered to populate this field. The time Windows Update feature update pause was activated, if activated, else null. Feature updates are paused for 35 days from the specified start date. |
 | **WUFeaturePauseState** | [string](/azure/data-explorer/kusto/query/scalar-data-types/string) | No | `NotConfigured` | Indicates pause status of device for feature updates. Possible values are Paused, NotPaused, NotConfigured. |
 | **WUNotificationLevel** | |  No |  | Currently, data isn't gathered to populate this field. This policy allows you to define what Windows Update notifications users see. 0 (default) - Use the default Windows Update notifications. 1 - Turn off all notifications, excluding restart warnings. 2 - Turn off all notifications, including restart warnings |
 | **WUPauseUXDisabled** | |  No |  | Currently, data isn't gathered to populate this field. This policy allows the IT admin to disable the Pause Updates feature. When this policy is enabled, the user can't access the Pause updates' feature. Supported values 0, 1. |
-| **WUQualityDeadlineDays** | [int](/azure/kusto/query/scalar-data-types/int) | No | `7` | CSP: ConfigureDeadlineForQualityUpdates. The Windows update quality update deadline configuration in days. -1 indicates not configured, 0 indicates configured but set to 0. Values > 0 indicate the deadline in days. |
+| **WUQualityDeadlineDays** | [int](/azure/kusto/query/scalar-data-types/int) | No | `7` | CSP: ConfigureDeadlineForQualityUpdates. The Windows update quality update deadline configuration in days. -1 indicates not configured. 0 indicates configured but set to 0. Values > 0 indicate the deadline in days. |
-| **WUQualityDeferralDays** | [int](/azure/kusto/query/scalar-data-types/int) | No | `-1` | CSP: DeferQualityUpdates. The Windows Update quality update deferral configuration in days. -1 indicates not configured, 0 indicates configured but set to 0. Values greater than 0 indicate the policy setting. |
+| **WUQualityDeferralDays** | [int](/azure/kusto/query/scalar-data-types/int) | No | `-1` | CSP: DeferQualityUpdates. The Windows Update quality update deferral configuration in days. -1 indicates not configured. 0 indicates configured but set to 0. Values greater than 0 indicate the policy setting. |
-| **WUQualityGracePeriodDays** | [int](/azure/kusto/query/scalar-data-types/int) | No | `0` | The Windows Update grace period for quality update in days. -1 indicates not configured, 0 indicates configured and set to 0. Values greater than 0 indicate the grace period in days. |
+| **WUQualityGracePeriodDays** | [int](/azure/kusto/query/scalar-data-types/int) | No | `0` | The Windows Update grace period for quality update in days. -1 indicates not configured. 0 indicates configured and set to 0. Values greater than 0 indicate the grace period in days. |
-| **WUQualityPauseEndTime [UTC]** | [datetime](/azure/kusto/query/scalar-data-types/datetime)  | No |  `2020-05-14 09:26:03.478039` | Currently, data isn't gathered to populate this field. The time Windows Update quality update pause- will end, if activated, else null. |
+| **WUQualityPauseEndTime [UTC]** | [datetime](/azure/kusto/query/scalar-data-types/datetime)  | No |  `2020-05-14 09:26:03.478039` | Currently, data isn't gathered to populate this field. The time the quality update pause ends, if activated, else null. |
 | **WUQualityPauseStartTime [UTC]** | [datetime](/azure/kusto/query/scalar-data-types/datetime)  | No |  `2020-05-14 09:26:03.478039` | Currently, data isn't gathered to populate this field. The time Windows Update quality update pause- was activated; if activated; else null. |
 | **WUQualityPauseState** | [string](/azure/data-explorer/kusto/query/scalar-data-types/string) | No | `NotConfigured` | Indicates pause status of device for quality updates. Possible values are Paused, NotPaused, NotConfigured. |
 | **WURestartNotification** | |  No |  | Currently, data isn't gathered to populate this field. Allows the IT Admin to specify the method by which the auto restart required notification is dismissed. The following list shows the supported values:  1 (default) = Auto Dismissal. 2 - User Dismissal. |
--- a/windows/security/application-security/application-control/windows-defender-application-control/design/applications-that-can-bypass-wdac.md
+++ b/windows/security/application-security/application-control/windows-defender-application-control/design/applications-that-can-bypass-wdac.md
@ -26,6 +26,7 @@ Unless your use scenarios explicitly require them, Microsoft recommends that you
 - csi.exe
 - dbghost.exe
 - dbgsvc.exe
 - dbgsrv.exe
 - dnx.exe
 - dotnet.exe
 - fsi.exe
@ -143,6 +144,7 @@ The blocklist policy that follows includes "Allow all" rules for both kernel and
    <Deny ID="ID_DENY_CSCRIPT" FriendlyName="cscript.exe" FileName="cscript.exe" MinimumFileVersion="5.812.10240.0" />
    <Deny ID="ID_DENY_DBGHOST" FriendlyName="dbghost.exe" FileName="DBGHOST.Exe" MinimumFileVersion="2.3.0.0" />
    <Deny ID="ID_DENY_DBGSVC" FriendlyName="dbgsvc.exe" FileName="DBGSVC.Exe" MinimumFileVersion="2.3.0.0" />
    <Deny ID="ID_DENY_DBGSRV" FriendlyName="dbgsrv.exe" FileName="dbgsrv.exe" MinimumFileVersion="0.0.0.0" MaximumFileVersion="65355.65355.65355.65355" />
    <Deny ID="ID_DENY_DNX" FriendlyName="dnx.exe" FileName="dnx.Exe" MinimumFileVersion="0.0.0.0" MaximumFileVersion="65355.65355.65355.65355" />
    <Deny ID="ID_DENY_DOTNET" FriendlyName="dotnet.exe" FileName="dotnet.exe" MinimumFileVersion="0.0.0.0" MaximumFileVersion="65355.65355.65355.65355" />
    <Deny ID="ID_DENY_FSI" FriendlyName="fsi.exe" FileName="fsi.exe" MinimumFileVersion="0.0.0.0" MaximumFileVersion="65355.65355.65355.65355" />
@ -854,6 +856,7 @@ The blocklist policy that follows includes "Allow all" rules for both kernel and
          <FileRuleRef RuleID="ID_DENY_CSCRIPT" />
          <FileRuleRef RuleID="ID_DENY_DBGHOST" />
          <FileRuleRef RuleID="ID_DENY_DBGSVC" />
          <FileRuleRef RuleID="ID_DENY_DBGSRV" />
          <FileRuleRef RuleID="ID_DENY_DNX" />
          <FileRuleRef RuleID="ID_DENY_DOTNET" />
          <FileRuleRef RuleID="ID_DENY_FSI" />
--- a/windows/security/identity-protection/enterprise-certificate-pinning.md
+++ b/windows/security/identity-protection/enterprise-certificate-pinning.md
@ -2,7 +2,7 @@
 title: Enterprise certificate pinning
 description: Enterprise certificate pinning is a Windows feature for remembering, or pinning, a root issuing certificate authority, or end-entity certificate to a domain name.
 ms.topic: concept-article
-ms.date: 05/24/2023
+ms.date: 03/12/2024
 ---
 # Enterprise certificate pinning overview
--- a/windows/security/identity-protection/hello-for-business/deploy/cloud-only.md
+++ b/windows/security/identity-protection/hello-for-business/deploy/cloud-only.md
@ -1,8 +1,8 @@
 ---
 title: Windows Hello for Business cloud-only deployment guide
 description: Learn how to deploy Windows Hello for Business in a cloud-only deployment scenario.
-ms.date: 01/03/2024
+ms.date: 03/12/2024
-ms.topic: how-to
+ms.topic: tutorial
 ---
 # Cloud-only deployment guide
--- a/windows/security/identity-protection/hello-for-business/deploy/hybrid-cert-trust-adfs.md
+++ b/windows/security/identity-protection/hello-for-business/deploy/hybrid-cert-trust-adfs.md
@ -1,7 +1,7 @@
 ---
 title: Configure Active Directory Federation Services in a hybrid certificate trust model
 description: Learn how to configure Active Directory Federation Services (AD FS) to support the Windows Hello for Business hybrid certificate trust model.
-ms.date: 01/03/2024
+ms.date: 03/12/2024
 ms.topic: tutorial
 ---
--- a/windows/security/identity-protection/hello-for-business/deploy/hybrid-cert-trust-enroll.md
+++ b/windows/security/identity-protection/hello-for-business/deploy/hybrid-cert-trust-enroll.md
@ -1,7 +1,7 @@
 ---
 title: Configure and enroll in Windows Hello for Business in hybrid certificate trust model
 description: Learn how to configure devices and enroll them in Windows Hello for Business in a hybrid certificate trust scenario.
-ms.date: 01/03/2024
+ms.date: 03/12/2024
 ms.topic: tutorial
 ---
--- a/windows/security/identity-protection/hello-for-business/deploy/hybrid-cert-trust-pki.md
+++ b/windows/security/identity-protection/hello-for-business/deploy/hybrid-cert-trust-pki.md
@ -1,7 +1,7 @@
 ---
 title: Configure and validate the PKI in an hybrid certificate trust model
 description: Configure and validate the Public Key Infrastructure when deploying Windows Hello for Business in a hybrid certificate trust model.
-ms.date: 01/03/2024
+ms.date: 03/12/2024
 ms.topic: tutorial
 ---
--- a/windows/security/identity-protection/hello-for-business/deploy/hybrid-cert-trust.md
+++ b/windows/security/identity-protection/hello-for-business/deploy/hybrid-cert-trust.md
@ -1,7 +1,7 @@
 ---
 title: Windows Hello for Business hybrid certificate trust deployment guide
 description: Learn how to deploy Windows Hello for Business in a hybrid certificate trust scenario.
-ms.date: 01/03/2024
+ms.date: 03/12/2024
 ms.topic: tutorial
 ---
--- a/windows/security/identity-protection/hello-for-business/deploy/hybrid-cloud-kerberos-trust.md
+++ b/windows/security/identity-protection/hello-for-business/deploy/hybrid-cloud-kerberos-trust.md
@ -1,7 +1,7 @@
 ---
 title: Windows Hello for Business cloud Kerberos trust deployment guide
 description: Learn how to deploy Windows Hello for Business in a cloud Kerberos trust scenario.
-ms.date: 01/03/2024
+ms.date: 03/12/2024
 ms.topic: tutorial
 ---
--- a/windows/security/identity-protection/hello-for-business/deploy/hybrid-key-trust-enroll.md
+++ b/windows/security/identity-protection/hello-for-business/deploy/hybrid-key-trust-enroll.md
@ -1,7 +1,7 @@
 ---
 title: Configure and enroll in Windows Hello for Business in a hybrid key trust model
 description: Learn how to configure devices and enroll them in Windows Hello for Business in a hybrid key trust scenario.
-ms.date: 12/29/2023
+ms.date: 03/12/2024
 ms.topic: tutorial
 ---
--- a/windows/security/identity-protection/hello-for-business/deploy/hybrid-key-trust.md
+++ b/windows/security/identity-protection/hello-for-business/deploy/hybrid-key-trust.md
@ -1,7 +1,7 @@
 ---
 title: Windows Hello for Business hybrid key trust deployment guide
 description: Learn how to deploy Windows Hello for Business in a hybrid key trust scenario.
-ms.date: 01/03/2024
+ms.date: 03/12/2024
 ms.topic: tutorial
 ---
--- a/windows/security/identity-protection/hello-for-business/deploy/index.md
+++ b/windows/security/identity-protection/hello-for-business/deploy/index.md
@ -1,8 +1,8 @@
 ---
 title: Plan a Windows Hello for Business Deployment
 description: Learn about the role of each component within Windows Hello for Business and how certain deployment decisions affect other aspects of your infrastructure.
-ms.date: 01/02/2024
+ms.date: 03/12/2024
-ms.topic: overview
+ms.topic: concept-article
 ---
 # Plan a Windows Hello for Business deployment
--- a/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-adfs.md
+++ b/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-adfs.md
@ -1,7 +1,7 @@
 ---
 title: Configure Active Directory Federation Services in an on-premises certificate trust model
 description: Learn how to configure Active Directory Federation Services (AD FS) to support the Windows Hello for Business on-premises certificate trust model.
-ms.date: 01/03/2024
+ms.date: 03/12/2024
 ms.topic: tutorial
 ---
--- a/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-enroll.md
+++ b/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-enroll.md
@ -1,5 +1,5 @@
 ---
-ms.date: 01/03/2024
+ms.date: 03/12/2024
 ms.topic: tutorial
 title: Configure Windows Hello for Business Policy settings in an on-premises certificate trust
 description: Configure Windows Hello for Business Policy settings for Windows Hello for Business in an on-premises certificate trust scenario
--- a/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust.md
+++ b/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust.md
@ -1,7 +1,7 @@
 ---
 title: Windows Hello for Business on-premises certificate trust deployment guide
 description: Learn how to deploy Windows Hello for Business in an on-premises, certificate trust scenario.
-ms.date: 01/03/2024
+ms.date: 03/12/2024
 ms.topic: tutorial
 ---
--- a/windows/security/identity-protection/hello-for-business/deploy/on-premises-key-trust-adfs.md
+++ b/windows/security/identity-protection/hello-for-business/deploy/on-premises-key-trust-adfs.md
@ -1,7 +1,7 @@
 ---
 title: Configure Active Directory Federation Services in an on-premises key trust model
 description: Learn how to configure Active Directory Federation Services (AD FS) to support the Windows Hello for Business key trust model.
-ms.date: 01/03/2024
+ms.date: 03/12/2024
 ms.topic: tutorial
 ---
--- a/windows/security/identity-protection/hello-for-business/deploy/on-premises-key-trust-enroll.md
+++ b/windows/security/identity-protection/hello-for-business/deploy/on-premises-key-trust-enroll.md
@ -1,5 +1,5 @@
 ---
-ms.date: 01/03/2024
+ms.date: 03/12/2024
 ms.topic: tutorial
 title: Configure Windows Hello for Business Policy settings in an on-premises key trust
 description: Configure Windows Hello for Business Policy settings for Windows Hello for Business in an on-premises key trust scenario
--- a/windows/security/identity-protection/hello-for-business/deploy/on-premises-key-trust.md
+++ b/windows/security/identity-protection/hello-for-business/deploy/on-premises-key-trust.md
@ -1,7 +1,7 @@
 ---
 title: Windows Hello for Business on-premises key trust deployment guide
 description: Learn how to deploy Windows Hello for Business in an on-premises, key trust scenario.
-ms.date: 01/03/2024
+ms.date: 03/12/2024
 ms.topic: tutorial
 ---
--- a/windows/security/identity-protection/hello-for-business/deploy/prepare-users.md
+++ b/windows/security/identity-protection/hello-for-business/deploy/prepare-users.md
@ -1,7 +1,7 @@
 ---
 title: Prepare users to provision and use Windows Hello for Business
 description: Learn how to prepare users to enroll and to use Windows Hello for Business.
-ms.date: 01/02/2024
+ms.date: 03/12/2024
 ms.topic: end-user-help
 ---
--- a/windows/security/identity-protection/hello-for-business/hello-deployment-issues.md
+++ b/windows/security/identity-protection/hello-for-business/hello-deployment-issues.md
@ -1,7 +1,7 @@
 ---
 title: Windows Hello for Business known deployment issues
 description: This article is a troubleshooting guide for known Windows Hello for Business deployment issues.
-ms.date: 06/02/2023
+ms.date: 03/12/2024
 ms.topic: troubleshooting
 ---
--- a/windows/security/identity-protection/hello-for-business/hello-errors-during-pin-creation.md
+++ b/windows/security/identity-protection/hello-for-business/hello-errors-during-pin-creation.md
@ -2,7 +2,7 @@
 title: Windows Hello errors during PIN creation
 description: Learn about the Windows Hello error codes that might happen during PIN creation.
 ms.topic: troubleshooting
-ms.date: 01/26/2024
+ms.date: 03/12/2024
 ---
 # Windows Hello errors during PIN creation
--- a/windows/security/identity-protection/hello-for-business/includes/allow-enumeration-of-emulated-smart-card-for-all-users.md
+++ b/windows/security/identity-protection/hello-for-business/includes/allow-enumeration-of-emulated-smart-card-for-all-users.md
@ -1,7 +1,7 @@
 ---
 author: paolomatarazzo
 ms.author: paoloma
-ms.date: 01/03/2024
+ms.date: 03/12/2024
 ms.topic: include
 ---
--- a/windows/security/identity-protection/hello-for-business/includes/configure-device-unlock-factors.md
+++ b/windows/security/identity-protection/hello-for-business/includes/configure-device-unlock-factors.md
@ -1,7 +1,7 @@
 ---
 author: paolomatarazzo
 ms.author: paoloma
-ms.date: 01/03/2024
+ms.date: 03/12/2024
 ms.topic: include
 ---
--- a/windows/security/identity-protection/hello-for-business/includes/configure-dynamic-lock-factors.md
+++ b/windows/security/identity-protection/hello-for-business/includes/configure-dynamic-lock-factors.md
@ -1,7 +1,7 @@
 ---
 author: paolomatarazzo
 ms.author: paoloma
-ms.date: 01/03/2024
+ms.date: 03/12/2024
 ms.topic: include
 ---
--- a/windows/security/identity-protection/hello-for-business/includes/configure-enhanced-anti-spoofing.md
+++ b/windows/security/identity-protection/hello-for-business/includes/configure-enhanced-anti-spoofing.md
@ -1,7 +1,7 @@
 ---
 author: paolomatarazzo
 ms.author: paoloma
-ms.date: 01/03/2024
+ms.date: 03/12/2024
 ms.topic: include
 ---
--- a/windows/security/identity-protection/hello-for-business/includes/enable-ess-with-supported-peripherals.md
+++ b/windows/security/identity-protection/hello-for-business/includes/enable-ess-with-supported-peripherals.md
@ -1,7 +1,7 @@
 ---
 author: paolomatarazzo
 ms.author: paoloma
-ms.date: 01/03/2024
+ms.date: 03/12/2024
 ms.topic: include
 ---
--- a/windows/security/identity-protection/hello-for-business/includes/expiration.md
+++ b/windows/security/identity-protection/hello-for-business/includes/expiration.md
@ -1,7 +1,7 @@
 ---
 author: paolomatarazzo
 ms.author: paoloma
-ms.date: 01/03/2024
+ms.date: 03/12/2024
 ms.topic: include
 ---
--- a/windows/security/identity-protection/hello-for-business/includes/history.md
+++ b/windows/security/identity-protection/hello-for-business/includes/history.md
@ -1,7 +1,7 @@
 ---
 author: paolomatarazzo
 ms.author: paoloma
-ms.date: 01/03/2024
+ms.date: 03/12/2024
 ms.topic: include
 ---
--- a/windows/security/identity-protection/hello-for-business/includes/maximum-pin-length.md
+++ b/windows/security/identity-protection/hello-for-business/includes/maximum-pin-length.md
@ -1,7 +1,7 @@
 ---
 author: paolomatarazzo
 ms.author: paoloma
-ms.date: 01/03/2024
+ms.date: 03/12/2024
 ms.topic: include
 ---
--- a/windows/security/identity-protection/hello-for-business/includes/minimum-pin-length.md
+++ b/windows/security/identity-protection/hello-for-business/includes/minimum-pin-length.md
@ -1,7 +1,7 @@
 ---
 author: paolomatarazzo
 ms.author: paoloma
-ms.date: 01/03/2024
+ms.date: 03/12/2024
 ms.topic: include
 ---
--- a/windows/security/identity-protection/hello-for-business/includes/require-digits.md
+++ b/windows/security/identity-protection/hello-for-business/includes/require-digits.md
@ -1,7 +1,7 @@
 ---
 author: paolomatarazzo
 ms.author: paoloma
-ms.date: 01/03/2024
+ms.date: 03/12/2024
 ms.topic: include
 ---
--- a/windows/security/identity-protection/hello-for-business/includes/require-lowercase-letters.md
+++ b/windows/security/identity-protection/hello-for-business/includes/require-lowercase-letters.md
@ -1,7 +1,7 @@
 ---
 author: paolomatarazzo
 ms.author: paoloma
-ms.date: 01/03/2024
+ms.date: 03/12/2024
 ms.topic: include
 ---
--- a/windows/security/identity-protection/hello-for-business/includes/require-special-characters.md
+++ b/windows/security/identity-protection/hello-for-business/includes/require-special-characters.md
@ -1,7 +1,7 @@
 ---
 author: paolomatarazzo
 ms.author: paoloma
-ms.date: 01/03/2024
+ms.date: 03/12/2024
 ms.topic: include
 ---
--- a/windows/security/identity-protection/hello-for-business/includes/require-uppercase-letters.md
+++ b/windows/security/identity-protection/hello-for-business/includes/require-uppercase-letters.md
@ -1,7 +1,7 @@
 ---
 author: paolomatarazzo
 ms.author: paoloma
-ms.date: 01/03/2024
+ms.date: 03/12/2024
 ms.topic: include
 ---
--- a/windows/security/identity-protection/hello-for-business/includes/turn-off-smart-card-emulation.md
+++ b/windows/security/identity-protection/hello-for-business/includes/turn-off-smart-card-emulation.md
@ -1,7 +1,7 @@
 ---
 author: paolomatarazzo
 ms.author: paoloma
-ms.date: 01/03/2024
+ms.date: 03/12/2024
 ms.topic: include
 ---
--- a/windows/security/identity-protection/hello-for-business/includes/use-a-hardware-security-device.md
+++ b/windows/security/identity-protection/hello-for-business/includes/use-a-hardware-security-device.md
@ -1,7 +1,7 @@
 ---
 author: paolomatarazzo
 ms.author: paoloma
-ms.date: 01/03/2024
+ms.date: 03/12/2024
 ms.topic: include
 ---
--- a/windows/security/identity-protection/hello-for-business/includes/use-biometrics.md
+++ b/windows/security/identity-protection/hello-for-business/includes/use-biometrics.md
@ -1,7 +1,7 @@
 ---
 author: paolomatarazzo
 ms.author: paoloma
-ms.date: 01/03/2024
+ms.date: 03/12/2024
 ms.topic: include
 ---
--- a/windows/security/identity-protection/hello-for-business/includes/use-certificate-for-on-premises-authentication.md
+++ b/windows/security/identity-protection/hello-for-business/includes/use-certificate-for-on-premises-authentication.md
@ -1,7 +1,7 @@
 ---
 author: paolomatarazzo
 ms.author: paoloma
-ms.date: 01/03/2024
+ms.date: 03/12/2024
 ms.topic: include
 ---
--- a/windows/security/identity-protection/hello-for-business/includes/use-cloud-trust-for-on-premises-authentication.md
+++ b/windows/security/identity-protection/hello-for-business/includes/use-cloud-trust-for-on-premises-authentication.md
@ -1,7 +1,7 @@
 ---
 author: paolomatarazzo
 ms.author: paoloma
-ms.date: 01/03/2024
+ms.date: 03/12/2024
 ms.topic: include
 ---
--- a/windows/security/identity-protection/hello-for-business/includes/use-pin-recovery.md
+++ b/windows/security/identity-protection/hello-for-business/includes/use-pin-recovery.md
@ -1,7 +1,7 @@
 ---
 author: paolomatarazzo
 ms.author: paoloma
-ms.date: 01/03/2024
+ms.date: 03/12/2024
 ms.topic: include
 ---
--- a/windows/security/identity-protection/hello-for-business/includes/use-windows-hello-for-business-certificates-as-smart-card-certificates.md
+++ b/windows/security/identity-protection/hello-for-business/includes/use-windows-hello-for-business-certificates-as-smart-card-certificates.md
@ -1,7 +1,7 @@
 ---
 author: paolomatarazzo
 ms.author: paoloma
-ms.date: 01/03/2024
+ms.date: 03/12/2024
 ms.topic: include
 ---
--- a/windows/security/identity-protection/hello-for-business/includes/use-windows-hello-for-business.md
+++ b/windows/security/identity-protection/hello-for-business/includes/use-windows-hello-for-business.md
@ -1,7 +1,7 @@
 ---
 author: paolomatarazzo
 ms.author: paoloma
-ms.date: 01/03/2024
+ms.date: 03/12/2024
 ms.topic: include
 ---
--- a/windows/security/identity-protection/index.md
+++ b/windows/security/identity-protection/index.md
@ -2,7 +2,7 @@
 title: Windows identity protection
 description: Learn more about identity protection technologies in Windows.
 ms.topic: overview
-ms.date: 07/27/2023
+ms.date: 03/12/2024
 ---
 # Windows identity protection
--- a/windows/security/identity-protection/passwordless-experience/index.md
+++ b/windows/security/identity-protection/passwordless-experience/index.md
@ -3,7 +3,7 @@ title: Windows passwordless experience
 description: Learn how Windows passwordless experience enables your organization to move away from passwords.
 ms.collection:
  - tier1
-ms.date: 09/27/2023
+ms.date: 03/12/2024
 ms.topic: how-to
 appliesto:
  - ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 11</a>
--- a/windows/security/identity-protection/remote-credential-guard.md
+++ b/windows/security/identity-protection/remote-credential-guard.md
@ -2,7 +2,7 @@
 title: Remote Credential Guard
 description: Learn how Remote Credential Guard helps to secure Remote Desktop credentials by never sending them to the target device.
 ms.topic: how-to
-ms.date: 12/08/2023
+ms.date: 03/12/2024
 appliesto:
 - ✅ <a href=https://learn.microsoft.com/windows/release-health/supported-versions-windows-client target=_blank>Windows 11</a>
 - ✅ <a href=https://learn.microsoft.com/windows/release-health/supported-versions-windows-client target=_blank>Windows 10</a>
--- a/windows/security/identity-protection/web-sign-in/index.md
+++ b/windows/security/identity-protection/web-sign-in/index.md
@ -1,7 +1,7 @@
 ---
 title: Web sign-in for Windows
 description: Learn how Web sign-in in Windows works, key scenarios, and how to configure it.
-ms.date: 12/11/2023
+ms.date: 03/12/2023
 ms.topic: how-to
 appliesto:
  - ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 11</a>
@ -11,8 +11,8 @@ ms.collection:
 # Web sign-in for Windows
-Starting in Windows 11, version 22H2 with [KB5030310][KB-1], you can enable a web-based sign-in experience on Microsoft Entra joined devices, unlocking new sign-in options and capabilities.
+Starting in Windows 11, version 22H2 with [KB5030310][KB-1], you can enable a web-based sign-in experience on Microsoft Entra joined devices.
-This feature is called *Web sign-in*.
+This feature is called *Web sign-in*, and it unlocks new sign-in options and capabilities.
 Web sign-in is a *credential provider*, and it was initially introduced in Windows 10 with support for Temporary Access Pass (TAP) only. With the release of Windows 11, the supported scenarios and capabilities of Web sign-in are expanded.\
 For example, you can sign in with the Microsoft Authenticator app or with a SAML-P federated identity.
@ -21,11 +21,11 @@ This article describes how to configure Web sign-in and the supported key scenar
 ## System requirements
-To use web sign-in, the clients must meet the following prerequisites:
+Here are the prerequisites for using Web sign-in:
 - Windows 11, version 22H2 with [5030310][KB-1], or later
- Must be [Microsoft Entra joined](/entra/identity/devices/concept-directory-join)
+- [Microsoft Entra joined](/entra/identity/devices/concept-directory-join)
- Must have Internet connectivity, as the authentication is done over the Internet
+- Internet connectivity, as the authentication is done over the Internet
 > [!IMPORTANT]
 > Web sign-in is not supported for Microsoft Entra hybrid joined or domain joined devices.
--- a/windows/security/index.yml
+++ b/windows/security/index.yml
@ -1,167 +1,156 @@
-### YamlMime:Hub
+### YamlMime:Landing
-title: Windows client security documentation
+title: Windows security documentation
-summary: Learn how to secure Windows clients for your organization.
+summary: Windows is designed with zero-trust principles at its core, offering powerful security from chip to cloud. As organizations embrace hybrid work environments, the need for robust security solutions becomes paramount. Windows integrates advanced hardware and software protection, ensuring data integrity and access control across devices. Learn about the different security features included in Windows.
 brand: windows
 metadata:
-  ms.topic: hub-page
+  ms.topic: landing-page
  ms.collection:
    - tier1
    - essentials-navigation
  author: paolomatarazzo
  ms.author: paoloma
  manager: aaroncz
-  ms.date: 09/18/2023
+  ms.date: 03/12/2024
-highlightedContent:
+# linkListType: architecture | concept | deploy | download | get-started | how-to-guide | tutorial | overview | quickstart | reference | sample | tutorial | video | whats-new
  items:
  - title: Get started with Windows security
    itemType: get-started
    url: introduction.md
  - title: Windows 11, version 22H2
    itemType: whats-new
    url: /windows/whats-new/whats-new-windows-11-version-22H2
  - title: Advance your security posture with Microsoft Intune from chip to cloud
    itemType: learn
    url: https://learn.microsoft.com/training/modules/m365-advance-organization-security-posture/
  - title: Security features licensing and edition requirements
    itemType: overview
    url: /windows/security/licensing-and-edition-requirements
 landingContent:
-productDirectory:
+  - title: Learn about hardware security
-  title: Get started
+    linkLists:
-  items:
+      - linkListType: overview
    - title: Hardware security
      imageSrc: /media/common/i_usb.svg
        links:
-        - url: /windows/security/hardware-security/tpm/trusted-platform-module-overview
+          - text: Trusted Platform Module (TPM)
-          text: Trusted Platform Module
+            url: /windows/security/hardware-security/tpm/trusted-platform-module-overview
-        - url: /windows/security/hardware-security/pluton/microsoft-pluton-security-processor
+          - text: Microsoft Pluton
-          text: Microsoft Pluton
+            url: /windows/security/hardware-security/pluton/microsoft-pluton-security-processor
-        - url: /windows/security/hardware-security/how-hardware-based-root-of-trust-helps-protect-windows
+          - text: Windows Defender System Guard
-          text: Windows Defender System Guard
+            url: /windows-hardware/design/device-experiences/oem-vbs
-        - url: /windows-hardware/design/device-experiences/oem-vbs
+          - text: Virtualization-based security (VBS)
-          text: Virtualization-based security (VBS)
+            url: /windows/security/hardware-security/how-hardware-based-root-of-trust-helps-protect-windows
-        - url: /windows-hardware/design/device-experiences/oem-highly-secure-11
+          - text: Secured-core PC
-          text: Secured-core PC
+            url: /windows-hardware/design/device-experiences/oem-highly-secure-11
        - url: /windows/security/hardware-security
          text: Learn more about hardware security >
-    - title: OS security
+  - title: Learn about OS security
-      imageSrc: /media/common/i_threat-protection.svg
+    linkLists:
      - linkListType: overview
        links:
-        - url: /windows/security/operating-system-security
+          - text: Trusted boot
-          text: Trusted boot
+            url: /windows/security/operating-system-security
-        - url: /windows/security/operating-system-security/system-security/windows-defender-security-center/windows-defender-security-center
+          - text: Windows security settings
-          text: Windows security settings
+            url: /windows/security/operating-system-security/system-security/windows-defender-security-center/windows-defender-security-center
-        - url: 	/windows/security/operating-system-security/data-protection/bitlocker/
+          - text: BitLocker
-          text: BitLocker
+            url: /windows/security/operating-system-security/data-protection/bitlocker/
-        - url: /windows/security/operating-system-security/device-management/windows-security-configuration-framework/windows-security-baselines
+          - text: Personal Data Encryption (PDE)
-          text: Windows security baselines
+            url: /windows/security/operating-system-security/data-protection/personal-data-encryption
-        - url: /windows/security/operating-system-security/virus-and-threat-protection/microsoft-defender-smartscreen/
+          - text: Windows security baselines
-          text: Microsoft Defender SmartScreen
+            url: /windows/security/operating-system-security/device-management/windows-security-configuration-framework/windows-security-baselines
-        - url: /windows/security/operating-system-security
+          - text: Microsoft Defender SmartScreen
-          text: Learn more about OS security >
+            url: /windows/security/operating-system-security/virus-and-threat-protection/microsoft-defender-smartscreen/
-
+          - text: Windows Firewall
-    - title: Identity protection
+            url: /windows/security/operating-system-security/network-security/windows-firewall/
-      imageSrc: /media/common/i_identity-protection.svg
+      - linkListType: architecture
        links:
-        - url: /windows/security/identity-protection/hello-for-business
+          - text: BitLocker planning guide
-          text: Windows Hello for Business
+            url: /windows/security/operating-system-security/data-protection/bitlocker/planning-guide
-        - url: /windows/security/identity-protection/passwordless-experience
+      - linkListType: how-to-guide
          text: Windows passwordless experience
        - url: /windows/security/identity-protection/web-sign-in
          text: Web sign-in for Windows
        - url: /windows/security/identity-protection/passkeys
          text: Support for passkeys in Windows
        - url: /windows/security/operating-system-security/virus-and-threat-protection/microsoft-defender-smartscreen/enhanced-phishing-protection
          text: Enhanced phishing protection with SmartScreen
        - url: /windows/security/identity-protection
          text: Learn more about identity protection >
    - title: Application security
      imageSrc: /media/common/i_queries.svg
        links:
-        - url: /windows/security/application-security/application-control/windows-defender-application-control/
+          - text: Configure BitLocker
-          text: Windows Defender Application Control (WDAC)
+            url: /windows/security/operating-system-security/data-protection/bitlocker/configure
-        - url: /windows/security/application-security/application-control/user-account-control
+          - text: Configure PDE
-          text: User Account Control (UAC)
+            url: /windows/security/operating-system-security/data-protection/personal-data-encryption/configure
-        - url: /windows/security/application-security/application-control/windows-defender-application-control/design/microsoft-recommended-driver-block-rules
+      - linkListType: whats-new
          text: Microsoft vulnerable driver blocklist
        - url: /windows/security/application-security/application-isolation/microsoft-defender-application-guard/md-app-guard-overview
          text: Microsoft Defender Application Guard (MDAG)
        - url: /windows/security/application-security/application-isolation/windows-sandbox/windows-sandbox-overview
          text: Windows Sandbox
        - url: /windows/security/application-security
          text: Learn more about application security >
    - title: Security foundations
      imageSrc: /media/common/i_build.svg
        links:
-        - url: /windows/security/security-foundations/certification/fips-140-validation
+          - text: Hyper-V firewall
-          text: FIPS 140-2 validation
+            url: /windows/security/operating-system-security/network-security/windows-firewall/hyper-v-firewall
        - url: /windows/security/security-foundations/certification/windows-platform-common-criteria
          text: Common Criteria Certifications
        - url: /windows/security/security-foundations/msft-security-dev-lifecycle
          text: Microsoft Security Development Lifecycle (SDL)
        - url: https://www.microsoft.com/msrc/bounty-windows-insider-preview
          text: Microsoft Windows Insider Preview bounty program
        - url: https://www.microsoft.com/security/blog/2020/09/15/microsoft-onefuzz-framework-open-source-developer-tool-fix-bugs/
          text: OneFuzz service
        - url: /windows/security/security-foundations
          text: Learn more about security foundations >
-    - title: Cloud security
+  - title: Learn about identity protection
-      imageSrc: /media/common/i_cloud-security.svg
+    linkLists:
      - linkListType: overview
        links:
-        - url: /mem/intune/protect/security-baselines
+          - text: Passwordless strategy
-          text: Security baselines with Intune
+            url: /windows/security/identity-protection/passwordless-strategy
-        - url: /windows/deployment/windows-autopatch
+          - text: Windows Hello for Business
-          text: Windows Autopatch
+            url: /windows/security/identity-protection/hello-for-business
-        - url: /windows/deployment/windows-autopilot
+          - text: Windows passwordless experience
-          text: Windows Autopilot
+            url: /windows/security/identity-protection/passwordless-experience
-        - url: /universal-print
+          - text: Web sign-in for Windows
-          text: Universal Print
+            url: /windows/security/identity-protection/web-sign-in
-        - url: /windows/client-management/mdm/remotewipe-csp
+          - text: Passkeys
-          text: Remote wipe
+            url: /windows/security/identity-protection/passkeys
-        - url: /windows/security/cloud-security
+          - text: FIDO2 security keys
-          text: Learn more about cloud security >
+            url: /azure/active-directory/authentication/howto-authentication-passwordless-security-key
-
+          - text: Enhanced phishing protection with SmartScreen
-additionalContent:
+            url: /windows/security/operating-system-security/virus-and-threat-protection/microsoft-defender-smartscreen/enhanced-phishing-protection
-  sections:
+      - linkListType: how-to-guide
    - title: More Windows resources
      items:
        - title: Windows Server
        links:
-            - text: Windows Server documentation
+          - text: Configure PIN reset
-              url: /windows-server
+            url: /windows/security/identity-protection/hello-for-business/pin-reset
-            - text: What's new in Windows Server 2022?
+          - text: RDP sign-in with Windows Hello for Business
-              url: /windows-server/get-started/whats-new-in-windows-server-2022
+            url: /windows/security/identity-protection/hello-for-business/rdp-sign-in
-            - text: Windows Server blog
+      - linkListType: architecture
              url: https://cloudblogs.microsoft.com/windowsserver/
        - title: Windows product site and blogs
        links:
-            - text: Find out how Windows enables your business to do more
+          - text: Plan a Windows Hello for Business deployment
-              url: https://www.microsoft.com/microsoft-365/windows
+            url: /windows/security/identity-protection/hello-for-business/deploy/
-            - text: Windows blogs
+      - linkListType: deploy
              url: https://blogs.windows.com/
            - text: Windows IT Pro blog
              url: https://techcommunity.microsoft.com/t5/windows-it-pro-blog/bg-p/Windows10Blog
            - text: Microsoft Intune blog
              url: https://techcommunity.microsoft.com/t5/microsoft-intune-blog/bg-p/MicrosoftEndpointManagerBlog
            - text: "Windows help & learning: end-user documentation"
              url: https://support.microsoft.com/windows
        - title: Participate in the community
        links:
-            - text: Windows community
+          - text: Cloud Kerberos trust deployment guide
-              url: https://techcommunity.microsoft.com/t5/windows/ct-p/Windows10
+            url: /windows/security/identity-protection/hello-for-business/deploy/hybrid-cloud-kerberos-trust
-            - text: Microsoft Intune community
+
-              url: https://techcommunity.microsoft.com/t5/microsoft-intune/bd-p/Microsoft-Intune
+  - title: Learn about application security
-            - text: Microsoft Support community
+    linkLists:
-              url: https://answers.microsoft.com/windows/forum
+      - linkListType: overview
        links:
          - text: Windows Defender Application Control (WDAC)
            url: /windows/security/application-security/application-control/windows-defender-application-control/
          - text: User Account Control (UAC)
            url: /windows/security/application-security/application-control/user-account-control
          - text: Microsoft vulnerable driver blocklist
            url: /windows/security/application-security/application-control/windows-defender-application-control/design/microsoft-recommended-driver-block-rules
          - text: Microsoft Defender Application Guard (MDAG)
            url: /windows/security/application-security/application-isolation/microsoft-defender-application-guard/md-app-guard-overview
          - text: Windows Sandbox
            url: /windows/security/application-security/application-isolation/windows-sandbox/windows-sandbox-overview
      - linkListType: how-to-guide
        links:
          - text: Configure Windows Sandbox
            url: /windows/security/application-security/application-isolation/windows-sandbox/windows-sandbox-configure-using-wsb-file
  - title: Learn about security foundations
    linkLists:
      - linkListType: overview
        links:
          - text: Zero trust
            url: /windows/security/security-foundations/zero-trust-windows-device-health
          - text: FIPS 140 validation
            url: /windows/security/security-foundations/certification/fips-140-validation
          - text: Common Criteria Certifications
            url: /windows/security/security-foundations/certification/windows-platform-common-criteria
          - text: Microsoft Security Development Lifecycle (SDL)
            url: /windows/security/security-foundations/msft-security-dev-lifecycle
          - text: Microsoft Windows Insider Preview bounty program
            url: https://www.microsoft.com/msrc/bounty-windows-insider-preview
          - text: OneFuzz service
            url: https://www.microsoft.com/security/blog/2020/09/15/microsoft-onefuzz-framework-open-source-developer-tool-fix-bugs/
      - linkListType: whats-new
        links:
          - text: Completed FIPS validations - Windows 11
            url: /windows/security/security-foundations/certification/validations/fips-140-windows11
          - text: Completed CC certifications - Windows 11
            url: /windows/security/security-foundations/certification/validations/cc-windows11
  - title: Learn about cloud security
    linkLists:
      - linkListType: overview
        links:
          - text: Security baselines with Intune
            url: /mem/intune/protect/security-baselines
          - text: Windows Autopatch
            url: /windows/deployment/windows-autopatch
          - text: Windows Autopilot
            url: /windows/deployment/windows-autopilot
          - text: Universal Print
            url: /universal-print
          - text: Remote wipe
            url: /windows/client-management/mdm/remotewipe-csp