From 499b776c95e7010517cbc44834855fb9e7e6dffe Mon Sep 17 00:00:00 2001 From: Joey Caparas Date: Fri, 28 Sep 2018 12:05:26 -0700 Subject: [PATCH 1/2] add link to advanced features --- ...ed-features-windows-defender-advanced-threat-protection.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/windows/security/threat-protection/windows-defender-atp/advanced-features-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/advanced-features-windows-defender-advanced-threat-protection.md index 5cb76c0c47..e8f8e79356 100644 --- a/windows/security/threat-protection/windows-defender-atp/advanced-features-windows-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/windows-defender-atp/advanced-features-windows-defender-advanced-threat-protection.md @@ -10,7 +10,7 @@ ms.pagetype: security ms.author: macapara author: mjcaparas ms.localizationpriority: medium -ms.date: 09/20/2018 +ms.date: 09/28/2018 --- # Configure advanced features in Windows Defender ATP @@ -31,7 +31,7 @@ When you enable this feature, you'll be able to take advantage of the automated For tenants created on or after Windows 10, version 1809 the automated investigations capability is configured by default to resolve alerts where the automated analysis result status is "No threats found" or "Remediated". If you don’t want to have alerts auto-resolved, you’ll need to manually turn off the feature. >[!TIP] ->For tenants created prior that version, you'll need to manually turn this feature on. +>For tenants created prior that version, you'll need to manually turn this feature on from the [Advanced features](https://securitycenter.windows.com/preferences2/integration) page. >[!NOTE] > - The result of the auto-resolve action may influence the Machine risk level calculation which is based on the active alerts found on a machine. From e1c8c53716293e1688de5cb121e2e7aa2c11ae19 Mon Sep 17 00:00:00 2001 From: Louie Mayor Date: Fri, 28 Sep 2018 19:25:23 +0000 Subject: [PATCH 2/2] Merged PR 11688: Updated customize-exploit-protection.md Corrected WQL to WHQL --- .../customize-exploit-protection.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/windows-defender-exploit-guard/customize-exploit-protection.md b/windows/security/threat-protection/windows-defender-exploit-guard/customize-exploit-protection.md index 456600479e..3522cd3cda 100644 --- a/windows/security/threat-protection/windows-defender-exploit-guard/customize-exploit-protection.md +++ b/windows/security/threat-protection/windows-defender-exploit-guard/customize-exploit-protection.md @@ -57,7 +57,7 @@ Arbitrary code guard (ACG) | Prevents the introduction of non-image-backed execu Block low integrity images | Prevents the loading of images marked with Low Integrity. | App-level only | [!include[Check mark yes](images/svg/check-yes.svg)] Block remote images | Prevents loading of images from remote devices. | App-level only | [!include[Check mark yes](images/svg/check-yes.svg)] Block untrusted fonts | Prevents loading any GDI-based fonts not installed in the system fonts directory, notably fonts from the web. | App-level only | [!include[Check mark yes](images/svg/check-yes.svg)] -Code integrity guard | Restricts loading of images signed by Microsoft, WQL, and higher. Can optionally allow Microsoft Store signed images. | App-level only | [!include[Check mark yes](images/svg/check-yes.svg)] +Code integrity guard | Restricts loading of images signed by Microsoft, WHQL, or higher. Can optionally allow Microsoft Store signed images. | App-level only | [!include[Check mark yes](images/svg/check-yes.svg)] Disable extension points | Disables various extensibility mechanisms that allow DLL injection into all processes, such as AppInit DLLs, window hooks, and Winsock service providers. | App-level only | [!include[Check mark no](images/svg/check-no.svg)] Disable Win32k system calls | Prevents an app from using the Win32k system call table. | App-level only | [!include[Check mark yes](images/svg/check-yes.svg)] Do not allow child processes | Prevents an app from creating child processes. | App-level only | [!include[Check mark yes](images/svg/check-yes.svg)]