diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-gp.md b/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-gp.md
index 9a81c74448..d16c45de90 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-gp.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-gp.md
@@ -54,7 +54,7 @@ ms.date: 04/24/2018
 
 5. Right-click **Scheduled tasks**, point to **New**, and then click **Immediate task**.
 
-6. In the  **Task** window that opens, go to the **General** tab. Choose the local SYSTEM user account under **Security options**.
+6. In the **Task** window that opens, go to the **General** tab. Choose the local SYSTEM user account (BUILTIN\SYSTEM) under **Security options**.
 
 7. Select **Run whether user is logged on or not** and check the **Run with highest privileges** check box.
 
@@ -116,7 +116,7 @@ For security reasons, the package used to Offboard machines will expire 30 days
 
 5.	Right-click **Scheduled tasks**, point to **New**, and then click **Immediate task**.
 
-6.	In the **Task** window that opens, go to the **General** tab. Choose the local SYSTEM user account under **Security options**.
+6.	In the **Task** window that opens, go to the **General** tab. Choose the local SYSTEM user account (BUILTIN\SYSTEM) under **Security options**.
 
 7.	Select **Run whether user is logged on or not** and check the **Run with highest privileges** check-box.