From 4db21b0da45b4bd3b8ad2bf954c89e60e03bb3c5 Mon Sep 17 00:00:00 2001
From: Paolo Matarazzo <74918781+paolomatarazzo@users.noreply.github.com>
Date: Mon, 14 Oct 2024 10:33:53 -0400
Subject: [PATCH] updates

---
 ...pplication-security-application-and-driver-control.md | 3 +--
 .../book/application-security-application-isolation.md   | 4 ++--
 windows/security/book/conclusion.md                      | 9 ++++-----
 windows/security/book/features-index.md                  | 2 +-
 .../book/operating-system-security-system-security.md    | 4 ++--
 5 files changed, 10 insertions(+), 12 deletions(-)

diff --git a/windows/security/book/application-security-application-and-driver-control.md b/windows/security/book/application-security-application-and-driver-control.md
index 3eca0f5c78..f3842238e2 100644
--- a/windows/security/book/application-security-application-and-driver-control.md
+++ b/windows/security/book/application-security-application-and-driver-control.md
@@ -72,12 +72,11 @@ The Windows kernel is the most privileged software and is therefore a compelling
 
 ## Trusted signing
 
-It is a Microsoft fully managed end-to-end signing solution that simplifies the signing process and empowers 3rd party developers to easily build and distribute applications. This feature is currently in public preview and is part of Microsoft's commitment to an open, inclusive, and secure ecosystem.
+Trsuted Signing is a Microsoft fully managed, end-to-end signing solution that simplifies the signing process and empowers third-party developers to easily build and distribute applications.
 
 [!INCLUDE [learn-more](includes/learn-more.md)]
 
 - [What is Trusted Signing](/azure/trusted-signing/overview)
-- [Public Preview Blog](https://techcommunity.microsoft.com/t5/security-compliance-and-identity/trusted-signing-is-in-public-preview/ba-p/4103457)
 
 <!--links-->
 
diff --git a/windows/security/book/application-security-application-isolation.md b/windows/security/book/application-security-application-isolation.md
index 67e683b8de..63c56c275e 100644
--- a/windows/security/book/application-security-application-isolation.md
+++ b/windows/security/book/application-security-application-isolation.md
@@ -9,7 +9,7 @@ ms.date: 09/06/2024
 
 :::image type="content" source="images/application-security.png" alt-text="Diagram containing a list of application security features." lightbox="images/application-security.png" border="false":::
 
-## Win32 app isolation
+## :::image type="icon" source="images/new-button-title.svg" border="false"::: Win32 app isolation
 
 Win32 app isolation is a security feature designed to be the default isolation standard on Windows clients. It's built on [AppContainer][LINK-1], and offers several added security features to help the Windows platform defend against attacks that use vulnerabilities in applications or third-party libraries. To isolate their apps, developers can update their applications using Visual Studio.
 
@@ -74,7 +74,7 @@ These features can be set up using a device management solution such as Microsof
 - [Intune setting for WSL][LINK-13]
 - [Microsoft Defender for Endpoint plug-in for WSL][LINK-14]
 
-## Virtualization-based security enclaves
+## :::image type="icon" source="images/new-button-title.svg" border="false"::: Virtualization-based security enclaves
 
 A **Virtualization-based security enclave** is a software-based trusted execution environment (TEE) inside a host application. VBS enclaves enable developers to use VBS to protect their application's secrets from admin-level attacks. VBS enclaves are available on Windows 10 onwards on both x64 and ARM64.
 
diff --git a/windows/security/book/conclusion.md b/windows/security/book/conclusion.md
index 575c86d9e9..5d7f4b200c 100644
--- a/windows/security/book/conclusion.md
+++ b/windows/security/book/conclusion.md
@@ -15,12 +15,11 @@ We will continue to bring you new features to protect against evolving threats,
 
 New:
 
-- [Config Refresh](operating-system-security-system-security.md#config-refresh)
-- [Trusted signing](application-security-application-and-driver-control.md#trusted-signing)
+- [Config Refresh](operating-system-security-system-security.md#-config-refresh)
 - [VBS key protection](identity-protection-advanced-credential-protection.md#-vbs-key-protection)
-- [Virtualization-based security enclaves](application-security-application-isolation.md#virtualization-based-security-enclaves)
-- [Win32 app isolation](application-security-application-isolation.md#win32-app-isolation)
-- [Windows protected print mode](operating-system-security-system-security.md#windows-protected-print-mode)
+- [Virtualization-based security enclaves](application-security-application-isolation.md#-virtualization-based-security-enclaves)
+- [Win32 app isolation](application-security-application-isolation.md#-win32-app-isolation)
+- [Windows protected print mode](operating-system-security-system-security.md#-windows-protected-print-mode)
 
 Enhanced:
 
diff --git a/windows/security/book/features-index.md b/windows/security/book/features-index.md
index fb3592d1fa..3fb3ef26d2 100644
--- a/windows/security/book/features-index.md
+++ b/windows/security/book/features-index.md
@@ -7,4 +7,4 @@ ms.date: 09/06/2024
 
 # Features index
 
-[5G and eSIM](operating-system-security-network-security.md#5g-and-esim)<br>[Access management and control](identity-protection-advanced-credential-protection.md#access-management-and-control)<br>[Account lockout policies](identity-protection-advanced-credential-protection.md#account-lockout-policies)<br>[App containers](application-security-application-isolation.md#app-containers)<br>[App Control for Business](application-security-application-and-driver-control.md#app-control-for-business)<br>[Attack surface reduction rules](operating-system-security-virus-and-threat-protection.md#attack-surface-reduction-rules)<br>[BitLocker To Go](operating-system-security-encryption-and-data-protection.md#bitlocker-to-go)<br>[BitLocker](operating-system-security-encryption-and-data-protection.md#bitlocker)<br>[Bluetooth protection](operating-system-security-network-security.md#bluetooth-protection)<br>[Certificates](operating-system-security-system-security.md#certificates)<br>[Cloud-native device management](cloud-services-protect-your-work-information.md#cloud-native-device-management)<br>[Code signing and integrity](operating-system-security-system-security.md#code-signing-and-integrity)<br>[Common Criteria (CC)](security-foundation-certification.md#common-criteria-cc)<br>[Config Refresh](operating-system-security-system-security.md#config-refresh)<br>[Controlled folder access](operating-system-security-virus-and-threat-protection.md#controlled-folder-access)<br>[Credential Guard](identity-protection-advanced-credential-protection.md#credential-guard)<br>[Cryptography](operating-system-security-system-security.md#cryptography)<br>[Device Encryption](operating-system-security-encryption-and-data-protection.md#device-encryption)<br>[Device health attestation](operating-system-security-system-security.md#device-health-attestation)<br>[Domain Name System (DNS) security](operating-system-security-network-security.md#domain-name-system-dns-security)<br>[Email encryption](operating-system-security-encryption-and-data-protection.md#email-encryption)<br>[Encrypted hard drive](operating-system-security-encryption-and-data-protection.md#encrypted-hard-drive)<br>[Enhanced phishing protection in Microsoft Defender SmartScreen](identity-protection-passwordless-sign-in.md#enhanced-phishing-protection-in-microsoft-defender-smartscreen)<br>[Enhanced Sign-in Security (ESS)](identity-protection-passwordless-sign-in.md#enhanced-sign-in-security-ess)<br>[Exploit protection](operating-system-security-virus-and-threat-protection.md#exploit-protection)<br>[Federal Information Processing Standard (FIPS)](security-foundation-certification.md#federal-information-processing-standard-fips)<br>[Federated sign-in](identity-protection-passwordless-sign-in.md#federated-sign-in)<br>[FIDO2](identity-protection-passwordless-sign-in.md#fido2)<br>[Find my device](cloud-services-protect-your-personal-information.md#find-my-device)<br>[Kernel Direct Memory Access (DMA) protection](hardware-security-silicon-assisted-security.md#kernel-direct-memory-access-dma-protection)<br>[Kiosk mode](operating-system-security-system-security.md#kiosk-mode)<br>[Local Security Authority (LSA) protection](identity-protection-advanced-credential-protection.md#local-security-authority-lsa-protection)<br>[Microsoft Account](cloud-services-protect-your-personal-information.md#microsoft-account)<br>[Microsoft Authenticator](identity-protection-passwordless-sign-in.md#microsoft-authenticator)<br>[Microsoft Azure Attestation Service](cloud-services-protect-your-work-information.md#microsoft-azure-attestation-service)<br>[Microsoft Defender Antivirus](operating-system-security-virus-and-threat-protection.md#microsoft-defender-antivirus)<br>[Microsoft Defender for Endpoint](operating-system-security-virus-and-threat-protection.md#microsoft-defender-for-endpoint)<br>[Microsoft Defender SmartScreen](operating-system-security-virus-and-threat-protection.md#microsoft-defender-smartscreen)<br>[Microsoft Entra ID](cloud-services-protect-your-work-information.md#microsoft-entra-id)<br>[Microsoft Intune](cloud-services-protect-your-work-information.md#microsoft-intune)<br>[Microsoft Offensive Research and Security Engineering](security-foundation-offensive-research.md#microsoft-offensive-research-and-security-engineering)<br>[Microsoft Pluton security processor](hardware-security-hardware-root-of-trust.md#microsoft-pluton-security-processor)<br>[Microsoft security baselines](cloud-services-protect-your-work-information.md#microsoft-security-baselines)<br>[Microsoft Security Development Lifecycle (SDL)](security-foundation-offensive-research.md#microsoft-security-development-lifecycle-sdl)<br>[Microsoft vulnerable driver blocklist](application-security-application-and-driver-control.md#microsoft-vulnerable-driver-blocklist)<br>[Network protection](operating-system-security-virus-and-threat-protection.md#network-protection)<br>[OneDrive for personal](cloud-services-protect-your-personal-information.md#onedrive-for-personal)<br>[OneDrive for work or school](cloud-services-protect-your-work-information.md#onedrive-for-work-or-school)<br>[OneDrive Personal Vault](cloud-services-protect-your-personal-information.md#onedrive-personal-vault)<br>[OneFuzz service](security-foundation-offensive-research.md#onefuzz-service)<br>[Personal data encryption (PDE)](operating-system-security-encryption-and-data-protection.md#personal-data-encryption-pde)<br>[Privacy dashboard and report](privacy-controls.md#privacy-dashboard-and-report)<br>[Privacy resource usage](privacy-controls.md#privacy-resource-usage)<br>[Privacy transparency and controls](privacy-controls.md#privacy-transparency-and-controls)<br>[Remote Credential Guard](identity-protection-advanced-credential-protection.md#remote-credential-guard)<br>[Remote Wipe](cloud-services-protect-your-work-information.md#remote-wipe)<br>[Secure Future Initiative (SFI)](security-foundation-offensive-research.md#secure-future-initiative-sfi)<br>[Secured kernel](hardware-security-silicon-assisted-security.md#secured-kernel)<br>[Secured-core PC](hardware-security-silicon-assisted-security.md#secured-core-pc)<br>[Server Message Block file services](operating-system-security-network-security.md#server-message-block-file-services)<br>[Smart App Control](application-security-application-and-driver-control.md#smart-app-control)<br>[Smart cards](identity-protection-passwordless-sign-in.md#smart-cards)<br>[Software bill of materials (SBOM)](security-foundation-secure-supply-chain.md#software-bill-of-materials-sbom)<br>[Tamper protection](operating-system-security-virus-and-threat-protection.md#tamper-protection)<br>[Token protection](identity-protection-advanced-credential-protection.md#token-protection)<br>[Transport Layer Security (TLS)](operating-system-security-network-security.md#transport-layer-security-tls)<br>[Trusted Boot (Secure Boot + Measured Boot)](operating-system-security-system-security.md#trusted-boot-secure-boot--measured-boot)<br>[Trusted Platform Module (TPM)](hardware-security-hardware-root-of-trust.md#trusted-platform-module-tpm)<br>[Trusted signing](application-security-application-and-driver-control.md#trusted-signing)<br>[Universal Print](cloud-services-protect-your-work-information.md#universal-print)<br>[User Account Control](application-security-application-and-driver-control.md#user-account-control)<br>[VBS key protection](identity-protection-advanced-credential-protection.md#-vbs-key-protection)<br>[Virtual private networks (VPN)](operating-system-security-network-security.md#virtual-private-networks-vpn)<br>[Virtualization-based security enclaves](application-security-application-isolation.md#virtualization-based-security-enclaves)<br>[Web sign-in](identity-protection-passwordless-sign-in.md#web-sign-in)<br>[Wi-Fi connections](operating-system-security-network-security.md#wi-fi-connections)<br>[Win32 app isolation](application-security-application-isolation.md#win32-app-isolation)<br>[Windows App software development kit (SDK)](security-foundation-secure-supply-chain.md#windows-app-software-development-kit-sdk)<br>[Windows Autopatch](cloud-services-protect-your-work-information.md#windows-autopatch)<br>[Windows Autopilot](cloud-services-protect-your-work-information.md#windows-autopilot)<br>[Windows diagnostic data processor configuration](privacy-controls.md#windows-diagnostic-data-processor-configuration)<br>[Windows enrollment attestation](cloud-services-protect-your-work-information.md#windows-enrollment-attestation)<br>[Windows Firewall](operating-system-security-network-security.md#windows-firewall)<br>[Windows Hello for Business](identity-protection-passwordless-sign-in.md#windows-hello-for-business)<br>[Windows Hello](identity-protection-passwordless-sign-in.md#windows-hello)<br>[Windows Insider and Bug Bounty program](security-foundation-offensive-research.md#windows-insider-and-bug-bounty-program)<br>[Windows Local Administrator Password Solution (LAPS)](cloud-services-protect-your-work-information.md#windows-local-administrator-password-solution-laps)<br>[Windows presence sensing](identity-protection-passwordless-sign-in.md#windows-presence-sensing)<br>[Windows protected print mode](operating-system-security-system-security.md#windows-protected-print-mode)<br>[Windows Sandbox](application-security-application-isolation.md#windows-sandbox)<br>[Windows security policy settings and auditing](operating-system-security-system-security.md#windows-security-policy-settings-and-auditing)<br>[Windows security settings](operating-system-security-system-security.md#windows-security-settings)<br>[Windows Subsystem for Linux (WSL)](application-security-application-isolation.md#windows-subsystem-for-linux-wsl)<br>[Windows Update for Business](cloud-services-protect-your-work-information.md#windows-update-for-business)
+[5G and eSIM](operating-system-security-network-security.md#5g-and-esim)<br>[Access management and control](identity-protection-advanced-credential-protection.md#access-management-and-control)<br>[Account lockout policies](identity-protection-advanced-credential-protection.md#account-lockout-policies)<br>[App containers](application-security-application-isolation.md#app-containers)<br>[App Control for Business](application-security-application-and-driver-control.md#app-control-for-business)<br>[Attack surface reduction rules](operating-system-security-virus-and-threat-protection.md#attack-surface-reduction-rules)<br>[BitLocker To Go](operating-system-security-encryption-and-data-protection.md#bitlocker-to-go)<br>[BitLocker](operating-system-security-encryption-and-data-protection.md#bitlocker)<br>[Bluetooth protection](operating-system-security-network-security.md#bluetooth-protection)<br>[Certificates](operating-system-security-system-security.md#certificates)<br>[Cloud-native device management](cloud-services-protect-your-work-information.md#cloud-native-device-management)<br>[Code signing and integrity](operating-system-security-system-security.md#code-signing-and-integrity)<br>[Common Criteria (CC)](security-foundation-certification.md#common-criteria-cc)<br>[Config Refresh](operating-system-security-system-security.md#-config-refresh)<br>[Controlled folder access](operating-system-security-virus-and-threat-protection.md#controlled-folder-access)<br>[Credential Guard](identity-protection-advanced-credential-protection.md#credential-guard)<br>[Cryptography](operating-system-security-system-security.md#cryptography)<br>[Device Encryption](operating-system-security-encryption-and-data-protection.md#device-encryption)<br>[Device health attestation](operating-system-security-system-security.md#device-health-attestation)<br>[Domain Name System (DNS) security](operating-system-security-network-security.md#domain-name-system-dns-security)<br>[Email encryption](operating-system-security-encryption-and-data-protection.md#email-encryption)<br>[Encrypted hard drive](operating-system-security-encryption-and-data-protection.md#encrypted-hard-drive)<br>[Enhanced phishing protection in Microsoft Defender SmartScreen](identity-protection-passwordless-sign-in.md#enhanced-phishing-protection-in-microsoft-defender-smartscreen)<br>[Enhanced Sign-in Security (ESS)](identity-protection-passwordless-sign-in.md#enhanced-sign-in-security-ess)<br>[Exploit protection](operating-system-security-virus-and-threat-protection.md#exploit-protection)<br>[Federal Information Processing Standard (FIPS)](security-foundation-certification.md#federal-information-processing-standard-fips)<br>[Federated sign-in](identity-protection-passwordless-sign-in.md#federated-sign-in)<br>[FIDO2](identity-protection-passwordless-sign-in.md#fido2)<br>[Find my device](cloud-services-protect-your-personal-information.md#find-my-device)<br>[Kernel Direct Memory Access (DMA) protection](hardware-security-silicon-assisted-security.md#kernel-direct-memory-access-dma-protection)<br>[Kiosk mode](operating-system-security-system-security.md#kiosk-mode)<br>[Local Security Authority (LSA) protection](identity-protection-advanced-credential-protection.md#local-security-authority-lsa-protection)<br>[Microsoft Account](cloud-services-protect-your-personal-information.md#microsoft-account)<br>[Microsoft Authenticator](identity-protection-passwordless-sign-in.md#microsoft-authenticator)<br>[Microsoft Azure Attestation Service](cloud-services-protect-your-work-information.md#microsoft-azure-attestation-service)<br>[Microsoft Defender Antivirus](operating-system-security-virus-and-threat-protection.md#microsoft-defender-antivirus)<br>[Microsoft Defender for Endpoint](operating-system-security-virus-and-threat-protection.md#microsoft-defender-for-endpoint)<br>[Microsoft Defender SmartScreen](operating-system-security-virus-and-threat-protection.md#microsoft-defender-smartscreen)<br>[Microsoft Entra ID](cloud-services-protect-your-work-information.md#microsoft-entra-id)<br>[Microsoft Intune](cloud-services-protect-your-work-information.md#microsoft-intune)<br>[Microsoft Offensive Research and Security Engineering](security-foundation-offensive-research.md#microsoft-offensive-research-and-security-engineering)<br>[Microsoft Pluton security processor](hardware-security-hardware-root-of-trust.md#microsoft-pluton-security-processor)<br>[Microsoft security baselines](cloud-services-protect-your-work-information.md#microsoft-security-baselines)<br>[Microsoft Security Development Lifecycle (SDL)](security-foundation-offensive-research.md#microsoft-security-development-lifecycle-sdl)<br>[Microsoft vulnerable driver blocklist](application-security-application-and-driver-control.md#microsoft-vulnerable-driver-blocklist)<br>[Network protection](operating-system-security-virus-and-threat-protection.md#network-protection)<br>[OneDrive for personal](cloud-services-protect-your-personal-information.md#onedrive-for-personal)<br>[OneDrive for work or school](cloud-services-protect-your-work-information.md#onedrive-for-work-or-school)<br>[OneDrive Personal Vault](cloud-services-protect-your-personal-information.md#onedrive-personal-vault)<br>[OneFuzz service](security-foundation-offensive-research.md#onefuzz-service)<br>[Personal data encryption (PDE)](operating-system-security-encryption-and-data-protection.md#personal-data-encryption-pde)<br>[Privacy dashboard and report](privacy-controls.md#privacy-dashboard-and-report)<br>[Privacy resource usage](privacy-controls.md#privacy-resource-usage)<br>[Privacy transparency and controls](privacy-controls.md#privacy-transparency-and-controls)<br>[Remote Credential Guard](identity-protection-advanced-credential-protection.md#remote-credential-guard)<br>[Remote Wipe](cloud-services-protect-your-work-information.md#remote-wipe)<br>[Secure Future Initiative (SFI)](security-foundation-offensive-research.md#secure-future-initiative-sfi)<br>[Secured kernel](hardware-security-silicon-assisted-security.md#secured-kernel)<br>[Secured-core PC](hardware-security-silicon-assisted-security.md#secured-core-pc)<br>[Server Message Block file services](operating-system-security-network-security.md#server-message-block-file-services)<br>[Smart App Control](application-security-application-and-driver-control.md#smart-app-control)<br>[Smart cards](identity-protection-passwordless-sign-in.md#smart-cards)<br>[Software bill of materials (SBOM)](security-foundation-secure-supply-chain.md#software-bill-of-materials-sbom)<br>[Tamper protection](operating-system-security-virus-and-threat-protection.md#tamper-protection)<br>[Token protection](identity-protection-advanced-credential-protection.md#token-protection)<br>[Transport Layer Security (TLS)](operating-system-security-network-security.md#transport-layer-security-tls)<br>[Trusted Boot (Secure Boot + Measured Boot)](operating-system-security-system-security.md#trusted-boot-secure-boot--measured-boot)<br>[Trusted Platform Module (TPM)](hardware-security-hardware-root-of-trust.md#trusted-platform-module-tpm)<br>[Trusted signing](application-security-application-and-driver-control.md#trusted-signing)<br>[Universal Print](cloud-services-protect-your-work-information.md#universal-print)<br>[User Account Control](application-security-application-and-driver-control.md#user-account-control)<br>[VBS key protection](identity-protection-advanced-credential-protection.md#-vbs-key-protection)<br>[Virtual private networks (VPN)](operating-system-security-network-security.md#virtual-private-networks-vpn)<br>[Virtualization-based security enclaves](application-security-application-isolation.md#-virtualization-based-security-enclaves)<br>[Web sign-in](identity-protection-passwordless-sign-in.md#web-sign-in)<br>[Wi-Fi connections](operating-system-security-network-security.md#wi-fi-connections)<br>[Win32 app isolation](application-security-application-isolation.md#-win32-app-isolation)<br>[Windows App software development kit (SDK)](security-foundation-secure-supply-chain.md#windows-app-software-development-kit-sdk)<br>[Windows Autopatch](cloud-services-protect-your-work-information.md#windows-autopatch)<br>[Windows Autopilot](cloud-services-protect-your-work-information.md#windows-autopilot)<br>[Windows diagnostic data processor configuration](privacy-controls.md#windows-diagnostic-data-processor-configuration)<br>[Windows enrollment attestation](cloud-services-protect-your-work-information.md#windows-enrollment-attestation)<br>[Windows Firewall](operating-system-security-network-security.md#windows-firewall)<br>[Windows Hello for Business](identity-protection-passwordless-sign-in.md#windows-hello-for-business)<br>[Windows Hello](identity-protection-passwordless-sign-in.md#windows-hello)<br>[Windows Insider and Bug Bounty program](security-foundation-offensive-research.md#windows-insider-and-bug-bounty-program)<br>[Windows Local Administrator Password Solution (LAPS)](cloud-services-protect-your-work-information.md#windows-local-administrator-password-solution-laps)<br>[Windows presence sensing](identity-protection-passwordless-sign-in.md#windows-presence-sensing)<br>[Windows protected print mode](operating-system-security-system-security.md#-windows-protected-print-mode)<br>[Windows Sandbox](application-security-application-isolation.md#windows-sandbox)<br>[Windows security policy settings and auditing](operating-system-security-system-security.md#windows-security-policy-settings-and-auditing)<br>[Windows security settings](operating-system-security-system-security.md#windows-security-settings)<br>[Windows Subsystem for Linux (WSL)](application-security-application-isolation.md#windows-subsystem-for-linux-wsl)<br>[Windows Update for Business](cloud-services-protect-your-work-information.md#windows-update-for-business)
diff --git a/windows/security/book/operating-system-security-system-security.md b/windows/security/book/operating-system-security-system-security.md
index aab391c28e..a50e796ba5 100644
--- a/windows/security/book/operating-system-security-system-security.md
+++ b/windows/security/book/operating-system-security-system-security.md
@@ -112,7 +112,7 @@ Visibility and awareness of device security and health are key to any action tak
 - [Windows security settings][LINK-7]
 - [Windows Security][LINK-8]
 
-## Config Refresh
+## :::image type="icon" source="images/new-button-title.svg" border="false"::: Config Refresh
 
 With traditional group policy, policy settings are refreshed on a PC when a user signs in and every 90 minutes by default. Administrators can adjust that timing to be shorter to ensure that the policy settings are compliant with the management settings set by IT.
 
@@ -134,7 +134,7 @@ With Assigned Access and Shell Launcher, you can configure Windows to restrict f
 
 - [Windows kiosks and restricted user experiences](/windows/configuration/assigned-access)
 
-## Windows protected print mode
+## :::image type="icon" source="images/new-button-title.svg" border="false"::: Windows protected print mode
 
 Windows protected print mode is built to provide a more modern and secure print system that maximizes compatibility and puts users first. It simplifies the printing experience by allowing devices to exclusively print using the Windows modern print stack.