From ee91df6b077e6ea54ac391fa3e948052eec9ebf1 Mon Sep 17 00:00:00 2001 From: VARADHARAJAN K <3296790+RAJU2529@users.noreply.github.com> Date: Wed, 17 Nov 2021 18:55:28 +0530 Subject: [PATCH 01/18] added link with adjustments, as per user report #10119, so i adjusted links with symbols and arranged the top[ics in ascending order for easy understanding. I need help from @JohanFreelancer9. --- windows/security/threat-protection/index.md | 23 +++++++++++---------- 1 file changed, 12 insertions(+), 11 deletions(-) diff --git a/windows/security/threat-protection/index.md b/windows/security/threat-protection/index.md index 7baa36b1a0..c95857ed71 100644 --- a/windows/security/threat-protection/index.md +++ b/windows/security/threat-protection/index.md @@ -29,23 +29,24 @@ In Windows client, hardware and software work together to help protect you from See the following articles to learn more about the different areas of Windows threat protection: -- [Microsoft Defender Application Guard](\windows\security\threat-protection\microsoft-defender-application-guard\md-app-guard-overview.md) -- [Virtualization-based protection of code integrity](\windows\security\threat-protection\device-guard\enable-virtualization-based-protection-of-code-integrity.md) -- [Application control](/windows-defender-application-control/windows-defender-application-control.md) +- [Application Control](/windows-defender-application-control/windows-defender-application-control.md) +- [Attack Surface Reduction Rules](/microsoft-365/security/defender-endpoint/attack-surface-reduction) +- [Controlled Folder Access](/microsoft-365/security/defender-endpoint/controlled-folders) +- [Exploit Protection](/microsoft-365/security/defender-endpoint/exploit-protection) +- [Microsoft Defender Application Guard](/windows/security/threat-protection/microsoft-defender-application-guard/md-app-guard-overview.md) - [Microsoft Defender Device Guard](device-guard/introduction-to-device-guard-virtualization-based-security-and-windows-defender-application-control.md) -- [Exploit protection](/microsoft-365/security/defender-endpoint/exploit-protection) -- [Network protection](/microsoft-365/security/defender-endpoint/network-protection), [web protection](/microsoft-365/security/defender-endpoint/web-protection-overview) -- [Microsoft Defender SmartScreen](\windows\security\threat-protection\microsoft-defender-smartscreen\microsoft-defender-smartscreen-overview.md) -- [Controlled folder access](/microsoft-365/security/defender-endpoint/controlled-folders) -- [Network firewall](windows-firewall/windows-firewall-with-advanced-security.md) -- [Attack surface reduction rules](/microsoft-365/security/defender-endpoint/attack-surface-reduction) -- [Windows Sandbox](\windows\security\threat-protection\windows-sandbox\windows-sandbox-overview.md) +- [Microsoft Defender SmartScreen](/windows/security/threat-protection/microsoft-defender-smartscreen/microsoft-defender-smartscreen-overview.md) +- [Network Protection](/microsoft-365/security/defender-endpoint/network-protection)- +- [Virtualization-Based Protection of Code Integrity](/windows/security/threat-protection/device-guard/enable-virtualization-based-protection-of-code-integrity.md) +- [Web Protection](/microsoft-365/security/defender-endpoint/web-protection-overview) +- [Windows Firewall](windows-firewall/windows-firewall-with-advanced-security.md) +- [Windows Sandbox](/windows/security/threat-protection/windows-sandbox/windows-sandbox-overview.md) ### Next-generation protection Next-generation protection is designed to identify and block new and emerging threats. Powered by the cloud and machine learning, Microsoft Defender Antivirus can help stop attacks in real-time. +- [Automated sandbox service](/microsoft-365/security/defender-endpoint/configure-block-at-first-sight-microsoft-defender-antivirus) - [Behavior monitoring](/microsoft-365/security/defender-endpoint/configure-real-time-protection-microsoft-defender-antivirus) - [Cloud-based protection](/microsoft-365/security/defender-endpoint/configure-protection-features-microsoft-defender-antivirus) - [Machine learning](/microsoft-365/security/defender-endpoint/cloud-protection-microsoft-defender-antivirus) - [URL Protection](/microsoft-365/security/defender-endpoint/configure-network-connections-microsoft-defender-antivirus) -- [Automated sandbox service](/microsoft-365/security/defender-endpoint/configure-block-at-first-sight-microsoft-defender-antivirus) \ No newline at end of file From 229abdc68bcd3ee47952dd970f73ca7fa82ba17a Mon Sep 17 00:00:00 2001 From: VARADHARAJAN K <3296790+RAJU2529@users.noreply.github.com> Date: Thu, 18 Nov 2021 11:40:51 +0530 Subject: [PATCH 02/18] Update windows/security/threat-protection/index.md Accepted Co-authored-by: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com> --- windows/security/threat-protection/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/index.md b/windows/security/threat-protection/index.md index c95857ed71..7cf2f166da 100644 --- a/windows/security/threat-protection/index.md +++ b/windows/security/threat-protection/index.md @@ -36,7 +36,7 @@ See the following articles to learn more about the different areas of Windows th - [Microsoft Defender Application Guard](/windows/security/threat-protection/microsoft-defender-application-guard/md-app-guard-overview.md) - [Microsoft Defender Device Guard](device-guard/introduction-to-device-guard-virtualization-based-security-and-windows-defender-application-control.md) - [Microsoft Defender SmartScreen](/windows/security/threat-protection/microsoft-defender-smartscreen/microsoft-defender-smartscreen-overview.md) -- [Network Protection](/microsoft-365/security/defender-endpoint/network-protection)- +- [Network Protection](/microsoft-365/security/defender-endpoint/network-protection) - [Virtualization-Based Protection of Code Integrity](/windows/security/threat-protection/device-guard/enable-virtualization-based-protection-of-code-integrity.md) - [Web Protection](/microsoft-365/security/defender-endpoint/web-protection-overview) - [Windows Firewall](windows-firewall/windows-firewall-with-advanced-security.md) From 01e1b3a238bad02e0a5f8c9bf1cb8f17617b0bdb Mon Sep 17 00:00:00 2001 From: Rafael Ortiz Date: Fri, 19 Nov 2021 09:24:46 -0500 Subject: [PATCH 03/18] Update basic-audit-logon-events.md --- .../threat-protection/auditing/basic-audit-logon-events.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/auditing/basic-audit-logon-events.md b/windows/security/threat-protection/auditing/basic-audit-logon-events.md index 01b1068234..c0be497365 100644 --- a/windows/security/threat-protection/auditing/basic-audit-logon-events.md +++ b/windows/security/threat-protection/auditing/basic-audit-logon-events.md @@ -45,7 +45,7 @@ You can configure this security setting by opening the appropriate policy under | 4779 | A user disconnected a terminal server session without logging off. | -When event 528 is logged, a logon type is also listed in the event log. The following table describes each logon type. +When event 4624 (Legacy Windows Event ID 528) is logged, a logon type is also listed in the event log. The following table describes each logon type. | Logon type | Logon title | Description | | - | - | - | From 7056b2edb5e03fbf7cb631382a635771b654af55 Mon Sep 17 00:00:00 2001 From: Ashok Lobo Date: Mon, 29 Nov 2021 14:44:26 +0530 Subject: [PATCH 04/18] Updated metadata for privacy topics as per task 5499114 --- ...uired-windows-diagnostic-data-events-and-fields-2004.md | 3 ++- windows/privacy/windows-10-and-privacy-compliance.md | 5 +++-- .../windows-11-endpoints-non-enterprise-editions.md | 6 ++++-- windows/privacy/windows-diagnostic-data-1703.md | 5 +++-- windows/privacy/windows-diagnostic-data.md | 5 +++-- .../windows-endpoints-1709-non-enterprise-editions.md | 7 ++++--- .../windows-endpoints-1803-non-enterprise-editions.md | 5 +++-- .../windows-endpoints-1809-non-enterprise-editions.md | 5 +++-- .../windows-endpoints-1903-non-enterprise-editions.md | 5 +++-- .../windows-endpoints-1909-non-enterprise-editions.md | 5 +++-- .../windows-endpoints-2004-non-enterprise-editions.md | 5 +++-- .../windows-endpoints-20H2-non-enterprise-editions.md | 5 +++-- .../windows-endpoints-21H1-non-enterprise-editions.md | 5 +++-- 13 files changed, 40 insertions(+), 26 deletions(-) diff --git a/windows/privacy/required-windows-diagnostic-data-events-and-fields-2004.md b/windows/privacy/required-windows-diagnostic-data-events-and-fields-2004.md index 5c6f22d52c..e6847ce5a3 100644 --- a/windows/privacy/required-windows-diagnostic-data-events-and-fields-2004.md +++ b/windows/privacy/required-windows-diagnostic-data-events-and-fields-2004.md @@ -2,7 +2,7 @@ description: Use this article to learn more about what required Windows diagnostic data is gathered. title: Windows 10, version 21H2, Windows 10, version 21H1, Windows 10, version 20H2 and Windows 10, version 2004 required diagnostic events and fields (Windows 10) keywords: privacy, telemetry -ms.prod: w10 +ms.prod: m365-security ms.mktglfcycl: manage ms.sitesec: library ms.pagetype: security @@ -14,6 +14,7 @@ ms.collection: M365-security-compliance ms.topic: article audience: ITPro ms.date: +ms.technology: windows-privacy --- diff --git a/windows/privacy/windows-10-and-privacy-compliance.md b/windows/privacy/windows-10-and-privacy-compliance.md index 0930e7356b..418784f7f1 100644 --- a/windows/privacy/windows-10-and-privacy-compliance.md +++ b/windows/privacy/windows-10-and-privacy-compliance.md @@ -2,7 +2,7 @@ title: Windows Privacy Compliance Guide description: This article provides information to help IT and compliance professionals understand the personal data policies as related to Windows. keywords: privacy, GDPR, compliance -ms.prod: w10 +ms.prod: m365-security ms.mktglfcycl: manage ms.sitesec: library ms.pagetype: security @@ -13,7 +13,8 @@ ms.author: brianlic manager: dansimp ms.collection: M365-security-compliance ms.topic: article -ms.date: 10/04/2021 +ms.date: 11/29/2021 +ms.technology: windows-privacy --- # Windows Privacy Compliance:
A Guide for IT and Compliance Professionals diff --git a/windows/privacy/windows-11-endpoints-non-enterprise-editions.md b/windows/privacy/windows-11-endpoints-non-enterprise-editions.md index 1e8dc3c6e9..811e437bbc 100644 --- a/windows/privacy/windows-11-endpoints-non-enterprise-editions.md +++ b/windows/privacy/windows-11-endpoints-non-enterprise-editions.md @@ -2,7 +2,7 @@ title: Windows 11 connection endpoints for non-Enterprise editions description: Explains what Windows 11 endpoints are used in non-Enterprise editions. Specific to Windows 11. keywords: privacy, manage connections to Microsoft, Windows 10, Windows Server 2016 -ms.prod: w10 +ms.prod: m365-security ms.mktglfcycl: manage ms.sitesec: library ms.localizationpriority: high @@ -12,7 +12,9 @@ ms.author: v-hakima manager: robsize ms.collection: M365-security-compliance ms.topic: article -ms.date: 10/04/2021 +ms.date: 11/29/2021 +ms.technology: windows-privacy + --- # Windows 11 connection endpoints for non-Enterprise editions diff --git a/windows/privacy/windows-diagnostic-data-1703.md b/windows/privacy/windows-diagnostic-data-1703.md index 1137e6a744..199c112c91 100644 --- a/windows/privacy/windows-diagnostic-data-1703.md +++ b/windows/privacy/windows-diagnostic-data-1703.md @@ -2,7 +2,7 @@ title: Windows 10 diagnostic data for the Full diagnostic data level (Windows 10) description: Use this article to learn about the types of data that is collected the Full diagnostic data level. keywords: privacy,Windows 10 -ms.prod: w10 +ms.prod: m365-security ms.mktglfcycl: manage ms.sitesec: library ms.localizationpriority: high @@ -12,8 +12,9 @@ ms.author: dansimp manager: dansimp ms.collection: M365-security-compliance ms.topic: article -ms.date: 11/28/2017 +ms.date: 11/29/2021 ms.reviewer: +ms.technology: windows-privacy --- # Windows 10 diagnostic data for the Full diagnostic data level diff --git a/windows/privacy/windows-diagnostic-data.md b/windows/privacy/windows-diagnostic-data.md index 711144eaff..08672b5284 100644 --- a/windows/privacy/windows-diagnostic-data.md +++ b/windows/privacy/windows-diagnostic-data.md @@ -2,7 +2,7 @@ title: Windows 10, version 1709 and Windows 11 and later optional diagnostic data (Windows 10) description: Use this article to learn about the types of optional diagnostic data that is collected. keywords: privacy,Windows 10 -ms.prod: w10 +ms.prod: m365-security ms.mktglfcycl: manage ms.sitesec: library ms.localizationpriority: high @@ -12,7 +12,8 @@ ms.author: dansimp manager: dansimp ms.collection: M365-security-compliance ms.topic: article -ms.reviewer: +ms.reviewer: +ms.technology: windows-privacy --- # Windows 10, version 1709 and later and Windows 11 optional diagnostic data diff --git a/windows/privacy/windows-endpoints-1709-non-enterprise-editions.md b/windows/privacy/windows-endpoints-1709-non-enterprise-editions.md index 4d7cae37b2..bfb32a27b7 100644 --- a/windows/privacy/windows-endpoints-1709-non-enterprise-editions.md +++ b/windows/privacy/windows-endpoints-1709-non-enterprise-editions.md @@ -2,7 +2,7 @@ title: Windows 10, version 1709, connection endpoints for non-Enterprise editions description: Explains what Windows 10 endpoints are used in non-Enterprise editions. Specific to Windows 10, version 1709. keywords: privacy, manage connections to Microsoft, Windows 10, Windows Server 2016 -ms.prod: w10 +ms.prod: m365-security ms.mktglfcycl: manage ms.sitesec: library ms.localizationpriority: high @@ -12,8 +12,9 @@ ms.author: dansimp manager: dansimp ms.collection: M365-security-compliance ms.topic: article -ms.date: 6/26/2018 -ms.reviewer: +ms.date: 11/29/2021 +ms.reviewer: +ms.technology: windows-privacy --- # Windows 10, version 1709, connection endpoints for non-Enterprise editions diff --git a/windows/privacy/windows-endpoints-1803-non-enterprise-editions.md b/windows/privacy/windows-endpoints-1803-non-enterprise-editions.md index dfc17c31c3..be66e353ad 100644 --- a/windows/privacy/windows-endpoints-1803-non-enterprise-editions.md +++ b/windows/privacy/windows-endpoints-1803-non-enterprise-editions.md @@ -2,7 +2,7 @@ title: Windows 10, version 1803, connection endpoints for non-Enterprise editions description: Explains what Windows 10 endpoints are used in non-Enterprise editions. Specific to Windows 10, version 1803. keywords: privacy, manage connections to Microsoft, Windows 10, Windows Server 2016 -ms.prod: w10 +ms.prod: m365-security ms.mktglfcycl: manage ms.sitesec: library ms.localizationpriority: high @@ -12,8 +12,9 @@ ms.author: dansimp manager: dansimp ms.collection: M365-security-compliance ms.topic: article -ms.date: 6/26/2018 +ms.date: 11/29/2021 ms.reviewer: +ms.technology: windows-privacy --- # Windows 10, version 1803, connection endpoints for non-Enterprise editions diff --git a/windows/privacy/windows-endpoints-1809-non-enterprise-editions.md b/windows/privacy/windows-endpoints-1809-non-enterprise-editions.md index aea47d78e8..d7a00eee0a 100644 --- a/windows/privacy/windows-endpoints-1809-non-enterprise-editions.md +++ b/windows/privacy/windows-endpoints-1809-non-enterprise-editions.md @@ -2,7 +2,7 @@ title: Windows 10, version 1809, connection endpoints for non-Enterprise editions description: Explains what Windows 10 endpoints are used in non-Enterprise editions. Specific to Windows 10, version 1809. keywords: privacy, manage connections to Microsoft, Windows 10, Windows Server 2016 -ms.prod: w10 +ms.prod: m365-security ms.mktglfcycl: manage ms.sitesec: library ms.localizationpriority: high @@ -12,8 +12,9 @@ ms.author: dansimp manager: dansimp ms.collection: M365-security-compliance ms.topic: article -ms.date: 6/26/2018 +ms.date: 11/29/2021 ms.reviewer: +ms.technology: windows-privacy --- # Windows 10, version 1809, connection endpoints for non-Enterprise editions diff --git a/windows/privacy/windows-endpoints-1903-non-enterprise-editions.md b/windows/privacy/windows-endpoints-1903-non-enterprise-editions.md index da43880ca5..74e2169a9e 100644 --- a/windows/privacy/windows-endpoints-1903-non-enterprise-editions.md +++ b/windows/privacy/windows-endpoints-1903-non-enterprise-editions.md @@ -2,7 +2,7 @@ title: Windows 10, version 1903, connection endpoints for non-Enterprise editions description: Explains what Windows 10 endpoints are used in non-Enterprise editions. Specific to Windows 10, version 1903. keywords: privacy, manage connections to Microsoft, Windows 10, Windows Server 2016 -ms.prod: w10 +ms.prod: m365-security ms.mktglfcycl: manage ms.sitesec: library ms.localizationpriority: high @@ -12,7 +12,8 @@ ms.author: obezeajo manager: robsize ms.collection: M365-security-compliance ms.topic: article -ms.date: 7/22/2020 +ms.date: 11/29/2021 +ms.technology: windows-privacy --- # Windows 10, version 1903, connection endpoints for non-Enterprise editions diff --git a/windows/privacy/windows-endpoints-1909-non-enterprise-editions.md b/windows/privacy/windows-endpoints-1909-non-enterprise-editions.md index 90ab13ce23..88e9411a67 100644 --- a/windows/privacy/windows-endpoints-1909-non-enterprise-editions.md +++ b/windows/privacy/windows-endpoints-1909-non-enterprise-editions.md @@ -2,7 +2,7 @@ title: Windows 10, version 1909, connection endpoints for non-Enterprise editions description: Explains what Windows 10 endpoints are used in non-Enterprise editions. Specific to Windows 10, version 1909. keywords: privacy, manage connections to Microsoft, Windows 10, Windows Server 2016 -ms.prod: w10 +ms.prod: m365-security ms.mktglfcycl: manage ms.sitesec: library ms.localizationpriority: high @@ -12,7 +12,8 @@ ms.author: v-hakima manager: obezeajo ms.collection: M365-security-compliance ms.topic: article -ms.date: 08/18/2020 +ms.date: 11/29/2021 +ms.technology: windows-privacy --- # Windows 10, version 1909, connection endpoints for non-Enterprise editions diff --git a/windows/privacy/windows-endpoints-2004-non-enterprise-editions.md b/windows/privacy/windows-endpoints-2004-non-enterprise-editions.md index d0be97841e..d42b91e066 100644 --- a/windows/privacy/windows-endpoints-2004-non-enterprise-editions.md +++ b/windows/privacy/windows-endpoints-2004-non-enterprise-editions.md @@ -2,7 +2,7 @@ title: Windows 10, version 2004, connection endpoints for non-Enterprise editions description: Explains what Windows 10 endpoints are used in non-Enterprise editions. Specific to Windows 10, version 2004. keywords: privacy, manage connections to Microsoft, Windows 10, Windows Server 2016 -ms.prod: w10 +ms.prod: m365-security ms.mktglfcycl: manage ms.sitesec: library ms.localizationpriority: high @@ -12,7 +12,8 @@ ms.author: obezeajo manager: robsize ms.collection: M365-security-compliance ms.topic: article -ms.date: 5/11/2020 +ms.date: 11/29/2021 +ms.technology: windows-privacy --- # Windows 10, version 2004, connection endpoints for non-Enterprise editions diff --git a/windows/privacy/windows-endpoints-20H2-non-enterprise-editions.md b/windows/privacy/windows-endpoints-20H2-non-enterprise-editions.md index 66a3637398..3024dfb189 100644 --- a/windows/privacy/windows-endpoints-20H2-non-enterprise-editions.md +++ b/windows/privacy/windows-endpoints-20H2-non-enterprise-editions.md @@ -2,7 +2,7 @@ title: Windows 10, version 20H2, connection endpoints for non-Enterprise editions description: Explains what Windows 10 endpoints are used in non-Enterprise editions. Specific to Windows 10, version 20H2. keywords: privacy, manage connections to Microsoft, Windows 10, Windows Server 2016 -ms.prod: w10 +ms.prod: m365-security ms.mktglfcycl: manage ms.sitesec: library ms.localizationpriority: high @@ -12,7 +12,8 @@ ms.author: v-hakima manager: robsize ms.collection: M365-security-compliance ms.topic: article -ms.date: 12/17/2020 +ms.date: 11/29/2021 +ms.technology: windows-privacy --- # Windows 10, version 20H2, connection endpoints for non-Enterprise editions diff --git a/windows/privacy/windows-endpoints-21H1-non-enterprise-editions.md b/windows/privacy/windows-endpoints-21H1-non-enterprise-editions.md index 6fde4a825a..bf122a9128 100644 --- a/windows/privacy/windows-endpoints-21H1-non-enterprise-editions.md +++ b/windows/privacy/windows-endpoints-21H1-non-enterprise-editions.md @@ -2,7 +2,7 @@ title: Windows 10, version 21H1, connection endpoints for non-Enterprise editions description: Explains what Windows 10 endpoints are used in non-Enterprise editions. Specific to Windows 10, version 21H1. keywords: privacy, manage connections to Microsoft, Windows 10, Windows Server 2016 -ms.prod: w10 +ms.prod: m365-security ms.mktglfcycl: manage ms.sitesec: library ms.localizationpriority: high @@ -12,7 +12,8 @@ ms.author: v-hakima manager: robsize ms.collection: M365-security-compliance ms.topic: article -ms.date: 10/04/2021 +ms.date: 11/29/2021 +ms.technology: windows-privacy --- # Windows 10, version 21H1, connection endpoints for non-Enterprise editions From 17e5a127a6771ee69d1d87bdca68e3a99bf35ec9 Mon Sep 17 00:00:00 2001 From: Ashok Lobo Date: Wed, 1 Dec 2021 10:09:12 +0530 Subject: [PATCH 05/18] Metadata updated --- ...required-windows-diagnostic-data-events-and-fields-2004.md | 2 +- windows/privacy/windows-10-and-privacy-compliance.md | 4 ++-- .../privacy/windows-11-endpoints-non-enterprise-editions.md | 4 ++-- windows/privacy/windows-diagnostic-data-1703.md | 4 ++-- windows/privacy/windows-diagnostic-data.md | 2 +- .../privacy/windows-endpoints-1709-non-enterprise-editions.md | 4 ++-- .../privacy/windows-endpoints-1803-non-enterprise-editions.md | 4 ++-- .../privacy/windows-endpoints-1809-non-enterprise-editions.md | 4 ++-- .../privacy/windows-endpoints-1903-non-enterprise-editions.md | 4 ++-- .../privacy/windows-endpoints-1909-non-enterprise-editions.md | 4 ++-- .../privacy/windows-endpoints-2004-non-enterprise-editions.md | 4 ++-- .../privacy/windows-endpoints-20H2-non-enterprise-editions.md | 4 ++-- .../privacy/windows-endpoints-21H1-non-enterprise-editions.md | 4 ++-- 13 files changed, 24 insertions(+), 24 deletions(-) diff --git a/windows/privacy/required-windows-diagnostic-data-events-and-fields-2004.md b/windows/privacy/required-windows-diagnostic-data-events-and-fields-2004.md index 2d2ebbc742..029b3c691d 100644 --- a/windows/privacy/required-windows-diagnostic-data-events-and-fields-2004.md +++ b/windows/privacy/required-windows-diagnostic-data-events-and-fields-2004.md @@ -16,7 +16,7 @@ ms.collection: ms.topic: article audience: ITPro ms.date: -ms.technology: windows-privacy +ms.technology: privacy --- diff --git a/windows/privacy/windows-10-and-privacy-compliance.md b/windows/privacy/windows-10-and-privacy-compliance.md index 418784f7f1..0e97842d03 100644 --- a/windows/privacy/windows-10-and-privacy-compliance.md +++ b/windows/privacy/windows-10-and-privacy-compliance.md @@ -13,8 +13,8 @@ ms.author: brianlic manager: dansimp ms.collection: M365-security-compliance ms.topic: article -ms.date: 11/29/2021 -ms.technology: windows-privacy +ms.date: 12/01/2021 +ms.technology: privacy --- # Windows Privacy Compliance:
A Guide for IT and Compliance Professionals diff --git a/windows/privacy/windows-11-endpoints-non-enterprise-editions.md b/windows/privacy/windows-11-endpoints-non-enterprise-editions.md index a0bc17edbe..46077125ab 100644 --- a/windows/privacy/windows-11-endpoints-non-enterprise-editions.md +++ b/windows/privacy/windows-11-endpoints-non-enterprise-editions.md @@ -14,8 +14,8 @@ ms.collection: - M365-security-compliance - highpri ms.topic: article -ms.date: 11/29/2021 -ms.technology: windows-privacy +ms.date: 12/01/2021 +ms.technology: privacy --- # Windows 11 connection endpoints for non-Enterprise editions diff --git a/windows/privacy/windows-diagnostic-data-1703.md b/windows/privacy/windows-diagnostic-data-1703.md index 199c112c91..0ccee01ea1 100644 --- a/windows/privacy/windows-diagnostic-data-1703.md +++ b/windows/privacy/windows-diagnostic-data-1703.md @@ -12,9 +12,9 @@ ms.author: dansimp manager: dansimp ms.collection: M365-security-compliance ms.topic: article -ms.date: 11/29/2021 +ms.date: 12/01/2021 ms.reviewer: -ms.technology: windows-privacy +ms.technology: privacy --- # Windows 10 diagnostic data for the Full diagnostic data level diff --git a/windows/privacy/windows-diagnostic-data.md b/windows/privacy/windows-diagnostic-data.md index eb60227617..88faf6a75d 100644 --- a/windows/privacy/windows-diagnostic-data.md +++ b/windows/privacy/windows-diagnostic-data.md @@ -15,7 +15,7 @@ ms.collection: - highpri ms.topic: article ms.reviewer: -ms.technology: windows-privacy +ms.technology: privacy --- diff --git a/windows/privacy/windows-endpoints-1709-non-enterprise-editions.md b/windows/privacy/windows-endpoints-1709-non-enterprise-editions.md index bfb32a27b7..b3c1cee7bb 100644 --- a/windows/privacy/windows-endpoints-1709-non-enterprise-editions.md +++ b/windows/privacy/windows-endpoints-1709-non-enterprise-editions.md @@ -12,9 +12,9 @@ ms.author: dansimp manager: dansimp ms.collection: M365-security-compliance ms.topic: article -ms.date: 11/29/2021 +ms.date: 12/01/2021 ms.reviewer: -ms.technology: windows-privacy +ms.technology: privacy --- # Windows 10, version 1709, connection endpoints for non-Enterprise editions diff --git a/windows/privacy/windows-endpoints-1803-non-enterprise-editions.md b/windows/privacy/windows-endpoints-1803-non-enterprise-editions.md index be66e353ad..b3ec01bc64 100644 --- a/windows/privacy/windows-endpoints-1803-non-enterprise-editions.md +++ b/windows/privacy/windows-endpoints-1803-non-enterprise-editions.md @@ -12,9 +12,9 @@ ms.author: dansimp manager: dansimp ms.collection: M365-security-compliance ms.topic: article -ms.date: 11/29/2021 +ms.date: 12/01/2021 ms.reviewer: -ms.technology: windows-privacy +ms.technology: privacy --- # Windows 10, version 1803, connection endpoints for non-Enterprise editions diff --git a/windows/privacy/windows-endpoints-1809-non-enterprise-editions.md b/windows/privacy/windows-endpoints-1809-non-enterprise-editions.md index d7a00eee0a..ff4d97cb72 100644 --- a/windows/privacy/windows-endpoints-1809-non-enterprise-editions.md +++ b/windows/privacy/windows-endpoints-1809-non-enterprise-editions.md @@ -12,9 +12,9 @@ ms.author: dansimp manager: dansimp ms.collection: M365-security-compliance ms.topic: article -ms.date: 11/29/2021 +ms.date: 12/01/2021 ms.reviewer: -ms.technology: windows-privacy +ms.technology: privacy --- # Windows 10, version 1809, connection endpoints for non-Enterprise editions diff --git a/windows/privacy/windows-endpoints-1903-non-enterprise-editions.md b/windows/privacy/windows-endpoints-1903-non-enterprise-editions.md index 74e2169a9e..35c45a23cf 100644 --- a/windows/privacy/windows-endpoints-1903-non-enterprise-editions.md +++ b/windows/privacy/windows-endpoints-1903-non-enterprise-editions.md @@ -12,8 +12,8 @@ ms.author: obezeajo manager: robsize ms.collection: M365-security-compliance ms.topic: article -ms.date: 11/29/2021 -ms.technology: windows-privacy +ms.date: 12/01/2021 +ms.technology: privacy --- # Windows 10, version 1903, connection endpoints for non-Enterprise editions diff --git a/windows/privacy/windows-endpoints-1909-non-enterprise-editions.md b/windows/privacy/windows-endpoints-1909-non-enterprise-editions.md index 88e9411a67..bf8ec55031 100644 --- a/windows/privacy/windows-endpoints-1909-non-enterprise-editions.md +++ b/windows/privacy/windows-endpoints-1909-non-enterprise-editions.md @@ -12,8 +12,8 @@ ms.author: v-hakima manager: obezeajo ms.collection: M365-security-compliance ms.topic: article -ms.date: 11/29/2021 -ms.technology: windows-privacy +ms.date: 12/01/2021 +ms.technology: privacy --- # Windows 10, version 1909, connection endpoints for non-Enterprise editions diff --git a/windows/privacy/windows-endpoints-2004-non-enterprise-editions.md b/windows/privacy/windows-endpoints-2004-non-enterprise-editions.md index d42b91e066..70a1ae17e9 100644 --- a/windows/privacy/windows-endpoints-2004-non-enterprise-editions.md +++ b/windows/privacy/windows-endpoints-2004-non-enterprise-editions.md @@ -12,8 +12,8 @@ ms.author: obezeajo manager: robsize ms.collection: M365-security-compliance ms.topic: article -ms.date: 11/29/2021 -ms.technology: windows-privacy +ms.date: 12/01/2021 +ms.technology: privacy --- # Windows 10, version 2004, connection endpoints for non-Enterprise editions diff --git a/windows/privacy/windows-endpoints-20H2-non-enterprise-editions.md b/windows/privacy/windows-endpoints-20H2-non-enterprise-editions.md index 3024dfb189..71627402ca 100644 --- a/windows/privacy/windows-endpoints-20H2-non-enterprise-editions.md +++ b/windows/privacy/windows-endpoints-20H2-non-enterprise-editions.md @@ -12,8 +12,8 @@ ms.author: v-hakima manager: robsize ms.collection: M365-security-compliance ms.topic: article -ms.date: 11/29/2021 -ms.technology: windows-privacy +ms.date: 12/01/2021 +ms.technology: privacy --- # Windows 10, version 20H2, connection endpoints for non-Enterprise editions diff --git a/windows/privacy/windows-endpoints-21H1-non-enterprise-editions.md b/windows/privacy/windows-endpoints-21H1-non-enterprise-editions.md index eeb32358b5..79c248ce6d 100644 --- a/windows/privacy/windows-endpoints-21H1-non-enterprise-editions.md +++ b/windows/privacy/windows-endpoints-21H1-non-enterprise-editions.md @@ -14,8 +14,8 @@ ms.collection: - M365-security-compliance - highpri ms.topic: article -ms.date: 11/29/2021 -ms.technology: windows-privacy +ms.date: 12/01/2021 +ms.technology: privacy --- # Windows 10, version 21H1, connection endpoints for non-Enterprise editions From 4e85d8e867bb81efba39131e547e0167c325bd45 Mon Sep 17 00:00:00 2001 From: VARADHARAJAN K <3296790+RAJU2529@users.noreply.github.com> Date: Thu, 2 Dec 2021 18:11:37 +0530 Subject: [PATCH 06/18] added windows 10 latest links --- windows/client-management/troubleshoot-stop-errors.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/windows/client-management/troubleshoot-stop-errors.md b/windows/client-management/troubleshoot-stop-errors.md index 13ad63c974..e5443eceaa 100644 --- a/windows/client-management/troubleshoot-stop-errors.md +++ b/windows/client-management/troubleshoot-stop-errors.md @@ -49,6 +49,9 @@ To troubleshoot Stop error messages, follow these general steps: 1. Make sure that you install the latest Windows updates, cumulative updates, and rollup updates. To verify the update status, refer to the appropriate update history for your system: + - [Windows 10, version 21H2](https://support.microsoft.com/topic/windows-10-update-history-857b8ccb-71e4-49e5-b3f6-7073197d98fb) + - [Windows 10, version 21H1](https://support.microsoft.com/topic/windows-10-update-history-1b6aac92-bf01-42b5-b158-f80c6d93eb11) + - [Windows 10, version 20H2](https://support.microsoft.com/topic/windows-10-update-history-7dd3071a-3906-fa2c-c342-f7f86728a6e3) - [Windows 10, version 2004](https://support.microsoft.com/help/4555932) - [Windows 10, version 1909](https://support.microsoft.com/help/4529964) - [Windows 10, version 1903](https://support.microsoft.com/help/4498140) From b7f8bd14cb5bface238c48f5bc7f482868368a3a Mon Sep 17 00:00:00 2001 From: VARADHARAJAN K <3296790+RAJU2529@users.noreply.github.com> Date: Fri, 3 Dec 2021 08:39:46 +0530 Subject: [PATCH 07/18] added new link, removed error link as per user report #10170, so i added a new link after verification. --- windows/security/threat-protection/intelligence/phishing.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/intelligence/phishing.md b/windows/security/threat-protection/intelligence/phishing.md index 215acf8c29..731c3f630f 100644 --- a/windows/security/threat-protection/intelligence/phishing.md +++ b/windows/security/threat-protection/intelligence/phishing.md @@ -85,7 +85,7 @@ If you feel you've been a victim of a phishing attack: - Junk: junk@office365.microsoft.com - Phishing: phish@office365.microsoft.com - Drag and drop the junk or phishing message into the new message. This will save the junk or phishing message as an attachment in the new message. Don't copy and paste the content of the message or forward the message (we need the original message so we can inspect the message headers). For more information, see [Submit spam, non-spam, and phishing scam messages to Microsoft for analysis](/office365/SecurityCompliance/submit-spam-non-spam-and-phishing-scam-messages-to-microsoft-for-analysis). + Drag and drop the junk or phishing message into the new message. This will save the junk or phishing message as an attachment in the new message. Don't copy and paste the content of the message or forward the message (we need the original message so we can inspect the message headers). For more information, see [Report spam messages and suspicious files to Microsoft for analysis](https://docs.microsoft.com/microsoft-365/security/office-365-security/report-junk-email-messages-to-microsoft?view=o365-worldwide). - **Anti-Phishing Working Group**: phishing-report@us-cert.gov. The group uses reports generated from emails sent to fight phishing scams and hackers. ISPs, security vendors, financial institutions, and law enforcement agencies are involved. From 5f473ea32e65c277e01401f6ed0601fd2ce26a24 Mon Sep 17 00:00:00 2001 From: VARADHARAJAN K <3296790+RAJU2529@users.noreply.github.com> Date: Fri, 3 Dec 2021 08:56:15 +0530 Subject: [PATCH 08/18] added new links, added applies to section, as per user feedback #10172 , so i changed the correct path and added windows 10 november 20h2 admx templates link . added applies to section --- ...ows-10-device-automatically-using-group-policy.md | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/windows/client-management/mdm/enroll-a-windows-10-device-automatically-using-group-policy.md b/windows/client-management/mdm/enroll-a-windows-10-device-automatically-using-group-policy.md index 3159c1869f..ea0adb68e5 100644 --- a/windows/client-management/mdm/enroll-a-windows-10-device-automatically-using-group-policy.md +++ b/windows/client-management/mdm/enroll-a-windows-10-device-automatically-using-group-policy.md @@ -14,6 +14,10 @@ ms.collection: highpri # Enroll a Windows 10 device automatically using Group Policy +**Applies to:** + +- Windows 10 + Starting in Windows 10, version 1709, you can use a Group Policy to trigger auto-enrollment to MDM for Active Directory (AD) domain-joined devices. The enrollment into Intune is triggered by a group policy created on your local AD and happens without any user interaction. This means you can automatically mass-enroll a large number of domain-joined corporate devices into Microsoft Intune. The enrollment process starts in the background once you sign in to the device with your Azure AD account. @@ -191,6 +195,9 @@ Requirements: - 21H1 --> [Administrative Templates (.admx) for Windows 10 May 2021 Update (21H1)](https://www.microsoft.com/download/details.aspx?id=103124) + - 21H2 --> [Administrative Templates (.admx) for Windows 10 November 2021 Update (21H2)](https://www.microsoft.com/download/103667) + + 2. Install the package on the Domain Controller. 3. Navigate, depending on the version to the folder: @@ -209,9 +216,11 @@ Requirements: - 21H1 --> **C:\Program Files (x86)\Microsoft Group Policy\Windows 10 May 2021 Update (21H1)** + - 21H2 --> **C:\Program Files (x86)\Microsoft Group Policy\Windows 10 November 2021 Update (21H2)** + 4. Rename the extracted Policy Definitions folder to **PolicyDefinitions**. -5. Copy PolicyDefinitions folder to **\\contoso.com\SYSVOL\contoso.com\policies\PolicyDefinitions**. +5. Copy PolicyDefinitions folder to **\\SYSVOL\contoso.com\policies\PolicyDefinitions**. If this folder does not exist, then be aware that you will be switching to a [central policy store](https://support.microsoft.com/help/3087759/how-to-create-and-manage-the-central-store-for-group-policy-administra) for your entire domain. @@ -296,6 +305,7 @@ To collect Event Viewer logs: ### Useful Links +- [Windows 10 Administrative Templates for Windows 10 November 2021 Update 21H2](https://www.microsoft.com/download/103667) - [Windows 10 Administrative Templates for Windows 10 May 2021 Update 21H1](https://www.microsoft.com/download/details.aspx?id=103124) - [Windows 10 Administrative Templates for Windows 10 November 2019 Update 1909](https://www.microsoft.com/download/details.aspx?id=100591) - [Windows 10 Administrative Templates for Windows 10 May 2019 Update 1903](https://www.microsoft.com/download/details.aspx?id=58495) From fc6d93156f86519d9e34155cd03e3e42ae6fcfdb Mon Sep 17 00:00:00 2001 From: VARADHARAJAN K <3296790+RAJU2529@users.noreply.github.com> Date: Fri, 3 Dec 2021 10:46:59 +0530 Subject: [PATCH 09/18] Update windows/security/threat-protection/intelligence/phishing.md Accepted Co-authored-by: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com> --- windows/security/threat-protection/intelligence/phishing.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/intelligence/phishing.md b/windows/security/threat-protection/intelligence/phishing.md index 731c3f630f..c222df587b 100644 --- a/windows/security/threat-protection/intelligence/phishing.md +++ b/windows/security/threat-protection/intelligence/phishing.md @@ -85,7 +85,7 @@ If you feel you've been a victim of a phishing attack: - Junk: junk@office365.microsoft.com - Phishing: phish@office365.microsoft.com - Drag and drop the junk or phishing message into the new message. This will save the junk or phishing message as an attachment in the new message. Don't copy and paste the content of the message or forward the message (we need the original message so we can inspect the message headers). For more information, see [Report spam messages and suspicious files to Microsoft for analysis](https://docs.microsoft.com/microsoft-365/security/office-365-security/report-junk-email-messages-to-microsoft?view=o365-worldwide). + Drag and drop the junk or phishing message into the new message. This will save the junk or phishing message as an attachment in the new message. Don't copy and paste the content of the message or forward the message (we need the original message so we can inspect the message headers). For more information, see [Report messages and files to Microsoft](/microsoft-365/security/office-365-security/report-junk-email-messages-to-microsoft?view=o365-worldwide). - **Anti-Phishing Working Group**: phishing-report@us-cert.gov. The group uses reports generated from emails sent to fight phishing scams and hackers. ISPs, security vendors, financial institutions, and law enforcement agencies are involved. From a00c41191788f08b732a5df03194803a782bde40 Mon Sep 17 00:00:00 2001 From: MaratMussabekov <48041687+MaratMussabekov@users.noreply.github.com> Date: Fri, 3 Dec 2021 21:19:13 +0500 Subject: [PATCH 10/18] Update change-the-tpm-owner-password.md --- .../information-protection/tpm/change-the-tpm-owner-password.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/information-protection/tpm/change-the-tpm-owner-password.md b/windows/security/information-protection/tpm/change-the-tpm-owner-password.md index 143888e0fb..714b7ded12 100644 --- a/windows/security/information-protection/tpm/change-the-tpm-owner-password.md +++ b/windows/security/information-protection/tpm/change-the-tpm-owner-password.md @@ -30,7 +30,7 @@ This topic for the IT professional describes how to change the password or PIN f Starting with Windows 10, version 1607, or Windows 11, Windows will not retain the TPM owner password when provisioning the TPM. The password will be set to a random high entropy value and then discarded. > [!IMPORTANT] -> Although the TPM owner password is not retained starting with Windows 10, version 1607, or Windows 11, you can change a default registry key to retain it. However, we strongly recommend that you do not make this change. To retain the TPM owner password, set the registry key 'HKLM\\Software\\Policies\\Microsoft\\TPM' \[REG\_DWORD\] 'OSManagedAuthLevel' to 4. The default value for this key is 5, and unless it is changed to 4 before the TPM is provisioned, the owner password will not be saved. +> Although the TPM owner password is not retained starting with Windows 10, version 1607, or Windows 11, you can change a default registry key to retain it. However, we strongly recommend that you do not make this change. To retain the TPM owner password, set the registry key 'HKLM\\Software\\Policies\\Microsoft\\TPM' \[REG\_DWORD\] 'OSManagedAuthLevel' to 4. For Windows 10 versions newer than 1703 the default value for this key is 5. For TPM 2.0, a value of 5 means keep the lockout authorization. For TPM 1.2, it means discard the Full TPM owner authorization and retain only the Delegated authorization. Unless it is changed to 4 before the TPM is provisioned, the owner password will not be saved. Only one owner password exists for each TPM. The TPM owner password allows the ability to enable, disable, or clear the TPM without having physical access to the computer, for example, by using the command-line tools remotely. The TPM owner password also allows manipulation of the TPM dictionary attack logic. Taking ownership of the TPM is performed by Windows as part of the provisioning process on each boot. Ownership can change when you share the password or clear your ownership of the TPM so someone else can initialize it. From 7f4024717b9bfe563706ce3d41be332722414522 Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Fri, 3 Dec 2021 08:33:06 -0800 Subject: [PATCH 11/18] Update change-the-tpm-owner-password.md --- .../information-protection/tpm/change-the-tpm-owner-password.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/information-protection/tpm/change-the-tpm-owner-password.md b/windows/security/information-protection/tpm/change-the-tpm-owner-password.md index 714b7ded12..d499253cde 100644 --- a/windows/security/information-protection/tpm/change-the-tpm-owner-password.md +++ b/windows/security/information-protection/tpm/change-the-tpm-owner-password.md @@ -13,7 +13,7 @@ manager: dansimp audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual -ms.date: 11/30/2021 +ms.date: 12/03/2021 --- # Change the TPM owner password From 4e5b43dcb52cf00bea3b9a2e83a630f01d3f2127 Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Fri, 3 Dec 2021 08:34:12 -0800 Subject: [PATCH 12/18] Update enroll-a-windows-10-device-automatically-using-group-policy.md --- ...roll-a-windows-10-device-automatically-using-group-policy.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/client-management/mdm/enroll-a-windows-10-device-automatically-using-group-policy.md b/windows/client-management/mdm/enroll-a-windows-10-device-automatically-using-group-policy.md index ea0adb68e5..fee1282167 100644 --- a/windows/client-management/mdm/enroll-a-windows-10-device-automatically-using-group-policy.md +++ b/windows/client-management/mdm/enroll-a-windows-10-device-automatically-using-group-policy.md @@ -6,7 +6,7 @@ ms.topic: article ms.prod: w10 ms.technology: windows author: dansimp -ms.date: 10/14/2021 +ms.date: 12/03/2021 ms.reviewer: manager: dansimp ms.collection: highpri From be8c3c6abf206ef2d8af7d32101cb8b25490c856 Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Fri, 3 Dec 2021 08:35:35 -0800 Subject: [PATCH 13/18] Update phishing.md --- windows/security/threat-protection/intelligence/phishing.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/intelligence/phishing.md b/windows/security/threat-protection/intelligence/phishing.md index c222df587b..36de3f06bf 100644 --- a/windows/security/threat-protection/intelligence/phishing.md +++ b/windows/security/threat-protection/intelligence/phishing.md @@ -85,7 +85,7 @@ If you feel you've been a victim of a phishing attack: - Junk: junk@office365.microsoft.com - Phishing: phish@office365.microsoft.com - Drag and drop the junk or phishing message into the new message. This will save the junk or phishing message as an attachment in the new message. Don't copy and paste the content of the message or forward the message (we need the original message so we can inspect the message headers). For more information, see [Report messages and files to Microsoft](/microsoft-365/security/office-365-security/report-junk-email-messages-to-microsoft?view=o365-worldwide). + Drag and drop the junk or phishing message into the new message. This will save the junk or phishing message as an attachment in the new message. Don't copy and paste the content of the message or forward the message (we need the original message so we can inspect the message headers). For more information, see [Report messages and files to Microsoft](/microsoft-365/security/office-365-security/report-junk-email-messages-to-microsoft). - **Anti-Phishing Working Group**: phishing-report@us-cert.gov. The group uses reports generated from emails sent to fight phishing scams and hackers. ISPs, security vendors, financial institutions, and law enforcement agencies are involved. From 7c3ce18588fb1ae7314390c48283b70c23157d00 Mon Sep 17 00:00:00 2001 From: sravanigannavarapu <95500630+sravanigannavarapu@users.noreply.github.com> Date: Fri, 3 Dec 2021 11:34:50 -0800 Subject: [PATCH 14/18] Update audit-registry.md Add remarks about expected events for subkey creation --- .../security/threat-protection/auditing/audit-registry.md | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/windows/security/threat-protection/auditing/audit-registry.md b/windows/security/threat-protection/auditing/audit-registry.md index 3c6407d9f5..4b2ee345d7 100644 --- a/windows/security/threat-protection/auditing/audit-registry.md +++ b/windows/security/threat-protection/auditing/audit-registry.md @@ -44,4 +44,8 @@ If success auditing is enabled, an audit entry is generated each time any accoun - [5039](event-5039.md)(-): A registry key was virtualized. -- [4670](event-4670.md)(S): Permissions on an object were changed. \ No newline at end of file +- [4670](event-4670.md)(S): Permissions on an object were changed. + +**Remarks:** +On creating a subkey for a parent, the expectation is to see a 4656 event for the newly created subkey. We see this event only when "Audit Object Access" is enabled under Local Policies > Audit Policy in Local Security Policy. This event is not generated while using advanced audit policy configurations for registry specific events, such as, using "auditpol.exe /set /subcategory:{0CCE921E-69AE-11D9-BED3-505054503030} /success:enable". While using regedit.exe for creating subkeys we see additional 4663 event because we perform NtEnumerateKeys on the newly created subkey. We can additionally see a 4663 event on the newly created key, if we try to rename the subkey. While using reg.exe for creating subkeys we see additional 4663 event because we perform NtSetValueKey on the newly created subkey. It is advised not to rely on 4663 events for subkey creation as they are dependent on type of permissions enabled on the parent and are not consistent across regedit.exe and reg.exe. + From 02e0ba81213ed3930b12130181bc6ce7fc5e7d2d Mon Sep 17 00:00:00 2001 From: Office Content Publishing <34616516+officedocspr@users.noreply.github.com> Date: Sat, 4 Dec 2021 23:33:32 -0800 Subject: [PATCH 15/18] Uploaded file: education-content-updates.md - 2021-12-04 23:33:32.2948 --- .../includes/education-content-updates.md | 19 +++++++++---------- 1 file changed, 9 insertions(+), 10 deletions(-) diff --git a/education/includes/education-content-updates.md b/education/includes/education-content-updates.md index 227cfc8a46..ba848193c2 100644 --- a/education/includes/education-content-updates.md +++ b/education/includes/education-content-updates.md @@ -2,6 +2,15 @@ +## Week of November 29, 2021 + + +| Published On |Topic title | Change | +|------|------------|--------| +| 11/29/2021 | [What is Windows 11 SE](/education/windows/windows-11-se-overview) | added | +| 11/29/2021 | [Windows 11 SE settings list](/education/windows/windows-11-se-settings-list) | added | + + ## Week of November 15, 2021 @@ -12,13 +21,3 @@ | 11/18/2021 | [Deploy Windows 10 in a school district (Windows 10)](/education/windows/deploy-windows-10-in-a-school-district) | modified | | 11/18/2021 | [Deploy Windows 10 in a school (Windows 10)](/education/windows/deploy-windows-10-in-a-school) | modified | | 11/18/2021 | [For IT administrators get Minecraft Education Edition](/education/windows/school-get-minecraft) | modified | - - -## Week of October 25, 2021 - - -| Published On |Topic title | Change | -|------|------------|--------| -| 10/28/2021 | [Deploy Windows 10 in a school district (Windows 10)](/education/windows/deploy-windows-10-in-a-school-district) | modified | -| 10/28/2021 | [Deploy Windows 10 in a school (Windows 10)](/education/windows/deploy-windows-10-in-a-school) | modified | -| 10/28/2021 | [Windows 10 for Education (Windows 10)](/education/windows/index) | modified | From c023916f728e6e7ff71e6b2a82e2bc91b5a4cb9a Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Mon, 6 Dec 2021 09:37:12 -0800 Subject: [PATCH 16/18] Update windows/security/threat-protection/auditing/audit-registry.md Co-authored-by: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com> --- windows/security/threat-protection/auditing/audit-registry.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/windows/security/threat-protection/auditing/audit-registry.md b/windows/security/threat-protection/auditing/audit-registry.md index 4b2ee345d7..6ab435279c 100644 --- a/windows/security/threat-protection/auditing/audit-registry.md +++ b/windows/security/threat-protection/auditing/audit-registry.md @@ -46,6 +46,6 @@ If success auditing is enabled, an audit entry is generated each time any accoun - [4670](event-4670.md)(S): Permissions on an object were changed. -**Remarks:** -On creating a subkey for a parent, the expectation is to see a 4656 event for the newly created subkey. We see this event only when "Audit Object Access" is enabled under Local Policies > Audit Policy in Local Security Policy. This event is not generated while using advanced audit policy configurations for registry specific events, such as, using "auditpol.exe /set /subcategory:{0CCE921E-69AE-11D9-BED3-505054503030} /success:enable". While using regedit.exe for creating subkeys we see additional 4663 event because we perform NtEnumerateKeys on the newly created subkey. We can additionally see a 4663 event on the newly created key, if we try to rename the subkey. While using reg.exe for creating subkeys we see additional 4663 event because we perform NtSetValueKey on the newly created subkey. It is advised not to rely on 4663 events for subkey creation as they are dependent on type of permissions enabled on the parent and are not consistent across regedit.exe and reg.exe. +> [!NOTE] +> On creating a subkey for a parent, the expectation is to see a 4656 event for the newly created subkey. You will see this event only when "Audit Object Access" is enabled under **Local Policies** > **Audit Policy** in Local Security Policy. This event is not generated while using advanced audit policy configurations for registry specific events, such as using "auditpol.exe /set /subcategory:{0CCE921E-69AE-11D9-BED3-505054503030} /success:enable". While using regedit.exe for creating subkeys you will see an additional 4663 event because you perform NtEnumerateKeys on the newly created subkey. You might additionally see a 4663 event on the newly created key if you try to rename the subkey. While using reg.exe for creating subkeys you'll see an additional 4663 event because you perform NtSetValueKey on the newly created subkey. We recommend not relying on 4663 events for subkey creation as they are dependent on the type of permissions enabled on the parent and are not consistent across regedit.exe and reg.exe. From 4ab91e7fdaaf6cb509048d0288d69d8ca9ff7400 Mon Sep 17 00:00:00 2001 From: Diana Hanson Date: Mon, 6 Dec 2021 11:23:47 -0700 Subject: [PATCH 17/18] Update faq-for-it-pros-ie11.yml --- browsers/internet-explorer/ie11-faq/faq-for-it-pros-ie11.yml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/browsers/internet-explorer/ie11-faq/faq-for-it-pros-ie11.yml b/browsers/internet-explorer/ie11-faq/faq-for-it-pros-ie11.yml index b025aa3409..6af2d17f62 100644 --- a/browsers/internet-explorer/ie11-faq/faq-for-it-pros-ie11.yml +++ b/browsers/internet-explorer/ie11-faq/faq-for-it-pros-ie11.yml @@ -26,7 +26,6 @@ sections: questions: - question: | Frequently Asked Questions - answer: | - question: | What operating system does IE11 run on? answer: | @@ -250,4 +249,4 @@ additionalContent: | - [Microsoft Edge - Deployment Guide for IT Pros](/microsoft-edge/deploy/) - [Internet Explorer 11 (IE11) - Deployment Guide for IT Pros](../ie11-deploy-guide/index.md) - - [Internet Explorer Administration Kit 11 (IEAK 11) - Administrator's Guide](../ie11-ieak/index.md) \ No newline at end of file + - [Internet Explorer Administration Kit 11 (IEAK 11) - Administrator's Guide](../ie11-ieak/index.md) From 81f5e9cbb672d8a61c13a70deb4e057fcd1b8cd5 Mon Sep 17 00:00:00 2001 From: Diana Hanson Date: Mon, 6 Dec 2021 11:29:34 -0700 Subject: [PATCH 18/18] Update faq-for-it-pros-ie11.yml --- browsers/internet-explorer/ie11-faq/faq-for-it-pros-ie11.yml | 2 -- 1 file changed, 2 deletions(-) diff --git a/browsers/internet-explorer/ie11-faq/faq-for-it-pros-ie11.yml b/browsers/internet-explorer/ie11-faq/faq-for-it-pros-ie11.yml index 6af2d17f62..4f545f92d9 100644 --- a/browsers/internet-explorer/ie11-faq/faq-for-it-pros-ie11.yml +++ b/browsers/internet-explorer/ie11-faq/faq-for-it-pros-ie11.yml @@ -24,8 +24,6 @@ summary: | sections: - name: Ignored questions: - - question: | - Frequently Asked Questions - question: | What operating system does IE11 run on? answer: |