diff --git a/education/windows/windows-11-se-overview.md b/education/windows/windows-11-se-overview.md
index 8a63a27c99..bf2de408fe 100644
--- a/education/windows/windows-11-se-overview.md
+++ b/education/windows/windows-11-se-overview.md
@@ -93,6 +93,7 @@ The following applications can also run on Windows 11 SE, and can be deployed us
| `Class Policy` | 114.0.0 | Win32 | `Class Policy` |
| `Classroom.cloud` | 1.40.0004 | Win32 | `NetSupport` |
| `CoGat Secure Browser` | 11.0.0.19 | Win32 | `Riverside Insights` |
+| `ContentKeeper Cloud` | 9.01.45 | Win32 | `ContentKeeper Technologies` |
| `Dragon Professional Individual` | 15.00.100 | Win32 | `Nuance Communications` |
| `DRC INSIGHT Online Assessments` | 12.0.0.0 | `Store` | `Data recognition Corporation` |
| `Duo from Cisco` | 3.0.0 | Win32 | `Cisco` |
@@ -104,7 +105,7 @@ The following applications can also run on Windows 11 SE, and can be deployed us
| `Free NaturalReader` | 16.1.2 | Win32 | `Natural Soft` |
| `Ghotit Real Writer & Reader` | 10.14.2.3 | Win32 | `Ghotit Ltd` |
| `GoGuardian` | 1.4.4 | Win32 | `GoGuardian` |
-| `Google Chrome` | 102.0.5005.115 | Win32 | `Google` |
+| `Google Chrome` | 109.0.5414.75 | Win32 | `Google` |
| `Illuminate Lockdown Browser` | 2.0.5 | Win32 | `Illuminate Education` |
| `Immunet` | 7.5.8.21178 | Win32 | `Immunet` |
| `Impero Backdrop Client` | 4.4.86 | Win32 | `Impero Software` |
@@ -137,10 +138,10 @@ The following applications can also run on Windows 11 SE, and can be deployed us
| `Respondus Lockdown Browser` | 2.0.9.03 | Win32 | `Respondus` |
| `Safe Exam Browser` | 3.4.1.505 | Win32 | `Safe Exam Browser` |
| `Senso.Cloud` | 2021.11.15.0 | Win32 | `Senso.Cloud` |
-| `Smoothwall Monitor` | 2.8.0 | Win32 | `Smoothwall Ltd` |
+| `Smoothwall Monitor` | 2.9.2 | Win32 | `Smoothwall Ltd` |
| `SuperNova Magnifier & Screen Reader` | 21.02 | Win32 | `Dolphin Computer Access` |
| `SuperNova Magnifier & Speech` | 21.02 | Win32 | `Dolphin Computer Access` |
-|`TX Secure Browser` | 15.0.0 | Win32 | `Cambium Development`
+|`TX Secure Browser` | 15.0.0 | Win32 | `Cambium Development` |
| `VitalSourceBookShelf` | 10.2.26.0 | Win32 | `VitalSource Technologies Inc` |
| `Winbird` | 19 | Win32 | `Winbird Co., Ltd.` |
| `WordQ` | 5.4.23 | Win32 | `Mathetmots` |
diff --git a/windows/client-management/mdm/policies-in-policy-csp-supported-by-group-policy.md b/windows/client-management/mdm/policies-in-policy-csp-supported-by-group-policy.md
index e6748d67f8..2b636d3e4f 100644
--- a/windows/client-management/mdm/policies-in-policy-csp-supported-by-group-policy.md
+++ b/windows/client-management/mdm/policies-in-policy-csp-supported-by-group-policy.md
@@ -4,7 +4,7 @@ description: Learn about the policies in Policy CSP supported by Group Policy.
author: vinaypamnani-msft
manager: aaroncz
ms.author: vinpa
-ms.date: 01/30/2023
+ms.date: 02/03/2023
ms.localizationpriority: medium
ms.prod: windows-client
ms.technology: itpro-manage
@@ -814,6 +814,7 @@ This article lists the policies in Policy CSP that have a group policy mapping.
- [SetPolicyDrivenUpdateSourceForOtherUpdates](policy-csp-update.md)
- [SetEDURestart](policy-csp-update.md)
- [AllowAutoWindowsUpdateDownloadOverMeteredNetwork](policy-csp-update.md)
+- [AllowTemporaryEnterpriseFeatureControl](policy-csp-update.md)
- [SetDisableUXWUAccess](policy-csp-update.md)
- [SetDisablePauseUXAccess](policy-csp-update.md)
- [UpdateNotificationLevel](policy-csp-update.md)
diff --git a/windows/client-management/mdm/policy-csp-update.md b/windows/client-management/mdm/policy-csp-update.md
index 040028b422..e9921d6795 100644
--- a/windows/client-management/mdm/policy-csp-update.md
+++ b/windows/client-management/mdm/policy-csp-update.md
@@ -4,7 +4,7 @@ description: Learn more about the Update Area in Policy CSP.
author: vinaypamnani-msft
manager: aaroncz
ms.author: vinpa
-ms.date: 01/18/2023
+ms.date: 02/03/2023
ms.localizationpriority: medium
ms.prod: windows-client
ms.technology: itpro-manage
@@ -16,6 +16,9 @@ ms.topic: reference
# Policy CSP - Update
+> [!IMPORTANT]
+> This CSP contains preview policies that are under development and only applicable for [Windows Insider Preview builds](/windows-insider/). These policies are subject to change and may have dependencies on other features or services in preview.
+
@@ -23,6 +26,7 @@ ms.topic: reference
Update CSP policies are listed below based on the group policy area:
- [Windows Insider Preview](#windows-insider-preview)
+ - [AllowTemporaryEnterpriseFeatureControl](#allowtemporaryenterprisefeaturecontrol)
- [ConfigureDeadlineNoAutoRebootForFeatureUpdates](#configuredeadlinenoautorebootforfeatureupdates)
- [ConfigureDeadlineNoAutoRebootForQualityUpdates](#configuredeadlinenoautorebootforqualityupdates)
- [Manage updates offered from Windows Update](#manage-updates-offered-from-windows-update)
@@ -103,6 +107,75 @@ Update CSP policies are listed below based on the group policy area:
## Windows Insider Preview
+
+### AllowTemporaryEnterpriseFeatureControl
+
+
+| Scope | Editions | Applicable OS |
+|:--|:--|:--|
+| :heavy_check_mark: Device
:x: User | :x: Home
:heavy_check_mark: Pro
:heavy_check_mark: Enterprise
:heavy_check_mark: Education
:heavy_check_mark: Windows SE | :heavy_check_mark: Windows Insider Preview |
+
+
+
+```Device
+./Device/Vendor/MSFT/Policy/Config/Update/AllowTemporaryEnterpriseFeatureControl
+```
+
+
+
+
+Features introduced via servicing (outside of the annual feature update) are off by default for devices that have their Windows updates managed*.
+
+- If this policy is configured to "Enabled", then all features available in the latest monthly quality update installed will be on.
+
+- If this policy is set to "Not Configured" or "Disabled" then features that are shipped via a monthly quality update (servicing) will remain off until the feature update that includes these features is installed.
+
+*Windows update managed devices are those that have their Windows updates managed via policy; whether via the cloud using Windows Update for Business or on-premises with Windows Server Update Services (WSUS).
+
+
+
+
+
+
+
+**Description framework properties**:
+
+| Property name | Property value |
+|:--|:--|
+| Format | int |
+| Access Type | Add, Delete, Get, Replace |
+| Default Value | 0 |
+
+
+
+**Allowed values**:
+
+| Value | Description |
+|:--|:--|
+| 0 (Default) | Not allowed. |
+| 1 | Allowed. |
+
+
+
+**Group policy mapping**:
+
+| Name | Value |
+|:--|:--|
+| Name | AllowTemporaryEnterpriseFeatureControl |
+| Friendly Name | Enable features introduced via servicing that are off by default |
+| Location | Computer Configuration |
+| Path | Windows Components > Windows Update > Manage end user experience |
+| Registry Key Name | Software\Policies\Microsoft\Windows\WindowsUpdate |
+| Registry Value Name | AllowTemporaryEnterpriseFeatureControl |
+| ADMX File Name | WindowsUpdate.admx |
+
+
+
+
+
+
+
+
### ConfigureDeadlineNoAutoRebootForFeatureUpdates
@@ -2589,7 +2662,7 @@ If you select "Apply only during active hours" in conjunction with Option 1 or 2
-Enables the IT admin to schedule the day of the update installation. The data type is a integer.
+Enables the IT admin to schedule the day of the update installation. The data type is an integer.
@@ -2660,7 +2733,7 @@ Enables the IT admin to schedule the day of the update installation. The data ty
-Enables the IT admin to schedule the update installation on the every week. Value type is integer.
+Enables the IT admin to schedule the update installation every week. Value type is integer.
@@ -2985,7 +3058,7 @@ Enables the IT admin to schedule the update installation on the third week of th
- the IT admin to schedule the time of the update installation. The data type is a integer. Supported values are 0-23, where 0 = 12 AM and 23 = 11 PM. The default value is 3.
+ the IT admin to schedule the time of the update installation. The data type is an integer. Supported values are 0-23, where 0 = 12 AM and 23 = 11 PM. The default value is 3.
@@ -3044,7 +3117,7 @@ Enables the IT admin to schedule the update installation on the third week of th
-This setting allows to remove access to "Pause updates" feature.
+This setting allows removing access to "Pause updates" feature.
Once enabled user access to pause updates is removed.
diff --git a/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-overview.md b/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-overview.md
index 0ff47c507d..c2ad146ec6 100644
--- a/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-overview.md
+++ b/windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-overview.md
@@ -89,7 +89,7 @@ By default, the service expedites quality updates as needed. For those organizat
**To turn off service-driven expedited quality updates:**
1. Go to **[Microsoft Endpoint Manager admin center](https://go.microsoft.com/fwlink/?linkid=2109431)** > **Devices**.
-2. Under **Windows Autopatch** > **Release management**, go to the **Release settings** tab and turn off the **Expedited Quality Updates** setting.
+2. Under **Windows Autopatch** > **Release management**, go to the **Release settings** tab and turn off the **Expedited quality updates** setting.
> [!NOTE]
> Windows Autopatch doesn't allow customers to request expedited releases.
diff --git a/windows/security/identity-protection/remote-credential-guard.md b/windows/security/identity-protection/remote-credential-guard.md
index e094da893b..eb1922b3a8 100644
--- a/windows/security/identity-protection/remote-credential-guard.md
+++ b/windows/security/identity-protection/remote-credential-guard.md
@@ -128,7 +128,7 @@ You must enable Restricted Admin or Windows Defender Remote Credential Guard on
- Add a new DWORD value named **DisableRestrictedAdmin**.
- - To turn on Restricted Admin and Windows Defender Remote Credential Guard, set the value of this registry setting to 0 to turn on Windows Defender Remote Credential Guard.
+ - To turn on Restricted Admin and Windows Defender Remote Credential Guard, set the value of this registry setting to 0.
3. Close Registry Editor.
@@ -189,4 +189,4 @@ mstsc.exe /remoteGuard
- No credentials are sent to the target device, but the target device still acquires Kerberos Service Tickets on its own.
-- The server and client must authenticate using Kerberos.
\ No newline at end of file
+- The server and client must authenticate using Kerberos.