From 5501000abae5c4d8391295479b36b406fda70f20 Mon Sep 17 00:00:00 2001
From: JesseEsquivel <33558203+JesseEsquivel@users.noreply.github.com>
Date: Fri, 10 Apr 2020 12:52:01 -0400
Subject: [PATCH 1/4] Quotes are not supported when using GPO

Quotes are not supported for ASR exclusions, we need to make this clear to our customers, as it is very confusing to them when reading the ADMX template for the setting - because the ADMX template for this setting actually contains double quotes.
---
 .../microsoft-defender-atp/enable-attack-surface-reduction.md   | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/enable-attack-surface-reduction.md b/windows/security/threat-protection/microsoft-defender-atp/enable-attack-surface-reduction.md
index 655d13f73e..74299098c7 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/enable-attack-surface-reduction.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/enable-attack-surface-reduction.md
@@ -129,7 +129,7 @@ Value: c:\path|e:\path|c:\Whitelisted.exe
 
      ![Group policy setting showing a blank attack surface reduction rule ID and value of 1](../images/asr-rules-gp.png)
 
-5. To exclude files and folders from ASR rules, select the **Exclude files and paths from Attack surface reduction rules** setting and set the option to **Enabled**. Click **Show** and enter each file or folder in the **Value name** column. Enter **0** in the **Value** column for each item.
+5. To exclude files and folders from ASR rules, select the **Exclude files and paths from Attack surface reduction rules** setting and set the option to **Enabled**. Click **Show** and enter each file or folder in the **Value name** column. Enter **0** in the **Value** column for each item. Do not use quotes as they are not supported for either the **Value name** column or the **Value** column.
 
 ## PowerShell
 

From 1ac92f474b59196340469504c7db0e280d1f399b Mon Sep 17 00:00:00 2001
From: JesseEsquivel <33558203+JesseEsquivel@users.noreply.github.com>
Date: Mon, 13 Apr 2020 13:12:17 -0400
Subject: [PATCH 2/4] Update enable-attack-surface-reduction.md

---
 .../enable-attack-surface-reduction.md                       | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/enable-attack-surface-reduction.md b/windows/security/threat-protection/microsoft-defender-atp/enable-attack-surface-reduction.md
index 74299098c7..15f019a69c 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/enable-attack-surface-reduction.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/enable-attack-surface-reduction.md
@@ -129,7 +129,10 @@ Value: c:\path|e:\path|c:\Whitelisted.exe
 
      ![Group policy setting showing a blank attack surface reduction rule ID and value of 1](../images/asr-rules-gp.png)
 
-5. To exclude files and folders from ASR rules, select the **Exclude files and paths from Attack surface reduction rules** setting and set the option to **Enabled**. Click **Show** and enter each file or folder in the **Value name** column. Enter **0** in the **Value** column for each item. Do not use quotes as they are not supported for either the **Value name** column or the **Value** column.
+5. To exclude files and folders from ASR rules, select the **Exclude files and paths from Attack surface reduction rules** setting and set the option to **Enabled**. Click **Show** and enter each file or folder in the **Value name** column. Enter **0** in the **Value** column for each item.
+
+> [!WARNING]
+> Do not use quotes as they are not supported for either the **Value name** column or the **Value** column.
 
 ## PowerShell
 

From 0843318f91ef61c14f511b246538306b7744f414 Mon Sep 17 00:00:00 2001
From: JesseEsquivel <33558203+JesseEsquivel@users.noreply.github.com>
Date: Mon, 13 Apr 2020 13:38:06 -0400
Subject: [PATCH 3/4] Update
 windows/security/threat-protection/microsoft-defender-atp/enable-attack-surface-reduction.md

Co-Authored-By: Trond B. Krokli <38162891+illfated@users.noreply.github.com>
---
 .../microsoft-defender-atp/enable-attack-surface-reduction.md   | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/enable-attack-surface-reduction.md b/windows/security/threat-protection/microsoft-defender-atp/enable-attack-surface-reduction.md
index 15f019a69c..7212b10766 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/enable-attack-surface-reduction.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/enable-attack-surface-reduction.md
@@ -136,7 +136,7 @@ Value: c:\path|e:\path|c:\Whitelisted.exe
 
 ## PowerShell
 
->[!WARNING]
+> [!WARNING]
 >If you manage your computers and devices with Intune, Configuration Manager, or other enterprise-level management platform, the management software will overwrite any conflicting PowerShell settings on startup.
 
 1. Type **powershell** in the Start menu, right-click **Windows PowerShell** and click **Run as administrator**.

From 6aff9512f1bd6d102ecbd1758d1d168a65fc1d22 Mon Sep 17 00:00:00 2001
From: Denise Vangel-MSFT <deniseb@microsoft.com>
Date: Mon, 13 Apr 2020 10:45:03 -0700
Subject: [PATCH 4/4] Update
 windows/security/threat-protection/microsoft-defender-atp/enable-attack-surface-reduction.md

Co-Authored-By: Trond B. Krokli <38162891+illfated@users.noreply.github.com>
---
 .../microsoft-defender-atp/enable-attack-surface-reduction.md   | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/enable-attack-surface-reduction.md b/windows/security/threat-protection/microsoft-defender-atp/enable-attack-surface-reduction.md
index 7212b10766..9b5990bdb7 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/enable-attack-surface-reduction.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/enable-attack-surface-reduction.md
@@ -137,7 +137,7 @@ Value: c:\path|e:\path|c:\Whitelisted.exe
 ## PowerShell
 
 > [!WARNING]
->If you manage your computers and devices with Intune, Configuration Manager, or other enterprise-level management platform, the management software will overwrite any conflicting PowerShell settings on startup.
+> If you manage your computers and devices with Intune, Configuration Manager, or other enterprise-level management platform, the management software will overwrite any conflicting PowerShell settings on startup.
 
 1. Type **powershell** in the Start menu, right-click **Windows PowerShell** and click **Run as administrator**.