From 1eef3bb47641c1bf714ede773351ad122f3017f5 Mon Sep 17 00:00:00 2001 From: Anca-Ioana Martin <48067601+ancmarti@users.noreply.github.com> Date: Fri, 17 Jan 2020 13:23:24 +0200 Subject: [PATCH 001/112] Documenting known-issue with MSA service --- windows/client-management/mdm/policy-csp-accounts.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/windows/client-management/mdm/policy-csp-accounts.md b/windows/client-management/mdm/policy-csp-accounts.md index e978cc82da..f097cc7b37 100644 --- a/windows/client-management/mdm/policy-csp-accounts.md +++ b/windows/client-management/mdm/policy-csp-accounts.md @@ -232,6 +232,9 @@ Added in Windows 10, version 1703. Allows IT Admins the ability to disable the " > [!NOTE] > If the MSA service is disabled, Windows Update will no longer offer feature updates to devices running Windows 10 1709 or higher. See [Feature updates are not being offered while other updates are](https://docs.microsoft.com/windows/deployment/update/windows-update-troubleshooting#feature-updates-are-not-being-offered-while-other-updates-are). +> [!NOTE] +> If the MSA service is disabled, the Subscription Activation feature will not work properly and your users will not be able to “step-up” from Windows 10 Pro to Windows 10 Enterprise, because the MSA ticket for license authentication cannot be generated. The machine will remain on Windows 10 Pro and no error will be displayed in the Activation Settings app. + The following list shows the supported values: From 030bc3a9e46f37175011f057453dccdb334ad4c9 Mon Sep 17 00:00:00 2001 From: VLG17 <41186174+VLG17@users.noreply.github.com> Date: Wed, 22 Jan 2020 10:38:32 +0200 Subject: [PATCH 002/112] remove incorrect info and add note about expected behavior https://github.com/MicrosoftDocs/windows-itpro-docs/issues/5432 --- ...-a-windows-10-device-automatically-using-group-policy.md | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/windows/client-management/mdm/enroll-a-windows-10-device-automatically-using-group-policy.md b/windows/client-management/mdm/enroll-a-windows-10-device-automatically-using-group-policy.md index ac08247a1f..ee0d0066a0 100644 --- a/windows/client-management/mdm/enroll-a-windows-10-device-automatically-using-group-policy.md +++ b/windows/client-management/mdm/enroll-a-windows-10-device-automatically-using-group-policy.md @@ -49,10 +49,14 @@ The following steps demonstrate required settings using the Intune service: ![Intune license verification](images/auto-enrollment-intune-license-verification.png) 2. Verify that auto-enrollment is activated for those users who are going to enroll the devices into Intune. For additional details, see [Azure AD and Microsoft Intune: Automatic MDM enrollment in the new Portal](https://docs.microsoft.com/windows/client-management/mdm/azure-ad-and-microsoft-intune-automatic-mdm-enrollment-in-the-new-portal). -Also verify that the **MAM user scope** is set to **None**. Otherwise, it will have precedence over the MDM scope that will lead to issues. ![Auto-enrollment activation verification](images/auto-enrollment-activation-verification.png) +> [!IMPORTANT] +> For BYOD devices, the MAM user scope takes precedence if both MAM user scope and MDM user scope (automatic MDM enrollment) are enabled for all users (or the same groups of users). The device will use Windows Information Protection (WIP) Policies (if you configured them) rather than being MDM enrolled. + +> For corporate devices, the MDM user scope takes precedence if both scopes are enabled. The devices get MDM enrolled. + 3. Verify that the device OS version is Windows 10, version 1709 or later. 4. Auto-enrollment into Intune via Group Policy is valid only for devices which are hybrid Azure AD joined. This means that the device must be joined into both local Active Directory and Azure Active Directory. To verify that the device is hybrid Azure AD joined, run `dsregcmd /status` from the command line. From af19fef290abb8455cb09412a2c2fb019b73ca37 Mon Sep 17 00:00:00 2001 From: illfated Date: Thu, 30 Jan 2020 01:56:40 +0100 Subject: [PATCH 003/112] MSD-ATP/Deployment: improve grammar & readability Description: As pointed out in issue ticket #5949 (Typos in the Adoption section), this document needs some proofreading for grammar & semantics. Thanks to chhatley for opening the issue ticket. Changes proposed: - add some commas for grammar & readability - rearrange a couple of sentences for readability - add the missing newline at the end of the document issue ticket closure or reference: Closes #5949 --- .../prepare-deployment.md | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/prepare-deployment.md b/windows/security/threat-protection/microsoft-defender-atp/prepare-deployment.md index 60c0833058..2fc67b8211 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/prepare-deployment.md +++ b/windows/security/threat-protection/microsoft-defender-atp/prepare-deployment.md @@ -138,16 +138,16 @@ structure required for your environment. ## Adoption Order -In many cases organizations will have existing endpoint security products in -place. The bare minimum every organization should have is an antivirus solution. But in some cases an organization might also already implanted an EDR solution. -Historically, replacing any security solution was time intensive and difficult -to achieve due to the tight hooks into the application layer and infrastructure +In many cases, organizations will have existing endpoint security products in +place. The bare minimum every organization should have is an antivirus solution. But in some cases, an organization might also have implanted an EDR solution already. +Historically, replacing any security solution used to be time intensive and difficult +to achieve, due to the tight hooks into the application layer and infrastructure dependencies. However, because Microsoft Defender ATP is built into the -operating system, replacing third-party solutions is easy to achieve. +operating system, replacing third-party solutions is now easy to achieve. -Choose which component of Microsoft Defender ATP to be used and remove the ones -that do not apply. The table below indicates the Microsoft recommendation on the -order on how the endpoint security suite should be enabled. +Choose the component of Microsoft Defender ATP to be used and remove the ones +that do not apply. The table below indicates the order Microsoft recommends for +how the endpoint security suite should be enabled. | Component | Description | Adoption Order Rank | |-----------------------------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|---------------------| @@ -159,4 +159,4 @@ order on how the endpoint security suite should be enabled. | Microsoft Threat Experts (MTE) | Microsoft Threat Experts is a managed hunting service that provides Security Operation Centers (SOCs) with expert level monitoring and analysis to help them ensure that critical threats in their unique environments don't get missed. [Learn more.](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/microsoft-threat-experts) | Not applicable | ## Related topic -- [Production deployment](production-deployment.md) \ No newline at end of file +- [Production deployment](production-deployment.md) From eecb5b2b3a855bea3720228a5b5151616ab761bf Mon Sep 17 00:00:00 2001 From: Jonathan Gregson Date: Sat, 1 Feb 2020 04:34:45 +0000 Subject: [PATCH 004/112] Added exploit protection setting requirements. --- .../windows-defender-application-guard/reqs-wd-app-guard.md | 1 + 1 file changed, 1 insertion(+) diff --git a/windows/security/threat-protection/windows-defender-application-guard/reqs-wd-app-guard.md b/windows/security/threat-protection/windows-defender-application-guard/reqs-wd-app-guard.md index c8d5d6ec1c..e1712b8679 100644 --- a/windows/security/threat-protection/windows-defender-application-guard/reqs-wd-app-guard.md +++ b/windows/security/threat-protection/windows-defender-application-guard/reqs-wd-app-guard.md @@ -42,3 +42,4 @@ Your environment needs the following software to run Windows Defender Applicatio |Operating system|Windows 10 Enterprise edition, version 1709 or higher
Windows 10 Professional edition, version 1803 or higher
Windows 10 Professional for Workstations edition, version 1803 or higher
Windows 10 Professional Education edition version 1803 or higher
Windows 10 Education edition, version 1903 or higher
Professional editions are only supported for non-managed devices; Intune or any other 3rd party mobile device management (MDM) solutions are not supported with WDAG for Professional editions. | |Browser|Microsoft Edge and Internet Explorer| |Management system
(only for managed devices)|[Microsoft Intune](https://docs.microsoft.com/intune/)

**-OR-**

[Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/configmgr/)

**-OR-**

[Group Policy](https://technet.microsoft.com/library/cc753298(v=ws.11).aspx)

**-OR-**

Your current company-wide 3rd party mobile device management (MDM) solution. For info about 3rd party MDM solutions, see the documentation that came with your product.| +|Windows Defender Exploit Protection settings|Control Flow Guard (CFG) must be set to "Use default (On)" or "Off by default". If set to "On by default", Windows Defender Application Guard will not launch.

Randomize memory allocations (Bottom-up ASLR) must be set to "Use default (On)" or "Off by default". If set to "On by default", the `vmmem` process will have high CPU utilization while a Windows Defender Application Guard window is open.| From bc64f15c61559f0bd2f4b5966de7f87b89658334 Mon Sep 17 00:00:00 2001 From: Jonathan Gregson Date: Sat, 1 Feb 2020 21:05:14 -0800 Subject: [PATCH 005/112] Updated exploit protection settings Clarified where the settings can be changed and verified. --- .../windows-defender-application-guard/reqs-wd-app-guard.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/windows-defender-application-guard/reqs-wd-app-guard.md b/windows/security/threat-protection/windows-defender-application-guard/reqs-wd-app-guard.md index e1712b8679..33b3e98451 100644 --- a/windows/security/threat-protection/windows-defender-application-guard/reqs-wd-app-guard.md +++ b/windows/security/threat-protection/windows-defender-application-guard/reqs-wd-app-guard.md @@ -42,4 +42,4 @@ Your environment needs the following software to run Windows Defender Applicatio |Operating system|Windows 10 Enterprise edition, version 1709 or higher
Windows 10 Professional edition, version 1803 or higher
Windows 10 Professional for Workstations edition, version 1803 or higher
Windows 10 Professional Education edition version 1803 or higher
Windows 10 Education edition, version 1903 or higher
Professional editions are only supported for non-managed devices; Intune or any other 3rd party mobile device management (MDM) solutions are not supported with WDAG for Professional editions. | |Browser|Microsoft Edge and Internet Explorer| |Management system
(only for managed devices)|[Microsoft Intune](https://docs.microsoft.com/intune/)

**-OR-**

[Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/configmgr/)

**-OR-**

[Group Policy](https://technet.microsoft.com/library/cc753298(v=ws.11).aspx)

**-OR-**

Your current company-wide 3rd party mobile device management (MDM) solution. For info about 3rd party MDM solutions, see the documentation that came with your product.| -|Windows Defender Exploit Protection settings|Control Flow Guard (CFG) must be set to "Use default (On)" or "Off by default". If set to "On by default", Windows Defender Application Guard will not launch.

Randomize memory allocations (Bottom-up ASLR) must be set to "Use default (On)" or "Off by default". If set to "On by default", the `vmmem` process will have high CPU utilization while a Windows Defender Application Guard window is open.| +|Windows Defender Exploit Protection settings|The following settings should be configured or verified in the **Windows Security** app under **App & browser control** > **Exploit Protection** > **System Settings**.

**Control Flow Guard (CFG)** must be set to "Use default (On)" or "Off by default". If set to "On by default", Windows Defender Application Guard will not launch.

**Randomize memory allocations (Bottom-up ASLR)** must be set to "Use default (On)" or "Off by default". If set to "On by default", the `Vmmem` process will have high CPU utilization while a Windows Defender Application Guard window is open.| From cf67f940e726851e59710ecb505de60b8aa500e9 Mon Sep 17 00:00:00 2001 From: MaratMussabekov <48041687+MaratMussabekov@users.noreply.github.com> Date: Tue, 4 Feb 2020 09:33:28 +0500 Subject: [PATCH 006/112] Delete config-mgr-semm-fig3.png --- devices/surface/images/config-mgr-semm-fig3.png | Bin 31171 -> 0 bytes 1 file changed, 0 insertions(+), 0 deletions(-) delete mode 100644 devices/surface/images/config-mgr-semm-fig3.png diff --git a/devices/surface/images/config-mgr-semm-fig3.png b/devices/surface/images/config-mgr-semm-fig3.png deleted file mode 100644 index c844b6053171b4d1d7b55659dbf08e3a0ccae3ec..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 31171 zcmce7c|6o@+qVdbEGa4>DpK~cZ%L7CMcEl^vW$Ia$Wlm%$vT)8OR{fcH+C_h>%QOnexB#^zMuE~!{=va&gD42=dpax<2ZjY4|O$8oxE_8ii+x# z=KZ_+R8-U+lt23ubW~Kw+WOvJru=ZsOJCy-RZ0KFCCZ264yrn;R8-{&jQiHKl+O(A z_f5R0sF*tr|BfZ!VCJHt3NY5ZtNPgA64#_xdZo_?YJv(!`t`gx!5~t9<;)gsEqkpE zBlV+ibJUgRv{_=<6wk>VS3SOVV-uCjksa2p&OJ0syO5yd zYS8Qy@SQ8+7`514>hSxw_}X!NVITyPS~%gtk$T7WSICx($}1XUjtk*p!Aq4R z`A?y7Sz5v68K8xlxs3&}nWylzVKS8LTe;8r^Ics8J?Rtu8dy&`EL+@Pqh*%6b#%7a zzOK1=LAC0|q#Qct4OY6(jJ|3Lr}#GAZQ}~4!Lr*kDISya+Le)9!2@zY)Mje#l@0Gp zw0~8grdvCqEAKy$t<-SRJG6#Q&-)r(fof1nVPA`|ExFNh=M&HBXJ_$g6u4he>iqt* z9T`VCi6N5G(yRp+(+t~R0`#R6*1nBaAy;2oDtp^VD2@JAP#6FWt|&?QL1VMo(|9tZ zu(m{bqeo=v$*&PYPJAx;Ng}dH<%ig8DPvf=-*G0(7RE@w_ZS$Ro0t5yAYD&b=Uhqs zfJCBHPlAB5AIpf2?DW+&J`A%H47G-W%QRjat@-XLm=%y}2Sd$J;qD-^ynmIPdOE}A za%x5*L#ClF!Bp_Vf}`d5MXA-NuoD$EpH?}3xXr!`O$xoq7)l?tCG3*0*Lp>SqgsD! zD{=u37yH_H+3HvP^VTCw&K-T2&57^>x}3@;4d#n6l2-YRNq#P|BPg%To<{OcXI8*E zva$tNztqUWt;paCvJ#uIbbeV4sk{-tV`lVtgn zCkI|0gRKqH6uD%VW@9Ft_cg3n*OBPb!adw%(V9RASIrbCv`>Ob(*JbI+kpIcJJsD! z2%k3}XCA^r*<={q+NV+;4JS*0o@!Kjs_ToN;o~m8?C^Hk9VlS5u{k@OIf5Sedq0mw zP&VWUNtTdb5ie<~Dy969yts`Tw7g|@>J7xYpLH0ae_-ECvX$(r4eQ)T1~e&=ny&lB z=P79CW_wr5lbTG44Ek=fzFGTHdaK4G4H_6fU=m>G@+Exfo$M+uQXAB6aaY-g1b%P|@d@;PZPIXJrrhNek9Sn7LO7V&a(-0@k{z8)44Q0()KVUYxTOUs6-}W= zTVwgcf{|z5BoI6sx`&IWC~Dp49P#%p|EK-8@{Cv{6@fTGh?U^m?YZ-~UqqP!_I~No zuR{|0JByRpsw8={%Co@I^}=@EEAZWZe2?DAIl!sCAH;Qb zv*kg8I`hrd+a)2hR~mmtq#$`}Y4pw(JYFFSDBV}h_Hf`mca5bv0ny1Xib?lhm+(*L z>)S?#L``m66x~B)xpXbHScFf61VvObiuhGf1psHC|*-f42xwcE~UMp zM6j$X4mm-NP#z}p5qcsvMsi$&cR^+MjC*0mPp)}gKh@Zvm4Q99;y>5JN=K2(X?E9L zc93GM7&{t@C9{|}uh?eQU%IK=JXM}zX^2)i{*as}LW+_sJpg$)m|v*fs%3=08M$Qx zK7xg5NtXe1dK>dC;db8xAN26Hd!5X5U7_G7Cdh*Vv`i4uj;LKWCD2}yB&-U z2ihu407}&J8x#zX9%jZ)=QR-#?>>g!*WxBvIRrfO!uj#To?i6+Evwpm{r7XV;AiGv zz>*a@2vgGOtR&7mPL`Y?c3u*fJYf;l^vd-WbY_BwG^)um&;6^MMRjqmVxqs?rBC)J z9gW|mVj2gPHq4naq~g}eUyl!MwNIA2w%kHrKAB?FhuG;#yQ^$E0}$O$GYnVP;={ly zMutMd09NZ}GR@MhD>cd%jNR z;j~?6Uxrfv51f6cqG-*ltG@Sa^YnTQ%Xke~H=FZ7?_g2oQ}bRz=-M(*?ZFE%khG`+ z^guUDaG-c>tE4eWOg3Qbd6pGHO&=ntyqZJgJix4dh7+&{!O37|-50Lq01JzY^4^VMQ%wT+13X~U}WyLdBDYZn!1L?}y{9ymwpe-k&bwXhY z9ikmT?S5GWwKlFkFCc-14EY9uc=JmjRhM=i`_?VF@UF*Pe_t%R^UQT`WdiV%{(*xm zMyLH7Gnkn!N|Qd~X0N6Uo|o1f(z9OG?YEW#1|;V2`T@fOO#;^wc5^i@xrY4mIpHyg z>E`LJY#KqYM{k_FOM2hAF!5vj9I(#3%YIGMk2wb{F0!)Djme2{Y^TU&J=i+ClI2af zMOUYGhb$Yt#>up_7tBN5X;OW%BmZ`!3O{-=^Sjutm|Av9qKY`0fw@OaiT2JLl?Rc# z3!9lT1NLZ^(~ermSd{tkxou;C;pCyom*|Q8TAmHy!5sKXoAgr6wh`e9E+(NUABY{# z+t%2yHFLjpjhpFkT@G)-y5x>7UAGxy#+iY5UCoJ^8BIZmkzv6K0+@C2<)@4dM) zVa&ZZc!YwH!~d&OU+DMqBWIpE24G#aCgpa zaptj`H>q=Ic?rA~RL{w6NiKYgd+%*zN0}<{*iQL1Bo{6xVrV`NFE_5RG}rBH+}oWL z%yNU}i!ewxj_G0GqNn5@`H2bvttQ#*B^R988ZpdAfGP1H2=8W$*@W zwH^M#QA2xwzT4wh;#z<~9a;>9@2%g~K@R!yth#+}Aog_=#=ml5y~Is(+Ygrtr4g7u zn=UiD_*~QP-U3Act3ivz09z1q+L3sF{cKeQX4Xxhw4=&x;NR>bT%_!j=Rvw9>nLOA zhO~^13Z3K)5n{`$eV4ssS0ATi zsZF0!>Ak0c1y@-zS0MZ$&BIWn@k_-$hL0{oP<y|2Jxi)wYsx@G2G>|Oj7(W741;rh`UF(OhN0&I=Vc8a*2kpD z#M|1x1vBTJ`ok*!GNMdx0C^*I6Qzy}J!_?wWYhd^83HAcXKdKdP>JDAnFyicP#eDF=DJapo_t6qcZgO>Gr z$NV*#`-hMTy@IXX(w>m=Mok&Q`9Wa0c^0$sI=02w)ubC7SO|U%j#IO3 zM}LD6cX17m&bNt{MhAH}s8EAl(f;%m=$;kF2k-#PrfV?V2LrA>3zArN|L1(MneI{* z6g>1%J{0XosALrk{b{T&iVa|D+31Y_Qa= z%}GKPD5nZ$;|LX=Yk|Kfrt zmEHLojE|By!QElKc(Vd7?31(vhRjJ8VcXx?pXUwE0<^FZS<8I7qOLC}sv@2N?1lC! zijcjI_;Rt`PuO8#9<$~c=v06y{l%_T2AMnFl9@@}pV)&%UE5mi+an`X4}}*0Vf9d5 z?gzRiPMmwCoEsC_o@c*3?hA3pZc$qVn53KEi5{y(%NsXmmSu{}$7(ES1(+ZuEjf{& zKhoQ5cqT$7bhKrJ;lalnE>?EKh9YC#S`eIO_>AP{vwDM)KbB>XQ~mQ?8-tKzENa>U zQ!5L~d7QBg(c?{x(*ij@T+$&&y|^+4UBhi=dYEp(uH7vAo}mQ$nCWgg%a9s-^q;uJ zzhL@;fj***vVx^sKNdFa_ZKcr!ng1^D#yC2KT6=w}vbQ}SUe#lM?K)K2vRw5xf&Qk>%Sn~pFTSJ;!azpln$1bQ z5I@!$S`@l69%Ba~Qi<>FS3-KEr)4Zsx2seryP}cLK>s&&nM$4q zO@uhP1X0#LzSPI%pehi#bMm8s4HA3n$4fG!j`pfAm`jAquc@;E1d*}qe=0L#1N-!} z)o2yc08ht=aK*}ay~M=<0~gDtzMb#wv~TY5dbJQ&S?1i@-q{%wM5`TbCf z47emlurR3^u1PuX553sWy`HKP-lNBakALGYcXbyfBAu$;VI*4f#n;gQmS0sqB?#0Q zL%`p3+sw#9BbwNCzbQy;rEVwa042-Ow>j8#Lyn8E&;Ag-_|wYq!}Owkg)G~K{@A=* zzM6%krc`NjCcn=GKwoN%|4l8jO*ylK!jFym%uBWqcR#-Z=;4rmt#$D^gWuJKxJ@~$ zHj9{m`C#TWcca5eX#}Q{(`5Sp`=4bz<{>Yct@35uG6#;auRi$t8=uAL0ov{#lyT2t zA|sY0{{fhQd0@pG#kx=F2er}3GK$L}AkYw1G-0!0$VIaFJd7iS`1BsiGk)`j^q2X< zGj2p7Hn1k2-_PZ{;Hs%BCa53I!cAAMT#_;B%9*--o;)owcM6jl3w=+seP zg&zx*0m14SQ@9&i>F$!}ACq`!%4L7Fb)5Fz$X#L+u(*HU61caDoN!?S*_oNYtf)Bi zP&TwE>gigf0{x+?9_=yx(4kpUWOwLWfZtr|XgEyv;0X<5kg8vNzX%wt`ixLHP)$bE zrLC#ZGM!;-85bp6Fw-2EJPK%vL$L6+NwTI+>`?N29gSmagTCpFa|hcIE;rs`;=PSCePGx;?4juOh9R=&9F;ysOA72m30_E!B6JrFx4>#>3LH@++!<+){#!g%nA~5zr`7r&E z>tgJtlVIs9dWar1T{{~C(Ur> z5r3{?Z?jOZ^>*sWazC!Ke=xW{Ds+DMxi%drds?t?-$st8sL%)Y?Bt@((!-V*L9C~Xc>6`Wc~HA|~5%y3UQHad{zP9<^}Q2v9r{xjbA>eeQxkZTE)Xlx4F zwSqPsbC*>R%*@c1?;8T>i5Nj2Z=5jffeffwHXGbsyPl3JnJbM)kEyM5YEKx2tVmLl zx;W{B!24^GiMixmwSBimA;5A9;6hKu*Hi$1?#BDLOc*Ezd58P}_9A2~ARy?Y$kI^Y z5KEsKEwr|8%V;f=&Ber|w-lbjCq_so!7$Yc1>`3n4c)C6AD3WYR+1<(WuDJbNt8mx zD!kgJQK)W)osrUz>i$ZVG4SF+? zB80C{KEhv)FEs(Tupv>}j<4}IxiZW*e;UgY5;*OW47!4{RCrB#jb9r783NqC8E1b1 zY%DM)M7*pFk-sz1$TGP0cwoUe{zVqMtMJ&5!7HYtG^RD_^irdOA)enN09y=8vJ+mQ z_4+4ivh^kGcY~{4OB-{lp-Y5}i@^s3$Z(CLn1$L<{Rh2kT-`$GPG2?C?z@O#Or@Su zie!AD_h3ixl9q9v{Gjxb!}OXtYJB`(mwleXS45GGwx72$+?PtPhC)bMSmTb#Y`(V2 zdtGib5>J>j+_wipO?vH5?y*lV@J1MC8t?H*Cvl)BlNu2`Tu_lzM5g?YNCRDo0^jfA z>E7e_(*3lPBLt>wBP?J6-H#~~9J%A2oA7O^S}V#-uRYtWQ-PGB19fY+?s+w`t2W?BO+7mAO-fW1`TG{xjkoRDKfs=fv$zsg!K}T*Aa{g|##1GN2Lt(Ss)t>)j z_(LM|r)m5*mh*3a=8~Y)2SRU!EXk1l-}tVOPiWV&&2zUHv_?jVG}4TBfhUHR`(pD~ zr4vfnS9L6V#qimR0hUUj#KAR`Vre#fVq2`7cv<|1`fEQbCClUJSp@p0Btv8gyQ=_L zTfq1}B9i?IX|s9cj&zC*`|x>EiOVbgSXOgLB#woW-OLXQL=9x|Q->VBt91DVB~4U} z^*V7#<_Vc#I3uo`!tgz6w6ZLf&84&5P3(02_a0C>A0?J?^Qhv(Lel4EQXHzZnY@lj zQ%C2;MQ2(Z3=0aiBr1D+fT4Ti@r?=EfwNtlF%du6TzUw-9>)xuuNIsl9MfEX9Xw^E~ z<2R3=zx8Z7BiBGOcqER>lYRvZe>F9Cv%p2f)8uQT{Evvusr9J=)5Vu} zJMiBY@wmoqXRKN!6hbl?S;9$Vph~!KU)36tEK73YM+AVu%Y^p&;q-0m^P5#`Fdj`A z;(=y$FG&}P2yv1hu_cxZ)try$lQ;>w)^&W=+*nEBT9N@@BD-+b2`s_R`~~=qZjzoM zf^g*xSZ{xE&+aXI{&oy@DaVQ80b!Q&saPEZZrg?{$#plk9v$g6%-xGB@!JXDdEsag z`_-2>Gh_jjC1QlMJ@cmCb#e2l!gsNe(mlkt?d@IQcJ6A_n;}^C{qG04+aj(vNx}s4 z?T?Q{t#+Eeb0P(w-?YN7TuP*&I(O4>fK`qv?c#rW)Nv~YZ5OqPyJQM1=KIZ@G#p?) zEmxOyI|X8P;WPw!Qo2TBMa@m?+~w*oN>iOd@JI;p?F;Mi0NkT{x|%yCxnO{+r^r3s z7bV(A`NwFqx@-;8th$xpT8T-H%->~i008#?))igEbyDHRU2^{ogHQ1m=kLOFu% zm2&2#nc4%9o^>w5opfwbOCiV873kY;mysURLuXwBX~9`Qc)G z@8xDJbBoCg{57WbZ)O*x5T8z1X@73Sj93%#qTMRfEbft`W zf6TtE#M31L?<` zi;W2_eEG#X)n;aYx>J>ZXCZ*xbr1swS^aJz;JG(Sr|Ne3jTy(B*)U!Q$IjYfivFs0 zb6!o{oh9aO}}a;Qh{NHJ{MRPoQN_`>dx* zgay2@MtOYP*b3MKI0=C_$eN<>5cVKDBb$PiwZQGId-tREIrR!Dc@iVNY>Ff9&sK+X zuA%M%G~q&6MQS(rnL>wd4bSUOtqXQuh|J&4A@+#wZNJXq7rbFDq(?t~NDU%?xX@BXX7SLrCZeZ)lp8699k)-H3H9^H{6cGO z(ApcI**J4IjQu_Pfy@B(3hGVB1w`%%@mDA!r|SN#EbLlL4dB&CWyIZ8(@*!9+tpov zLnb461l6G@mn+Kt>!C0^@Wh2_o3s`hDo6ph>FE*RgwFP6RJ^79bx)Z+MA(a9lXs}k z3u4?Wv?RM7h?@mit@@jr=4R@tjlj05KJ%Yq%_mr$gA-YoqpyZTo5{aehj!Y!veOA% z#9Dg@XwsqBhhzTnYJ#v2l%sO%>WR_m#=W3EiYL-Wqai~hlGF01;ZmBYyiu`e(S5OG z$)wmho4YLv0mYZTFhE^t0#1Z~+G7c5%s@SzOnq!-@cqqxL#Ixo)V;x1rrOScImv1R zHw5A(K>Wr78^hZ*`|Xn3)4S0z*K$D*d;)wXr8{#Pr=eA(_w_8i{JCPV@`eU+*Ra7q zM7WQh>=BF3KCxf-%HmbP=1xX=ps!6Lgd_T*G~H%NyGh6Ic4}zf=fBnO5FtKKh1=*d zEeSWW<)Q1Ugz3XcZx+fiBIm$z6~UWqw22v^XEI7j3(?bJ3@HN^;o5m55R)--TRmPtI27C z^SvJj=Mni*rP>I|bNqhOe~!fO$F0}}E!;Tm0NR%ejL7Q!3)oBi^zID)N6`P}0dcd3 zHxkU&_m5d!G*+UZf5~RSM98xg(A>Y|H=+PuV*{x)7AvFiMx`^-uvF}+9CM59_8FL> z?+CmS$GjrqwjIRT)ZKxIDm=nHqJ)2Ed!+EKwBQut($i9>b>uI~Ayy=@GGr+-#HfkH zI@+lRk^&+gSeOc+$37UP^z4=EO~@=X1z9u&Wf6JagfxQi6}rwLOM=wIZHv$Ic*I-Y zoy!KLsYECexQnhT8Qa68MOK&*9R^_~lH8=(&xigTce|tL)Bv1|__0aU<%33opXxVD zx*~DlWo63{O(T`(xE6p|)~c@$qvdDRCi)kY|Cz-Rt4yhcmw`{KA0P7Y`4}{wf*pB8^w~=aX$nH~od8 zLZpvzf*_&Zw8T@sr1V3n;?$*VDn7m7p?2m$>0$tH{5!pf7+`%!pYpXnAjH>g(UJEl z;z?Et%qCQOqH1+TOSa%iiw&x+9_^fNEV?^J%mM+YeWy=$5PU6(SYs^}Y~ZH!)rCcm zS0U0_h;fk1TQK2kh$hk!j`N?G2aHuuMQ6VDE7GXJjYkp2PXtUaXcGHup#;uFEo0P0 z9k|YW|4) zAcK{%SBsNM3+BhhH@Bo3LU6op+~SxmX~sIi`zf9W-}HNb;yBB*xA66ZY%nFHG1^{m zWKtMpt?O=Go_NHc>Kgu4CcF34yFH#P)2~hv+AfjKPf%W0?1w;V5QvQ}=(3eUQiGmb z|4AWG`)G5`GwZZ!`(3M=mtT~a4_Q>5v$Yv|djb^iG*oy}!Uf9bnGkX0wIq)n`J}N8E|N4Qw>Ur*^wXLLH{_#SGyZ;hm{vL4fr|Z^0Ye9RSsIF$>^jdv0Cf1_Y zTX2Jg>_hstQEvWdtkwHd{`UbMobQqYO5*1Vsu~ImY1r@^nXaDJ=ulpNiamF65*|;S z-toU9Q! zqPjYam-iXLcuo|1m$Z+HE!AcZ!9wt<-qWL|+W|uZ(g*cAkbWePxNM6p1=*!$ zhnUJW>8*ZDP<|DRF9bBL645Ip13nd4A?5?%`%c*~aj5DwELR!06Dt+Wlp#1@ZrWcM z@X3r|;##wmh4+01@BagtRTk_wT}Xnkk*?B|0zHM3P*&{@o$|;elB-H~zQ-lqxu_nC zTg=@GurXG`ig;2{*>+O`9X%EJFy8&~sG+G_jizwe=a8ix>sF_X*u6s_P+1;lF+} z$~f)`6v6%FH%SSz!~8Nq8;YXPe!>o3Q#9yW^u?CTb6MU|8+O}O>HRkO)SeG?uX~!j z#svm%TK=p#nI>GErqtuM0O`xV)`lI7XEj0kGJ=gLi;$AT+G8YO_>Uw=TI;iJQ=|)gG*e?va)$ z70&Y5MHVXelfDe*geENAfJPaCVxy>+bL!I0>-~B@G#ksO)7OG!c#ppM-9)Lf(VjZnI`_k*9~Z zbu5GP?wM2Spv#O$q=BAIR_8EB5(hjudb(M$gaI zLR1LFPU{*6)r7WGWk}@p6Qhe8`Y*IPH7?(>5N)2`GLZOO5bvfh*1C+i;Xtmnjz;OA7)ay*~=w-$C;((oB&;ENl=IG8C_vi|G^B-m=?k&TEQ z!`WIrt)?!(;Hj`1L{`ub{qtxox*P5s$6X1=VFn(1!z-0OmUmwivgQ`!^=DVM-*A*8 z1>I#r*QGU_xWb0+0}FL){pmPsL)QUhQPG3t(u14SezYzh-Y-Cd`c5nXvpD#YyidRH z3p||_2X#$V@hd(E3DZ*Mf6HGxSh}G%T*2aA$HebWMP)!0Mqy9kEyr5yR4KbwaqIXh z{6OWPf}l}KzDPC8&vvRZ19rAGAc2OCs`mH;rNgb2d>i=ku){Sx(_!a_%jc;nmim79 z=5b~!0kr~$6O>HPOZ@>>S*kRq+-yFI9-RNHGZLSewR5@4bd=v)TI#U$Sr>Um(3t+S)ri@UB+AwgC4HjpyH1+cvK7ADxR zxJ{o&+P{IEV=6KfL7!UaW8THir<~(%nTp)Kg-yrQ=blnBskZEa_bF2@sRiLC3l$IGKRBPkt(KkAil?}oO2;0b(s(1J!oZVaSVZNeC#1qT`9mKCDFV@xsDrNyxlP{{5@q9f8Qjkgx+;bQ?_W$5K!qhp=VMujM|O9 zeYdq7S0rtJ;X4@LGe7oBAs-toVm4;51=#ll`6yV|T_5U=_k@uoi|wgi<_%Z2AKY!y zVYkpVo{(mNk_m!C>h7aHZ^8U=eb6VlEy?!4rqO}y`$$}_^c5hfs-$Aoo;5QI#2j5V z)sMV4ip^gse4R`%g9e;w^Eso3jNiR_kjdLs`{OcF$D$JRc~zsxY!H^M{qf*^zwv<6 z`I?E4N$=AV$b_eI+%%#b=2I?hxx$1Ztj8r_=AvGo)3^Ig-cuka-|ZWqWk2?c|1Iyh zv4(s2ZnC2Y??iNpqF>RvcKPm9)nh->rJk@y$h+<`*0}feL2o)O?khc(`QV=vkJY5& zY!y3c{)HW2vUWNC+)JSL-M$YCS(SGR9GZ@cDziQsp7r&icmKl2`eB zhbvY!iRPoBhV72(r|@SZch24u5tHK9j(kWfy70ntM<%xRRC^iO@D(J@um5Cj_Nkq# zYOMEURNm>0a1RYxjYx;O=0)QK)V(yzZq*xvfw%Z0fpcDNcl9>JnG~{)Fq&|u_Oo88 zAzpiS-4`gJeC}n|Xrq_mp@BOeYcE^RI2xDFUBur{kETWT*C7)BrL|*)-4DraS*jSI z{=(I_f$GQq#~$L}DoABE_1K1CvGkm6FNw2jD~Kjl?UC=;&~sj_W@`|3x+WB}twe@3 z6|W=547v1OjV2m#nCihLVf zun*8(JNRzk?M+KMCF?5Y^+N0yYHPjE>eCYd%V(GO>_KKg&49C&=BX!MA@duDy|2{d zes>mzf-cx=PeVNW0)ZjsPM|OX&Mq&z{cPm z7}QnwxEiOPo=1!6GA@p$&qMmucP~Mii~0C&WaE- zeYZ`Zg^tR!fQ@l>?e&X<@QY_<8)k|W-Xcil_^$m%UP<3LlIVUekB*p9`4B1DUcLMB z9tJ^!S-(D5UbL+ikE}P*oqV(1xLywW4FUP8TK4X$H0Ocolxo^1M830`;L6Z=d3WJX zIZZ9o10@CXSt=@Z_5V7~{6mXsB^zZr0T*UM7!G5Rh}HPj@e*)T+|C*baO=brLra;K z`0*0W0teFZ{;6Xsc<9f=77wX+t{h13?Qw+?-&}GRybUa`)rz68;nt!7*Hx@yb?1tJ zsN2)n+M+(fH0tqtyRVe|D~n%jBd$5=dZ(+azLGtu`b99Vn_pWV|DBQ{T~&_U(#C$l zx|)rD0?LL3T}aj2+{je?+!FIjBfKT%OQ)b`ByfYqg_O8+rbDlfJ<5cm0{F=P1d`E% z{btDZaGRtOtPx|genK>$@aO#y)(7Pc#1-4#WS>AH>kuZ;yRFL!fvG4zqo8qo$8P%y zx~U+$*&ompkUf|rhD04+R|`1!5Xgp5EY4O*#PN~P0TyHBOdPFO`OF~Q`zu7Yeat)9 zRp!%Kv>q`wv(a~iM8CgADTg(fp;_Kod|=mLGa`s;2OJ z$6p&Jj~1b_RUUClcx&xhlD=1o@uy@+W9rEx4v_K>>OHY_Hp7Uk! zjc(CQ*Xl-!{b!#g;vc$0^O}v4o4oOdlGNddr~|SkYpuYaU+5fnN#%1#Qap;@?1tF+ zt(|-Wfe8=^@^B9yMy8V@zfw)j4^46W$h{e8KY7p zwqK6~twfAI83U}?I@ar16czV($tDvoBgAz*pl#A1Dyo+)+>}^AqIIn<3JsS^g*ts* zsGiNm+_KEeTzOAsc&tX%$SyOk&Xkn)gX?{ z!cl_~emVj&?yax7K`Cxn@$>V4?NPzxFL;rx`&MnWdnCsSDVIjEMM&n9Wj&udAG#Z~ zCBYA$yKo*5A)TXXmX&<&Bq4lJO-s+3Hb#>_X;f1z0P!U7L$ui{wPV_Tt#W4CG_CH3 z^ec9!I~|)3)Cf^$_J*-sNHm0Z^hQsvXg(-0w~C!souqvpxv0}|R(Q=85_-CVKb*-i zi{`U~na|66wwX423lY@%P`5$)aD0>J4cgV!5;^G;Q_>VaxFzUxy58rEl%`e(j0tQW z8m&Uxu^fE``pM$p?pg3PLDOr6-(QQ`HmP5;k-Kqmq6k20C)8%&llW4kuFCIZ^XQ7r z!Cfmb;3LnFLyz04?JLFN@vEU=Uh)WVk&wHZb{1@()hX-P^b|V3ZLT4gH|AnE`*^D8 z%h3k=R*0QXVGn$q^xS$8CK-O?R2Y)NwZIHh!!2cAT-0OG-;`u!N`M;1a^yRX6wQ_W z7}EYo`Xe_}cPb34M{!bzI_Ro4OQ2AtL++A=WUVD166k8m=+ehaRQ}Yj|F_L4+RJ;w z9Q-%Q5v;YqLt1Y7FN=EFg3qS}_Yztrg&LEv`P`e+f6#z_p#AY~XPTYA7V;qMH#C1V zKGK*Y!q5-ow<6x2%{W@-C3gDR)4vwhs`dZVIe|j&R!+ZmcGvksoIf0L({Wch$jH*3 zOWg#lxp*`q`^0z3+lnUR4nG!@?SUr00>1R9Pfi+=NqNm>#l_36zJSyOP~X{_+;T?> z(mBJGA#CO%cGzWK97Zqd88F-)cPXs!b0_}+%)LAs(JsO`Mba^CNUzQ>@A=(+CiFwU z+t>)fx4DPi!@%2u_E-1|F;iB7xY<=Tc{YDozpud3tVK>BLA{)O2FMes`;O_ybvJvxCHZTeDcW)v zr{H!c=5j-`oxDHJag0S!Juod9>w79RXf}!U;k;9INxMEF7IN{0efeN8TU8oIYY)^KdHKGhyC@ed_uc-bN)bVv(T1(;i|&QfYLx&M&~itPV@?ia)^GE&XIJJhHb z($0jY!WqmKHnlVsh>RX6Ocg6k4Wqm`S)&z_p5GXVm(G^~X1``}D`c?@F_M29x-*Gd zr0d?MDak%k+{vP)F^$!cppgQLqpiN+L1;cb#g+T-MeQ6E6?82!Pbvn#pLW$-btuOH9vUt zjxYx5#lr*7AJ(y*AH^eQa+}ASQ$zI0xF{W>so{4YhXVtYO2;+P6c(g@(4F1`^fdPA zg!v2-K4z_AlU1i==2mngRR`Z*eRNv61Cb(a^qd=9I<6b~DkkmIFCjB(LBV%;gkVl) z?Q(u|#;DH?cm0Lrv+q8<&Z*Y>F0xLA3;j6 zKM746^#KFoV`@TuPBGIkK~FPjjJn&v@drbp_aXn&P+REu9f}&h&(S=-ThY zf0`77zA^1axNkU_>e{IW=f)HCh6z_fI7yG)s~X=67d;tmf5c; zJ!$D8`0hi}BD<_aOY`;Sz`;t)b)bST6WzsjbvVt&+*TUTo=4;3Bj56@5{P;d z*n<}mTq&vVa<^Ie*{-|Zi>W`Ec}eWT*cL%LAF)l0?@>Nz##fh{N-xKV>A11i@&LEb z!<|3=Rw?B6^a=CV(sm!ZdNMW^34_=-f?{7s*$oAjaKVQ8FLuLMW@}zya$SBUh51SFo>(bO?%`6aGaC}w~q;WiCb6m@GQ48w5W;9oe@2-2rTM+B}*P$g(6Q`~_ zBkbqO8GMRT9GPy3!Fczvworsq^Jt~q>eyk*z?=~X!y!f8CDUsTu9$QNE2Yon3)50%1g@8oinIO#l{Hge6kh7V89KXrQf3(MaL<{wsuW^q*p`1>KnJ^2lfUBji3TO z^7FV5eeOO|MKh#+sD457V5PdhR;1=E1c+R@bw0itO6B2+kjS=&IL}4Ce zV*q{kqh%A7u)@%R{DkxgtI+3-I%HJ>?IUEn#lF&PAIP%1j6GduZB~|YSb8{%j+)yz zm%3%Uj&b5nC7g-C@tzP28_Ku%;;9T!hhGbRZ>gEjo0Xu(G{O1d*fN7VUkR}z8?c&~zKOZLz&wafo8 zJeT>b=!<57x%|*x8)MGR1@4O)zj@d8_(Gq8Z2VE|XjB+DrW^BHp8wk<=07_w6Nj*N zO0p@UDR^&ii)}4&3;!POBekUQiF*6 z&i+KN(YT}t@ph=fUVhXXo9b<;x0gpLd{#N$(6w6{5Dgv5)9J>+KzPSt__v_-NS2J=nDH9iIR;menkc8R$`%l%s@PYNvO*>|6MnFS{@jI~ zFuyJE3)d+3-Hy7aUi-CtG5ZzWUZ2fKMy)+`v0zxi*yt0z59Ydv-a*($pJ9Br_e|8K z<1kcp=(`oaGt5E_-GIo4o73BygQISslmL)dc=5;Cd>mx!I?;KeZ=7Bt#Z#cPNCVLo zY>l(bBs{5fEABQMycc9P|BUFitwXuF7~S9c z?dj*CE!1}9Pp^rDVp2R#4pa^bpE*MRc-?}48=AZz1E1h`&F52B({26$#u#r`dp+v- z^tA`oX6|=E=n+-se)&;4Ia@xLQd^a!dM@#QUaG=Yrejthc#bXuSQR(3)~Nf z63v+^shGbIfyh0w%|s;SoypG$%7knDzI_7`l>-d1KD5%LsVxhrT%O8`9+7fm1FC3~ zeJq6s_fc=@KCZ_&Z~v0-Aap8U-mUtzvL=(!QqK+7CP*_@c9b~&$pAS3D%zB>X>eA& z3LuIiVc8L*qwz=we4;eMp;UxRxuRH(UZ3(xC-E7<4s>*pmMXMc}-rG0Y@rrnb8#)q97Z~@37VUg;e~wZD~lk@{sO4o37kn z`l@iGuj`7n3!Br@0}RfDQQTQj0(1%%JZ)&4ptV@{>^t25Y1(>RK&xJtS_+|{lynWN zL;4no2=RM{Lgxd8isuUiKbQE0kRfR2gGs^%JbJNMYMG&`|CnY}E)I-O#EhQnZhTym z15`>Rj0?iMlqW+tK%&HQDd}>hd`elOjB?DS0MN2I8_&nsTPOZ~{_1JkmL6WNqe}ro zl-Ma2c6fvK@Z|kJ=cAN!{L8Fvw51uP=uJt{9G>ebpSy0j7jDhlkQfkGDV2f%mmKPv zJ)k8DN*lK>DB={`X`$;=*-Sq7QVN(!J+`a*>ofV7HzCoNLuI{Z&s4WVgu#4MqiZpq zdgMYl-aR#&%(`(4kg_AQv~)&h$B{&NReMZ=2?;#P?KQkUp-U?kYf4hv%oNizc!M{c zJ$c}zqNLh)GV`nyMD)d)t3)A(AB%^=OKY4!Tiz#&E~(l}`s;OOdjkVoms5(! zB6%b5up%I;HY<9OslDI!#1xg)IbR-17^S*+NGt!jB?oS zXf?x0dZ%TU4j(bzZn5DLiTTO3L3cFfam-#HIi0Mj{WYNY`)>iR!2P$9p!-gvnxfty zpcE1ZhyzIKpOcFJN2&84@%VqUM*6?o(BQj}WYDoRKdJG=7Xj4WM)(fvhiO3R1Q^FH z&>aP_zx`pLeZ6k7aZHnHk*fRRP(Wh{|HYjC&S9FOiVr%?h za;kCaKKno#X?q}`J;St=%L7ktH|Odeb}TGDxvTYXSPKFm8D!pgWpW8Ch>u_LEjPJ@ z_~rLqPL%cYE9NURywkj8a|?iXY_%Yj)k}B+;6S}lsqg!1^bXFy%o3(8GDO6C|MrK! zTgd+FMe0s?yAE_=gRlU;S&03e=ZZ|`XLf?#?s&L<^bi<0#_X;33^5AvYGoXbU(7oT zuB2_PT?hQS_=JoY@Wbbh%-TnLyJ`g^a42b|tp)*Kozhs%MJ+{iB?%+i}v*V zcdmw2QOmLwZv&dKH>I2w8$2=N#8f~&sT;h42=tuxQ^C$oiG|MiT#!*!RCv2d6a(^+ z!OIXHE9Z(2y$FHWrswYpiJwLeAZtH%c3agkp+u;FJIAjacy)x?n@;Uu9lz{qdmx<) zwWfrZ`lkHyN{zjc$;^d1*Lj4P_|LBc-T(So+54t?&OpBXqzFtAq> zH{f;QSVU1Un`x!JtyDl@y%8e7&(ag(EaA7*A6dY9Rnvpl3qObqzIT=Y zrUsC)vs0{N_tsim%esw8I=R-#(aV*k7k;#tJLG7e{X^2CcW9_z`O%wMq%7eOuynvb zmG@CiJAfGi1m-d8uex=9r0k6|B)b&ZH2V%O#ia32+UZOyPc%ba3gUlc)PovRz;hMN zO9=Y(upnB#UJ5jD1Q@~e2N=MHPHiDFN~m0M^}PoRX}G1JT!A4a?aJ(6A|}xQHK zJ1Q+rW0gPyk-~X+9A0{Ad9&fNb6=^d_xZ%r%N?#WdoL!$z!N+Wg16I6w#$LhmS58E zhlrn|n%K{kxbsT~OPE^sklDR|K#=|&^7*Y9NRk}h0)*W) z{G?!fU^=k^m@=T}KvS6qz#btd0ryzAUH~|gHe~Q70JHEtFCiJPWlgdV=>k-Dtr=r@ z0|tk9g%W^y&b>qreLE{Pe}(buY7s%DL?92s-b*%{nJ(`l`9A1;DC|+?O;hEz`369k zIakR6*osagb1|)Jo|{?Ya~A;`JbCU{l-KAe4-%=Y-bv&H*nMQoVsM5n@Nru{32UCx z4@=475YwXA7D@_>>!x&v_e|{KQQr6Au+)PB?_7oEiZV;=#)|5#At#N2_Zpu9PGd65 z3kbL_ySvuLD|E4@1kX=(gWunEeb?OJVt}^2^0Q z=kqhQEm|Sp>kIs|mRl|G-8Y!sFvXPAGn-gz4OwO~Vy=MUTU#fEAC~PIpnZSW z$OXhJPXOESg@)|nzk)85&zQCm*v$enAu<4#nF;kI-gLFEXi}J=;_I2 zax5?9#8!W5PIP^PJ=c>QQWAIEq|sz$x2mTFJBWcocLR=Z<0jUuW67x%naDqkrNNQ<)q7df zu-{j7O5ZH%pLJilCf-FnX^>e`a-k{?gTj z?7$K*cc~R>v5w)N&lqd-OL9^019QqR7{_prX|Vb8iXw(qg%dn#*4H9({)?5)m9AjP zjHbeuld+5RV>Le(W}jr&faF_?f5qv~ zj&v8f0;u$)QNHp1);b_I_!_Mkm{KLg5#jwGP6?IP0x622uY)N@1BePx;Wl|#FV-gs zmNI|$cJtualx%~Q%)AdAvdh22)G@|ohC(s<%|FUU`>9cP=k3hXtdSL3`NJmrQ{0sU zUe&J~$9pPiuih8-)V(NIO95=7OOPGobeRJ;AbW}NsyF(~r-vgYvUw%xjtDQur2Y~O z%u;qtJ_QKclFScB1kF?i9t*Oqdc(0ygQN3Wo*nB`wn&)6{^n<#%`?pkhVP%WHWI5B z#b|;GXpT0>FD7PEhd$fHZ#8%K#$EO^l#7I2cAyqjIk8mUA;r~$W<#0^SNmezHD-~R z?QZRZCDa_@gVUbUD%>}%uPQ&fh2ynGfFBt~oR*O#0Q(v(hl-56;_&?LGy%e>FN<0I zDov-=GItc+4+o;524|O!r=#c#$+qxm&sq0hF6c&hF60B+Ec^D*naZFY7GVmtD5acG zN%0H#L62BFN@?pZoS!|eXk-J}(NU|cN0yE1qiJqBP{Mpd3U82dR>)q#mMLcK=c`jsasaYxV=p> z(N*G$mWbK`^$lL=+)+(&ugwGTn2o+|QmpkHMt~70S+?-}30-1>+Lc%$+O=Mi)j05C z|21*7tAmlx;gn)^s0Rt%v@?$cXJvhI87iBaY}3^o1cw)0j8iyK#>IYf?IsjDYAC@? z5#t>v$m+t~z@!0lR4Xinq`RKFBl_1j2cT2z=c1mNWKmqQvUylJpKYIaUPSA)X=`&i zr3bu~AYc1#NKZZD`~jG0WuXdVcL;3%Zbb6jrh}DyE#=7hME4cHqw)OWLxjkN4g*!6 zNN(|L_14gxofHl1O4{7@=~MHyJ81=u6@A6Oj|&VGYToqgyjGU71qArgo1L|i-rK%; ziOCHvmZQf7fU~+_CgZOpQ~U0qUWgDu=qRZ~R7i=luI>16N)!~@_SGE{`j2>^HT4iE z0C=IxJvxYWO?C}$!_eYF&z8#uI7N61B^TQ?WhuX}0Gu2Y!`Pv{&Z3_-Q^;nAffKXLfc6fSfeZRcjBNAKIi)&Rd! z%U+4OKPf&eqYLXSZ z@1PGuhszyL-hS=IssO0reehbP&b_Q!730k$78>TenizU90)opIt|e-Q>B+4JtkL~V ztdEHIyr7HRsEH2C^_6u?m*5>w{9ne#=Br`84niFBBkJ`+Kooq&t~*bX6c}i&qqGuK zm}!{=fu${Y!<16gg&yj=?dqAyeIdXxI66gRE1gTJRP=C8K~HT`VchR6^Q~!fRb$)9 zI(0jb?*{Pv-D zZe3EWyoLuw8)ZjCtePDUF_yl*!tUI~DRmDnt-l5lcNu&?bs3757Cl!p^r;$(FMIR&H9N@7H*msW zZm;#h@X`@uulHhwqGmkGzE{BL+@Ki>38Y#rM4h9kv>m5A%Unb6VFEkfq?Ch4cj4Cs zPaqjIH$1W;zPo*FqXY%_6ihB24xZ0_!7t|qAd{9fUMCE?F;ecmb@2>|1h@gnq(bn+ zQsx&g+RcwIxRb6(#VweWNN6VoY2xA8R8Q)!R3<^L%}j6lF<2wK3|+QNLiR3I{_VTO zF5G?q*^L|IanISq|6{6Y%2H<1Fva^$axld$;cHREX9b~OISL5U#RW5y9R(H-2z{&eMgRyBc!JZPV*>zN*8I@q*|kt08qkP$ zYeDZf$^SnFfS2+2_m?dg8Gg967AE`WcjwZ!<=jb@t$h7|{XvRV4$SPWf9geZj)&=W z{eux*pvpWN$UlsIFWzz3-H%`*Xk|_7Cmg)EOX3`@}hL)(*m}Q7f=d;yNF7rSEqj9LI(f<|Y(5m$V-H ze(;tA%Xg)(d1Rq~NPM_|sAKWVYIgY{k==IHSsdR3XWfUyDp$1f#C_*Vwo*Nr-nkVr z-`(vrzk5QMy<+GiI(~@0L}k*J!`Ld}00#du08z{x1JKR&<$Mv1YvH;I#oY#t$F?eb zc!z9LjUdk0iKK=O1+8prcf;Ep*cO%-l#}9sF6tqdJ_jaX%96oWZkYSRId6w|G&cjh z5#8hGi~-hk{ghg}%v%)A3_^OIpU|vKLIrIRow;h*5C>C&Gw%Pv6r)vz*D4}!vyV2TT zrKDi!mG71-TFh8Rb1jo7Oo{saNNdfG6vKKe*udGd9Timpg2nH1S9yGgvmv+bssecw z{zdfC#VQ={80z?ndF;1v3Y@Yuf#pr}Dp0GY-96-3h9AbQ>iM2$M~C+T)>R(bN^top{+<|b|6?Pt%0urVEe z?3EGBXKW4{V?WnHEdghHIUqE%WAKT~Wt=5uZlmKOHhOkNP0*MKVSm?s^) z!hZ&?WFu#qxOdE|z2waqI{P3v_jcwn3yR|vn$#~Cp=+-NnU?aR8~q#~7GaCq=?AZfKELb_)V#^g)E?|y$=5at+5+Egp>N^r z^X1!vSwm5|n968g43E81!ZYvmZzp_FyO#{|Yw0S9T_gdKTe*h$YL|4Xop*@Rssnez z&9jZV&t$@mp~>!I`YM4AME!6Q$ydZMarc5j-cY?Wp^``9zJ3dg1dX{_H~=~Kga7Sh z=RcPe$j}8Y*x$3Wtd>AAILp0 z?V^)S`M3-6c5{ycd#oWu8wa|}1PMI~fQ?2xKwX6jAvh^t+A#zij${-J@2McCJ}O{F zPkHDQN2r`;zcFN2|A)3<^5pYXxh0**sj&04KL*hJ2-b^|8Mcve+AC4A^^b)+Nz}!C zRe1?tO>Z6GH3rV5Hji|0dlott@0@&_jLKs@@NKhXh_{3LA>adL7J`A-;h-G!Wtu0> zuzs%$Czrzv9tarjE#ECTUVj!i#9>c5*YC>3?R5X~CBNi41d#Bbh)OklBE`$g0*`c^ zUF@ai>pOEKi(}ww1!O<_c#86;+4D`$7Kc|h_TsVmDKI(%(jT*wPuWm18ol7e9JdQFYWF#oyVpmlh-VbhFxxnZO8${Uhr~ zwma}{-_0-GLzD(IbZpzDN9?L=XSBrCoxJBdp@ow_!Y7ZI~eO{wA1#s?Sd^t-9~<%GAU`1_Qm^IdC_(V1T$ zf}^9kqpl^H&g^5=yBJ1P zkiA`^*b{rn(B7+2-R4-0ruPmnyGu%jk#hGXZ-`>n9_X8Os;zcxVO;Oe7Vx-6hypc!2{oT{!!RNUxXY%<MbH*6YsO+OL0Sj-PEw1{|`HojPHwr(+rb?(8K1bCMH<* zAjn4)+mS$^3{heKp3&qd1Md=;tDKE`M<7rFt}ji`9KP>lo$UVEWeRZIYtsS1jPae% zLaS8O9XAv)kUsnGBdQM0+03_)aC=XyOa4_t0T`@egc}#X)i{Ok>XR zp<&6d7u~{70cj+a|5%f3aP7MWc_Sh0Ff0H-{mVar_BZDNpjEo#U&(L*V)w69%i^}x z0+?YN&#vG!$K+e_hBZR;_qjJbMLEg~ z2XGdU>FI;86j3*XfDI=uEiL6X-$-5<-#lW~WTTy||8cY<7;l%KdJLrMglke%IIfuf zG-G##{UYPc@lT5AQek;em^n{oF1zpuA&Ufkdr#e|tq5`~%BsVcl4n&8?c5$1f$!F- z18!C7qt?G#{S6s3wuG0cgKmuLt3IEB+TyihUH5QM5-zMH0&~+q&o&W^S>Alr=?zej zLhJ;5@@lzVy^e*9>uO;8_G0Lzn2=d*XHF#m(Gz%pYS3@>@8UdKPD8abv^3~M#{TMF z!ZGq3Y7E|OmJ~ajil=hpvYuIY&UI&%c-v(=GLP?)?5Q(!*qO*A=?IKUSDNuZz2>mN zc=bpLpE}RX&pAbX&o4=%Alq84JOz-!tN`8|Zm=w~&tXO-0n*sc)32|ciQ`dX?lmAF z#3X(YV-WfrchSqRAZ3U;j<)&KPEUb9XIjM_??=%vK@SAvd9o=psxXFzUfk$~w+rzA zqnU-|2Y;hth_hXHR0a?VqjNH<^Ob^k;ANOpM~``MEuDx|P}y-Z;PP1c&BB-D%@R%p z_$PCBM<3}l2Ii*+e-pi94N>}CQ;Xe0*U)gFQ~bgE~Js!|OyjCQs6qeS^&F zrzWu%ngd$`15=rPRUfGg%P;;>&6AfXnxh^D(IM%}lxc0_Pt?L#+#*}-sPfO@2QPfz z+dp&QPLJ@mDE8#)%B0Hl&fK8}ovEot{;V{Mg}Ay+Ms$Sgd4+HV+L<2g`V!Q>c&7^G zW^9wCfcoVzgMGekl1$fVyH9uQCOHspIUq8=F%!s7DT3np0~3myUuVL~5Mvsw1^An8 zC_-JD$ehTbn)Cfm?H9uwdQKq_rDp5+nDUL~$>k6L?-i8Vl%?;M8 z^{! zrH_V&RlYvBZ}#1lmW3i`Xe?KBvhC{2%5!cP1V*k1_2Ju+XGhB>Pzu{(l`d=%y2+D}Z^)}9HjGN3&6KhKWJ6+s$bdhm^aLVgUxM$)kPnU;1r zyQ|fmJ4O@z?q^w=fP>Ow^Q+MToYk%+KlkF8db#@XF1*jU(~X~2EEvUaOJC92=m8uP z*e${O#c~|II)^4AfGZLFIbC&tYeL)$WOb-!OvTZ%y;5^D80gxv_;4>dJS|5o4WP3M{6RJ%f25D5-* zusWEaiaXWy9D10NYHcwcG!d5-mn55wh$*``O6?d-Re%W11}3lmwa{$X&6Ixq$up?L zHPQA^miwn}@pGFxr#|yO0+lkVr+qK-5q+IS=uabRj1KuO79t~3lD<5o+5x9cKVyTJ z!$V{q7Y{vr7`G6J^+JlCIB2=c!QbM=toDh$a-Ei~X&H*GW;SHrQ|XsJEOJ6@sN8NW zmqQ?^GlUVGa~fgd;se875U*JCy?Ks7xSk&E&I)!r)+P{%99W~Gh<3gkNE1dFX&zU{~!kav%=Wl^ET53nG@frfhLLD?_xN}!# z`>xLf#rLJmCs$h37g*wx5$4j(hd5or_)%4udIqYzccsD5+MxblE-t;3#$OZ&n5(!` zw3E+_x(`4dZNU0pKmN-6niUxWxmW$-cC;3s8s-ieqqUa30sGX!Sc3$O!2|Zl=D4ld}~CD#$|iW4|m)$A$D=i^y1En ztNvdVeBzKbt}QEsdO8I`$!Ab|jxIhYak}U^tj352=5s?k=lSs#5_E#7%D+z|#wDn6 zyk6HE>e@3u;f|0`?&P@zoMvB2@1y}o5XEX9UtFP~fF6%9b8+MBL|RX6Zt(*U#Yo!>Kv|S-$ZEay^NnYdP1h5_y53uf(MujOF&8bkRKBh8y5X?Na@bfb(w3ty(f^=8iH0V4xicg05o(_#lp zs+3Tx_G{t;q_FT4YlIqyJ_}PhTZ&kLGS>-RPdXdgRs*x=n?SN`zs&T(EYv*)yW=wu9|E-q|68#MkS>9LnkH zs3Pn+=sHK)zjOu62~aZ7TFd`?ofFPV#`zz-o-1oYdF(Mjog_(49-k`s9}OJ=7y56< z^Z!jh|M%#5|4ZGf4ioT$abLIGuK!~iFdcd#{RQ8ClxqOCz~x^ufK$tix16Obe^T2V zCnjX>*zXX<)R@ZXS_r9z125!oGV?5V?d0ZT!rJ&pif#*0Ramq4Sk(ni3Vug^tP8E% zQ(G0VQX9RP7s&r(-tdrJz3=UxjnOiy>uk0bZ`#%_JkWh4++^b(73u!?sf`#25(=2A zO=RGDVNl$cjhK8eTO&88D5qmHPo5w7Ws@9AhOYYPGBbD!yMW9&3qP$}e=0UvG~#rI z8)vL%P6Z}pO3J?fjZ`}Ze{Gpo?aq&T1n|9bVAhW4&9u1<&QHj&+ewp)(&9f}YEY7O ztZL$6+frGIveT((-H7wWecRz9^<;7r^0PJJExIDj1rN>s&moCnw%-_s^_HwrGG#Zw zdcVum#%vcdElUsnk`elKD)!##^%8P>Caq_G6ls7L`L7hre`by6Hey!$<^js^gH;bn xpf8Y!3MNrDeN!sw2R)=z`M(fK*Df<&36aPEqmQ1-dMa%4>uHNqq?6ae{ts>maYg_D From a71f28d3ea3b6ef5f9a81e6210c91b6ee895a5f9 Mon Sep 17 00:00:00 2001 From: MaratMussabekov <48041687+MaratMussabekov@users.noreply.github.com> Date: Tue, 4 Feb 2020 09:33:55 +0500 Subject: [PATCH 007/112] Add files via upload --- devices/surface/images/config-mgr-semm-fig3.png | Bin 0 -> 26287 bytes 1 file changed, 0 insertions(+), 0 deletions(-) create mode 100644 devices/surface/images/config-mgr-semm-fig3.png diff --git a/devices/surface/images/config-mgr-semm-fig3.png b/devices/surface/images/config-mgr-semm-fig3.png new file mode 100644 index 0000000000000000000000000000000000000000..e6993595523d0b945a176b775b41da2ca084145c GIT binary patch literal 26287 zcmce;cR*8Hw=WtiDpK4CC{;v3WmA+UB@|H-PM6?5TeO~v9(74h#}Pm~9&xwRgIc@p(D z(!*k!L54)pv4mAz#2O6?Q~+-Nj)$eOda$lyZ|*N!_wDbF0XG!99%Z z3YvDX2cw|j5EATQufZq&ASiJ+Cvr=3!0TXmUk9<>63{$CJ8gLs0MJtMUJRL=3!5(E zn5jr-8crY3dkG^s`^!1*V6qWqNX@G`bgN}=OEcbMr97sYQH2L86*co%f zD>q+84TDcydW+xP1ZB~`A6VUD45bo$RRsE@glj4EI%c_T6axmjM5+Nk4=NPX%F1uHO4kN%o7LMFU?1;_N(p?4|vksDn$1vy=7b}RgpGJ8h#dQ zjok)sudl5oOzlM&MiHdZ1|}Kd)?5eF-cx-5?qDZGpcWCl9*fLzh0 zppq}k>^Z0+JlhD_o=YQ4Oh#>q1}+lzp{auH)Xf5BM>))$mT*wyTE6mpDm!~DAGyb~ z2iXd!XE#3b6cl*7K7~u+xYGG9#`LgeY0kk*NeVj>lb^syjEo3>rezc{CraWmI;hCj z*bh+MHac(x>Rkj@yv{c`3wnR?{7~{ErjS!NUGuDij@9WN^ zO3#0PSY5L>kdgKI{PpRB#%t^0I%o~2{_O+GR?>u6a)SkqG#Gvl$uB*Rb)%^9hRI0P zAB$dj5cVN&;`wx3)RQaIC|y~h>SG9`!P;XGA*dsc;|>$IKTPD0b?QM0H>>_;lfla^ zdGKsAb^@4tBa%`+W>yCzVItRrk!G=|(z4#dy<~3)lsi?^!k-K4bwBFf9)DyuGl$+> z#oW3P7hw=h9d}3#j#6*q^f32i15BRdZy%TXfc53(U-ii6=fph6qsv77Ya3|Gf=VBD z`Qz;%Ni}rKRxz}4RrA6h$qh9mWL3OT{Hh<6AQrS5yv5tJS=>qc4lEgp+Q`HUE^CLc z!I)k_ZNoVSbWvr}ful8n!avVwIDI@8R2wA|u|59iCAl2_vEkUy67P0CeJ8!;3~eK! z=y$u+H_Wj?BC!I5LI(xOUEr)kIXCaI`9x$s#6BZM>2VctPF-##t8K5k`!1ZwApu`a zZ~@nIGuY3=WKEt`&-RDyaAl7xEAe=P3&?=>TuILMo_&Y@J%}c=HY`f)!Cv9d>V>^+ zuD+8_f|Erb)k~v%_fof~Mg}<}ToJ;6>C=LobAXkn4kK&A3cyI3d7Z&@SnZnEY+k=Vt?Fv>!EjD; zB*oHm$JU>j*nB`nM|A^DroMdy%7sv-qgfZ{mZB-=E-_lLi1lzT2&dNH2 zAA22ykN7orEupc?3G6^rQUk>8{pd8v|pSAd?F~r)Q4GqK20d zGG3W)SQEHewudcUV=h`!LYO7Z4p$HIp$FM*2Z;=y(*VFF!4-lb__*Tku^m=aY}``X zW?N@PN#CV&U96|4+}c8{_;m7L50V*KjYtMgbDR*lWQ6;JwU36r90FZuZ!6^BgYAtJ zVsE4-HaIoo7y!_2u{-efK+<4--5Gfpf$#mR2>h>O^Z);M%xRZ=g1%S|4i3J&uDoXP zbddNW3@TYiT?;>`h)m0*1(FMdm50v@w5ak+DX7A-E?Pmbc8XUX% z%65Fg!((OOm5tq-vHXqS@qD8m7e}V;8l}yqeg~Jp#(5W7u=V}Y77K=1D4Ug3(m8-< zQKa@X(Z#^aIKppj0uSHF^hX5WzFr*KVt2uxJpO{7E^=16lB>JQb8fwak56};m+2~6 z3%2r5@wt~CrPTgHrqz zTwr)wFeg_kjZg9JUhsn(E$wP?KX+@;`g&oTLFa9I8(Tr4r@17%u|0%@i6pdMuCOvtx56)oF=6v@_^|DjOiWT8-w|c?U#x zTj3_1s}xe2#eWg>w-*}Qb~-Ry!y-uUHfQ6hp!PY!D6f zZp~Vvd~=UizTyr?{btYOV$_j8tO`{*$a>ib^?P00c?x?b+&x}1ppi(tfDQH_`fOF? z@FQ188?R%%GV1**L-dQ0!Ql&2gw$tbOYh+aVIK>qC5!3ry;5^I7v5h4a5n~M+rdeN zwZLF@b^)?Kp%o$W#>2j0ZE6-m)E+jqY65rONOnF!DZN70=p10fd~6i^r9gSZW0{TK zy7-VV4ifrH7Y)_H1_*2nb?9P4Q>R)a6`ziV$sow;!= z(6C)Eb+Y?*zNC4X&zt;dAcKA&r#>L!gxA9c2i<4&d0dCyS~~ac?$W)>(6CoYuPH+ zE6Ga$5FDpU?W+GC-ZbGpvi>PFQJL^FAQkt;B^I%&H+Vcp1FyV0(^;ZZ*}*nPDIA4R zT;Lq##)ejp%2oMNo~pU1kL;Jy(sX$#WnJv)_bD;u--!#$qhawA^rg#<@m{gy6^7v1 zd}+@LHCVE_HuS+1^=uZ;8b;MdM<+m6G040x;^e0(83UD%U}sXBiC?e9DD(7^QYlcX zzBYMG1m9)`LQ%Z=0T?l&YUb3fTgBZS9ziEMr3RT13iA;%vAtA@9ZldIR|f{N8EjQ@ z|NctEt&RqrM41+juQ7t(5*s)kU6VAqa!?vxpe)v{@s{}c%HYQ1&N0%!=glfmk<9{$ zoW+jys(T&mbMfP3p`hW)==Mz79H_*+_tT<~fP|LH0`WJ)+u(=z5NjD1G}!;1tc1}> z=<9Om1H~nzDP7Xu*}@cR;q4|>3M^|XD);73;NUBdum`kL$G5-di?%T^Z)<&O#@w*0 z{sHa6PoSBckKFozE6=w-O(h1OjE>t(Td?)18j~`j5jxleS>d(XY5OpOD_jbjI}FNV zF}DGL=(Cq!u>$e;OaJQzxkdLy80+L-P-f8ELXE#8e*urAVWSEFVEoQgQ%AElyniq` zY+*Sv=C*k+D0*1)pw*UD1AC}%4ah5U&0R2Lfsy|>!Q4GIzj7WT*vFza!+%SL!TEW( z5}ohfoS4k|941>f4O_Q@+8oY6?T7CyE|Q}D^Zt!JQA?PQ5zR$PWFe$xKUk*BZ5g6 ziQ0dbwmgCZ6K2EJ9+Py4t?B5mw)&Nnk}5luG7I=AfR;FvSXw-7S5vTUQ@-Wv`Brz4 zPw_U6_w+MXStjBtJhnaCPgIjHT3x*689d@vf)ZEab z1IC9xYYa*-WV81eak9ep^AW+eDv080pW$WeER7GS@p6@V-c8}rJfIKuCx*NtmXX6$ z1+-7RI_Yi8+ip#Xs_tO_W!El0o@XMsUICie{uZO#Vh6EEB?o0pERcK>{q-F~t_WP6 z+&rI{ZPEYgJ%^EJPmlYSe7cax`mvgy#=egTxuU)YVCA`;nJ*h0WfH`q*gvcJ*TnS@6Rs@f(3NWNPqPq8y6R91 zc-UUSb_Z*(9%9^^Fq+B+z^H1^G$bF%tUsY`_h2|Wjz8sBuV)?`d#i_`cuOm9$lc-g zY6*k$%9@F2D^mpwP6qkrW)R_r@(M4G2VSv(TM8V}eJmy4>`N*02W$JfK~Xa9t`h}b zcD;Ly!AJF_ok=xl?^-ukElZ!A$9fYux}u|V{Y1WM3ksN;$ho zl(j9IGIS%oCsAC7bsNYCRD&M_+*sf1bukT<6gSQAbrtwj)C!$uCGI4J^Jn#@paVVQ zsL?V`x?C*Bn{QiHtxt8(`J9*nN-g; zMYI|lpq=l`QF!IqnF{hQ+xk*~XZFRCO&Y-)pp^f7rsFuaGuTSC(BI zZRcy1kbUri&{*LDXVzaUD2<=KUpp7Y-y8!dh%f<>mj$DnvTv$!BsamN-*fDx$0v!Z zeM>AHf5Wimj=H^Fq5O3cRy&(Fb}1hx^8guWObmZenfKKu0py3B4t{QJJY-EtT}fmU z007j6l}^vC7(u<~v}3dVAT3Sny8G?E!jt%>pQs9`vY#w=Ma--RWG|@MbBqHJE$otU z-0ype?^ia$1gIHD#5Nw*=WOHXxfEMn1-MexLq7}8hSsKY z_0Q-YXqnXM^_Z}hd%54Unl(IY9IC(o%qiHUIbt8iIbTjf#`i6hQh2N4i# z@3d2INy-?KvV0KISp-r+5Xl1L-@cVJ>#L}!RR{=})pu4PUf!`#^usK0Q26YEb!uMv zS9XQnzSrwW%t=CC!|4Yj@eNF-rDPa8DNJ(lEy=QuOa7{eWs+C<%mruSB8R5s4Vb%H z$on_M^FYYRJSUk|Z9V;tm4Yzr&PzjGj$`i)YY#O2*_ZQkUU0}6CYWm1412f`PvSu+ z&BJOjs)AS1Ik*H{hwzAs)bp>vwh;Pfw54g-r8>f>^X4DURDP8r-;2R*AC&FlPaE7# zxCk(=SLG^haDVD!5{t55wg9Nfny!05;8Y>O2dwE?o!;MOD z6WvncOsn8zuw;4TDrxEaHKC9a%X*i)y>a{s5tER@@qU!e1q}(?r^Ag{xSApIom6Qc z=a;3g`Vs7xmz+IsCyC(DE|lb?9N+hkss=kpYrcnW7a*8NM@aK0LfR&-Hh@=1<@#YC z8=W^DS_W_8G@Vv+dES9$m6y#fSY3u;ngUh55FhTra9G~nb)5^Yly)gUdX>QP=r zjvnv*(2O@}8N&lh#cB=K7TR|579B-B-uF}E6u8oYBG-TEm1W#Wa)Yyv3t!PT;LsJj{PIJ65Y{@8spsx^f&>St4~ILeKZprg;Fk=XDG7 zjH#Wd9$1jJ_my35*=Z#B%=;fcsZ_fZHBlGV3I8y`cic}5cuW9fWx7*alk01gaS(lH z78|K3`pWR{Tp4&vGtq(TN*SM7!sm7uoGuX|G9zO96_I>eC)#jf{%ercm{sJpTX%V* z{;c;X=7#L3pYo1zbZYxGn=*(0?q3FE%lNps5B?L~}v90Al@ zpf3%zW;Zz zAL2GQfV#X_$2+A{9@wv)l68>NcZq?mwpx68|D!C>4usv)34U1|-7oy8Y4dWBY^HeB zP3^aPCksdNOgyS(li(}>^NmtChtEi{2zqgh?#R#`(k|TVS*Vfspe83tn!0v-)e88b z@9P;oy@TyRw5{AR4YL}(8A_K4km;P8YM!GU1C;36$2O*XR59@QE*e&oh!~V;g!F`8 z%JN^fN5$G~M+$aP)iHEP%&Y*tlE5i;Z;F z=pzu(Hy$LM)vW*PdquELpnbZCdj7|3e~MIqofD`j)J&M(VY_P8muzWAqXd{|D|@># z1^>MJ5~w;i-c62jA1!3NOfp)qUo(6YU>qoe8dFa16@q>cfy3N)^_FgDir8i7E!`Za zEOpt7-jgiT$M&?f^%d~z-7ZRb!RQt-tE)uWX)0OikH`Q3Mkw)w$Q`P)>`-&JX%4uh ze{lQ*+3EJ5S=XD-HK(k^cl>qIb2mVuUM|OMYan{U^tjH3XM`Qclp!Xw0BwnL2mwUf z>czr7UU{-QtiCw@U=FgmOAx306@t^*79ps z^{!>D29xAuasO=pAuaxYK{|7g;-i4-cUianz75VAPJIt8*@l~)o-^jfp9SPL5E*Tr z{Rd;k8Vf1DlHts)9LZOmS#Gl5mU5!-(nkPF^J#9`Vz01Ah`e2XM*o>M8(022b*;Uy zzv8v{*Wrk_l`bLE0szh)X=M2I_#UrRgz_3m{DT7 zce*|L>7qC)Z_-+LlNpq8+?6Yh5}&kl!O+hBD88XXgZex03aW1zm`Bm0zxTHEiSmn? zm%gDsCL+_#1J@L<$@U96U3_n;U-&INGD7q!{b=-EQ51ib13E|zp^%$qWc22CRphE2 zH~Q9>CRSc+yti_;HhwCJ)LMYGd|x&$u_A)rBx9R}(}$=u(h3U-kvZ7BC91JdgZX~9 z@ikM^+9M;NWz*_}1xEAF29YjIdkOg)(-S@aJ$Qh}nsR_4!kS=+&CCDe}uxb%)qBbVCEilaS(91hq&$DY#+FRU_UB7quen=~kkFi-gvkhEt6ZYcPQh0Px|(bWcZT$m z%NIp*@Y}XVMq#NNul@%md|D#AX@JT?%@o|u_SpO_e^yIr!}*|F}G(1Y$7JotFAHhwIHG*+0) zCi8M4e@QVC45O~7%uw+5r5Z8vH3{Tp;+W2e0amq+K7DU+iXu@haLuxA5Y;sNLLW?& zYf{EuRIY{~;=$B8MKS?BJILQfmNfvDEBJcbp$$`(-yN%V8i@uk9rtyZkc`bGzP`v2 z?qkJ;`PF^3K5~e&R-;l`laV=voZ)I}+g|yk5jy?CD?zi;ttDlZn-N@-Dg zvvsuNNW}K@RLWccnQ2UZH2iQF;r^`!uCVJ-n~)m3x(;TF@({Tf=+eFM=8P0N2G# z8C_`P7c3ucYoaWFsnxN# zZt-yzmc%9xZYpnXo)jCOI6_V>MXlV+B86WYm2Y~@c&yGn`o8lSAyGoK4wq3M z<+GS5{rSFSt?iHfVPB7+R=vW2&HW3lRU*^Hk+QiroXZPlfQ^tQ9=B^ z?LH2EyYA6=85!N#~nWXBz4I~K1}RFLO*dmJyyKh4$~%Q5*Y?tTE-~boJ)=xaoo56Yt&iC4WZ#CaVfA?4zXaya4g<>zjrKybKVSU$NHSKaVac#+X>ctK z)f+iQU_N(B8=U^R%#(g`Co@j88WG^|VKNV!gV2=0IBd_pYTR8Zhj8=LP2cf4|{?BOcHb2NMK?z53i?-!^j3nt93v95uA3K?FwUf@L< zk+Q)@iPdG%pjT9}n&oCH9#OwMj>-c1v);g>re5`Fh}qt{YaJQY|C$nbQMtmQw@3UK ztX@O5owGjw=xrW%176noOXbg*+`dkWj^!QVH-sO-Ct-WS_6w@``Bq%bUiufGaV|tc9Dc))3Wiir;$`+F+{0Hf+4IiQ0i+|7WFeLEx$pXLFJ)T5yg%B$tdVR zvyP2XI*YJ`*KsD(z{TH!Uy}@Wp@vd+Ns`|k>gIW2Z3ce3aIK&3?>+uXPBhQ)U#f}O zi2(PUBwDX#7O7}*JmWl)`$?MoI%7D^Y+)h)l_i<{h+? zySLI-L@7WA4SLtY2-1SJ{KLyL9ftOwUx%N)PbH5tp8oDsZN}@n(dj|n2Pd-5L=CY8 zuT89a!C(;Nt$cRN*ifEJ-X53a%HJ;SH>hFx@FAv*{>5Jag*)>alT3Igc zA0Pd7B>Lo67Z#O!7Z$haY$LShcm2D%paK~Wdu{=r4l`#_Z;GNFQmPS~={>3BR%f(5 z(OgF9=)+=4o}oQLZeHVQYBD-fm;j>yz$&nEHd^Hx>Q^`;{WNiC)y&PQ<#;7m>6Rxx z$p%CknK!+Sk;1?jS^Va&cn$3Jw@YxrcoBMX{+aaB)z+=iJSF%AKHGz?t@UA|u)u|jD^rRMn3@WC)T{V=~Zte6Vf?qBsdkv)> zMXWyQ6Un~7pa;sGs&kbk+AZl2MdeKF@LUKB z5V8m-oag&(A|G`!2uw8o-Kkof)#LuQMod;g90zRH0EZ zwLrJ{_}Dxk#AeN7Gd_V4sJ6ZGhj=I$^4QQ4wm3FXcOS~xxa*Jbd%bki4kB*FiH29p zBC|(k*C``EKF>G2A&Rb+R({F8el}pbWop@gn7k54^wDU@?j?QjF#nFrqmzYv0aY$wbObE zZJDm*xn^CKW>DELFjC{hzcM)N?*A;hy>fPv%Yr869sekn zYql{@4~t!J1>U2{6<*}qimloIDq6jp<)bZ&{knM%5v4SISP4Ys!WXLI;-0+w5+Umq zPE)Zz8#TvYnJ^)nr#wWueyf)pb~<19BWO6cC#b^M7&(-#MJfTlcl<2(sd!wdIw~iH z!*SRHrji1bKgN`M@&x~Ij+o;slK3KCvGW_yt08sh(WBcwY1`$N$zJRWNP*Rxm0z=6 zhSN-z_pLlO0ldeL2t5}fRx-8iXt{f>Lv`W;s1iz3ceP)zuej<*Uy#8HK17_~(^7t( z&cD(`xu@^wyPtbqSs?l9+qHMKK}|)8lJ>Gr29<2Gy;}{EHw=bdzINg7N~wF>Cy%mm z-5?n8g+1%e(D&tklj&(Ytguv^y~M4i&D|&r3>%}TYH?EPT)31TNDHXQOS}`Ac(JE| z5f%VZRuckft(3Fw&sYq5DF1$*Qz*^-Wz?q*D(G2fiPANqd6o2ecZ^6n0Bt1{E$PIE;{s4Y+MdD?YW9RoGZeqdCGeGh4=H8Vy_56XwGL= z9e8&WGvDZ$Fix7?jOU`WIB*@FD^g-Gq*X^4gJ;-z+lfo?Ma$&VJp9i~QKNp?y?Ce= z!uhY0#n*|;e5h;C$V`RM=-VTJ_pIY+c&VK^a_h3}ds3KoWq{eJv0SF-S_1oOC~2g< zn%queXPiCFrKIp>BHuDl56Z}sQ=7zQ$3S6w!+kB3Qn@-;sQVkJwNekKRN2mvlY-G6 zA-^MULl3Mr7=9_V*%jO)zFyI)KaZckO0#?^BH`N#`tsYzFDc^5D77f`-CWtgpl%C&EUyf*TSuyDO6YUwkS2D-y$D*Uu#!q_7 z3(RQ8#dQ%_is1pI*k^Ir?F4oUZf0WGzzima8x9WY^d$(3MYAY^Yxy-XjoE%{V(}_# zZueM(^@oC*LkSd6Fd9wk%KLZ-*LP@jU_RF1lQ-@#PwW1NJpC`tg8yC;{Oe-jf7d$( z3F>>Z*uRaCk0Kh#GRkZZBn>lvZVhX$r2rh=!gd!@ann6O=FWWBVwzhk?eV1{w-iWI zlPSv@X>>?e2s*`9zcbX5{-5gw#>a|{a)J*L@bke#iX~U~%MrmNLd4gXI04ZDx5Kte zXb|qk69*@kwJHy(e`E0xt@i*<%HaxXah!O5xb3^Yw-t}>wD{MIjpx4?h}Li`Vl6nN zNkvQ5Z|+5Q6f>0Ny;MW>%OY16l~y-;MbYxZ>hlQLQ9q6UQCf~?eTOIO&jNQ>UeUAK zBhgcH5xjb*<_<-R5>swgRnPkGe{%M^P^Bej622YN0&ldvxw7AN%CoO+^3b?sEVz%6 z?VFXGd&)KwpbmKH&@Ir+V#D!8mHsqfz{gqbmHF$<1ZcM>O48*LvZh$6-|Ynt=l+ zrJ}O0$2T@Y+UKG*)so;fI&i{cf8V6OS)tUy%|I@sfgoK}CsHv;q(71K#aSO$cF2v*7X(%k7gfJu}7qvWeDD=*LHNA z!LZcyKgsVhfOQ&yf+B79*Kf4^AkC_gH~GR&&J&NbTxa9E9dUfSS$>fP3mk=<)HL%_ zw{Vum@59pgnda%x*+Yfo#q+lv!4h}Xg}l-E8})v19)jPOk4bdd26tBU(}QNCPnV?( zz9~nK`QeL1QOR5LQwXSCzvVYXs3FNjIAQr6NmKAFZpuGa3(`%{xP~q0KOVmu(H%NR zyeq^8`2K}uE|?V?|8DHrc)!xioITPrv_TT$q@8b{N9MZ&jBvlkUj=$xHAo4opA>Na+-zTeSiBvZ@nxC4z-V?^X3&2yvWBQR&W z?Cf#An$A)941r$x#x3$p-yVp;bEs?%}_nwln-^?)t zhIJn_os0TCO3luq#GA3}UzynZph}MAaEUFA6c%(?gQzJ*4xT6V;h;l>4MnGVY@A8v z3$b;qgFem#Xq0{BjRG7{bHeQnH1~N}=EeqD)~kK9Tr=VUM8S4O{oxJjE&i(WeJynY z8N@QXKjqgJ3jU1DTV!Lt&R_#vYWXKVykZkH=Jjbm@lVXS0mNt>Iu(CLKU3vp(aeJX zx6E?nljDzf`_}CJ0+xZhT+~DF%Lf+vi%=9KQNx zH4qBWI&s_&lj0+TkO+#pOPhQN)hv;ukx?3uFjHEa#qu#G7}w~BY&KvfJUij7WdiWc z(HNDM_Es%Bb)DaF<@Zef$t9V}!McEFSmB5^fcHslp@uv-WeUDJ!l)6Qqm?kkMaKrw zec|r-*3t|b-phaDX9O21Rv9u@rM#LQ4BWU21(O zX*`ln4hh^MKaN-uHtWF}_z*%!6Ct4ScM`Q=-)g)P{Ssrh6mMY6n z^G;jab+-4TBOi|$(ufmYgt2#y1W=o!s4F&uMs%_~qPDU_%xMa)e>2s`c_iu{>?9?@ zgJyfsUDuCw>Dy}9m2G|;D8&2<2iF;_1=G2NZB4KeW6q5I4Ao)2oR+yQ!H4Yd7K4DR z=j$nggpq>~T0+UyVC33}D6+X4KjcDMoEm)u?+rsTSCB6nI7A^&A`UQinhq$mT}CMR zafw1S*^_D1wzl{Xx07&?l6_m@22y#D^DP;=87m>6aOBPD^%M{ykDe2#lW&BF3BppS zCAd}(jr~<=+Ubx4>nK#er48Ny=uHiQDIX_s_2Oyg;P~-EZ`thL<4U4_E-%8YR-0%b zNX|X{%^*r&6z2F_zg}0;jx-L1Xgh$iL+=yz`tBWwy@Y+{Y6#KiHlY+x z8r0%|u3XpqYk^|H5g&T5qPq|@k_P>HcAz&TBQV04OA=4uMH%`SXjgN|mNYxX+>nPH zEfb_=1j_2XI?dPS@7GbW6)SCIiZgF&rR!Hek;gdpJRM<+JvR9u!ve|#GmWvh00N^K z%?Y1+nQQRv@~*)cnQg#>nvqoeYd=jZfWSin3tBX^EmR!=sPSqGt>)(5ACR`8>h!l1 zFN@S`&eGJ?_lGP8*qqk`i=$A@gmS0i7hGNbXXw>8l4%Vf#>2+=h1ieT)izV#Yp&Lt zv1XAQ)Oq|dgwWU|V$53;^vqPWwTU})N4(94x4&gcqt=Cc;P`Wt>r~yzr6`@z6`J8V zN4w!Y?s&EDFFa|j&i5N8a0>mj&w;Sw#jDb3L9~djQS5cY6Ku>IBh3td=ka{3HU-Sb);*%bhd#h^q1 zTT-tNH_=yZ!?4}~2jW~Uf()K1h1*314H4@aILqbz`&fmsV92!R2CVXny3@#hNGf3s zNIjA^BcxfvmN?{an^7;=3~zA|ZI-PA&kCh63Q8eQ7)QL7lSRB|WR-GnSns~&P)-Gn zdePKP4hUx+k;s-o8$FCE_~aRIvk;aiP>0rwQ-h1u%Wwg>XNG<9ioUYom*DkAjK2L! z1AFsqN&%G8A*uWfmdpX*_xX+I(kPYm^sBX~>^}xLFZPdzi5Yx@)fu4lzYAcE{Ur_RoyvEmuG^S zx;SUg4@mK^^vm>&4GMmevIIR5enhiYXmu;f#Wa$i^xr7UA`NF+{1vu$c3?}qdn{I3Hna4vi*zK=t!b;8~el1>_7-V@W+};Tf z(MHq?it`wC+e}S zq$#j{>#co!j5{t^SkD1e7;Gi_mAbVps_Fr^^G0S}82&^>nT; zB&J5?C`)}Z1U>k zCxA9uxy*T<2J63*`W?kyVJI|FG68*khEJl1bddWUql<9nXs*B@#C*jKnG3gTAaBmEKSwo(l4WQH7ktsP|agJmF|7DSLI ztv^pJgeHp6#B7bbHEeVPy)h^LP%60~a&6EH`BItXhw81a8Q$vYn^a`T`x98=(NtF>hIO(+*rN-wZk60?I?EY+O}sJ*Q&2@EA`Lg z0NyL(QjI6yecAjp+WBdS=)n3-Lf;ky#4cq z^1Y+)t;WguZjM%oi&@j`H=bxlcni<@1Sgbcgw9vlWj`)`&+^E>L~bNBMPKu2@x<0; z7BFAx%`6cUw11A&!9IZ@`8)b8ime$Rr+5UULYWCSpDW81SESdGH@XrxP( zegWw%6iyjAij%7;Ha2SdnLNkI9ig9TaW(w9WX0)>b~?sMl;^?;9WOtYG19#a5k^RohS+W`x}g-y_&?!K%u~+^$ox4XpF8_Q zjAJtQvdsH+jVl8g>uEPxh2meYgKD>u`)W<=b$&-yk{(4SJe&@uYJ7E1e}i?WY}WCu z03TchyJ>8b8}5;LY6;azOWoLFP1}Jwqu$>ooA~%=2`5!`6&0rPo*RT1n3uq3Ir8}~ zZ~R0+wp4f&0^Q4=UXXd}q^B*uu-E~|&3jTeH~yRu+)y>)3|={12< zapz;Vewv*MT&cS~QMp>v{qq>tknWJqC`o$H=3PI3B>0Lw-RGvsD6=O2T$dQsM)&Cx zF=e5V!sQNml1|dq6}Tl7W+WHr1ii2#cbD7vWt_q^Uv^^zMnn{1rLf9@KK@6igoTuH zrd#O3qCwC~hMy^};{3v6?|2d64eCOls6P_U4fXbO;e~%hcmBe;oi7ckMI5<4o%o@S z;7c!5la)}(c#_fiLhQikqAnV&{YBwH;^H21qtUP_6W4^GzX|D-J#VbN59bHN%-gezEVkg8tPWqe>uySh6r~TvIPO>SK4KpFkA(enn8ix6 zf|!2E`L3IpEJpAD)M?Ig2U|#vVW%q=f3kecBu{q@%hrT%<_TGcEj!VBw63584?nPh z7rw59YQ}q1MR12==sqr8G$JpOq*>^+MKG^MZiu8F3#$L8m*rQH&X3_AtPUT6$+_7v zzIT}ySrl22wt&E71!w(Xdjz&Q0;}IY-`qg^;0ktxFV$JtRmBtpvbu7TE0K~_g^z{V zA2s{9=6B{c?Xv7gB7Yl_?I3m@BCsU$Rspwh<)T*V#wR8D|=G+d7rXH+dTWXu9ZMXwZ>yyN-L(&5RjCF zmW}91MbsB^Ud!Koe+@d-EYGAKF~cu&|kVB zYhqdFW@q)sS!-FO?FoS1-@J80iyC*AJ$m#`ybbsT-|Ft6Co3nZu z$Qk*y9xeJRh^uUPmEgWCxP1&U-k%P#`sr@z?!b;}&Qy9bU1Jlp-S?I1;2xlj7RdtL z^jPYxhte8TVnOh~$wyHi92xBP`I0PBR^cpk^rTlL02Ar~M0^kh+&Fbq`RMJHyDg0IX}JArYb}&? zdyy;oVb%Si=C-7t{VA-UX<)f{vxP>DBM~%%)ogXI!)U5%Gd?<6+~I@vTB@uDMo+U@ z)-xkipRs&LtVSf;s{+;M+MQa;qqyBfO;5$?WVF-;dK)lhqqcv)LWoLRDJv|y&_u(l zu^7M&F{8&}3Uc1}jp=qX?tx1|eaVxoPTG60JJJGa8J{N8kg_l~xkj${Y=WOEGV%FE z>yS4Cps^;LuxG&A#{o1<)|}fzfVUQRBkLO_OCW#y6Ti&rr|JML-rR|o8Yc$Y+AkN)9h-~(P+J}Nw?1Q`jmpE9b;(W+VN1U`mj#V@klT<}*hFQ@_9jo?=bdeS|zW5E{+YnOi4G~$buogZO zMrmcWwFoR-XKnM)dySRE&u`D1K=BF}3bHhlKmLP2^zSOp=l%VezkB`ufhVlC|8D5T zuQT%f@M*hJ%j{LjL-gc+H#z2ZoEa-*++x-F|Mj8o|5YF@S^jumGn`(-?}mF)`nRQL zwCUN#m&4W(Ek{CIgpW+t@Sg<#fI?7cGm@%3-9ljaD6>{1dTVKz)c*X~-f9SvWI8&z zd3Yp%49n}U=Cl7-w=DiAk*SFoen2On(MV>{!d7Sm>*q$Oqj*{ytu#MhM{|QmGcN=| zvInsmc>oV1{(Io3EWd6E-6{fwZ``Y_tSm($9gtKnah;zPB7w&zx?KFJksVwHVMD+qoiIBU>(D+MLrwn&+-tTgbz>?`syEyGESQ^Sri;vog58EEOk2AfM(Ysh#nsRP%@Lfr_^hCGCinF*t zJt(6_IN|h$Qdm`!u98pCz1`Jdvj5x1O=e`!TZaFj&zoVG3rWdu6CRp z@UYG!c@V2|9>mKa1kcAcJ5byI1!VM|e9dY*>6$f>{`0T0@(;3@__RCoyuqi$ZHh5_ zDPvxWbzEk_KbR8-S+5!l^g>EFGFZOI)u4Nnbu3nJ;`C-S zrRlXz5@ZPS!F98z;jQF!1IZ=D&e=krflf~0K}b6?Yz&%D4xS&&d+M-3IeQl-4k6q` zgSx4Isr7tOZ6SX{-`Ca`e%lwYbY(ya`zz?cqBXKbe^=WkPk1qzeImX=3ViU8@;2M7 z6KnLFVi#zCHLI86KZT zo7w$)^L%)GfA!YO|JL1kMm4!@dmlw%TM+kF1c4Ad3T!}NBTc%9C`F1?Aruj%lYkI< zh>8k=5^17@D!l~|5=tm4AkupR0fK;6uL?ZDvW`joKH#wj-q`DL(L(h(BUpKVu)S-XZPZqQI>Y&k?UY)M^{Ad5)T^2#J}yyiSXIy1mem`|Of9 z>4WfcwP>YBsG%7sOJ(WsaY)aqMwQ;sOeuJ7>aM-^XI1YJk6fLLB6BhYplM9fH8*8S z)zN1ivQe1N)xKs6{EK>hWQx5{75iMJ}b+Ee1Mx?v^?9Fvsq5jIb? z2_`g#dFk`7u_yO4P&mi;(_E4%rSote4V2GJHUh!vmEyfu-kOxVtY}=hpW|bOBXW35 z+kg!XcU69A20_Z(iAd9sw|L7q(#5XrQ_WZdlZZ#HC*@<3Iej+A1JcQ%>xNYcod-+b zfWX>URUVo>8gwZXd@I(@ot8HEW}9Ouq{i4+2WDynXjqntg8r`2X@Cb!80Eo($k|0V zcU@V^ZNQ_m8S&Gjb7SpmLZW#o%gZ`N`uf(25tx$E-M9VGv{FZSp}J0KLLC0;6dM;p3manY<`#aEU#dkE*I-Y=~`PPK+M z3e;${r~ZtR9ks>bx<09lWffX$kQBipg%<*|cus;!15Rpr3u>UsXUw;EjOaV?*1WTD zlqaNoKdZd~YFeilPiiy`;n!Jk)T74EhH|!J4X`wxPaxBEVN6AZStE0|k@hxjL`@Nf zcn6F3J*diOT{Bw*7vf}o4R-y4?nG;~2-nBY|ON@2(ft!eAApO2QC#q2>|rnw_~ zcfVAAFyoi6kbkY$*->vUmxO4+#(RC8$66JrEBU>8I5?HkoH*IDqfhE3%glhC3K_<} zb(tQT48FMbmmV~ChY3AknWj|ZiiSM?wme*?$Zg=t%w`l1b`zYt12WR6hdpC~Maj^p zLLv92cfKk$WEK>NOG!yBFsP&CjU7s9h#QdM&8iwny;nZSF&HOdk(mYq;V$i=a@dJW z)cvzsoA~{6E)hp=*NR_q&_(%mv{JKLIh6YZp0lg-^WiQYMaaT*edvbyNxZr>h-Y(l zciJQbjV07o?$ZRyM@JXT$;`J93rI7F_-o0AKhKLh`;J4>^oFt@iUl9{dVTy2x!ubH zJr%7B8Mm*>KuhxSQ*_Z>hP40(Xin78L63gBZuufBOWyW*m3Vf@=geHTu+0l)p{lRE z1-=#a4($wGkxFD`m|G0-$nSZ!%B!t!OpFvtVOFLE+0zDQF>PjsyLrK&t1pSR8J+a> z!8D%H5q)=*{G6)ELp&RotHHq%0RpR^$*E`V(}<}3VbsI*9%$Fxpqg9;maFj_RjK7X zR{}oWL(*#}&_qc=Q;Ex;`Y@L2qr&nY$qEU)9Zai~Gx-s-HzL)+;f7LYyh{sS6lZyS z&>E{RjRW0Ae)+z{>98Wz6P6W?Pm&VZ&Gc*#pKXm9`^??PFU0L$95a`D0i(`#O?|M0 zWi($G4ZzD^$a$O-@OR#67d1gy^*)^ANk+dv>@NMvIel^E8AUaB*!pm+)a|Ll3YEBxvx z`(};|LJz#t8&Qd5hGDC!D4b#6IqTZGN9FO|v*ke@?|T%AYLuN9sTMH6)MTe2Tx|*9 z87{mYdTD5Pi)ZtELSx&$=lh$5bE(A!mfgg2`iK&Ii|PyC2oS3r0$m@+dL$7k3@aqv zYA1=g=CCM+TobGR$MYA?JFEvU69~ETo(Jf)*)Bil-kHeZC|>UxgeUzVepWzBYB7Fi zi&eZhfB~?BxLy~jAPNDs%u0n6kyN}k_;Bv{o1W7zV!cc9+$vOuFxYBnwdk8eK>2jA z!p$^6Y3$@HG56McC=UBY$Q;d`EX_4hRoKAge_iQdO_#SUtrBQZqI6ZY2<}n(=;Rm_ zc#~at>QQtJfi}2Z)Dl+1`1yS3Sas&xbIgy-l8GHD+C-Uf7Z5R}=|`^BLzG!=gs%-? z>@TLIMusM>t<5A*uoU0qst#$GuW#w`k?8)e2OUOZt#zWOQ0|V7=626RKWlWJ<&P-S zKGUbtLa55NFUmx``)I(ZI-uRC^wMvai&u?#s+(HxB+-dZ`K)2fSa~#pTk+*>26_0+ zt0{ps2=r-*apJQ_cGBs}Ny-qT`;c4hegz`LSc^f+Oph;e4wc5R_z!#1Qbx87+qSL( zX8wJ3Bb#-q{zMM!)hZo|U5&{0i5VS~W-cgttyK_N#=Qw^aVnzlnMcQEd9qOjqh5>A%T6~- zTyCcUt|N{K@>9gHmzaw!XfN}n)5S?zfDawJiy}}y?i}CcBL?~*pA6#){M3x{yZO~c zj;;?R86MLE4sxx%8f&o1=D>R1msWo1i?#c49G#8!4GIIIw>m@bL#kY}e+Y_TEyfgn zo$m{DO;?Y_*|C5_jB&LK4n4oVh6AIPfIl>|^wuX{jgL_doi}%=K9PNMPSGEsl{1aP zIgzFV`URT?%Q^)ApoBy`Fsl2j3W{wf8evV* z1#PHFJSySr$5{&>z`>TmLgCZJgK0Auz`&C~t1gDId#aM4>YQ-^9H`>~6NupTE~WZy zhpp!hD+gS=+v&_8n!|3zMId#A)Ngai%2Zx_x%oG$X~<^wi%z91GSGUL3|{wHipWAF zV*Y}6j8%!#Aaj+{J!ronSFqGY6~!fuchrcDm1~z^x2^T)wabd)Vi+&apogf|V~c{R zGLkxwvzLC@aUlk{f*tQ$3|qC}Vszb$s&U4_0WpH00-}Si-fOCdum|=@gQ2#SFaDV^B zO(b)(ejDgt-fZ0KXeykn6N`g<`Loezo%$DSlXW3fuf%iLN5`hNM9|gWrz3)Kg^}62@1jM=;+OcqcJ>oOSntJYx9+UO zzZXyvWZyzB-g_s!+S12^DJ4~Pm79&s{he~~Zn@{dh}7Vh`AYPF4Q4W`%h^Z*(tJW7HSTX7=(A0lgL3s+F4h^Z87*zB@CT^bjjU~OV z3D?r$LgmFO+I>RXPYPr5-9yYH)&oFkuWUb=LQ27i^8Q?1XuNJZpU>_b7omyiB>a>`Q1BREsLL<*{0 zR%ACGFPFR--1VrP&Y@kR%yV58FRgL}k}$D{K0(+ugOZQD{);M=p@hj7vH9~E}#&&tjKWLZu z-<4NUAj9<5TsqxSop?9K*eO2Azc^ZC_9&v#MbJDR3W{pBaC|?JugnQxo z%P&=n4ieA5KW)TbB5e$b@W+qbm`uatQZTg-9MCHM=>zr^(4Nl6m|;Y<0vnq-CE8){ z16uOb_b&^tF$|y{-=b^YU1DPG$=|c)Ki?IDIal$7ViE zRe-N{lvgb?i4OrAcMpeny0 zHo8k)3g@!#b!k_Y%dL}iso(n@=phXPTG~?k-rIi&)uwEQ5b8GS-qzo^sJrR6n3*w$ z`F(sPc!BYae4L2%x1PqAF2JGD>};Nh@IJ+Al&u$R2JM;#YlZJs`iGi?KZs`_lv z)|&@%v?C-&7!|nDl#|LJc&x)*sbHcJ?GB{dD>eZ-;z(NWf5I+dO-n?|M{cq9J0Qr# z$~F|{_&EO1uM*a)UjUAtCk7NC2|Y6y?68@-hiZD8m*PG zKj{!W2?&Kw-82@&-ORrQsP{dE{+Uf`qL^;f0`e70>psNx-N>Uk58yTc8HWG#pA@A3 z1W>fc?X8^Kh=TC8&Q4@~v_8zr9&f6msEYR) zCi8r!-q#1c6lwMU2AS;NfBu_f-sZcy$>6*$k7hy^*?kQ6S$0XeBsf)??OGFukGjeg zLdl-Kk1j4a$cA6_KH)?85@Bo2YrKJKY!!p6-7s`lFO;k*&9`h3`S^Ltej%=iNu4=W zZy%W!g`#>k8YnK{OH*GR3w4G|1Ppa?n$Ai=P{n^7nk4(G1hx$_+wTnR4j%esL?~-2 z05)#_#*9f1snGMJ(lEe2dctqrO<7z%g{{#MP!p0m;?bs}nsY)f_M0aQVWyTJ4wZc) zLF1tG1^O3dd7ox`9PBm*><|EhlVPk}yazw-ZG*6m$sVC0oBP3Y(d zeSg^EU?r!~b{NLg0M#WAJn07|4*4uqtN7-1rXBv%=82;Ec2G=bq|8u;V5i&UW=9x| zZ3ogebACzfoabc zKw=oHWHnvoH@^Vsz3dn}Z#eaKWZ>0d4A6v|J~;q=$IJvBIi>Zg52?uaqAojp?n~24 zQKsHPozjD=(le*dmf#6KWKUnq)l?JFt<_dR_~>h|TvAU?xJp%(9_ND&MpEgyr-fmu z_4UR3yrif_+6gd3K4XE{5I*N8t84qd?^!Oa(@P3rD;SvD(X zfWS3~MJ_$=RdsrCp-J@8n383+-UOrj+55e@@rWS68=)C!vHcMCyd1JSoh97!oZYLo z45{n~OOAEc#3f1E;;KRoOL?c_Ezfvw9coiJ^GgY*$)uAc*X3Q*`#rIJa?XgEGF-^` zlxhErVg4<{m~vaZs$?lz>iQE3*|*jvu1){W+twrgqNm3^7E28Do+z{3yU4E+DS5J> zyOcX8SUcTrQV1&x4|zYpM=zMZ;QrSph z?lhZ;tBg3=VjIAtmVx4059qYM%0l=(h#9# zc!hK24i7-cvm8mQj9&>S{{SgSkEW_Cr!%8%s_W zJdWL#1|dgE^7G<+Yt&hOM1Kx}PYBbUFLX*RG%txme*MO!Hz$I&x6TA(_D|GmC=_$r z@)tU>SBp7wY?$`W5*vjPkD?FPfF1*jvy8nirwv)3?c$(P&}tVY#77w9CDF&CbAEl! zrJ+%?QEabb{q1#OeNJh&ZcmuB;1Nwsyy&|uYmac&i}&m47G0Nd6!t!8EGJ}$J~Lr) zhi`MuM}5^6-*An4Y<5_Y_*f&kH&O=d0KPAEvZB_px2?C9ZjVobt0hl-96j3~A7WW` z5x6pa>h2vXC#JFeP;UL|KWn#6>9aC0+F-C& z`S5|zRz64V+YM)Vi4Z59Xz=a=efLN0*viDTG5XD(_4sthY`Ga zeJ&7vk@et{sPqKp3Et1WXzH=#e((N)6Wk{|qNl$+0T-@)T1l|yf7f?L3%%R8`XL^r ziOEa1v(e-wBO+(sWdye~gW~9qmTIE2L+0c+j;tvX|DCEF=(um9(wIFeOoLSDG05a6 znEe1Ucotln6UcJq=4sHytDcptZ1*6^9-CcT|D-wx^b+6x_Ajo*Q$U`))-}v2P)6@p z8-843MdK9sDbV0Q{a*r0{+}ij<_zxd%o5FzRy2^o%diJ)v@wdI&l32Pi~x%ynz1_k qUu;ZZ%dVvv!PkM8e><|kHh&F Date: Tue, 4 Feb 2020 09:52:50 +0500 Subject: [PATCH 008/112] Update use-system-center-configuration-manager-to-manage-devices-with-semm.md --- ...enter-configuration-manager-to-manage-devices-with-semm.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/devices/surface/use-system-center-configuration-manager-to-manage-devices-with-semm.md b/devices/surface/use-system-center-configuration-manager-to-manage-devices-with-semm.md index 0cf1ab9bda..a538d33d5d 100644 --- a/devices/surface/use-system-center-configuration-manager-to-manage-devices-with-semm.md +++ b/devices/surface/use-system-center-configuration-manager-to-manage-devices-with-semm.md @@ -480,10 +480,10 @@ To add the SEMM Configuration Manager scripts to Configuration Manager as an app - Select **Registry** from the **Setting Type** drop-down menu. - Select **HKEY_LOCAL_MACHINE** from the **Hive** drop-down menu. - Enter **SOFTWARE\Microsoft\Surface\SEMM** in the **Key** field. - - Enter **Enabled_Version1000** in the **Value** field. + - Enter **CertName** in the **Value** field. - Select **String** from the **Data Type** drop-down menu. - Select the **This registry setting must satisfy the following rule to indicate the presence of this application** button. - - Enter **1** in the **Value** field. + - Enter the name of the certificate you entered in the line 58 of the script in the **Value** field. - Select **OK** to close the **Detection Rule** window. ![Use a registry key to identify devices enrolled in SEMM](images/config-mgr-semm-fig3.png "Use a registry key to identify devices enrolled in SEMM") From c9dc1362f848945420b1051785590387809fb54b Mon Sep 17 00:00:00 2001 From: sckissel <32919113+sckissel@users.noreply.github.com> Date: Tue, 4 Feb 2020 10:14:07 -0600 Subject: [PATCH 009/112] Update policy-csp-system.md Added integer values for "Allow Device Name in Diagnostic Data" --- windows/client-management/mdm/policy-csp-system.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/windows/client-management/mdm/policy-csp-system.md b/windows/client-management/mdm/policy-csp-system.md index ff54e474bf..7cb986c7fd 100644 --- a/windows/client-management/mdm/policy-csp-system.md +++ b/windows/client-management/mdm/policy-csp-system.md @@ -307,6 +307,10 @@ ADMX Info: +The following list shows the supported values: + +- 0 (default) – Disabled. +- 1 – Allowed. From 1de3c8783505882afa145edac0325d0c3ad126ee Mon Sep 17 00:00:00 2001 From: sckissel <32919113+sckissel@users.noreply.github.com> Date: Tue, 4 Feb 2020 11:59:48 -0600 Subject: [PATCH 010/112] Update dmclient-csp.md Changed AZure to Azure under AADSendDeviceToken --- windows/client-management/mdm/dmclient-csp.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/client-management/mdm/dmclient-csp.md b/windows/client-management/mdm/dmclient-csp.md index 4767766c8c..d1203b326a 100644 --- a/windows/client-management/mdm/dmclient-csp.md +++ b/windows/client-management/mdm/dmclient-csp.md @@ -260,7 +260,7 @@ Optional. Number of days after last sucessful sync to unenroll. Supported operations are Add, Delete, Get, and Replace. Value type is integer. **Provider/*ProviderID*/AADSendDeviceToken** -Device. Added in Windows 10 version 1803. For AZure AD backed enrollments, this will cause the client to send a Device Token if the User Token can not be obtained. +Device. Added in Windows 10 version 1803. For Azure AD backed enrollments, this will cause the client to send a Device Token if the User Token can not be obtained. Supported operations are Add, Delete, Get, and Replace. Value type is bool. From b74d17a6df3f870192ab5e2b246ea9c2c256ca78 Mon Sep 17 00:00:00 2001 From: MaratMussabekov <48041687+MaratMussabekov@users.noreply.github.com> Date: Wed, 5 Feb 2020 09:07:27 +0500 Subject: [PATCH 011/112] Update devices/surface/use-system-center-configuration-manager-to-manage-devices-with-semm.md Co-Authored-By: Trond B. Krokli <38162891+illfated@users.noreply.github.com> --- ...-center-configuration-manager-to-manage-devices-with-semm.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/devices/surface/use-system-center-configuration-manager-to-manage-devices-with-semm.md b/devices/surface/use-system-center-configuration-manager-to-manage-devices-with-semm.md index a538d33d5d..fd310cf7c7 100644 --- a/devices/surface/use-system-center-configuration-manager-to-manage-devices-with-semm.md +++ b/devices/surface/use-system-center-configuration-manager-to-manage-devices-with-semm.md @@ -483,7 +483,7 @@ To add the SEMM Configuration Manager scripts to Configuration Manager as an app - Enter **CertName** in the **Value** field. - Select **String** from the **Data Type** drop-down menu. - Select the **This registry setting must satisfy the following rule to indicate the presence of this application** button. - - Enter the name of the certificate you entered in the line 58 of the script in the **Value** field. + - Enter the name of the certificate you entered in line 58 of the script in the **Value** field. - Select **OK** to close the **Detection Rule** window. ![Use a registry key to identify devices enrolled in SEMM](images/config-mgr-semm-fig3.png "Use a registry key to identify devices enrolled in SEMM") From 98c405796d99600c6fedb587a48d3b1368c2fe2e Mon Sep 17 00:00:00 2001 From: VLG17 <41186174+VLG17@users.noreply.github.com> Date: Wed, 5 Feb 2020 15:02:00 +0200 Subject: [PATCH 012/112] Add segment related to enabling network protection https://github.com/MicrosoftDocs/windows-itpro-docs/issues/5793 --- .../microsoft-defender-atp/network-protection.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/network-protection.md b/windows/security/threat-protection/microsoft-defender-atp/network-protection.md index 3c6f9f6bc7..92abdc1744 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/network-protection.md +++ b/windows/security/threat-protection/microsoft-defender-atp/network-protection.md @@ -29,7 +29,9 @@ Network protection helps reduce the attack surface of your devices from Internet Network protection expands the scope of [Windows Defender SmartScreen](../windows-defender-smartscreen/windows-defender-smartscreen-overview.md) to block all outbound HTTP(s) traffic that attempts to connect to low-reputation sources (based on the domain or hostname). -Network protection is supported beginning with Windows 10, version 1709. +Network protection is supported beginning with Windows 10, version 1709. + +More details on how to enable network protection: [Enable network protection](enable-network-protection.md) | Use Group Policy, PowerShell, or MDM CSPs to enable and manage network protection in your network. > [!TIP] > You can visit the Windows Defender Testground website at [demo.wd.microsoft.com](https://demo.wd.microsoft.com?ocid=cx-wddocs-testground) to confirm the feature is working and see how it works. From e400c1ee47a5d4bf50c815349618464a29435c6d Mon Sep 17 00:00:00 2001 From: Charles Milette Date: Thu, 6 Feb 2020 08:54:48 -0500 Subject: [PATCH 013/112] Update notice about MBEC support This updates the document with findings from #3997, and makes the text clearer. --- ...-virtualization-based-protection-of-code-integrity.md | 9 +++------ 1 file changed, 3 insertions(+), 6 deletions(-) diff --git a/windows/security/threat-protection/device-guard/enable-virtualization-based-protection-of-code-integrity.md b/windows/security/threat-protection/device-guard/enable-virtualization-based-protection-of-code-integrity.md index 1edd7842a6..7619e56909 100644 --- a/windows/security/threat-protection/device-guard/enable-virtualization-based-protection-of-code-integrity.md +++ b/windows/security/threat-protection/device-guard/enable-virtualization-based-protection-of-code-integrity.md @@ -26,15 +26,12 @@ This can cause devices or software to malfunction and in rare cases may result i If this happens, see [Troubleshooting](#troubleshooting) for remediation steps. >[!NOTE] ->HVCI works with modern 7th gen CPUs or higher and its equivalent on AMD. CPU new feature is required *Mode based execution control (MBE) Virtualization*. AMD CPUs do not have MBE. - ->[!TIP] -> "The Secure Kernel relies on the Mode-Based Execution Control (MBEC) feature, if present in hardware, which enhances the SLAT with a user/kernel executable bit, or the hypervisor’s software emulation of this feature, called Restricted User Mode (RUM)." Mark Russinovich and Alex Ionescu. Windows Internals 7th Edition book +>Because it makes use of *Mode Based Execution Control*, HVCI works better with Intel Kaby Lake or AMD Zen 2 CPUs and newer. Processors without MBEC will rely on an emulation of this feature, called *Restricted User Mode*, which has a bigger impact on performance. ## HVCI Features -* HVCI protects modification of the Code Flow Guard (CFG) bitmap. -* HVCI also ensure your other Truslets, like Credential Guard have a valid certificate. +* HVCI protects modification of the Control Flow Guard (CFG) bitmap. +* HVCI also ensure your other Truslets, like Credential Guard, have a valid certificate. * Modern device drivers must also have an EV (Extended Validation) certificate and should support HVCI. ## How to turn on HVCI in Windows 10 From c3578a29207033685c76d6f785de7b9909cc6d9e Mon Sep 17 00:00:00 2001 From: Daniel Olim <49715300+daniel-microsoft@users.noreply.github.com> Date: Thu, 6 Feb 2020 15:25:21 +0000 Subject: [PATCH 014/112] Update white-glove.md Need to be clear that it is either LOB or Win32, not both. --- windows/deployment/windows-autopilot/white-glove.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/deployment/windows-autopilot/white-glove.md b/windows/deployment/windows-autopilot/white-glove.md index 9fd9e87869..a0bef4bb0b 100644 --- a/windows/deployment/windows-autopilot/white-glove.md +++ b/windows/deployment/windows-autopilot/white-glove.md @@ -59,7 +59,7 @@ To enable white glove deployment, an additional Autopilot profile setting must b ![allow white glove](images/allow-white-glove-oobe.png) -The Windows Autopilot for white glove deployment pre-provisioning process will apply all device-targeted policies from Intune. That includes certificates, security templates, settings, apps, and more – anything targeting the device. Additionally, any apps (Win32 or LOB) that are configured to install in the device context and targeted to the user that has been pre-assigned to the Autopilot device will also be installed. +The Windows Autopilot for white glove deployment pre-provisioning process will apply all device-targeted policies from Intune. That includes certificates, security templates, settings, apps, and more – anything targeting the device. Additionally, any apps (Win32 or LOB) that are configured to install in the device context and targeted to the user that has been pre-assigned to the Autopilot device will also be installed. Please make sure not to target both win32 and LOB apps to the same device. >[!NOTE] >Other user-targeted policies will not apply until the user signs into the device. To verify these behaviors, be sure to create appropriate apps and policies targeted to devices and users. From 5d90460ce71112d8bf814a4b96a2bfb99a870974 Mon Sep 17 00:00:00 2001 From: isbrahm <43386070+isbrahm@users.noreply.github.com> Date: Thu, 6 Feb 2020 21:10:44 -0500 Subject: [PATCH 015/112] WDAC cmdlets are available on all SKUs for 1903+ builds The SKU check which restricted WDAC cmdlets --- .../windows-defender-application-control.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control.md b/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control.md index ba4929c2f6..e336068fb0 100644 --- a/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control.md +++ b/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control.md @@ -58,7 +58,7 @@ WDAC policies apply to the managed computer as a whole and affects all users of ### WDAC System Requirements -WDAC policies can only be created on computers beginning with Windows 10 Enterprise or Windows Server 2016 and above. +WDAC policies can only be created on computers running Windows 10 build 1903+ on any SKU, pre-1903 Windows 10 Enterprise, or Windows Server 2016 and above. They can be applied to computers running any edition of Windows 10 or Windows Server 2016 and optionally managed via Mobile Device Management (MDM), such as Microsoft Intune. Group Policy can also be used to deploy WDAC policies to Windows 10 Enterprise edition or Windows Server 2016 and above. From 3a7fb4d80cb6bc7298b98e4c03ddcba35ad6e62b Mon Sep 17 00:00:00 2001 From: ImranHabib <47118050+joinimran@users.noreply.github.com> Date: Fri, 7 Feb 2020 11:28:26 +0500 Subject: [PATCH 016/112] Minor correction The last sentence removed as it was making no sense. Problem: https://github.com/MicrosoftDocs/windows-itpro-docs/issues/5874 --- devices/hololens/hololens-recovery.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/devices/hololens/hololens-recovery.md b/devices/hololens/hololens-recovery.md index b2e0d48bc7..7833886901 100644 --- a/devices/hololens/hololens-recovery.md +++ b/devices/hololens/hololens-recovery.md @@ -110,8 +110,8 @@ The Advanced Recovery Companion is a new app in Microsoft Store restore the oper >In the event that a HoloLens 2 gets into a state where Advanced Recovery Companion cannot recognize the device, and it does not boot, try forcing the device into Flashing Mode and recovering it with Advanced Recovery Companion: 1. Connect the HoloLens 2 to a PC with Advanced Recovery Companion installed. -1. Press and hold the **Volume Up and Power buttons** until the device reboots. Release the Power button, but continue to hold the Volume Up button until the third LED is lit. It will the the only lit LED. - 1. The device should be visible in **Device Manager** as a **Microsoft HoloLens Recovery** device: +1. Press and hold the **Volume Up and Power buttons** until the device reboots. Release the Power button, but continue to hold the Volume Up button until the third LED is lit. +1. The device should be visible in **Device Manager** as a **Microsoft HoloLens Recovery** device: 1. Launch Advanced Recovery Companion, and follow the on-screen prompts to reflash the OS to the HoloLens 2. ### HoloLens (1st gen) From 102979dd9bf51de0b20ab0fcc1a472f2e07b11dd Mon Sep 17 00:00:00 2001 From: VLG17 <41186174+VLG17@users.noreply.github.com> Date: Fri, 7 Feb 2020 15:12:39 +0200 Subject: [PATCH 017/112] Preffered should be TPM 2.0, not firmware https://github.com/MicrosoftDocs/windows-itpro-docs/issues/5853 --- .../credential-guard/credential-guard-requirements.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/identity-protection/credential-guard/credential-guard-requirements.md b/windows/security/identity-protection/credential-guard/credential-guard-requirements.md index d0124ff8cf..3fb77b5244 100644 --- a/windows/security/identity-protection/credential-guard/credential-guard-requirements.md +++ b/windows/security/identity-protection/credential-guard/credential-guard-requirements.md @@ -31,7 +31,7 @@ For Windows Defender Credential Guard to provide protection, the computers you a To provide basic protections against OS level attempts to read Credential Manager domain credentials, NTLM and Kerberos derived credentials, Windows Defender Credential Guard uses: - Support for Virtualization-based security (required) - Secure boot (required) -- TPM 1.2 or 2.0, either discrete or firmware (preferred - provides binding to hardware) +- TPM 1.2 or 2.0 (preferred - provides binding to hardware), either discrete or firmware - UEFI lock (preferred - prevents attacker from disabling with a simple registry key change) The Virtualization-based security requires: From 201dbc6404b502b6c62e54b9a0dfe9230c81cfe0 Mon Sep 17 00:00:00 2001 From: Aaron Czechowski Date: Fri, 7 Feb 2020 10:26:09 -0800 Subject: [PATCH 018/112] revise ConfigMgr FAQ --- .../identity-protection/hello-for-business/hello-faq.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/identity-protection/hello-for-business/hello-faq.md b/windows/security/identity-protection/hello-for-business/hello-faq.md index 57b0ea0add..f7dcaffc22 100644 --- a/windows/security/identity-protection/hello-for-business/hello-faq.md +++ b/windows/security/identity-protection/hello-for-business/hello-faq.md @@ -31,7 +31,7 @@ Microsoft is committed to its vision of a world without passwords. We rec RDP currently does not support key based authentication and does not support self signed certificates. RDP with Windows Hello for Business is currently only supported with certificate based deployments. ## Can I deploy Windows Hello for Business using Microsoft Endpoint Configuration Manager? -Windows Hello for Business deployments using Configuration Manager need to move to the hybrid deployment model that uses Active Directory Federation Services. Deployments using Configuration Manager will no longer be supported after November 2018. +Windows Hello for Business deployments using Configuration Manager should use the hybrid deployment model that uses Active Directory Federation Services. Starting in Configuration Manager version 1910, certificate-based authentication with Windows Hello for Business settings isn't supported. Key-based authentication is still valid with Configuration Manager. For more information, see [Windows Hello for Business settings in Configuration Manager](https://docs.microsoft.com/configmgr/protect/deploy-use/windows-hello-for-business-settings). ## How many users can enroll for Windows Hello for Business on a single Windows 10 computer? The maximum number of supported enrollments on a single Windows 10 computer is 10. That enables 10 users to each enroll their face and up to 10 fingerprints. While we support 10 enrollments, we will strongly encourage the use of Windows Hello security keys for the shared computer scenario when they become available. From bbc69a2a89bf6f5a44282b58133046acfc42a801 Mon Sep 17 00:00:00 2001 From: Joey Caparas Date: Fri, 7 Feb 2020 16:27:12 -0800 Subject: [PATCH 019/112] update icons --- windows/security/threat-protection/index.md | 11 +++++------ .../microsoft-defender-atp/images/AIR.png | Bin 0 -> 2290 bytes .../microsoft-defender-atp/images/ASR.png | Bin 0 -> 1544 bytes .../microsoft-defender-atp/images/EDR.png | Bin 0 -> 1589 bytes .../microsoft-defender-atp/images/MTE.png | Bin 0 -> 2120 bytes .../microsoft-defender-atp/images/NGP.png | 0 .../images/TVM_icon.png | Bin 1060 -> 1060 bytes 7 files changed, 5 insertions(+), 6 deletions(-) create mode 100644 windows/security/threat-protection/microsoft-defender-atp/images/AIR.png create mode 100644 windows/security/threat-protection/microsoft-defender-atp/images/ASR.png create mode 100644 windows/security/threat-protection/microsoft-defender-atp/images/EDR.png create mode 100644 windows/security/threat-protection/microsoft-defender-atp/images/MTE.png create mode 100644 windows/security/threat-protection/microsoft-defender-atp/images/NGP.png diff --git a/windows/security/threat-protection/index.md b/windows/security/threat-protection/index.md index 014429c82a..6e17affb80 100644 --- a/windows/security/threat-protection/index.md +++ b/windows/security/threat-protection/index.md @@ -23,12 +23,11 @@ ms.topic: conceptual - - - - - - + + + + + - @@ -137,6 +137,9 @@ This table provides info about the most common problems you might encounter whil > [!NOTE] > When corporate data is written to disk, WIP uses the Windows-provided Encrypting File System (EFS) to protect it and associate it with your enterprise identity. One caveat to keep in mind is that the Preview Pane in File Explorer will not work for encrypted files. +> [!NOTE] +> Chromium-based versions of Microsoft Edge (versions since 79) don't fully support WIP yet. The functionality could be partially enabled by going to page **edge://flags/#edge-dataprotection** and setting the **Windows Information Protection** flag to **enabled**. + > [!NOTE] > Help to make this topic better by providing us with edits, additions, and feedback. For info about how to contribute to this topic, see [Contributing to our content](https://github.com/Microsoft/windows-itpro-docs/blob/master/CONTRIBUTING.md). From b24c33be48d8be92f7b486a1bbf4bb49aca85b9f Mon Sep 17 00:00:00 2001 From: MaratMussabekov <48041687+MaratMussabekov@users.noreply.github.com> Date: Mon, 10 Feb 2020 09:40:32 +0500 Subject: [PATCH 023/112] Update windows/security/information-protection/windows-information-protection/limitations-with-wip.md Co-Authored-By: Trond B. Krokli <38162891+illfated@users.noreply.github.com> --- .../windows-information-protection/limitations-with-wip.md | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/windows/security/information-protection/windows-information-protection/limitations-with-wip.md b/windows/security/information-protection/windows-information-protection/limitations-with-wip.md index 5bae273ed2..8b5a188647 100644 --- a/windows/security/information-protection/windows-information-protection/limitations-with-wip.md +++ b/windows/security/information-protection/windows-information-protection/limitations-with-wip.md @@ -138,8 +138,7 @@ This table provides info about the most common problems you might encounter whil > When corporate data is written to disk, WIP uses the Windows-provided Encrypting File System (EFS) to protect it and associate it with your enterprise identity. One caveat to keep in mind is that the Preview Pane in File Explorer will not work for encrypted files. > [!NOTE] -> Chromium-based versions of Microsoft Edge (versions since 79) don't fully support WIP yet. The functionality could be partially enabled by going to page **edge://flags/#edge-dataprotection** and setting the **Windows Information Protection** flag to **enabled**. +> Chromium-based versions of Microsoft Edge (versions since 79) don't fully support WIP yet. The functionality could be partially enabled by going to the local page **edge://flags/#edge-dataprotection** and setting the **Windows Information Protection** flag to **enabled**. > [!NOTE] > Help to make this topic better by providing us with edits, additions, and feedback. For info about how to contribute to this topic, see [Contributing to our content](https://github.com/Microsoft/windows-itpro-docs/blob/master/CONTRIBUTING.md). - From e1313224be82bf6bbd7ae8854dddc04b78eac24d Mon Sep 17 00:00:00 2001 From: MaratMussabekov <48041687+MaratMussabekov@users.noreply.github.com> Date: Mon, 10 Feb 2020 14:20:52 +0500 Subject: [PATCH 024/112] Update apply-hotfix-for-mbam-25-sp1.md --- mdop/mbam-v25/apply-hotfix-for-mbam-25-sp1.md | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/mdop/mbam-v25/apply-hotfix-for-mbam-25-sp1.md b/mdop/mbam-v25/apply-hotfix-for-mbam-25-sp1.md index 3ed2c2c111..6cea5686e6 100644 --- a/mdop/mbam-v25/apply-hotfix-for-mbam-25-sp1.md +++ b/mdop/mbam-v25/apply-hotfix-for-mbam-25-sp1.md @@ -19,7 +19,10 @@ author: shortpatti This topic describes the process for applying the hotfixes for Microsoft BitLocker Administration and Monitoring (MBAM) Server 2.5 SP1 ### Before you begin, download the latest hotfix of Microsoft BitLocker Administration and Monitoring (MBAM) Server 2.5 SP1 -[Desktop Optimization Pack](https://www.microsoft.com/download/details.aspx?id=58345) +[Desktop Optimization Pack](https://www.microsoft.com/download/details.aspx?id=57157) + +> [!NOTE] +> For more information about the hotfix releases, see [MBAM version chart](https://docs.microsoft.com/archive/blogs/dubaisec/mbam-version-chart). #### Steps to update the MBAM Server for existing MBAM environment 1. Remove MBAM server feature (do this by opening the MBAM Server Configuration Tool, then selecting Remove Features). From 6744f7592a2497ff66be12e4670008743d852cda Mon Sep 17 00:00:00 2001 From: John Kaiser <35939694+CoveMiner@users.noreply.github.com> Date: Mon, 10 Feb 2020 09:16:25 -0800 Subject: [PATCH 025/112] Formatting fixes --- devices/surface-hub/surface-hub-2s-recover-reset.md | 2 ++ devices/surface/windows-autopilot-and-surface-devices.md | 3 +++ 2 files changed, 5 insertions(+) diff --git a/devices/surface-hub/surface-hub-2s-recover-reset.md b/devices/surface-hub/surface-hub-2s-recover-reset.md index af763b9e26..1f0e98f92b 100644 --- a/devices/surface-hub/surface-hub-2s-recover-reset.md +++ b/devices/surface-hub/surface-hub-2s-recover-reset.md @@ -23,8 +23,10 @@ To begin, sign in to Surface Hub 2S with admin credentials, open the **Settings* 1. To reset the device, select **Get Started**. 2. When the **Ready to reset this device** window appears, select **Reset**. + >[!NOTE] >Surface Hub 2S reinstalls the operating system from the recovery partition. This may take up to one hour to complete. + 3. To reconfigure the device, run the first-time Setup program. 4. If you manage the device using Microsoft Intune or another mobile device management solution, retire and delete the previous record, and then re-enroll the new device. For more information, see [Remove devices by using wipe, retire, or manually unenrolling the device](https://docs.microsoft.com/intune/devices-wipe). diff --git a/devices/surface/windows-autopilot-and-surface-devices.md b/devices/surface/windows-autopilot-and-surface-devices.md index 1c8eaa3c06..2ad84a094e 100644 --- a/devices/surface/windows-autopilot-and-surface-devices.md +++ b/devices/surface/windows-autopilot-and-surface-devices.md @@ -25,11 +25,13 @@ Windows Autopilot-registered devices are identified over the Internet at first s You can register Surface devices at the time of purchase from a Surface partner that's enabled for Windows Autopilot. These partners can ship new devices directly to your users. The devices will be automatically enrolled and configured when they are first turned on. This process eliminates reimaging during deployment, which lets you implement new, agile methods of device management and distribution. ## Modern management + Autopilot is the recommended deployment option for Surface devices, including Surface Pro 7, Surface Laptop 3, and Surface Pro X, which is specifically designed for deployment through Autopilot. It's best to enroll your Surface devices with the help of a Microsoft Cloud Solution Provider. This step allows you to manage UEFI firmware settings on Surface directly from Intune. It eliminates the need to physically touch devices for certificate management. See [Intune management of Surface UEFI settings](surface-manage-dfci-guide.md) for details. ## Windows version considerations + Broad deployment of Surface devices through Windows Autopilot, including enrollment by Surface partners at the time of purchase, requires Windows 10 Version 1709 (Fall Creators Update) or later. These Windows versions support a 4,000-byte (4k) hash value that uniquely identifies devices for Windows Autopilot, which is necessary for deployments at scale. All new Surface devices, including Surface Pro 7, Surface Pro X, and Surface Laptop 3, ship with Windows 10 Version 1903 or later. @@ -53,6 +55,7 @@ Surface partners that are enabled for Windows Autopilot include: - [Techdata](https://www.techdata.com/) ## Learn more + For more information about Windows Autopilot, see: - [Overview of Windows Autopilot](https://docs.microsoft.com/windows/deployment/windows-autopilot/windows-10-autopilot) - [Windows Autopilot requirements](https://docs.microsoft.com/windows/deployment/windows-autopilot/windows-autopilot-requirements) \ No newline at end of file From a1433fe3e57745af86702128cd18c8b116d50606 Mon Sep 17 00:00:00 2001 From: Payge Winfield Date: Mon, 10 Feb 2020 10:30:14 -0800 Subject: [PATCH 026/112] test --- devices/hololens/hololens-commercial-infrastructure.md | 1 + 1 file changed, 1 insertion(+) diff --git a/devices/hololens/hololens-commercial-infrastructure.md b/devices/hololens/hololens-commercial-infrastructure.md index ad23e185ee..f44740003c 100644 --- a/devices/hololens/hololens-commercial-infrastructure.md +++ b/devices/hololens/hololens-commercial-infrastructure.md @@ -17,6 +17,7 @@ appliesto: --- # Configure Your Network +test This portion of the document will require the following people: 1. Network Admin with permissions to make changes to the proxy/firewall From 83b20f9ef31c3d7d29b97d599e28fc66e1b4df90 Mon Sep 17 00:00:00 2001 From: Payge Winfield Date: Mon, 10 Feb 2020 10:31:57 -0800 Subject: [PATCH 027/112] condensed --- .../hololens-commercial-infrastructure.md | 164 +++++++++++++----- 1 file changed, 118 insertions(+), 46 deletions(-) diff --git a/devices/hololens/hololens-commercial-infrastructure.md b/devices/hololens/hololens-commercial-infrastructure.md index f44740003c..d37b307909 100644 --- a/devices/hololens/hololens-commercial-infrastructure.md +++ b/devices/hololens/hololens-commercial-infrastructure.md @@ -16,99 +16,171 @@ appliesto: - HoloLens 2 --- -# Configure Your Network -test +# Configure Your Network for HoloLens This portion of the document will require the following people: -1. Network Admin with permissions to make changes to the proxy/firewall -2. Azure Active Directory Admin -3. Mobile Device Manager Admin -4. Teams admin for Remote Assist only + +1. Network Admin with permissions to make changes to the proxy/firewall +2. Azure Active Directory Admin +3. Mobile Device Manager Admin ## Infrastructure Requirements +HoloLens is, at its core, a Windows mobile device integrated with Azure. It works best in commercial environments with wireless network availability (wi-fi) and access to Microsoft services. + +Critical cloud services include: + +- Azure active directory (AAD) +- Windows Update (WU) + +Commercial customers will need enterprise mobility management (EMM) or mobile device management (MDM) infrastructure to manage HoloLens devices at scale. This guide uses [Microsoft Intune](https://www.microsoft.com/enterprise-mobility-security/microsoft-intune) as an example, though any provider with full support for Microsoft Policy can support HoloLens. Ask your mobile device management provider if they support HoloLens 2. + +HoloLens does support a limited set of cloud disconnected experiences. + +### Wireless network EAP support + +- PEAP-MS-CHAPv2 +- PEAP-TLS +- TLS +- TTLS-CHAP +- TTLS-CHAPv2 +- TTLS-MS-CHAPv2 +- TTLS-PAP +- TTLS-TLS + ### HoloLens Specific Network Requirements + Make sure that these ports and URLs are allowed on your network firewall. This will enable HoloLens to function properly. The latest list can be found [here](hololens-offline.md). ### Remote Assist Specific Network Requirements -1. The recommended bandwidth for optimal performance of Remote Assist is 1.5Mbps. Detailed network requirements and additional information can be found [here](https://docs.microsoft.com/MicrosoftTeams/prepare-network). +1. The recommended bandwidth for optimal performance of Remote Assist is 1.5Mbps. Detailed network requirements and additional information can be found [here](https://docs.microsoft.com/MicrosoftTeams/prepare-network). **Please note, if you don’t network have network speeds of at least 1.5Mbps, Remote Assist will still work. However, quality may suffer.** 1. Make sure that these ports and URLs are allowed on your network firewall. This will enable Microsoft Teams to function. The latest list can be found [here](https://docs.microsoft.com/office365/enterprise/urls-and-ip-address-ranges#skype-for-business-online-and-microsoft-teams). ### Guides Specific Network Requirements + Guides only require network access to download and use the app. ## Azure Active Directory Guidance -This step is only necessary if your company plans on managing the HoloLens and mixed reality apps. -### 1. Ensure that you have an Azure AD License. +>[!NOTE] +>This step is only necessary if your company plans on managing the HoloLens and mixed reality apps. + +1. Ensure that you have an Azure AD License. Please [HoloLens Licenses Requirements](hololens-licenses-requirements.md)for additional information. -### 2. Ensure that your company’s users are in Azure Active Directory (Azure AD). +1. If you plan on using Auto Enrollment, you will have to [Configure Azure AD enrollment.](https://docs.microsoft.com/intune/deploy-use/.set-up-windows-device-management-with-microsoft-intune#azure-active-directory-enrollment) + +1. Ensure that your company’s users are in Azure Active Directory (Azure AD). Instructions for adding users can be found [here](https://docs.microsoft.com/azure/active-directory/fundamentals/add-users-azure-active-directory). -### 3. We suggest that users who will be need similar licenses are added to a group. -1. [Create a Group](https://docs.microsoft.com/azure/active-directory/fundamentals/active-directory-groups-create-azure-portal) +1. We suggest that users who will be need similar licenses are added to a group. + 1. [Create a Group](https://docs.microsoft.com/azure/active-directory/fundamentals/active-directory-groups-create-azure-portal) + 1. [Add users to groups](https://docs.microsoft.com/azure/active-directory/fundamentals/active-directory-groups-members-azure-portal) -2. [Add users to groups](https://docs.microsoft.com/azure/active-directory/fundamentals/active-directory-groups-members-azure-portal) - -### 4. Ensure that your company’s users (or group of users) are assigned the necessary licenses. +1. Ensure that your company’s users (or group of users) are assigned the necessary licenses. Directions for assigning licenses can be found [here](https://docs.microsoft.com/azure/active-directory/fundamentals/license-users-groups). -### 5. **IMPORTANT:** Only do this step if users are expected to enroll their HoloLens/Mobile device onto the network. +1. Only do this step if users are expected to enroll their HoloLens/Mobile device into you (There are three options) These steps ensure that your company’s users (or a group of users) can add devices. -1. Option 1: Give all users permission to join devices to Azure AD. + 1. **Option 1:** Give all users permission to join devices to Azure AD. **Sign in to the Azure portal as an administrator** > **Azure Active Directory** > **Devices** > **Device Settings** > **Set Users may join devices to Azure AD to *All*** -1. Option 2: Give selected users/groups permission to join devices to Azure AD + 1. **Option 2:** Give selected users/groups permission to join devices to Azure AD **Sign in to the Azure portal as an administrator** > **Azure Active Directory** > **Devices** > **Device Settings** > **Set Users may join devices to Azure AD to *Selected*** ![Image that shows Configuration of Azure AD Joined Devices](images/azure-ad-image.png) -1. Option 3: You can block all users from joining their devices to the domain. This means that all devices will need to be manually enrolled by your IT department. + 1. **Option 3:** You can block all users from joining their devices to the domain. This means that all devices will need to be manually enrolled. -## Mobile Device Manager Admin Steps +## Mobile Device Manager Guidance -### Scenario 1: Kiosk Mode -As a note, auto-launching an app does not currently work for HoloLens. +### Ongoing device management -How to Set Up Kiosk Mode Using Microsoft Intune. -#### 1. Sync Microsoft Store to Intune ([Here](https://docs.microsoft.com/intune/apps/windows-store-for-business)) +>[!NOTE] +>This step is only necessary if your company plans on managing the HoloLens and mixed reality apps. +Ongoing device management will depend on your mobile device management infrastructure. Most have the same general functionality but the user interface may vary widely. -#### 2. Check your app settings +1. [CSPs (Configuration Service Providers)](https://docs.microsoft.com/windows/client-management/mdm/configuration-service-provider-reference#csps-supported-in-hololens-devices) allows you to create and deploy management settings for the devices on your network. Some CSPs are supported by HoloLens devices. (See the list of CSPs for HoloLens [here](https://docs.microsoft.com/windows/client-management/mdm/configuration-service-provider-reference#csps-supported-in-hololens-devices)). -1. Log into your Microsoft Store Business account -1. **Manage** > **Products and Services** > **Apps and Software** > **Select the app you want to sync** > **Private Store Availability** > **Select “Everyone” or “Specific Groups”** -1. If you do not see your apps in **Intune** > **Client Apps** > **Apps** , you may have to [sync your apps](https://docs.microsoft.com/intune/apps/windows-store-for-business#synchronize-apps) again. +1. [Compliance policies](https://docs.microsoft.com/intune/device-compliance-get-started) are rules and settings that devices must meet to be compliant in your corporate infrastructure. Use these policies with Conditional Access to block access to company resources for devices that are non-compliant. For example, you can create a policy that requires Bitlocker be enabled. -#### 3. Configuring Kiosk Mode using MDM +1. [Create Compliance Policy](https://docs.microsoft.com/intune/protect/compliance-policy-create-windows). -Information on configuring Kiosk Mode in Intune can be found [here](https://docs.microsoft.com/hololens/hololens-kiosk#set-up-kiosk-mode-using-microsoft-intune-or-mdm-windows-10-version-1803) +1. Conditional Access allows/denies mobile devices and mobile applications from accessing company resources. Two documents you may find helpful are [Plan your CA Deployment](https://docs.microsoft.com/azure/active-directory/conditional-access/plan-conditional-access) and [Best Practices](https://docs.microsoft.com/azure/active-directory/conditional-access/best-practices). + +1. [This article](https://docs.microsoft.com/intune/fundamentals/windows-holographic-for-business) talks about Intune's management tools for HoloLens. + +1. [Create a device profile](https://docs.microsoft.com/intune/configuration/device-profile-create) + +### Manage updates + +Intune includes a feature called Update rings for Windows 10 devices, including HoloLens 2 and HoloLens v1 (with Holographic for Business). Update rings include a group of settings that determine how and when updates are installed. + +For example, you can create a maintenance window to install updates, or choose to restart after updates are installed. You can also choose to pause updates indefinitely until you're ready to update. + +Read more about [configuring update rings with Intune](https://docs.microsoft.com/intune/windows-update-for-business-configure). + +### Application management + +Manage HoloLens applications through: + +1. Microsoft Store + The Microsoft Store is the best way to distribute and consume applications on HoloLens. There is a great set of core HoloLens applications already available in the store or you can [publish your own](https://docs.microsoft.com/windows/uwp/publish/). + All applications in the store are available publicly to everyone, but if it isn't acceptable, checkout the Microsoft Store for Business. + +1. [Microsoft Store for Business](https://docs.microsoft.com/microsoft-store/) + Microsoft Store for Business and Education is a custom store for your corporate environment. It lets you use the Microsoft Store built into Windows 10 and HoloLens to find, acquire, distribute, and manage apps for your organization. It also lets you deploy apps that are specific to your commercial environment but not to the world. + +1. Application deployment and management via Intune or another mobile device management solution + Most mobile device management solutions, including Intune, provide a way to deploy line of business applications directly to a set of enrolled devices. See this article for [Intune app install](https://docs.microsoft.com/intune/apps-deploy). + +1. _not recommended_ Device Portal + Applications can also be installed on HoloLens directly using the Windows Device Portal. This isn't recommended since Developer Mode has to be enabled to use the device portal. + +Read more about [installing apps on HoloLens](https://docs.microsoft.com/hololens/hololens-install-apps). + +### Certificates + +You can distribute certifcates through your MDM provider. If your company requires certificates, Intune supports PKCS, PFX, and SCEP. It is important to understand which certificate is right for your company. Please visit [here](https://docs.microsoft.com/intune/protect/certificates-configure) to determine which cert is best for you. If you plan to use certs for HoloLens Authentication, PFX or SCEP may be right for you. + +Steps for SCEP can be found [here](https://docs.microsoft.com/intune/protect/certificates-profile-scep). + +### How to Upgrade to Holographics for Business Commercial Suite + +>[!NOTE] +>Windows Holographics for Business (commercial suite) is only intended for HoloLens 1st gen devices. The profile will not be applied to HoloLens 2 devices. + +Directions for upgrading to the commercial suite can be found [here](https://docs.microsoft.com/intune/configuration/holographic-upgrade). + +### How to Configure Kiosk Mode Using Microsoft Intune + +1. Sync Microsoft Store to Intune ([Here](https://docs.microsoft.com/intune/apps/windows-store-for-business)). + +1. Check your app settings + 1. Log into your Microsoft Store Business account + 1. **Manage** > **Products and Services** > **Apps and Software** > **Select the app you want to sync** > **Private Store Availability** > **Select “Everyone” or “Specific Groups”* + 1. If you do not see your apps in **Intune** > **Client Apps** > **Apps** , you may have to [sync your apps](https://docs.microsoft.com/intune/apps/windows-store-for-business#synchronize-apps) again. + +1. [Create a device profile for Kiosk mode](https://docs.microsoft.com/intune/configuration/kiosk-settings#create-the-profile) >[!NOTE] >You can configure different users to have different Kiosk Mode experiences by using “Azure AD” as the “User logon type”. However, this option is only available in Multi-App kiosk mode. Multi-App kiosk mode will work with only one app as well as multiple apps. ![Image that shows Configuration of Kiosk Mode in Intune](images/aad-kioskmode.png) -If you are configuring Kiosk Mode on an MDM other than Intune, please check your MDM provider's documentation. - -## Additional Intune Quick Links - -1. [Create Profiles:](https://docs.microsoft.com/intune/configuration/device-profile-create) Profiles allow you to add and configure settings that will be pushed to the devices in your organization. - -1. [CSPs (Configuration Service Providers)](https://docs.microsoft.com/windows/client-management/mdm/configuration-service-provider-reference#csps-supported-in-hololens-devices) allows you to create and deploy management settings for the devices on your network. Some CSPs are supported by HoloLens devices. (See the list of CSPs for HoloLens [here](https://docs.microsoft.com/windows/client-management/mdm/configuration-service-provider-reference#csps-supported-in-hololens-devices). - -1. [Create Compliance Policy](https://docs.microsoft.com/intune/protect/create-compliance-policy) - -1. Conditional Access allows/denies mobile devices and mobile applications from accessing company resources. Two documents you may find helpful are [Plan your CA Deployment](https://docs.microsoft.com/azure/active-directory/conditional-access/plan-conditional-access) and [Best Practices](https://docs.microsoft.com/azure/active-directory/conditional-access/best-practices). +For other MDM services, check your provider's documentation for instructions. If you need to use a custom setting and full XML configuration to set up a kiosk in your MDM service, additional directions can be found [here](hololens-kiosk.md#set-up-kiosk-mode-using-microsoft-intune-or-mdm-windows-10-version-1803) ## Certificates and Authentication -### MDM Certificate Distribution -If your company requires certificates, Intune supports PKCS, PFX, and SCEP. It is important to understand which certificate is right for your company. Please visit [here](https://docs.microsoft.com/intune/protect/certificates-configure) to determine which cert is best for you. If you plan to use certs for HoloLens Authentication, PFX or SCEP may be right for you. -Steps for SCEP can be found [here](https://docs.microsoft.com/intune/protect/certificates-profile-scep). +Certificates can be deployed via you MDM (see "certificates" in the [MDM Section](hololens-commercial-infrastructure.md#mobile-device-manager-guidance##)). Certificates can also be deployed to the HoloLens through package provisioning. Please see [HoloLens Provisioning](hololens-provisioning.md) for additional information. -### Device Certificates -Certificates can also be added to the HoloLens through package provisioning. Please see [HoloLens Provisioning](hololens-provisioning.md) for additional information. +### Additional Intune Quick Links + +1. [Create Profiles:](https://docs.microsoft.com/intune/configuration/device-profile-create) Profiles allow you to add and configure settings that will be pushed to the devices in your organization. + +## Next (Optional) Step: [Configure HoloLens using a provisioning package](hololens-provisioning.md) + +## Next Step: [Enroll your device](hololens-enroll-mdm.md) \ No newline at end of file From 8e2947a31e76310bbd6a9644015dda2f5f2008c1 Mon Sep 17 00:00:00 2001 From: Payge Winfield Date: Mon, 10 Feb 2020 10:35:00 -0800 Subject: [PATCH 028/112] Added new links and reorganized content --- devices/hololens/hololens-provisioning.md | 62 ++++++++++------------- 1 file changed, 27 insertions(+), 35 deletions(-) diff --git a/devices/hololens/hololens-provisioning.md b/devices/hololens/hololens-provisioning.md index b22a4ef671..5f3e8b7bd2 100644 --- a/devices/hololens/hololens-provisioning.md +++ b/devices/hololens/hololens-provisioning.md @@ -14,46 +14,47 @@ manager: dansimp # Configure HoloLens using a provisioning package +[Windows provisioning](https://docs.microsoft.com/windows/configuration/provisioning-packages/provisioning-packages) makes it easy for IT administrators to configure end-user devices without imaging. Windows Configuration Designer is a tool for configuring images and runtime settings which are then built into provisioning packages. +Some of the HoloLens configurations that you can apply in a provisioning package: -[Windows provisioning](https://docs.microsoft.com/windows/configuration/provisioning-packages/provisioning-packages) makes it easy for IT administrators to configure end-user devices without imaging. Windows Configuration Designer is a tool for configuring images and runtime settings which are then built into provisioning packages. - -Some of the HoloLens configurations that you can apply in a provisioning package: -- Upgrade to Windows Holographic for Business +- Upgrade to Windows Holographic for Business [here](hololens1-upgrade-enterprise.md) - Set up a local account - Set up a Wi-Fi connection - Apply certificates to the device - -To create provisioning packages, you must install Windows Configuration Designer [from Microsoft Store](https://www.microsoft.com/store/apps/9nblggh4tx22) or [from the Windows Assessment and Deployment Kit (ADK) for Windows 10](https://developer.microsoft.com/windows/hardware/windows-assessment-deployment-kit). If you install Windows Configurations Designer from the Windows ADK, select **Configuration Designer** from the **Select the features you want to install** dialog box. - - - - -## Create a provisioning package for HoloLens using the HoloLens wizard +- Enable Developer Mode +- Configure Kiosk mode (Detailed instructions for configuring kiosk mode can be found [here](hololens-kiosk.md#setup-kiosk-mode-using-a-provisioning-package-windows-10-version-1803). The HoloLens wizard helps you configure the following settings in a provisioning package: - Upgrade to the enterprise edition >[!NOTE] - >Settings in a provisioning package will only be applied if the provisioning package includes an edition upgrade license to Windows Holographic for Business or if [the device has already been upgraded to Windows Holographic for Business](hololens1-upgrade-enterprise.md). + > This should only be used for HoloLens 1st Gen devices. Settings in a provisioning package will only be applied if the provisioning package includes an edition upgrade license to Windows Holographic for Business or if [the device has already been upgraded to Windows Holographic for Business](hololens1-upgrade-enterprise.md). - Configure the HoloLens first experience (OOBE) -- Configure Wi-Fi network +- Configure Wi-Fi network - Enroll device in Azure Active Directory or create a local account - Add certificates - Enable Developer Mode +- Configure kiosk mode. (Detailed instructions for configuring kiosk mode can be found [here](hololens-kiosk.md#setup-kiosk-mode-using-a-provisioning-package-windows-10-version-1803)). >[!WARNING] >You must run Windows Configuration Designer on Windows 10 to configure Azure Active Directory enrollment using any of the wizards. -Provisioning packages can include management instructions and policies, customization of network connections and policies, and more. +Provisioning packages can include management instructions and policies, customization of network connections and policies, and more. > [!TIP] > Use the desktop wizard to create a package with the common settings, then switch to the advanced editor to add other settings, apps, policies, etc. +## Steps for Creating Provisioning Packages -### Create the provisioning package +### 1. Install Windows Configuration Designer on your PC. (There are two ways to do this). + +1. **Option 1:** [From Microsoft Store](https://www.microsoft.com/store/apps/9nblggh4tx22) +2. **Option 2:** [From the Windows Assessment and Deployment Kit (ADK) for Windows 10](https://developer.microsoft.com/windows/hardware/windows-assessment-deployment-kit). If you install Windows Configurations Designer from the Windows ADK, select **Configuration Designer** from the **Select the features you want to install** dialog box. + +### 2. Create the Provisioning Package Use the Windows Configuration Designer tool to create a provisioning package. @@ -61,9 +62,9 @@ Use the Windows Configuration Designer tool to create a provisioning package. 2. Click **Provision HoloLens devices**. - ![ICD start options](images/icd-create-options-1703.png) + ![ICD start options](images/icd-create-options-1703.png) -3. Name your project and click **Finish**. +3. Name your project and click **Finish**. 4. Read the instructions on the **Getting started** page and select **Next**. The pages for desktop provisioning will walk you through the following steps. @@ -72,7 +73,6 @@ Use the Windows Configuration Designer tool to create a provisioning package. ### Configure settings -

Threat & Vulnerability Management

Attack surface reduction

Next generation protection

Endpoint detection and response

Automated investigation and remediation

Secure score

Microsoft Threat Experts

Attack surface reduction

Next generation protection

Endpoint detection and response

Automated investigation and remediation

Microsoft Threat Experts
diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/AIR.png b/windows/security/threat-protection/microsoft-defender-atp/images/AIR.png new file mode 100644 index 0000000000000000000000000000000000000000..985e3e44296b98bf3d0853334e2fdc847a1b9bf0 GIT binary patch literal 2290 zcmXw)3pms58^?dj%dDS6qQ=l@Ayob`?IOylw&V~Z)#T9FG8;2YIlNYA%W?kr&q9br zMHKQX^3EX^tGp`7p?5{S(wxuo|LK4IpX<7x`?@~&_j#`8zMlKJAGVvz2}QUj8~^}C zJkG%#@^+gB+XBrLi@X-dDTLvCA^>39j!lyR@^2v^D9^w#;+4F;Yg$5J3B|G)K-^gtpozj1Bi|1x`8Xeg1&02W^6Ze}XCDf1*VC`91yk2eO; zx@UL?TTfEr1W^FqaC<48VkNH2-%PHak3JA))9tAHJB&Ckp)FUk=CTV24y5i7G*)BU2E zz>MJJ+>^1ih{zw-peS=H=(-^Z9{@^13>VD*JImgEYHpy<~evr=YwXp2QlU99OwM9^;d1Wo0EU zIy&;|mERLf3HeSRnTy`Fb7z>=VcseJWUa{~6DJi1S65e4ggL)Q&IrTpn0QyckCR_i zlt<*DZV-rQe1Ol}FZ3k4;y!^Zvg`vwlZ86v>MHK-ePbSK!S_cTIH(M$$hJzR9rU(W zzq>aAY$d%Ei(Oq@#%5z!C^xk;BUutGB6&SN0jm{dS#X8&$}x~kW}~}2jfjVMreL2b ztJdFSrxT4PZHyQX(|Q-gKCX#GA~SX$jbHe#0UX;1Qg_UfJn87@2*Z9~T*aiiVHEM) zfSUK&2Ckg;lD|)3NJHu@6ad89Ttusqsnn`UTBNyqg&LkaK#Ag;VN^^+C5DBu3Wv^|0J#3oRnY4nn34jhgO>^D46Q=Y4cX8J2N2MV*q0>gtBGCNLHNkn(%K(7!P(3tVUv zis77*(hbQIG#>bUCLo7=cOwE6Vzttno0~lZE|YVATJU=&qvW?F2Gk%jIs;?8J;GoxD~hJiCycdNt)nkq z;2f3sVNFA&rKQ^1+Mw`jLo1*O3g_nLKqV!w!R?*XSy@ma32X1WAm`qU#x$3e5lJN6 z`RME}#_|mDX1gAzM8}Nr+U?eSnNwaRoYGKSUvHtxo;p(9sY)=%rd!3YG0#kk-!m81 zr@z;CR8>_$m&fs~1LqD@9z)&sT?$SRtxtdYAh`H|u->O9-)tRqT5W!H{ffSWmEvhN zZKV?-A@@!$U;G(3?|tzz3JGsjIY?F3j3tXeL;MLLitqBexM1d|22c&_l1+n(i=fx}1FBX(BWqRwgkQ>DFeTI8Yu z3Mm%+poFpz+IMiTz8RRa+#7B&EuP;!a_)MVY(U#9g~5UvFL21Z76r4LEqSA!O6kkL z@Tq07Db>*SQPEO*V;GF}BY|*5+LvH!2!^}g?wM(q*D-D$&)DHuQ;CZ=ek_&)h33w* z_$~P6pFRuo@D|@K(w|ZO*RscIzbnVL0B8->I}7@Mi!z>8sta)%kAzb+I!hv0B$L)(>ylwN+eOv6!7c(Uxx(h^fY`*nZ}3k1RcoYJ?(Pj{RDbv*=|ZU#oIE=-=t&>=5X zQyZG@-3zI9YBUk4Yj~9>`XfZO>Ro<_WE2d~ZJ-X77#bCcz16E078j+Onw*lm=x^Q8 z-Z^Wj$4hI@rjA2>%hQVsV})53K&5oKP7mg8l;h>)^^v+bH8tg{Ef5HHA7T2{{Tyrz z&9#A^6wfTUyD6});%lspEBDeNo`Z@*+O<5Q27uy}9I}DV4QD{3+FTzP9qZvI*~th^ z%jgq}t9!C=P@0aB{pxbuF0|umkx114wo`5DNW$kASx_UEM*113ve|3}SzD;tAH48n zbavS@{X!&94lp${+mUwMsm#4jAqvJK*lD!4z)De3aeaOL%({M>iw`X!@Kq2$lu(5a5SNvgW(!U}-Z?+%8 zVwsa4FncXkWs6fyJHrh*A10#;Vg?_W{`}^omv!6FC{HxW=mvno@tnguLqkL5jE3@3 za4eKV>1!U3*JFV0zPU@#rvXpuW}feP-x=(mWM>=msuVi_<>h90>3-2ro6Q@y%#&rR z?6!eN!9&!=pX7mP%?)j>=Cva@?49t;Fq{PS3E831`ti(#eK(=69l$%fI8@pBvHlBl CBq+TA literal 0 HcmV?d00001 diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/ASR.png b/windows/security/threat-protection/microsoft-defender-atp/images/ASR.png new file mode 100644 index 0000000000000000000000000000000000000000..bf649e87ec76d53d39bfc5e9e7b17b4362600569 GIT binary patch literal 1544 zcmY+E2{7AP9LN98#GTb+|Egm|Evh!6m)1Ip#F@G)jv^6JR}+m;T}+(OII8PxQ)DSC zvY|y=rHh0*YC~34Y^b)XdMssHC97My|8!?}X5Y;3{boMj?|W~4@4fl4e7sz>)c2?Z z0HEdWhVg^4lRV&x(426zst-zPiEhD30HCo$9tr@v8iXK>?tT&rd!Yyib}MQwoIddd zVT0(7$@Ca14QOr^xj{&i4j~LViA0M{q{mVzzz#L!K8UN!xidBK0xkAT3?1O>h-@IL z{e{xVM7hf%VThOaI!Osb|lUDRf{%R4K1iRc;H2r6-U9?#e?` z08pNE$2bPWWW8mJJrB8p!qzcy{D z&&R{E=lj=f;k=9W`P_+sPYQJx4NpyEOMVNAJ*+>rGX4SGy?WFt-jA`|TWV>X5X~go zuZa$c%dTRJtWrPc)ffmCxViHt73jwey3A`IoY2ZmFaSV1IB?vI%^Hh~i)(6Xy0lVK zQrK)Zdi=XLtv6k44IFH2Y;0|D#=2d%Ct~O{8jVO4{shAZIhPu{mzp(pt@X6EeZ|6< zo0~_rfkSsYJF5_-vpEO&S%~L4<$m!OEOu+;542m5iu6cTRaKh@PvC=cNQSw5aCUZ9 zLqo%$1V-ZX;tUa>o?h4F&SxR<%PTA6V`Hp(H@NSq+r7O{mc$TqrEm7*9-2UR>K88XoQmry_ff zvmB{bxTnv~IZxi=@pzror@Kc0?MNThXaw3y#Hlw!Sz78dv%Wp3Ij|~&DP}!>Qr)3? zqLO;WD7U(%W^myhpU}kP4KJM2QzgBuk1TrAJwA}likc%{s3U@#kLMm>$&sl&;T*B4 zyY9VRK$M+QX6w>sN_ajRflhs;Z)ayWH#aBnwBT46do)}8dVb^83$OK%-Uq68VGa$} z!~8n`jYTn|vhd0i+|f?)TWfM@CS&i`U61`{k8JX?%yJ^`Y-gpL-cVJ_OP6itKa0~u zT|@5S<4peS({C$2{R7wG^f#K;&HwvH1)eVSQ2~MQqAzC%P&tDr;XX(IqKoo}kATli zb}i}%C^Xxe-oLzM)lS&3RZdg!fntSj6@rKzrX%Zfjj;Z;u3 z&q=re@ZW1QG6K9ZXO5&ANr@m+p>lyTa=d?}!bM?kqE={;R4Oei+u>g7a|sZnOAfbm zbab?}z3UoE&tFDEcPti*H?y#mmS8R~E-7iPtf-YBCBE*ieGtXhV0k-qmITLu%(1b7 zwGr)opr%A3dGBe6qGa{-*o956u9v-fWCwQTEiElgPfuU+W>i8o1_lQ9&!dsKX?N1X z_a88#V6IP0O`XE}BAl+`hE`>q+S)jF^x5nFs(V!43YW$Rct!K{O7+2@(9lARQ8lu{ zBN-ZWIu3`6I`VVC$Tgh?SJv}_{L9(X9*!V%lBcJqiE~<7+WGU=eR`uI_y|Ve=2TPf za6x9fPmHUKlt7`NP^i&%k>1SA%*T%(flNR4ypocz)ku$zKd@JO?YoTt^C?Jw z`cxc0mbjuSZRw3VsK>&M9BUd7T3K! literal 0 HcmV?d00001 diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/EDR.png b/windows/security/threat-protection/microsoft-defender-atp/images/EDR.png new file mode 100644 index 0000000000000000000000000000000000000000..8c750dee42d30ddfec3de18c93b744645f462904 GIT binary patch literal 1589 zcmXxkdpy%?90%}cuG`8bQ=H|Vh|pGXTDc|HqOvA;C02g54Kq1(I=Pigi6+IGmxEE$ zP`Q`u- zRTue!E68?|-BqrvAYwcN;{aHJk}nuwFm+|9O7rq@Qyo`;1D(xVj6(u$5;Hi9Eyt|h0CH;(9~L=D`U8v{llpgh;j_H zt`%j-O!dF>@ze++SdgZP|Bvm8CXRGVpTUNr+03 zFb;VK`{{LX-@kK`koh8BYI*pD-wf7VKxomSS8j<|t$Z6a-P*D1ktQk!i{)R)%G!7S z1yrVi9!s;25-GM3j9!y6`F4hl*;Wd4=hiu(kcOWmmo5o#j+YBk$tj|c4Xl#uR0@v! z=^l46q1)kldfdey8bUEFvy|oQeR*qk7Tq1|+q1z;J@Xv1p#XbwcJQD1`T2)eEYmf4 zg%G32I=f8U&b9kq#~4H+*(ZLC?9L2SeLFC4YH234X}||=VRQ>({Ke(6*%m^r9QR$N zn#m8h*IS*(zwPOv^G)~ImA#mJ{yb0czWg$!nLS``kei#6Qz7*>)w+Onxii#YujxYY z^V230i4|P#8CCTBA55$ne{+QQ%lfIQDShR=j~mISl9ILyT`a1rtA&sgu;Md{ieN^3 zs>!7%3yoIj^gP0p&r1%QjZjihPS-hGBPNr{Y&|@q&WP;GUi=O{y2FvQNSt*-Qr<}u zdhg(RlsiQ>1&*=r*4t&*p^Mig4PW!Rp=1P{f$;0+mNQNerrQbrECuwm6HEgo7J~Z% zz10T%wpsUJY0nS}5v2u(83R~*uL$X98L85hdjO5dKTV4;IPNapxL6neATIYRZdJEM z&ZaYmn2ey%{$ah%%hMIejEA@~tYMSmG8x9GAJlFNMr)L?`;CAF){QY$O3Z&eF?o#Kp`|A zsMYbGb~5wtJ8m=P`T8njV~ySH%?}!_1I2ZhGGRrnq5z_Q7;c8Cs24Qy6W8!HVjHqn zDZg#>Q0N?Y;nga0g^F0$G3q4DTRj;J9kQPf`eAHd7HJYT_BG&pe<{)Pk@d^P{+nTr z5|qKH6y7)7`mGelx#Mw>?Zk~8CFOXKr1vyA^N)+4{FtM2`v!zbqfayZPUvW|+i=@D zD&le!H-*=(iKnNP_NS`@f?rO@m_#B$p-|Uss!v#L+N7Gc zvmJwUTox)5{2ItRbXTftXdG*-g-r9G9>(0QuV+==Z(d^w0t$-Zx%`1f_+E-F%O!ekR> lH~O)wS9#$ENE;=E6|e3e{8?~4Q8pccm)l;~8kfVV{{kkr({KO) literal 0 HcmV?d00001 diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/MTE.png b/windows/security/threat-protection/microsoft-defender-atp/images/MTE.png new file mode 100644 index 0000000000000000000000000000000000000000..1d5693a399b2a145e5c2d0bc3818dbd3c6dbaa41 GIT binary patch literal 2120 zcmV-O2)Fl%P)p2ml%(0x@Df00007bVXQnL3MO!Z*l;suFOaP000bh zMObu1WpiV4X>fFDZ*Bk+2_Yi@000VfMObu0Z*X~XX=iA30IUzpIsgCw4s=CWbVG7w zVRUJ4ZXk4NZDjy8_YVmG000SeMObuGZ)S9NVRB^vU2y+80000BbVXQnL}_zlY+-3_ zWpV(wz_gD5000PdMObuKVRCM1Zf5|%8|H@q000McMObuGZ*_8GWdQa6gX;hQ00?wN zSad^gZEa<4bO83umcIZ100wkLSaeirbZlh+sP57y000LQNkl?x|6_+fY5B%JzvyEDI; z&+g1`X1=oo5#j$|!ftnZR8wdettfcN)-wPpU+1r-L?!O>bj1IM~@yoapHs^Jguqd z5Myp`?$V`8oO6%I)3h)mRw|W5B60fk>3YB}<>d7&EiEOJNknXg0RRXgfk0qpX6DM3 zD-N1#MYb^v!$_r4rfJ&EMT(-_x^*j)$=GeN71_qPdGqGd(vsKfwOf%8;`Mr`rlwR? zwOhBT>|yA-e*5-q2Mm@(Q7jgVckbMAR=t7jVdQeTVzDTS&Q}{rlCs&X{N)oLz-JRy61 zYS+QN?FN8746oPAId|KnAjq=pGRTuLZIup(!!9wb{Yz(Or<)*KWe=mTug_(BjInSy zyvrD|SgfO?gE8i~J;N~K@wm00Z=>vC_Pv2#>Sq;w0>N!Ff2WK^yuEbd-L=2>+9>5 zfj}ws`~8tfWN>gW9*^&UXVnIbO=+5@swyH%k|fLW)AK>Ls+}0SsP>qj>+9>KQmI@n zYnsM6mn2D1l#Y&$P$;xBE~qPv<>h6|_AC~Qnx;Lzk_dtziefMrj7FpJc>KVD1C4pg z8W#xoJr2jA!$FnH<9XUT=dH0})kKwR{~#QM$Xk zj~zR}T%a<>&tgJL% z@+<~H5Qc|`qtR$@Pfxfj4Dea`4UK>N@3mh{u4eN!kSWkDajMMgr{5n7{ov)$aMagk zjJdhFWHQMZYsK?qjLEWm?%cUe+PM`yov;1b|&Er}+K*_b*<&NC;`sx3#3Isw~SFK3)Ce_2RvfVN@6(f=2+QnITOH zC?e;0?QZ#6W&>n;Fe1IUU;foMqmk|Ewv-uGS67qCBmmeo+N>|}$=!11zg2@F_$eqN zNG+!$fq;)fKm-A17q!3qYpqz@ep}ra|HpVB%( znqy2)Pv>$upRc89jKjM6~ipyLLMW$m_&vf|1E&*4EY>ToDmMOw%+B z698n1v;~C{Qg2!{!eETe%*@zIO`9Tw7=}@)Q~+Rqr_=@v4k4e=?ce@|Ho{n5UM>_0 z&aMG049jvJdA=QoK9k40Jpu3b9d3k?&*x3kbaQ%MTwDZzS7UxLK%w5aZc!$_G3c-N zuo1??hY#HxeMC`w@ZbR=#=_Do1Afq4xTYLIrtf^Iqu%qny+lN3lY3Lvjg0j{e)v+z z)z{GY>v3hM{${c6xHnDHI$OK(o@=#QI-Ndq=FGQ_1PA-&xdjdC4DKdE_~~n14W8G< zK*U%q=JH;~vKMq+_jo+#$9vxXUCs$cm3<`o!ut@)E!-j zuwj1pwXToeZS`_%*X*_{vz7P$G`~_ZpF9bg2paofyywC}ZYkq_UB{^XTLtHf6AviZpoKm5n)g~^r0WgSHFMj~+jRPRgsZC^L<2@khW yVZWJLJ=p7ccf{ch?ViAJug}Tv#LqDHlKux>r6IrAf$NI^00001^`jg2pIqX From cd1b6b8b3de0f909c7039aad33697863685475f4 Mon Sep 17 00:00:00 2001 From: illfated Date: Sat, 8 Feb 2020 17:27:43 +0100 Subject: [PATCH 020/112] Local Accounts/Administrator account: 20016 typo Description: As pointed out in issue ticket #6017 (Double 0 typo), Windows Server 2016 contains a double 0 typo which needs correction. Thanks to vainkop for making us aware of this typo issue. Proposed change: - Remove the extra 0 to spell Windows Server 2016 correctly. issue ticket closure or reference: Closes #6017 --- .../identity-protection/access-control/local-accounts.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/identity-protection/access-control/local-accounts.md b/windows/security/identity-protection/access-control/local-accounts.md index 33ef3a0add..2c744d7f98 100644 --- a/windows/security/identity-protection/access-control/local-accounts.md +++ b/windows/security/identity-protection/access-control/local-accounts.md @@ -73,7 +73,7 @@ The Administrator account has full control of the files, directories, services, The default Administrator account cannot be deleted or locked out, but it can be renamed or disabled. -In Windows 10 and Windows Server 20016, Windows setup disables the built-in Administrator account and creates another local account that is a member of the Administrators group. Members of the Administrators groups can run apps with elevated permissions without using the **Run as Administrator** option. Fast User Switching is more secure than using Runas or different-user elevation. +In Windows 10 and Windows Server 2016, Windows setup disables the built-in Administrator account and creates another local account that is a member of the Administrators group. Members of the Administrators groups can run apps with elevated permissions without using the **Run as Administrator** option. Fast User Switching is more secure than using Runas or different-user elevation. **Account group membership** From 9fe837fe56a829cce5a65f4d15d7326a61f71c48 Mon Sep 17 00:00:00 2001 From: ImranHabib <47118050+joinimran@users.noreply.github.com> Date: Sun, 9 Feb 2020 09:30:46 +0500 Subject: [PATCH 021/112] Update devices/hololens/hololens-recovery.md Co-Authored-By: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com> --- devices/hololens/hololens-recovery.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/devices/hololens/hololens-recovery.md b/devices/hololens/hololens-recovery.md index 7833886901..c873f08b58 100644 --- a/devices/hololens/hololens-recovery.md +++ b/devices/hololens/hololens-recovery.md @@ -111,7 +111,7 @@ The Advanced Recovery Companion is a new app in Microsoft Store restore the oper 1. Connect the HoloLens 2 to a PC with Advanced Recovery Companion installed. 1. Press and hold the **Volume Up and Power buttons** until the device reboots. Release the Power button, but continue to hold the Volume Up button until the third LED is lit. -1. The device should be visible in **Device Manager** as a **Microsoft HoloLens Recovery** device: +1. The device should be visible in **Device Manager** as a **Microsoft HoloLens Recovery** device. 1. Launch Advanced Recovery Companion, and follow the on-screen prompts to reflash the OS to the HoloLens 2. ### HoloLens (1st gen) From e66fc3fcaaf3cacdd1bbba7231bdd891b2cc4a6a Mon Sep 17 00:00:00 2001 From: MaratMussabekov <48041687+MaratMussabekov@users.noreply.github.com> Date: Sun, 9 Feb 2020 19:45:18 +0500 Subject: [PATCH 022/112] Update limitations-with-wip.md --- .../windows-information-protection/limitations-with-wip.md | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/windows/security/information-protection/windows-information-protection/limitations-with-wip.md b/windows/security/information-protection/windows-information-protection/limitations-with-wip.md index ff92a6c111..5bae273ed2 100644 --- a/windows/security/information-protection/windows-information-protection/limitations-with-wip.md +++ b/windows/security/information-protection/windows-information-protection/limitations-with-wip.md @@ -115,7 +115,7 @@ This table provides info about the most common problems you might encounter whil WIP isn’t turned on for employees in your organization. Error code 0x807c0008 will result if WIP is deployed by using Microsoft Endpoint Configuration Manager.Don’t set the MakeFolderAvailableOfflineDisabled option to False for any of the specified folders.

If you currently use redirected folders, we recommend that you migrate to a file synchronization solution that supports WIP, such as Work Folders or OneDrive for Business. Additionally, if you apply redirected folders after WIP is already in place, you might be unable to open your files offline. For more info about these potential access errors, see Can't open files offline when you use Offline Files and Windows Information Protection. + 		Don’t set the MakeFolderAvailableOfflineDisabled option to False for any of the specified folders. You can configure this parameter, as described here.

If you currently use redirected folders, we recommend that you migrate to a file synchronization solution that supports WIP, such as Work Folders or OneDrive for Business. Additionally, if you apply redirected folders after WIP is already in place, you might be unable to open your files offline. For more info about these potential access errors, see Can't open files offline when you use Offline Files and Windows Information Protection.
@@ -84,10 +84,7 @@ Use the Windows Configuration Designer tool to create a provisioning package. After you're done, click **Create**. It only takes a few seconds. When the package is built, the location where the package is stored is displayed as a hyperlink at the bottom of the page. - **Next step**: [How to apply a provisioning package](#apply) - - -## Create a provisioning package for HoloLens using advanced provisioning +### 3. Create a provisioning package for HoloLens using advanced provisioning >[!NOTE] >Settings in a provisioning package will only be applied if the provisioning package includes an edition upgrade license to Windows Holographic for Business or if [the device has already been upgraded to Windows Holographic for Business](hololens1-upgrade-enterprise.md). @@ -106,7 +103,7 @@ After you're done, click **Create**. It only takes a few seconds. When the packa >[!IMPORTANT] >(For Windows 10, version 1607 only) If you create a local account in the provisioning package, you must change the password using the **Settings** app every 42 days. If the password is not changed during that period, the account might be locked out and unable to sign in. If the user account is locked out, you must [perform a full device recovery](https://developer.microsoft.com/windows/mixed-reality/reset_or_recover_your_hololens#perform_a_full_device_recovery). -8. On the **File** menu, click **Save**. +8. On the **File** menu, click **Save**. 4. Read the warning that project files may contain sensitive information, and click **OK**. @@ -135,7 +132,7 @@ After you're done, click **Create**. It only takes a few seconds. When the packa 9. Click **Build** to start building the package. The project information is displayed in the build page and the progress bar indicates the build status. -10. When the build completes, click **Finish**. +10. When the build completes, click **Finish**. ## Apply a provisioning package to HoloLens during setup @@ -157,17 +154,17 @@ After you're done, click **Create**. It only takes a few seconds. When the packa >[!NOTE] >If the device was purchased before August 2016, you will need to sign into the device with a Microsoft account, get the latest OS update, and then reset the OS in order to apply the provisioning package. -## Apply a provisioning package to HoloLens after setup +### 4. Apply a provisioning package to HoloLens after setup >[!NOTE] >Windows 10, version 1809 only On your PC: -1. Create a provisioning package as described at [Create a provisioning package for HoloLens using the HoloLens wizard](hololens-provisioning.md). -2. Connect the HoloLens device via USB to a PC. HoloLens will show up as a device in File Explorer on the PC. -3. Drag and drop the provisioning package to the Documents folder on the HoloLens. +1. Create a provisioning package as described at [Create a provisioning package for HoloLens using the HoloLens wizard](hololens-provisioning.md). +2. Connect the HoloLens device via USB to a PC. HoloLens will show up as a device in File Explorer on the PC. +3. Drag and drop the provisioning package to the Documents folder on the HoloLens. -On your HoloLens: +On your HoloLens: 1. Go to **Settings > Accounts > Access work or school**. 2. In **Related Settings**, select **Add or remove a provisioning package**. 3. On the next page, select **Add a package** to launch the file picker and select your provisioning package. If the folder is empty, make sure you select **This Device** and select **Documents**. @@ -192,9 +189,4 @@ In Windows Configuration Designer, when you create a provisioning package for Wi >[!NOTE] >App installation (**UniversalAppInstall**) using a provisioning package is not currently supported for HoloLens. - - - - - - +## Next Step: [Enroll your device](hololens-enroll-mdm.md) \ No newline at end of file From c9ad82809aa25d40809fe7810094d960f82eccb7 Mon Sep 17 00:00:00 2001 From: Payge Winfield Date: Mon, 10 Feb 2020 10:38:05 -0800 Subject: [PATCH 029/112] Added kiosk mode and a step approach to the doc. Added in considerations for planning deployment --- devices/hololens/hololens-requirements.md | 136 ++++++++-------------- 1 file changed, 47 insertions(+), 89 deletions(-) diff --git a/devices/hololens/hololens-requirements.md b/devices/hololens/hololens-requirements.md index eb068d6e65..fd898f7443 100644 --- a/devices/hololens/hololens-requirements.md +++ b/devices/hololens/hololens-requirements.md @@ -13,62 +13,67 @@ ms.date: 07/15/2019 # Deploy HoloLens in a commercial environment -You can deploy and configure HoloLens at scale in a commercial setting. +You can deploy and configure HoloLens at scale in a commercial setting. This article provides instructions for deploying HoloLens devices in a commercial environment. This guide assumes basic familiarity with HoloLens. Follow the [get started guide](hololens1-setup.md) to set up HoloLens for the first time. -This article includes: +## Overview of Deployment Steps -- Infrastructure requirements and recommendations for HoloLens management -- Tools for provisioning HoloLens -- Instructions for remote device management -- Options for application deployment +1. [Determine what features you need](hololens-requirements.md#step-1-determine-what-you-need) +1. [Determine what licenses you need](hololens-licenses-requirements.md) +1. [Configure your network for HoloLens](hololens-commercial-infrastructure.md). + 1. This section includes bandwidth requirements, URL and Ports that need to be whitelisted on your firewall, Azure AD guidance, Mobile Device Management Guidance, app deployment/management guidance, and certificate guidance. +1. (Optional) [Configure HoloLens using a provisioning package](hololens-provisioning.md) +1. [Enroll Device](hololens-enroll-mdm.md) +1. [Set up ring based updates for HoloLens](hololens-updates.md) +1. [Enable Bitlocker device encryption for HoloLens](hololens-encryption.md) -This guide assumes basic familiarity with HoloLens. Follow the [get started guide](hololens1-setup.md) to set up HoloLens for the first time. +## Step 1. Determine what you need -## Infrastructure for managing HoloLens +Before deploying the HoloLens in your environment, it is important to first determine what features, apps, and type of identities are needed. -HoloLens is, at its core, a Windows mobile device integrated with Azure. It works best in commercial environments with wireless network availability (wi-fi) and access to Microsoft services. +### Type of Features -Critical cloud services include: +Your feature requirements will determine which HoloLens you need. One popular feature that we see deployed in customer environments frequently is Kiosk Mode. A list of HoloLens key features, and the editions of HoloLens that support them, can be found [here](hololens-commercial-features). -- Azure active directory (AAD) -- Windows Update (WU) +**What is Kiosk Mode?** -Commercial customers will need enterprise mobility management (EMM) or mobile device management (MDM) infrastructure to manage HoloLens devices at scale. This guide uses [Microsoft Intune](https://www.microsoft.com/enterprise-mobility-security/microsoft-intune) as an example, though any provider with full support for Microsoft Policy can support HoloLens. Ask your mobile device management provider if they support HoloLens 2. +Kiosk mode is a way to restrict the apps that a user has access to. This means that users will only be allowed to access certain apps. -HoloLens does support a limited set of cloud disconnected experiences. +**What Kiosk Mode do I require?** -## Initial set up at scale +There are two types of Kiosk Modes: Single app and multi-app. Single app kiosk mode allows user to only access one app while multi-app kiosk mode allows users to access multiple specified apps. To determine which kiosk mode is right for your corporation, the following two questions need to be answered: -The HoloLens out of box experience is great for setting up one or two devices or for experiencing HoloLens for the first time. If you're provisioning many HoloLens devices, however, selecting your language and settings manually for each device gets tedious and limits scale. +1. **Do different users who are require different experiences/restrictions?** Example, User A is a field service engineer who only needs access to Remote Assist. User B is a trainee who only needs access to guides… etc. + 1. If yes, you will require the following: + 1. Azure AD Accounts as the method of signing into the devices. + 1. Multi-app kiosk mode. + 1. If no, continue to question two +1. **Do you require a multi-app experience?** + 1. If yes, Multi-app kiosk is mode is needed + 1. If your answer to question 1 and 2 are both no, Single-app kiosk mode can be used -This section: +**How to set up Kiosk Mode** -- Introduces Windows provisioning using provisioning packages -- Walks through applying a provisioning package during first setup +There are two main ways ([provisioning packages](hololens-kiosk.md#set-up-kiosk-mode-using-a-provisioning-package-windows-10-version-1803) and [MDM](hololens-kiosk.md#set-up-kiosk-mode-using-microsoft-intune-or-mdm-windows-10-version-1803)) to deploy kiosk mode for HoloLens. These options will be discussed later in the document; however, you can use the links above to jump to the respective sections in this doc. -### Create and apply a provisioning package +### Apps -The best way to configure many new HoloLens device is with Windows provisioning. You can use it to specify desired configuration and settings required to enroll the devices into management and then apply that configuration to target devices in minutes. +This deployment guide will cover the following types of apps: -A [provisioning package](https://docs.microsoft.com/windows/configuration/provisioning-packages/provisioning-packages) (.ppkg) is a collection of configuration settings. With Windows 10, you can create provisioning packages that let you quickly and efficiently configure a device. +1. Remote Assist +2. Guides +3. Customer Apps -### Upgrade to Windows Holographic for Business +Each step in this document will include instructions for each specific app. -- HoloLens Enterprise license XML file +### Type of identity -Some of the HoloLens configurations you can apply in a provisioning package: +Determine the type of identity that will be used to sign into the device. -- Apply certificates to the device -- Set up a Wi-Fi connection -- Pre-configure out of box questions like language and locale -- (HoloLens 2) bulk enroll in mobile device management -- (HoloLens v1) Apply key to enable Windows Holographic for Business +1. **Local Accounts:** This account is local to the device (like a local admin account on a windows PC). This will allow only 1 user to log into the device. +2. **MSA:** This will be a personal account (like outlook, hotmail, gmail, yahoo, etc.) This will allow only 1 user to log into the device. +3. **Azure Active Directory (Azure AD) accounts:** This is an account created in Azure AD. This grants your corporation the ability to manage the HoloLens device. This will allow multiple users to log into the HoloLens 1st Gen Commercial Suite/the HoloLens 2 device. -Follow [this guide](https://docs.microsoft.com/hololens/hololens-provisioning) to create and apply a provisioning package to HoloLens. - -### Set up user identity and enroll in device management - -The last step in setting up HoloLens for management at scale is to enroll devices with mobile device management infrastructure. There are several ways to enroll: +### Determine your enrollment method 1. Bulk enrollment with a security token in a provisioning package. Pros: this is the most automated approach @@ -80,66 +85,19 @@ The last step in setting up HoloLens for management at scale is to enroll device Pros: possible to enroll after set up Cons: most manual approach and devices aren't centrally manageable until they're manually enrolled. -Learn more about MDM enrollment [here](hololens-enroll-mdm.md). + More information can be found [here](hololens-enroll-mdm.md) -## Ongoing device management +### Determine if you need a provisioning package -Ongoing device management will depend on your mobile device management infrastructure. Most have the same general functionality but the user interface may vary widely. +There are two methods to configure a HoloLens device (Provisioning packages and MDMs). We suggest using your MDM to configure you HoloLens device, however, there are some scenarios where using a provisioning package is the better choice: -This article outlines [policies and capabilities HoloLens supports](https://docs.microsoft.com/windows/client-management/mdm/configuration-service-provider-reference#hololens). +1. You want to skip the Out of Box Experience (OOBE) +1. You are having trouble deploying certificate in a complex network. The majority of the time you can deploy certificates using MDM (even in complex environments). However, some scenarios require certificates to be deployed through the provisioning package. -[This article](https://docs.microsoft.com/intune/windows-holographic-for-business) talks about Intune's management tools for HoloLens. - -### Push compliance policy via Intune - -[Compliance policies](https://docs.microsoft.com/intune/device-compliance-get-started) are rules and settings that devices must meet to be compliant in your corporate infrastructure. Use these policies with Conditional Access to block access to company resources for devices that are non-compliant. - -For example, you can create a policy that requires Bitlocker be enabled. - -[Create compliance policies with Intune](https://docs.microsoft.com/intune/compliance-policy-create-windows). - -### Manage updates - -Intune includes a feature called Update rings for Windows 10 devices, including HoloLens 2 and HoloLens v1 (with Holographic for Business). Update rings include a group of settings that determine how and when updates are installed. - -For example, you can create a maintenance window to install updates, or choose to restart after updates are installed. You can also choose to pause updates indefinitely until you're ready to update. - -Read more about [configuring update rings with Intune](https://docs.microsoft.com/intune/windows-update-for-business-configure). - -## Application management - -Manage HoloLens applications through: - -1. Microsoft Store - The Microsoft Store is the best way to distribute and consume applications on HoloLens. There is a great set of core HoloLens applications already available in the store or you can [publish your own](https://docs.microsoft.com/windows/uwp/publish/). - All applications in the store are available publicly to everyone, but if it isn't acceptable, checkout the Microsoft Store for Business. - -1. [Microsoft Store for Business](https://docs.microsoft.com/microsoft-store/) - Microsoft Store for Business and Education is a custom store for your corporate environment. It lets you use the Microsoft Store built into Windows 10 and HoloLens to find, acquire, distribute, and manage apps for your organization. It also lets you deploy apps that are specific to your commercial environment but not to the world. - -1. Application deployment and management via Intune or another mobile device management solution - Most mobile device management solutions, including Intune, provide a way to deploy line of business applications directly to a set of enrolled devices. See this article for [Intune app install](https://docs.microsoft.com/intune/apps-deploy). - -1. _not recommended_ Device Portal - Applications can also be installed on HoloLens directly using the Windows Device Portal. This isn't recommended since Developer Mode has to be enabled to use the device portal. - -Read more about [installing apps on HoloLens](https://docs.microsoft.com/hololens/hololens-install-apps). +## Next Step: [Determine what licenses you need](hololens-licenses-requirements.md) ## Get support Get support through the Microsoft support site. -[File a support request](https://support.microsoft.com/supportforbusiness/productselection?sapid=e9391227-fa6d-927b-0fff-f96288631b8f). - -## Technical Reference - -### Wireless network EAP support - -- PEAP-MS-CHAPv2 -- PEAP-TLS -- TLS -- TTLS-CHAP -- TTLS-CHAPv2 -- TTLS-MS-CHAPv2 -- TTLS-PAP -- TTLS-TLS +[File a support request](https://support.microsoft.com/supportforbusiness/productselection?sapid=e9391227-fa6d-927b-0fff-f96288631b8f). \ No newline at end of file From 8e7c7e383ccc66e3d619c903a36e76a0ad703cc6 Mon Sep 17 00:00:00 2001 From: Payge Winfield Date: Mon, 10 Feb 2020 10:40:45 -0800 Subject: [PATCH 030/112] Added additional license reqs --- .../hololens-licenses-requirements.md | 51 +++++++++++++------ 1 file changed, 36 insertions(+), 15 deletions(-) diff --git a/devices/hololens/hololens-licenses-requirements.md b/devices/hololens/hololens-licenses-requirements.md index 6d33228879..2235cd5d38 100644 --- a/devices/hololens/hololens-licenses-requirements.md +++ b/devices/hololens/hololens-licenses-requirements.md @@ -16,35 +16,56 @@ appliesto: - HoloLens 2 --- -# Licenses Required for Mixed Reality Deployment - -If you plan on using a Mobile Device Management system (MDM) to manage your HoloLens, please review the MDM License Guidance section. +# Determine what licenses you need ## Mobile Device Management (MDM) Licenses Guidance +If you plan on managing your HoloLens devices, you will need Azure AD and an MDM. Active Director (AD) cannot be used to manage HoloLens devices. If you plan on using an MDM other than Intune, an [Azure Active Directory Licenses](https://docs.microsoft.com/azure/active-directory/fundamentals/active-directory-whatis) is required. - -If you plan on using Intune as your MDM, you can acquire an [Enterprise Mobility + Security (EMS) suite (E3 or E5) licenses](https://www.microsoft.com/microsoft-365/enterprise-mobility-security/compare-plans-and-pricing). **Please note that Azure AD is included in both suites.** +If you plan on using Intune as your MDM, you can acquire an [Enterprise Mobility + Security (EMS) suite (E3 or E5) licenses](https://www.microsoft.com/microsoft-365/enterprise-mobility-security/compare-plans-and-pricing). **Please note that Azure AD is included in both suites.** ## Identify the licenses needed for your scenario and products +### HoloLens Licenses Requirements + +You may need to upgrade your HoloLens 1st Gen Device to Windows Holographic for Business. (See [HoloLens commercial features](holoLens-commercial-features.md#feature-comparison-between-editions) to determine if you need to upgrade). + + If so, you will need to do the following: + +- Acquire a HoloLens Enterprise license XML file +- Apply the XML file to the HoloLens. You can do this through a [Provisioning package](hololens-provisioning.md) or through your [Mobile Device Manager](https://docs.microsoft.com/en-us/intune/configuration/holographic-upgrade) + +Some of the HoloLens configurations you can apply in a provisioning package: + +- Apply certificates to the device +- Set up a Wi-Fi connection +- Pre-configure out of box questions like language and locale +- (HoloLens 2) bulk enroll in mobile device management +- (HoloLens v1) Apply key to enable Windows Holographic for Business + +Follow [this guide](hololens-provisioning.md) to create and apply a provisioning package to HoloLens. + ### Remote Assist License Requirements + Make sure you have the required licensing and device. Updated licensing and product requirements can be found [here](https://docs.microsoft.com/dynamics365/mixed-reality/remote-assist/requirements). -1. [Remote Assist License](https://docs.microsoft.com/azure/active-directory/fundamentals/active-directory-whatis) -1. [Teams Freemium/Teams](https://products.office.com/microsoft-teams/free) -1. [Azure Active Directory (Azure AD) License](https://docs.microsoft.com/azure/active-directory/fundamentals/active-directory-whatis) +1. [Remote Assist License](https://docs.microsoft.com/dynamics365/mixed-reality/remote-assist/buy-and-deploy-remote-assist) +1. [Teams Freemium/Teams](https://products.office.com/microsoft-teams/free) +1. [Azure Active Directory (Azure AD) License](https://docs.microsoft.com/azure/active-directory/fundamentals/active-directory-whatis) ### Guides License Requirements + Updated licensing and device requirements can be found [here](https://docs.microsoft.com/dynamics365/mixed-reality/guides/requirements). -1. [Azure Active Directory (Azure AD) License](https://docs.microsoft.com/azure/active-directory/fundamentals/active-directory-whatis) -1. [Power BI](https://powerbi.microsoft.com/desktop/) -1. [Guides](https://docs.microsoft.com/dynamics365/mixed-reality/guides/setup) +1. [Azure Active Directory (Azure AD) License](https://docs.microsoft.com/azure/active-directory/fundamentals/active-directory-whatis) +1. [Power BI](https://powerbi.microsoft.com/desktop/) +1. [Guides](https://docs.microsoft.com/dynamics365/mixed-reality/guides/setup) ### Scenario 1: Kiosk Mode -If you are not planning to use an MDM to manage your device and you are planning to use a local account or an MSA as the login identity, you will not need any additional licenses. Kiosk mode can be accomplished using a provisioning packages. -1. If you are **not** planning to use an MDM to manage your device and you are planning to use a local account or an MSA as the login identity, you will not need any additional licenses. Kiosk mode can be accomplished using a provisioning packages. -1. If you are planning to use an MDM other than Intune, your MDM provider will have steps on configuring Kiosk mode. -1. If you are planning to use **Intune** as your MDM, implementation directions can be found in [Configuring your Network for HoloLens](). +1. If you are **not** planning to manage your device and you are planning to use a local account or an MSA as the login identity, you will not need any additional licenses. Kiosk mode can be accomplished using a provisioning packages. +1. If you are planning to use an MDM to implement Kiosk mode, you will need an [Azure Active Directory (Azure AD) License](https://docs.microsoft.com/azure/active-directory/fundamentals/active-directory-whatis). + +Additional information regarding kiosk mode will be covered in [Configuring your Network for HoloLens](hololens-commercial-infrastructure.md#how-to-configure-kiosk-mode-using-microsoft-intune). + +## Next Step: [Configure your network for HoloLens](hololens-commercial-infrastructure.md) \ No newline at end of file From 7dfce6130c6cb2f7b71c554cef9847be063f179e Mon Sep 17 00:00:00 2001 From: Payge Winfield Date: Mon, 10 Feb 2020 10:43:08 -0800 Subject: [PATCH 031/112] Changed link structure for Intune/MDM section --- devices/hololens/hololens-kiosk.md | 15 ++++++--------- 1 file changed, 6 insertions(+), 9 deletions(-) diff --git a/devices/hololens/hololens-kiosk.md b/devices/hololens/hololens-kiosk.md index d0dbb126b7..bc4389bb04 100644 --- a/devices/hololens/hololens-kiosk.md +++ b/devices/hololens/hololens-kiosk.md @@ -102,11 +102,11 @@ You will [create an XML file](#setup-kiosk-mode-using-a-provisioning-package-win ## Set up kiosk mode using Microsoft Intune or MDM (Windows 10, version 1803) -For HoloLens devices that are managed by Microsoft Intune, you [create a device profile](https://docs.microsoft.com/intune/device-profile-create) and configure the [Kiosk settings](https://docs.microsoft.com/intune/kiosk-settings). +For HoloLens devices that are managed by Microsoft Intune, directions can be found [here](hololens-commercial-infrastructure.md#how-to-configure-kiosk-mode-using-microsoft-intune). For other MDM services, check your provider's documentation for instructions. If you need to use a custom setting and full XML configuration to set up a kiosk in your MDM service, [create an XML file that defines the kiosk configuration](#create-a-kiosk-configuration-xml-file), and make sure to include the [Start layout](#start-layout-for-a-provisioning-package) in the XML file. -## Setup kiosk mode using a provisioning package (Windows 10, version 1803) +## Set up kiosk mode using a provisioning package (Windows 10, version 1803) Process: 1. [Create an XML file that defines the kiosk configuration.](#create-a-kiosk-configuration-xml-file) @@ -155,7 +155,7 @@ Use the following snippet in your kiosk configuration XML to enable the **Guest* 13. On the **Provisioning package security** page, do not select **Enable package encryption** or provisioning will fail on HoloLens. You can choose to enable package signing. - - **Enable package signing** - If you select this option, you must select a valid certificate to use for signing the package. You can specify the certificate by clicking **Browse** and choosing the certificate you want to use to sign the package. + - **Enable package signing** - If you select this option, you must select a valid certificate to use for signing the package. You can specify the certificate by clicking **Browse** and choosing the certificate you want to use to sign the package. 14. Click **Next** to specify the output location where you want the provisioning package to go when it's built. By default, Windows Configuration Designer uses the project folder as the output location. Optionally, you can click **Browse** to change the default output location. @@ -181,7 +181,7 @@ Use the following snippet in your kiosk configuration XML to enable the **Guest* ## Set up kiosk mode using the Windows Device Portal (Windows 10, version 1607 and version 1803) -1. [Set up the HoloLens to use the Windows Device Portal](https://developer.microsoft.com/windows/mixed-reality/using_the_windows_device_portal#setting_up_hololens_to_use_windows_device_portal). The Device Portal is a web server on your HoloLens that you can connect to from a web browser on your PC. +1. [Set up the HoloLens to use the Windows Device Portal](https://developer.microsoft.com/windows/mixed-reality/using_the_windows_device_portal#setting_up_hololens_to_use_windows_device_portal). The Device Portal is a web server on your HoloLens that you can connect to from a web browser on your PC. >[!IMPORTANT] >When you set up HoloLens to use the Device Portal, you must enable **Developer Mode** on the device. **Developer Mode** on a device that has been upgraded to Windows Holographic for Business enables side-loading of apps, which risks the installation of apps that have not been certified by the Microsoft Store. Administrators can block the ability to enable **Developer Mode** using the **ApplicationManagement/AllowDeveloper Unlock** setting in the [Policy CSP](https://msdn.microsoft.com/library/windows/hardware/dn904962.aspx). [Learn more about Developer Mode.](https://msdn.microsoft.com/windows/uwp/get-started/enable-your-device-for-development#developer-mode) @@ -202,17 +202,14 @@ Use the following snippet in your kiosk configuration XML to enable the **Guest* 5. Select **Enable Kiosk Mode**, choose an app to run when the device starts, and click **Save**. - ## Kiosk app recommendations - You cannot select Microsoft Edge, Microsoft Store, or the Shell app as a kiosk app. - We recommend that you do **not** select the Settings app and the File Explorer app as a kiosk app. -- You can select Cortana as a kiosk app. +- You can select Cortana as a kiosk app. - To enable photo or video capture, the HoloCamera app must be enabled as a kiosk app. ## More information - - Watch how to configure a kiosk in a provisioning package. ->[!VIDEO https://www.microsoft.com/videoplayer/embed/fa125d0f-77e4-4f64-b03e-d634a4926884?autoplay=false] +>[!VIDEO https://www.microsoft.com/videoplayer/embed/fa125d0f-77e4-4f64-b03e-d634a4926884?autoplay=false] \ No newline at end of file From 73167238d27234c8f2114e53e8dfeedbe7b7f165 Mon Sep 17 00:00:00 2001 From: isbrahm <43386070+isbrahm@users.noreply.github.com> Date: Mon, 10 Feb 2020 10:50:02 -0800 Subject: [PATCH 032/112] Further clarify SKU availability and deployment --- .../windows-defender-application-control.md | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control.md b/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control.md index e336068fb0..b3b52de9b2 100644 --- a/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control.md +++ b/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control.md @@ -46,7 +46,7 @@ Windows 10 includes two technologies that can be used for application control de Windows Defender Application Control (WDAC) was introduced with Windows 10 and allows organizations to control what drivers and applications are allowed to run on their Windows 10 clients. WDAC was designed as a security feature under the [servicing criteria](https://www.microsoft.com/msrc/windows-security-servicing-criteria) defined by the Microsoft Security Response Center (MSRC). > [!NOTE] -> Prior to Windows 10, version 1709, Windows Defender Application Control was known as configurable code integrity policies. +> Prior to Windows 10, version 1709, Windows Defender Application Control was known as configurable code integrity (CCI) policies. WDAC policies apply to the managed computer as a whole and affects all users of the device. WDAC rules can be defined based on: - Attributes of the codesigning certificate(s) used to sign an app and its binaries; @@ -59,8 +59,7 @@ WDAC policies apply to the managed computer as a whole and affects all users of ### WDAC System Requirements WDAC policies can only be created on computers running Windows 10 build 1903+ on any SKU, pre-1903 Windows 10 Enterprise, or Windows Server 2016 and above. -They can be applied to computers running any edition of Windows 10 or Windows Server 2016 and optionally managed via Mobile Device Management (MDM), such as Microsoft Intune. -Group Policy can also be used to deploy WDAC policies to Windows 10 Enterprise edition or Windows Server 2016 and above. +WDAC policies can be applied to computers running any edition of Windows 10 or Windows Server 2016 via a Mobile Device Management (MDM) solution like Intune, a management interface like Configuration Manager, or a scripthost like PowerShell. Group Policy can also be used to deploy WDAC policies to Windows 10 Enterprise edition or Windows Server 2016 and above, but cannot deploy policies to machines running non-Enterprise SKUs of Windows 10. ## AppLocker From 06fc7ec743a4323454a970f32d1976e24f3f022f Mon Sep 17 00:00:00 2001 From: Payge Winfield Date: Mon, 10 Feb 2020 11:22:04 -0800 Subject: [PATCH 033/112] Changes to fix warnings --- .../hololens/hololens-commercial-infrastructure.md | 2 +- devices/hololens/hololens-kiosk.md | 14 ++++++-------- devices/hololens/hololens-licenses-requirements.md | 2 +- devices/hololens/hololens-provisioning.md | 6 ++++-- devices/hololens/hololens-requirements.md | 2 +- 5 files changed, 13 insertions(+), 13 deletions(-) diff --git a/devices/hololens/hololens-commercial-infrastructure.md b/devices/hololens/hololens-commercial-infrastructure.md index d37b307909..a99a851024 100644 --- a/devices/hololens/hololens-commercial-infrastructure.md +++ b/devices/hololens/hololens-commercial-infrastructure.md @@ -175,7 +175,7 @@ For other MDM services, check your provider's documentation for instructions. If ## Certificates and Authentication -Certificates can be deployed via you MDM (see "certificates" in the [MDM Section](hololens-commercial-infrastructure.md#mobile-device-manager-guidance##)). Certificates can also be deployed to the HoloLens through package provisioning. Please see [HoloLens Provisioning](hololens-provisioning.md) for additional information. +Certificates can be deployed via you MDM (see "certificates" in the [MDM Section](hololens-commercial-infrastructure.md#mobile-device-manager-guidance)). Certificates can also be deployed to the HoloLens through package provisioning. Please see [HoloLens Provisioning](hololens-provisioning.md) for additional information. ### Additional Intune Quick Links diff --git a/devices/hololens/hololens-kiosk.md b/devices/hololens/hololens-kiosk.md index bc4389bb04..ae870f5847 100644 --- a/devices/hololens/hololens-kiosk.md +++ b/devices/hololens/hololens-kiosk.md @@ -14,11 +14,9 @@ manager: dansimp # Set up HoloLens in kiosk mode - - In Windows 10, version 1803, you can configure your HoloLens devices to run as multi-app or single-app kiosks. You can also configure guest access for a HoloLens kiosk device by [designating a SpecialGroup account in your XML file.](#add-guest-access-to-the-kiosk-configuration-optional) -When HoloLens is configured as a multi-app kiosk, only the allowed apps are available to the user. The benefit of a multi-app kiosk, or fixed-purpose device, is to provide an easy-to-understand experience for individuals by putting in front of them only the things they need to use, and removing from their view the things they don’t need to access. +When HoloLens is configured as a multi-app kiosk, only the allowed apps are available to the user. The benefit of a multi-app kiosk, or fixed-purpose device, is to provide an easy-to-understand experience for individuals by putting in front of them only the things they need to use, and removing from their view the things they don’t need to access. Single-app kiosk mode starts the specified app when the user signs in, and restricts the user's ability to launch new apps or change the running app. When single-app kiosk mode is enabled for HoloLens, the [start gestures](https://docs.microsoft.com/hololens/hololens2-basic-usage#start-gesture) (including [Bloom](https://docs.microsoft.com/hololens/hololens1-basic-usage) on HoloLens (1st Gen)) and Cortana are disabled, and placed apps aren't shown in the user's surroundings. @@ -41,14 +39,14 @@ The [AssignedAccess Configuration Service Provider (CSP)](https://docs.microsoft For HoloLens devices running Windows 10, version 1803, there are three methods that you can use to configure the device as a kiosk: - You can use [Microsoft Intune or other mobile device management (MDM) service](#set-up-kiosk-mode-using-microsoft-intune-or-mdm-windows-10-version-1803) to configure single-app and multi-app kiosks. -- You can [use a provisioning package](#setup-kiosk-mode-using-a-provisioning-package-windows-10-version-1803) to configure single-app and multi-app kiosks. +- You can [use a provisioning package](#set-up-kiosk-mode-using-a-provisioning-package-windows-10-version-1803) to configure single-app and multi-app kiosks. - You can [use the Windows Device Portal](#set-up-kiosk-mode-using-the-windows-device-portal-windows-10-version-1607-and-version-1803) to configure single-app kiosks. This method is recommended only for demonstrations, as it requires that developer mode be enabled on the device. For HoloLens devices running Windows 10, version 1607, you can [use the Windows Device Portal](#set-up-kiosk-mode-using-the-windows-device-portal-windows-10-version-1607-and-version-1803) to configure single-app kiosks. ## Start layout for HoloLens -If you use [MDM, Microsoft Intune](#set-up-kiosk-mode-using-microsoft-intune-or-mdm-windows-10-version-1803), or a [provisioning package](#setup-kiosk-mode-using-a-provisioning-package-windows-10-version-1803) to configure a multi-app kiosk, the procedure requires a Start layout. Start layout customization isn't supported in Holographic for Business, so you'll need to use a placeholder Start layout. +If you use [MDM, Microsoft Intune](#set-up-kiosk-mode-using-microsoft-intune-or-mdm-windows-10-version-1803), or a [provisioning package](#set-up-kiosk-mode-using-a-provisioning-package-windows-10-version-1803) to configure a multi-app kiosk, the procedure requires a Start layout. Start layout customization isn't supported in Holographic for Business, so you'll need to use a placeholder Start layout. >[!NOTE] >Because a single-app kiosk launches the kiosk app when a user signs in, there is no Start screen displayed. @@ -58,7 +56,7 @@ If you use [MDM, Microsoft Intune](#set-up-kiosk-mode-using-microsoft-intune-or- Save the following sample as an XML file. You can use this file when you configure the multi-app kiosk in Microsoft Intune (or in another MDM service that provides a kiosk profile). >[!NOTE] ->If you need to use a custom setting and full XML configuration to set up a kiosk in your MDM service, use the [Start layout instructions for a provisioning package](#start-layout-for-a-provisioning-package). +>If you need to use a custom setting and full XML configuration to set up a kiosk in your MDM service, use the [Start layout instructions for a provisioning package](#start-layout-for-a-provisioning-package). ```xml - + ``` ### Start layout for a provisioning package -You will [create an XML file](#setup-kiosk-mode-using-a-provisioning-package-windows-10-version-1803) to define the kiosk configuration to be included in a provisioning package. Use the following sample in the `StartLayout` section of your XML file. +You will [create an XML file](#set-up-kiosk-mode-using-a-provisioning-package-windows-10-version-1803) to define the kiosk configuration to be included in a provisioning package. Use the following sample in the `StartLayout` section of your XML file. ```xml diff --git a/devices/hololens/hololens-licenses-requirements.md b/devices/hololens/hololens-licenses-requirements.md index 2235cd5d38..7636395a6b 100644 --- a/devices/hololens/hololens-licenses-requirements.md +++ b/devices/hololens/hololens-licenses-requirements.md @@ -33,7 +33,7 @@ You may need to upgrade your HoloLens 1st Gen Device to Windows Holographic for If so, you will need to do the following: - Acquire a HoloLens Enterprise license XML file -- Apply the XML file to the HoloLens. You can do this through a [Provisioning package](hololens-provisioning.md) or through your [Mobile Device Manager](https://docs.microsoft.com/en-us/intune/configuration/holographic-upgrade) +- Apply the XML file to the HoloLens. You can do this through a [Provisioning package](hololens-provisioning.md) or through your [Mobile Device Manager](https://docs.microsoft.com/intune/configuration/holographic-upgrade) Some of the HoloLens configurations you can apply in a provisioning package: diff --git a/devices/hololens/hololens-provisioning.md b/devices/hololens/hololens-provisioning.md index 5f3e8b7bd2..93a185f318 100644 --- a/devices/hololens/hololens-provisioning.md +++ b/devices/hololens/hololens-provisioning.md @@ -23,7 +23,9 @@ Some of the HoloLens configurations that you can apply in a provisioning package - Set up a Wi-Fi connection - Apply certificates to the device - Enable Developer Mode -- Configure Kiosk mode (Detailed instructions for configuring kiosk mode can be found [here](hololens-kiosk.md#setup-kiosk-mode-using-a-provisioning-package-windows-10-version-1803). +- Configure Kiosk mode (Detailed instructions for configuring kiosk mode can be found [here](hololens-kiosk.md#set-up-kiosk-mode-using-a-provisioning-package-windows-10-version-1803). + +## Create a provisioning package for HoloLens using the HoloLens wizard The HoloLens wizard helps you configure the following settings in a provisioning package: @@ -37,7 +39,7 @@ The HoloLens wizard helps you configure the following settings in a provisioning - Enroll device in Azure Active Directory or create a local account - Add certificates - Enable Developer Mode -- Configure kiosk mode. (Detailed instructions for configuring kiosk mode can be found [here](hololens-kiosk.md#setup-kiosk-mode-using-a-provisioning-package-windows-10-version-1803)). +- Configure kiosk mode. (Detailed instructions for configuring kiosk mode can be found [here](hololens-kiosk.md#set-up-kiosk-mode-using-a-provisioning-package-windows-10-version-1803)). >[!WARNING] >You must run Windows Configuration Designer on Windows 10 to configure Azure Active Directory enrollment using any of the wizards. diff --git a/devices/hololens/hololens-requirements.md b/devices/hololens/hololens-requirements.md index fd898f7443..9487a2f331 100644 --- a/devices/hololens/hololens-requirements.md +++ b/devices/hololens/hololens-requirements.md @@ -32,7 +32,7 @@ Before deploying the HoloLens in your environment, it is important to first dete ### Type of Features -Your feature requirements will determine which HoloLens you need. One popular feature that we see deployed in customer environments frequently is Kiosk Mode. A list of HoloLens key features, and the editions of HoloLens that support them, can be found [here](hololens-commercial-features). +Your feature requirements will determine which HoloLens you need. One popular feature that we see deployed in customer environments frequently is Kiosk Mode. A list of HoloLens key features, and the editions of HoloLens that support them, can be found [here](hololens-commercial-features.md). **What is Kiosk Mode?** From bc22ab28ba037c411366f68c2f376320f80c9c1f Mon Sep 17 00:00:00 2001 From: Payge Winfield Date: Mon, 10 Feb 2020 11:36:04 -0800 Subject: [PATCH 034/112] Fixing remaining reference errors (warnings) and minor format changes --- devices/hololens/hololens-provisioning.md | 2 +- devices/hololens/hololens-release-notes.md | 5 +++-- devices/hololens/hololens-whats-new.md | 14 ++++++-------- 3 files changed, 10 insertions(+), 11 deletions(-) diff --git a/devices/hololens/hololens-provisioning.md b/devices/hololens/hololens-provisioning.md index 93a185f318..3cd9ed9707 100644 --- a/devices/hololens/hololens-provisioning.md +++ b/devices/hololens/hololens-provisioning.md @@ -25,7 +25,7 @@ Some of the HoloLens configurations that you can apply in a provisioning package - Enable Developer Mode - Configure Kiosk mode (Detailed instructions for configuring kiosk mode can be found [here](hololens-kiosk.md#set-up-kiosk-mode-using-a-provisioning-package-windows-10-version-1803). -## Create a provisioning package for HoloLens using the HoloLens wizard +## Provisioning package HoloLens wizard The HoloLens wizard helps you configure the following settings in a provisioning package: diff --git a/devices/hololens/hololens-release-notes.md b/devices/hololens/hololens-release-notes.md index aaf200a4b0..f36e58d7cc 100644 --- a/devices/hololens/hololens-release-notes.md +++ b/devices/hololens/hololens-release-notes.md @@ -19,6 +19,7 @@ appliesto: # HoloLens Release Notes ## HoloLens 2 + > [!Note] > HoloLens Emulator Release Notes can be found [here](https://docs.microsoft.com/windows/mixed-reality/hololens-emulator-archive). @@ -85,7 +86,7 @@ Windows 10, version 1803, is the first feature update to Windows Holographic for - Previously, you could only verify that upgrade license for Commercial Suite had been applied to your HoloLens device by checking to see if VPN was an available option on the device. Now, **Settings** > **System** will display **Windows Holographic for Business** after the upgrade license is applied. [Learn how to unlock Windows Holographic for Business features](hololens1-upgrade-enterprise.md). - You can view the operating system build number in device properties in the File Explorer app and in the [Windows Device Recovery Tool (WDRT)](https://support.microsoft.com/help/12379/windows-10-mobile-device-recovery-tool-faq). -- Provisioning a HoloLens device is now easier with the new **Provision HoloLens devices** wizard in the Windows Configuration Designer tool. In the wizard, you can configure the setup experience and network connections, set developer mode, and obtain bulk Azure AD tokens. [Learn how to use the simple provisioning wizard for HoloLens](hololens-provisioning.md#wizard). +- Provisioning a HoloLens device is now easier with the new **Provision HoloLens devices** wizard in the Windows Configuration Designer tool. In the wizard, you can configure the setup experience and network connections, set developer mode, and obtain bulk Azure AD tokens. [Learn how to use the simple provisioning wizard for HoloLens](hololens-provisioning.md#provisioning-package-holoLens-wizard). ![Provisioning HoloLens devices](images/provision-hololens-devices.png) @@ -97,7 +98,7 @@ Windows 10, version 1803, is the first feature update to Windows Holographic for - Previously, after you signed in to the device with an Azure Active Directory (Azure AD) account, you then had to **Add work access** in **Settings** to get access to corporate resources. Now, you sign in with an Azure AD account and enrollment happens automatically. -- Before you sign in, you can choose the network icon below the password field to choose a different Wi-Fi network to connect to. You can also connect to a guest network, such as at a hotel, conference center, or business. +- Before you sign in, you can choose the network icon below the password field to choose a different Wi-Fi network to connect to. You can also connect to a guest network, such as at a hotel, conference center, or business. - You can now easily [share HoloLens with multiple people](hololens-multiple-users.md) using Azure AD accounts. diff --git a/devices/hololens/hololens-whats-new.md b/devices/hololens/hololens-whats-new.md index 59c777fdec..1e6c90f0a0 100644 --- a/devices/hololens/hololens-whats-new.md +++ b/devices/hololens/hololens-whats-new.md @@ -43,28 +43,26 @@ manager: dansimp | Read device hardware info through MDM so devices can be tracked by serial # | IT administrators can see and track HoloLens by device serial number in their MDM console. Refer to your MDM documentation for feature availability and instructions. | | Set HoloLens device name through MDM (rename) |  IT administrators can see and rename HoloLens devices in their MDM console. Refer to your MDM documentation for feature availability and instructions. | -### For international customers - +### For international customers Feature | Details ---- | --- +--- | --- Localized Chinese and Japanese builds | Use HoloLens with localized user interface for Simplified Chinese or Japanese, including localized Pinyin keyboard, dictation, and voice commands. Speech Synthesis (TTS) | Speech synthesis feature now supports Chinese, Japanese, and English. [Learn how to install the Chinese and Japanese versions of HoloLens.](hololens1-install-localized.md) - ## Windows 10, version 1803 for Microsoft HoloLens > **Applies to:** Hololens (1st gen) Windows 10, version 1803, is the first feature update to Windows Holographic for Business since its release in Windows 10, version 1607. This update introduces the following changes: -- Previously, you could only verify that upgrade license for Commercial Suite had been applied to your HoloLens device by checking to see if VPN was an available option on the device. Now, **Settings** > **System** will display **Windows Holographic for Business** after the upgrade license is applied. [Learn how to unlock Windows Holographic for Business features](hololens1-upgrade-enterprise.md). +- Previously, you could only verify that upgrade license for Commercial Suite had been applied to your HoloLens device by checking to see if VPN was an available option on the device. Now, **Settings** > **System** will display **Windows Holographic for Business** after the upgrade license is applied. [Learn how to unlock Windows Holographic for Business features](hololens1-upgrade-enterprise.md). - You can view the operating system build number in device properties in the File Explorer app and in the [Windows Device Recovery Tool (WDRT)](https://support.microsoft.com/help/12379/windows-10-mobile-device-recovery-tool-faq). -- Provisioning a HoloLens device is now easier with the new **Provision HoloLens devices** wizard in the Windows Configuration Designer tool. In the wizard, you can configure the setup experience and network connections, set developer mode, and obtain bulk Azure AD tokens. [Learn how to use the simple provisioning wizard for HoloLens](hololens-provisioning.md#wizard). +- Provisioning a HoloLens device is now easier with the new **Provision HoloLens devices** wizard in the Windows Configuration Designer tool. In the wizard, you can configure the setup experience and network connections, set developer mode, and obtain bulk Azure AD tokens. [Learn how to use the simple provisioning wizard for HoloLens](hololens-provisioning.md#provisioning-package-holoLens-wizard). ![Provisioning HoloLens devices](images/provision-hololens-devices.png) @@ -74,9 +72,9 @@ Windows 10, version 1803, is the first feature update to Windows Holographic for - Media Transfer Protocol (MTP) is enabled so that you can connect the HoloLens device to a PC by USB and transfer files between HoloLens and the PC. You can also use the File Explorer app to move and delete files from within HoloLens. -- Previously, after you signed in to the device with an Azure Active Directory (Azure AD) account, you then had to **Add work access** in **Settings** to get access to corporate resources. Now, you sign in with an Azure AD account and enrollment happens automatically. +- Previously, after you signed in to the device with an Azure Active Directory (Azure AD) account, you then had to **Add work access** in **Settings** to get access to corporate resources. Now, you sign in with an Azure AD account and enrollment happens automatically. -- Before you sign in, you can choose the network icon below the password field to choose a different Wi-Fi network to connect to. You can also connect to a guest network, such as at a hotel, conference center, or business. +- Before you sign in, you can choose the network icon below the password field to choose a different Wi-Fi network to connect to. You can also connect to a guest network, such as at a hotel, conference center, or business. - You can now easily [share HoloLens with multiple people](hololens-multiple-users.md) using Azure AD accounts. From 884fb018669ff237e91a0365944503624332f28d Mon Sep 17 00:00:00 2001 From: Payge Winfield Date: Mon, 10 Feb 2020 11:46:10 -0800 Subject: [PATCH 035/112] fixing warnings --- devices/hololens/hololens-release-notes.md | 2 +- devices/hololens/hololens-whats-new.md | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/devices/hololens/hololens-release-notes.md b/devices/hololens/hololens-release-notes.md index f36e58d7cc..f1bb141793 100644 --- a/devices/hololens/hololens-release-notes.md +++ b/devices/hololens/hololens-release-notes.md @@ -86,7 +86,7 @@ Windows 10, version 1803, is the first feature update to Windows Holographic for - Previously, you could only verify that upgrade license for Commercial Suite had been applied to your HoloLens device by checking to see if VPN was an available option on the device. Now, **Settings** > **System** will display **Windows Holographic for Business** after the upgrade license is applied. [Learn how to unlock Windows Holographic for Business features](hololens1-upgrade-enterprise.md). - You can view the operating system build number in device properties in the File Explorer app and in the [Windows Device Recovery Tool (WDRT)](https://support.microsoft.com/help/12379/windows-10-mobile-device-recovery-tool-faq). -- Provisioning a HoloLens device is now easier with the new **Provision HoloLens devices** wizard in the Windows Configuration Designer tool. In the wizard, you can configure the setup experience and network connections, set developer mode, and obtain bulk Azure AD tokens. [Learn how to use the simple provisioning wizard for HoloLens](hololens-provisioning.md#provisioning-package-holoLens-wizard). +- Provisioning a HoloLens device is now easier with the new **Provision HoloLens devices** wizard in the Windows Configuration Designer tool. In the wizard, you can configure the setup experience and network connections, set developer mode, and obtain bulk Azure AD tokens. [Learn how to use the simple provisioning wizard for HoloLens](hololens-provisioning.md#provisioning-package-hololens-wizard). ![Provisioning HoloLens devices](images/provision-hololens-devices.png) diff --git a/devices/hololens/hololens-whats-new.md b/devices/hololens/hololens-whats-new.md index 1e6c90f0a0..064d470afc 100644 --- a/devices/hololens/hololens-whats-new.md +++ b/devices/hololens/hololens-whats-new.md @@ -48,9 +48,9 @@ manager: dansimp Feature | Details --- | --- Localized Chinese and Japanese builds | Use HoloLens with localized user interface for Simplified Chinese or Japanese, including localized Pinyin keyboard, dictation, and voice commands. -Speech Synthesis (TTS) | Speech synthesis feature now supports Chinese, Japanese, and English. +Speech Synthesis (TTS) | Speech synthesis feature now supports Chinese, Japanese, and English. -[Learn how to install the Chinese and Japanese versions of HoloLens.](hololens1-install-localized.md) +[Learn how to install the Chinese and Japanese versions of HoloLens.](hololens1-install-localized.md) ## Windows 10, version 1803 for Microsoft HoloLens @@ -62,7 +62,7 @@ Windows 10, version 1803, is the first feature update to Windows Holographic for - You can view the operating system build number in device properties in the File Explorer app and in the [Windows Device Recovery Tool (WDRT)](https://support.microsoft.com/help/12379/windows-10-mobile-device-recovery-tool-faq). -- Provisioning a HoloLens device is now easier with the new **Provision HoloLens devices** wizard in the Windows Configuration Designer tool. In the wizard, you can configure the setup experience and network connections, set developer mode, and obtain bulk Azure AD tokens. [Learn how to use the simple provisioning wizard for HoloLens](hololens-provisioning.md#provisioning-package-holoLens-wizard). +- Provisioning a HoloLens device is now easier with the new **Provision HoloLens devices** wizard in the Windows Configuration Designer tool. In the wizard, you can configure the setup experience and network connections, set developer mode, and obtain bulk Azure AD tokens. [Learn how to use the simple provisioning wizard for HoloLens](hololens-provisioning.md#provisioning-package-hololens-wizard). ![Provisioning HoloLens devices](images/provision-hololens-devices.png) From ce9f4e29512c0e8a266327cdc3de1bf0e406ab4c Mon Sep 17 00:00:00 2001 From: Joey Caparas Date: Mon, 10 Feb 2020 12:54:48 -0800 Subject: [PATCH 036/112] new icons --- .../security/threat-protection/images/AIR.png | Bin 0 -> 2290 bytes .../security/threat-protection/images/ASR.png | Bin 0 -> 1544 bytes .../security/threat-protection/images/EDR.png | Bin 0 -> 1589 bytes .../security/threat-protection/images/MTE.png | Bin 0 -> 2120 bytes .../security/threat-protection/images/NGP.png | 0 5 files changed, 0 insertions(+), 0 deletions(-) create mode 100644 windows/security/threat-protection/images/AIR.png create mode 100644 windows/security/threat-protection/images/ASR.png create mode 100644 windows/security/threat-protection/images/EDR.png create mode 100644 windows/security/threat-protection/images/MTE.png create mode 100644 windows/security/threat-protection/images/NGP.png diff --git a/windows/security/threat-protection/images/AIR.png b/windows/security/threat-protection/images/AIR.png new file mode 100644 index 0000000000000000000000000000000000000000..985e3e44296b98bf3d0853334e2fdc847a1b9bf0 GIT binary patch literal 2290 zcmXw)3pms58^?dj%dDS6qQ=l@Ayob`?IOylw&V~Z)#T9FG8;2YIlNYA%W?kr&q9br zMHKQX^3EX^tGp`7p?5{S(wxuo|LK4IpX<7x`?@~&_j#`8zMlKJAGVvz2}QUj8~^}C zJkG%#@^+gB+XBrLi@X-dDTLvCA^>39j!lyR@^2v^D9^w#;+4F;Yg$5J3B|G)K-^gtpozj1Bi|1x`8Xeg1&02W^6Ze}XCDf1*VC`91yk2eO; zx@UL?TTfEr1W^FqaC<48VkNH2-%PHak3JA))9tAHJB&Ckp)FUk=CTV24y5i7G*)BU2E zz>MJJ+>^1ih{zw-peS=H=(-^Z9{@^13>VD*JImgEYHpy<~evr=YwXp2QlU99OwM9^;d1Wo0EU zIy&;|mERLf3HeSRnTy`Fb7z>=VcseJWUa{~6DJi1S65e4ggL)Q&IrTpn0QyckCR_i zlt<*DZV-rQe1Ol}FZ3k4;y!^Zvg`vwlZ86v>MHK-ePbSK!S_cTIH(M$$hJzR9rU(W zzq>aAY$d%Ei(Oq@#%5z!C^xk;BUutGB6&SN0jm{dS#X8&$}x~kW}~}2jfjVMreL2b ztJdFSrxT4PZHyQX(|Q-gKCX#GA~SX$jbHe#0UX;1Qg_UfJn87@2*Z9~T*aiiVHEM) zfSUK&2Ckg;lD|)3NJHu@6ad89Ttusqsnn`UTBNyqg&LkaK#Ag;VN^^+C5DBu3Wv^|0J#3oRnY4nn34jhgO>^D46Q=Y4cX8J2N2MV*q0>gtBGCNLHNkn(%K(7!P(3tVUv zis77*(hbQIG#>bUCLo7=cOwE6Vzttno0~lZE|YVATJU=&qvW?F2Gk%jIs;?8J;GoxD~hJiCycdNt)nkq z;2f3sVNFA&rKQ^1+Mw`jLo1*O3g_nLKqV!w!R?*XSy@ma32X1WAm`qU#x$3e5lJN6 z`RME}#_|mDX1gAzM8}Nr+U?eSnNwaRoYGKSUvHtxo;p(9sY)=%rd!3YG0#kk-!m81 zr@z;CR8>_$m&fs~1LqD@9z)&sT?$SRtxtdYAh`H|u->O9-)tRqT5W!H{ffSWmEvhN zZKV?-A@@!$U;G(3?|tzz3JGsjIY?F3j3tXeL;MLLitqBexM1d|22c&_l1+n(i=fx}1FBX(BWqRwgkQ>DFeTI8Yu z3Mm%+poFpz+IMiTz8RRa+#7B&EuP;!a_)MVY(U#9g~5UvFL21Z76r4LEqSA!O6kkL z@Tq07Db>*SQPEO*V;GF}BY|*5+LvH!2!^}g?wM(q*D-D$&)DHuQ;CZ=ek_&)h33w* z_$~P6pFRuo@D|@K(w|ZO*RscIzbnVL0B8->I}7@Mi!z>8sta)%kAzb+I!hv0B$L)(>ylwN+eOv6!7c(Uxx(h^fY`*nZ}3k1RcoYJ?(Pj{RDbv*=|ZU#oIE=-=t&>=5X zQyZG@-3zI9YBUk4Yj~9>`XfZO>Ro<_WE2d~ZJ-X77#bCcz16E078j+Onw*lm=x^Q8 z-Z^Wj$4hI@rjA2>%hQVsV})53K&5oKP7mg8l;h>)^^v+bH8tg{Ef5HHA7T2{{Tyrz z&9#A^6wfTUyD6});%lspEBDeNo`Z@*+O<5Q27uy}9I}DV4QD{3+FTzP9qZvI*~th^ z%jgq}t9!C=P@0aB{pxbuF0|umkx114wo`5DNW$kASx_UEM*113ve|3}SzD;tAH48n zbavS@{X!&94lp${+mUwMsm#4jAqvJK*lD!4z)De3aeaOL%({M>iw`X!@Kq2$lu(5a5SNvgW(!U}-Z?+%8 zVwsa4FncXkWs6fyJHrh*A10#;Vg?_W{`}^omv!6FC{HxW=mvno@tnguLqkL5jE3@3 za4eKV>1!U3*JFV0zPU@#rvXpuW}feP-x=(mWM>=msuVi_<>h90>3-2ro6Q@y%#&rR z?6!eN!9&!=pX7mP%?)j>=Cva@?49t;Fq{PS3E831`ti(#eK(=69l$%fI8@pBvHlBl CBq+TA literal 0 HcmV?d00001 diff --git a/windows/security/threat-protection/images/ASR.png b/windows/security/threat-protection/images/ASR.png new file mode 100644 index 0000000000000000000000000000000000000000..bf649e87ec76d53d39bfc5e9e7b17b4362600569 GIT binary patch literal 1544 zcmY+E2{7AP9LN98#GTb+|Egm|Evh!6m)1Ip#F@G)jv^6JR}+m;T}+(OII8PxQ)DSC zvY|y=rHh0*YC~34Y^b)XdMssHC97My|8!?}X5Y;3{boMj?|W~4@4fl4e7sz>)c2?Z z0HEdWhVg^4lRV&x(426zst-zPiEhD30HCo$9tr@v8iXK>?tT&rd!Yyib}MQwoIddd zVT0(7$@Ca14QOr^xj{&i4j~LViA0M{q{mVzzz#L!K8UN!xidBK0xkAT3?1O>h-@IL z{e{xVM7hf%VThOaI!Osb|lUDRf{%R4K1iRc;H2r6-U9?#e?` z08pNE$2bPWWW8mJJrB8p!qzcy{D z&&R{E=lj=f;k=9W`P_+sPYQJx4NpyEOMVNAJ*+>rGX4SGy?WFt-jA`|TWV>X5X~go zuZa$c%dTRJtWrPc)ffmCxViHt73jwey3A`IoY2ZmFaSV1IB?vI%^Hh~i)(6Xy0lVK zQrK)Zdi=XLtv6k44IFH2Y;0|D#=2d%Ct~O{8jVO4{shAZIhPu{mzp(pt@X6EeZ|6< zo0~_rfkSsYJF5_-vpEO&S%~L4<$m!OEOu+;542m5iu6cTRaKh@PvC=cNQSw5aCUZ9 zLqo%$1V-ZX;tUa>o?h4F&SxR<%PTA6V`Hp(H@NSq+r7O{mc$TqrEm7*9-2UR>K88XoQmry_ff zvmB{bxTnv~IZxi=@pzror@Kc0?MNThXaw3y#Hlw!Sz78dv%Wp3Ij|~&DP}!>Qr)3? zqLO;WD7U(%W^myhpU}kP4KJM2QzgBuk1TrAJwA}likc%{s3U@#kLMm>$&sl&;T*B4 zyY9VRK$M+QX6w>sN_ajRflhs;Z)ayWH#aBnwBT46do)}8dVb^83$OK%-Uq68VGa$} z!~8n`jYTn|vhd0i+|f?)TWfM@CS&i`U61`{k8JX?%yJ^`Y-gpL-cVJ_OP6itKa0~u zT|@5S<4peS({C$2{R7wG^f#K;&HwvH1)eVSQ2~MQqAzC%P&tDr;XX(IqKoo}kATli zb}i}%C^Xxe-oLzM)lS&3RZdg!fntSj6@rKzrX%Zfjj;Z;u3 z&q=re@ZW1QG6K9ZXO5&ANr@m+p>lyTa=d?}!bM?kqE={;R4Oei+u>g7a|sZnOAfbm zbab?}z3UoE&tFDEcPti*H?y#mmS8R~E-7iPtf-YBCBE*ieGtXhV0k-qmITLu%(1b7 zwGr)opr%A3dGBe6qGa{-*o956u9v-fWCwQTEiElgPfuU+W>i8o1_lQ9&!dsKX?N1X z_a88#V6IP0O`XE}BAl+`hE`>q+S)jF^x5nFs(V!43YW$Rct!K{O7+2@(9lARQ8lu{ zBN-ZWIu3`6I`VVC$Tgh?SJv}_{L9(X9*!V%lBcJqiE~<7+WGU=eR`uI_y|Ve=2TPf za6x9fPmHUKlt7`NP^i&%k>1SA%*T%(flNR4ypocz)ku$zKd@JO?YoTt^C?Jw z`cxc0mbjuSZRw3VsK>&M9BUd7T3K! literal 0 HcmV?d00001 diff --git a/windows/security/threat-protection/images/EDR.png b/windows/security/threat-protection/images/EDR.png new file mode 100644 index 0000000000000000000000000000000000000000..8c750dee42d30ddfec3de18c93b744645f462904 GIT binary patch literal 1589 zcmXxkdpy%?90%}cuG`8bQ=H|Vh|pGXTDc|HqOvA;C02g54Kq1(I=Pigi6+IGmxEE$ zP`Q`u- zRTue!E68?|-BqrvAYwcN;{aHJk}nuwFm+|9O7rq@Qyo`;1D(xVj6(u$5;Hi9Eyt|h0CH;(9~L=D`U8v{llpgh;j_H zt`%j-O!dF>@ze++SdgZP|Bvm8CXRGVpTUNr+03 zFb;VK`{{LX-@kK`koh8BYI*pD-wf7VKxomSS8j<|t$Z6a-P*D1ktQk!i{)R)%G!7S z1yrVi9!s;25-GM3j9!y6`F4hl*;Wd4=hiu(kcOWmmo5o#j+YBk$tj|c4Xl#uR0@v! z=^l46q1)kldfdey8bUEFvy|oQeR*qk7Tq1|+q1z;J@Xv1p#XbwcJQD1`T2)eEYmf4 zg%G32I=f8U&b9kq#~4H+*(ZLC?9L2SeLFC4YH234X}||=VRQ>({Ke(6*%m^r9QR$N zn#m8h*IS*(zwPOv^G)~ImA#mJ{yb0czWg$!nLS``kei#6Qz7*>)w+Onxii#YujxYY z^V230i4|P#8CCTBA55$ne{+QQ%lfIQDShR=j~mISl9ILyT`a1rtA&sgu;Md{ieN^3 zs>!7%3yoIj^gP0p&r1%QjZjihPS-hGBPNr{Y&|@q&WP;GUi=O{y2FvQNSt*-Qr<}u zdhg(RlsiQ>1&*=r*4t&*p^Mig4PW!Rp=1P{f$;0+mNQNerrQbrECuwm6HEgo7J~Z% zz10T%wpsUJY0nS}5v2u(83R~*uL$X98L85hdjO5dKTV4;IPNapxL6neATIYRZdJEM z&ZaYmn2ey%{$ah%%hMIejEA@~tYMSmG8x9GAJlFNMr)L?`;CAF){QY$O3Z&eF?o#Kp`|A zsMYbGb~5wtJ8m=P`T8njV~ySH%?}!_1I2ZhGGRrnq5z_Q7;c8Cs24Qy6W8!HVjHqn zDZg#>Q0N?Y;nga0g^F0$G3q4DTRj;J9kQPf`eAHd7HJYT_BG&pe<{)Pk@d^P{+nTr z5|qKH6y7)7`mGelx#Mw>?Zk~8CFOXKr1vyA^N)+4{FtM2`v!zbqfayZPUvW|+i=@D zD&le!H-*=(iKnNP_NS`@f?rO@m_#B$p-|Uss!v#L+N7Gc zvmJwUTox)5{2ItRbXTftXdG*-g-r9G9>(0QuV+==Z(d^w0t$-Zx%`1f_+E-F%O!ekR> lH~O)wS9#$ENE;=E6|e3e{8?~4Q8pccm)l;~8kfVV{{kkr({KO) literal 0 HcmV?d00001 diff --git a/windows/security/threat-protection/images/MTE.png b/windows/security/threat-protection/images/MTE.png new file mode 100644 index 0000000000000000000000000000000000000000..1d5693a399b2a145e5c2d0bc3818dbd3c6dbaa41 GIT binary patch literal 2120 zcmV-O2)Fl%P)p2ml%(0x@Df00007bVXQnL3MO!Z*l;suFOaP000bh zMObu1WpiV4X>fFDZ*Bk+2_Yi@000VfMObu0Z*X~XX=iA30IUzpIsgCw4s=CWbVG7w zVRUJ4ZXk4NZDjy8_YVmG000SeMObuGZ)S9NVRB^vU2y+80000BbVXQnL}_zlY+-3_ zWpV(wz_gD5000PdMObuKVRCM1Zf5|%8|H@q000McMObuGZ*_8GWdQa6gX;hQ00?wN zSad^gZEa<4bO83umcIZ100wkLSaeirbZlh+sP57y000LQNkl?x|6_+fY5B%JzvyEDI; z&+g1`X1=oo5#j$|!ftnZR8wdettfcN)-wPpU+1r-L?!O>bj1IM~@yoapHs^Jguqd z5Myp`?$V`8oO6%I)3h)mRw|W5B60fk>3YB}<>d7&EiEOJNknXg0RRXgfk0qpX6DM3 zD-N1#MYb^v!$_r4rfJ&EMT(-_x^*j)$=GeN71_qPdGqGd(vsKfwOf%8;`Mr`rlwR? zwOhBT>|yA-e*5-q2Mm@(Q7jgVckbMAR=t7jVdQeTVzDTS&Q}{rlCs&X{N)oLz-JRy61 zYS+QN?FN8746oPAId|KnAjq=pGRTuLZIup(!!9wb{Yz(Or<)*KWe=mTug_(BjInSy zyvrD|SgfO?gE8i~J;N~K@wm00Z=>vC_Pv2#>Sq;w0>N!Ff2WK^yuEbd-L=2>+9>5 zfj}ws`~8tfWN>gW9*^&UXVnIbO=+5@swyH%k|fLW)AK>Ls+}0SsP>qj>+9>KQmI@n zYnsM6mn2D1l#Y&$P$;xBE~qPv<>h6|_AC~Qnx;Lzk_dtziefMrj7FpJc>KVD1C4pg z8W#xoJr2jA!$FnH<9XUT=dH0})kKwR{~#QM$Xk zj~zR}T%a<>&tgJL% z@+<~H5Qc|`qtR$@Pfxfj4Dea`4UK>N@3mh{u4eN!kSWkDajMMgr{5n7{ov)$aMagk zjJdhFWHQMZYsK?qjLEWm?%cUe+PM`yov;1b|&Er}+K*_b*<&NC;`sx3#3Isw~SFK3)Ce_2RvfVN@6(f=2+QnITOH zC?e;0?QZ#6W&>n;Fe1IUU;foMqmk|Ewv-uGS67qCBmmeo+N>|}$=!11zg2@F_$eqN zNG+!$fq;)fKm-A17q!3qYpqz@ep}ra|HpVB%( znqy2)Pv>$upRc89jKjM6~ipyLLMW$m_&vf|1E&*4EY>ToDmMOw%+B z698n1v;~C{Qg2!{!eETe%*@zIO`9Tw7=}@)Q~+Rqr_=@v4k4e=?ce@|Ho{n5UM>_0 z&aMG049jvJdA=QoK9k40Jpu3b9d3k?&*x3kbaQ%MTwDZzS7UxLK%w5aZc!$_G3c-N zuo1??hY#HxeMC`w@ZbR=#=_Do1Afq4xTYLIrtf^Iqu%qny+lN3lY3Lvjg0j{e)v+z z)z{GY>v3hM{${c6xHnDHI$OK(o@=#QI-Ndq=FGQ_1PA-&xdjdC4DKdE_~~n14W8G< zK*U%q=JH;~vKMq+_jo+#$9vxXUCs$cm3<`o!ut@)E!-j zuwj1pwXToeZS`_%*X*_{vz7P$G`~_ZpF9bg2paofyywC}ZYkq_UB{^XTLtHf6AviZpoKm5n)g~^r0WgSHFMj~+jRPRgsZC^L<2@khW yVZWJLJ=p7ccf{ch?ViAJug}Tv#LqDHlKux>r6IrAf$NI^0000 Date: Mon, 10 Feb 2020 13:09:15 -0800 Subject: [PATCH 037/112] ngp icon --- .../microsoft-defender-atp/images/NGP.png | Bin 0 -> 1707 bytes ...rosoft-defender-advanced-threat-protection.md | 9 ++++----- 2 files changed, 4 insertions(+), 5 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/NGP.png b/windows/security/threat-protection/microsoft-defender-atp/images/NGP.png index e69de29bb2d1d6434b8b29ae775ad8c2e48c5391..9aca3db5177663d84279a1cc2b2d186a0a72aa8a 100644 GIT binary patch literal 1707 zcmYk+c~H|w6bJAh0Zf8~P$dFEB~j#xoFZVba)nc_1~8mrh(SVgU=pQBkQ;;wNVy?F zQ*8tTQ~?Q>6ewDt2!ud6M2jM#SnxnDq0q!mXZpwPoB6!&?##~4yi6Z27nl-K2><|? zn=1}4tq!sU0ZDhNW$`c40*!VJWC6g=-LfSIlyNnr2xhx^I)Pt;ln@Y$+nZr~zK~M@ z+x`MOlEDP3YWrQKq|BBQj?5x4DbZ{SgAVM5q7O=4N#>4>=vXG@TqGN)hWBHos`5pd zWTGsJVpC{j;OHtGD(ygJ9bZNSJBG+41EJB|viQy~ms40IDp49`0-}zFTq#3jOdvAp z6#6-!L+e$B)WH9qzrZAsf#vO#xBtZ)88jN1&IVTci)1g|A&dD@*it%1;21Alm(E4e73VUH;K;V`HoHMz_zr~@CTth6Kh$2=q=>$6=* zKsd*T5{^rO@4{IiQR#`4?nt|kD|Jr%uk>&5&ln7u^WqmD%&h^2m7k1RU;#Gl)dz0e z7Goe`Yjy)lQkK`A8nx^|s!`N-Wmzaeosem%2eKU;E>kuqF)k9rLZwTYMij$8&;2L+4}9o zA%0iquSNiHGZg^P3dfUr>|X+VtxHQEd|rEWX;7G*6!ddRt6cN2^~7yXgGoyS;nVFI z1D}q8P}GpEj*2C94c)Tr6aHKwY$Lx_vV&__A>H4o7j&IIe=UD**$D*Oi8qg55LPUf3?m4+%MrQU!kgbH z8m9GhKC(AwZ2xph6>?ky>qW+5CBhhB7h(PdCZuh!xAhn^zObRrAhN<4FF4s)VegUN zlcc8#(NWQ{ok#~PRV)F36z_K5M35+Fuw2|!zg>g0uy$xOZZ9^6oJxn81^x@cdK5wb! za_R0h0{4x~j6PhYva)W1`r%%p4cQSq@!1OBI-_}-_~Zva&-4c6LjN5oq3JFE{0D-r z`D7#yCgxgRaGs6lQNr(t&K6`tj~PyNi7TiZ49$FPVu|&5;4q`6){|ssH+EFC@2d7< zpQ`vS$*l0`(|}zoSzs@6yKRxhRNPlxb!=RZSErW#D7 ztP=OobK&0H7|-GTi=8Vy zsQc%f@Q*u~((9^wNuk%L!?)3CxQiO=Q(Qlf84J%~JsEdOm}<$F2wo zBcyj~_^m|v4)JZewN5IsTw(=d#b~~U)nmwu`IMRXY%FNxx+z!ujHg*$eeGIr`L{of zpwYhtOXSlnH3iROpxT2qx_fWD>=d0foM>KV37-Z<&HZ^s5Y1CP-_8m{m>X8_bGxIg z6ue=#TSKPWB6`Iq8@X&X} zhhh&lMYau2fth7Z_q|}MH|{T3gtW!Ju_wDq$VZY*p1!f7xz!%*NBGLqwL~12mCiuF zGEU$V@V2^dPyK52{yjak-xm!N;=B<0N4V3HJKgzk?b_Zv`D#3@T&s(pk|LBP0}9X8#?mFwB)Z3z~RQCP>zv;x-pU6y}s<5 z_fS+0ci+xx)1UXPWxbasb~nGCo&dEsgu&LsZ>!4C4y literal 0 HcmV?d00001 diff --git a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md index 34a417fdef..f2891d5f18 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md @@ -48,11 +48,10 @@ Microsoft Defender ATP uses the following combination of technology built into W
step oneset up device

Browse to and select the enterprise license file to upgrade the HoloLens edition.

You can also toggle Yes or No to hide parts of the first experience.

To set up the device without the need to connect to a Wi-Fi network, toggle Skip Wi-Fi setup to On.

Select a region and timezone in which the device will be used. 		Select enterprise licence file and configure OOBE
step two set up network

In this section, you can enter the details of the Wi-Fi wireless network that the device should connect to automatically. To do this, select On, enter the SSID, the network type (Open or WPA2-Personal), and (if WPA2-Personal) the password for the wireless network.		Enter network SSID and type
- - - - - + + + + From dabbf0001c0c874620342e2d99c7771447f16c0f Mon Sep 17 00:00:00 2001 From: Joey Caparas Date: Mon, 10 Feb 2020 13:21:55 -0800 Subject: [PATCH 038/112] ngp --- .../security/threat-protection/images/NGP.png | Bin 0 -> 1707 bytes 1 file changed, 0 insertions(+), 0 deletions(-) diff --git a/windows/security/threat-protection/images/NGP.png b/windows/security/threat-protection/images/NGP.png index e69de29bb2d1d6434b8b29ae775ad8c2e48c5391..9aca3db5177663d84279a1cc2b2d186a0a72aa8a 100644 GIT binary patch literal 1707 zcmYk+c~H|w6bJAh0Zf8~P$dFEB~j#xoFZVba)nc_1~8mrh(SVgU=pQBkQ;;wNVy?F zQ*8tTQ~?Q>6ewDt2!ud6M2jM#SnxnDq0q!mXZpwPoB6!&?##~4yi6Z27nl-K2><|? zn=1}4tq!sU0ZDhNW$`c40*!VJWC6g=-LfSIlyNnr2xhx^I)Pt;ln@Y$+nZr~zK~M@ z+x`MOlEDP3YWrQKq|BBQj?5x4DbZ{SgAVM5q7O=4N#>4>=vXG@TqGN)hWBHos`5pd zWTGsJVpC{j;OHtGD(ygJ9bZNSJBG+41EJB|viQy~ms40IDp49`0-}zFTq#3jOdvAp z6#6-!L+e$B)WH9qzrZAsf#vO#xBtZ)88jN1&IVTci)1g|A&dD@*it%1;21Alm(E4e73VUH;K;V`HoHMz_zr~@CTth6Kh$2=q=>$6=* zKsd*T5{^rO@4{IiQR#`4?nt|kD|Jr%uk>&5&ln7u^WqmD%&h^2m7k1RU;#Gl)dz0e z7Goe`Yjy)lQkK`A8nx^|s!`N-Wmzaeosem%2eKU;E>kuqF)k9rLZwTYMij$8&;2L+4}9o zA%0iquSNiHGZg^P3dfUr>|X+VtxHQEd|rEWX;7G*6!ddRt6cN2^~7yXgGoyS;nVFI z1D}q8P}GpEj*2C94c)Tr6aHKwY$Lx_vV&__A>H4o7j&IIe=UD**$D*Oi8qg55LPUf3?m4+%MrQU!kgbH z8m9GhKC(AwZ2xph6>?ky>qW+5CBhhB7h(PdCZuh!xAhn^zObRrAhN<4FF4s)VegUN zlcc8#(NWQ{ok#~PRV)F36z_K5M35+Fuw2|!zg>g0uy$xOZZ9^6oJxn81^x@cdK5wb! za_R0h0{4x~j6PhYva)W1`r%%p4cQSq@!1OBI-_}-_~Zva&-4c6LjN5oq3JFE{0D-r z`D7#yCgxgRaGs6lQNr(t&K6`tj~PyNi7TiZ49$FPVu|&5;4q`6){|ssH+EFC@2d7< zpQ`vS$*l0`(|}zoSzs@6yKRxhRNPlxb!=RZSErW#D7 ztP=OobK&0H7|-GTi=8Vy zsQc%f@Q*u~((9^wNuk%L!?)3CxQiO=Q(Qlf84J%~JsEdOm}<$F2wo zBcyj~_^m|v4)JZewN5IsTw(=d#b~~U)nmwu`IMRXY%FNxx+z!ujHg*$eeGIr`L{of zpwYhtOXSlnH3iROpxT2qx_fWD>=d0foM>KV37-Z<&HZ^s5Y1CP-_8m{m>X8_bGxIg z6ue=#TSKPWB6`Iq8@X&X} zhhh&lMYau2fth7Z_q|}MH|{T3gtW!Ju_wDq$VZY*p1!f7xz!%*NBGLqwL~12mCiuF zGEU$V@V2^dPyK52{yjak-xm!N;=B<0N4V3HJKgzk?b_Zv`D#3@T&s(pk|LBP0}9X8#?mFwB)Z3z~RQCP>zv;x-pU6y}s<5 z_fS+0ci+xx)1UXPWxbasb~nGCo&dEsgu&LsZ>!4C4y literal 0 HcmV?d00001 From a158871f50d326d6c174e965bcd0cefc50913ac6 Mon Sep 17 00:00:00 2001 From: Joey Caparas Date: Mon, 10 Feb 2020 16:41:11 -0800 Subject: [PATCH 039/112] update casing --- .../threat-protection/images/AR_icon.png | Bin 1937 -> 0 bytes .../threat-protection/images/ASR_icon.png | Bin 2483 -> 0 bytes .../threat-protection/images/EDR_icon.png | Bin 2826 -> 0 bytes .../threat-protection/images/MTE_icon.png | Bin 2609 -> 0 bytes .../threat-protection/images/NGP_icon.png | Bin 2034 -> 0 bytes .../images/{AIR.png => air-icon.png} | Bin .../images/{ASR.png => asr-icon.png} | Bin .../images/{EDR.png => edr-icon.png} | Bin .../images/{MTE.png => mte-icon.png} | Bin .../images/{NGP.png => ngp-icon.png} | Bin windows/security/threat-protection/index.md | 10 +++++----- .../microsoft-defender-atp/images/ASR_icon.png | Bin 2483 -> 0 bytes .../microsoft-defender-atp/images/EDR_icon.jpg | Bin 3278 -> 0 bytes .../microsoft-defender-atp/images/EDR_icon.png | Bin 2826 -> 0 bytes .../microsoft-defender-atp/images/MTE_icon.jpg | Bin 2209 -> 0 bytes .../microsoft-defender-atp/images/MTE_icon.png | Bin 2609 -> 0 bytes .../microsoft-defender-atp/images/NGP_icon.jpg | Bin 2897 -> 0 bytes .../microsoft-defender-atp/images/NGP_icon.png | Bin 2034 -> 0 bytes .../images/{AIR.png => air-icon.png} | Bin .../images/{ASR.png => asr-icon.png} | Bin .../images/{EDR.png => edr-icon.png} | Bin .../images/{MTE.png => mte-icon.png} | Bin .../images/{NGP.png => ngp-icon.png} | Bin ...rosoft-defender-advanced-threat-protection.md | 10 +++++----- 24 files changed, 10 insertions(+), 10 deletions(-) delete mode 100644 windows/security/threat-protection/images/AR_icon.png delete mode 100644 windows/security/threat-protection/images/ASR_icon.png delete mode 100644 windows/security/threat-protection/images/EDR_icon.png delete mode 100644 windows/security/threat-protection/images/MTE_icon.png delete mode 100644 windows/security/threat-protection/images/NGP_icon.png rename windows/security/threat-protection/images/{AIR.png => air-icon.png} (100%) rename windows/security/threat-protection/images/{ASR.png => asr-icon.png} (100%) rename windows/security/threat-protection/images/{EDR.png => edr-icon.png} (100%) rename windows/security/threat-protection/images/{MTE.png => mte-icon.png} (100%) rename windows/security/threat-protection/images/{NGP.png => ngp-icon.png} (100%) delete mode 100644 windows/security/threat-protection/microsoft-defender-atp/images/ASR_icon.png delete mode 100644 windows/security/threat-protection/microsoft-defender-atp/images/EDR_icon.jpg delete mode 100644 windows/security/threat-protection/microsoft-defender-atp/images/EDR_icon.png delete mode 100644 windows/security/threat-protection/microsoft-defender-atp/images/MTE_icon.jpg delete mode 100644 windows/security/threat-protection/microsoft-defender-atp/images/MTE_icon.png delete mode 100644 windows/security/threat-protection/microsoft-defender-atp/images/NGP_icon.jpg delete mode 100644 windows/security/threat-protection/microsoft-defender-atp/images/NGP_icon.png rename windows/security/threat-protection/microsoft-defender-atp/images/{AIR.png => air-icon.png} (100%) rename windows/security/threat-protection/microsoft-defender-atp/images/{ASR.png => asr-icon.png} (100%) rename windows/security/threat-protection/microsoft-defender-atp/images/{EDR.png => edr-icon.png} (100%) rename windows/security/threat-protection/microsoft-defender-atp/images/{MTE.png => mte-icon.png} (100%) rename windows/security/threat-protection/microsoft-defender-atp/images/{NGP.png => ngp-icon.png} (100%) diff --git a/windows/security/threat-protection/images/AR_icon.png b/windows/security/threat-protection/images/AR_icon.png deleted file mode 100644 index fa8836ea1f49f7e9518c1e5cf4af72883b071d73..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 1937 zcmZwIc{~&T9|!O`$}N6It{gQv@|EkGt8bYj<}A16%y-#xY_>Tob4!FATgQ^3NsHtd zb4^*4?~E+e<17gJChVa^)=BF6wM zI35c}q5-w_3}*pJV+G^@!$hDFC@caQ3s8{IJ|b|*J-0`qlF^7rI2Q2q0K;0KvcD7! z3*W11VG%Jf!0#IeBm^6Yy^S~WA~rD`4Fd$DcK7O1zaB?mBBH|uRWzWrr@2VL;(P2L zj*dmdMgn@&W^)B5_MiLl=m;2KZ8vlNzcqVgObjd*3s`61X#(57SMxz&qhWx@izB)M z2!c3(eUga$yROKI_lo^E-ipo}JelsIS_v^`R?b~)Cyqw9|I>XpR*GS93u&G&^dqo+ zj^t=@Pbi~0Hmpd22G5_FuP}nM@pdphX!U{*t|u*K<Y zC4J0R4KCCCKk=FJf!d-J6?50#XFxgAg#W>wJnZ4=X=QC~=PQ5nM6PgU0jr;5!dY%> ziGyY*q^2@=c2144{Z4OsjX@o3XWLFQ1;l8#QR2Fc8`Y?m=17S37OM3i2c7I@0ztmLa3&QMGGa{lnv^ zr!C*Mu7-3bfoW4T%!gFUl!x zQb||qbdnaY(1&afXh6rO_dgY4TWg?4FLlb(;~0OMY8OV7fHq%y=7~o}Mvl`6H&cL) zotHOcr#8N-qd^cmpraW$)@pI06?tsSqVLnzsh_F$UxcO28x`5&ud2c7xSu~~_4eAo zGzPhQHyVa8sRkaMN;Isms%-KIa>&DI4~Xt#zqiAiTxT|^ z`=Uij)TOTx_gCp*vyUIYWQ8zS`Re{!p_qHDuCy^sS#ND`D2_d=d3vku43YuSZe8l{ zx`xChf``sExSMOGJ?dO3P)21@aKb`m1Q8qCcJYhm>+fZ zsEQ=&ubYg_23bZ^9T|QG{!7veNlHg1i5k}F z7e!B2Z7Zj2FR{{$O_G>{9I7xurL+6igw+F-mL%@<`sR|SHyzQ#_)U319^Xf?AkFf7b4RNBl#)BoGfTB^~)*`Al<9s0P`-@`uz zkT7vl>4weu(xv=?374&CxUvS0eyLmign@e7^AT#e~bgio)L8=hm)2i>f6%=@N!GBjv1xIIMA>742{oSgO;vBaZY(%S z6Vup~HOLRC{GK|;=`ZsC$^uYYTa!0ebjF}eCexYq?S)?y*`SbPtWlJ_vuy>Idl%b* zebD&iUpd;jxw%9lv6zII*9jo|Yz}s%(uNinjXWz(h8rszj`oiXyTAhbxLg=-Dy@U; zA~nC3BE3KJj6663zB|NLf3F4?sY^dGtonar4%f>0OQ#czMtpyd4E5De7?{3`}rnZv9}TxRuBdN0HQY5 z76_g?@xn$(fVZ0ME9~(Ebj=z?0szE14&u-w9Wg~76eQcgEd}R+#{~?f(7%oH|3sEZ zvRODeAS4V>`mEQQheXIcWZ_G~hT*S~@gczgX^^Tqj|(4gSje@TVR-)lGN3}d*O*7e ze$p^s?*pp}8Bg>DK(@p|ybS0d;}qgYzTq9_3-G+Qe_%iIvpAlFC3y3!VSt9V`cxhk zI>2t;VZr!de?Xh!LOhQN{&#D!)rzvQFmsN0yg~~~l3~e5|3Nj{g8KIpLu53wir({~DTH*I$~X{c88nogN%xup zQe@BG_Y!e0!JEVJ&f4{RgSP^~$RkgYwr2X#!mfO=S3cFYy_&w!p9jsNZtr08D{<`Q zRc}9CzdYR5_;Pncf6LnKnXQ(!%jQBc_f9gQ&C&f*DRxIfaqbV)hs}>uW#^dn5?1uM z-}Jy8>3G%uPc1F-lPz4OKLa&DM^WbKk&%`Q+{@Ir_}r~B#LLiA?J?^_{bI7onS`jg zGXh;EA|g7@+;ykP8LOD$Esd-Z+7h)psV_wuyvsqJtIEU2C5eTdf1=5kXtmHHY1ZN> z$rJtvPpIy5H|EQUOy4e!?DfaiU&k5?RR?uo&oamOaeTE7evAP?s$Ej87fzF%Iss4Z zu7C&LzIL)xIR#S3w$mAXTc$b)ey*JC7XYjUVlH}fK1&3xCY;q@RbBq_!+OP)nvm4@ zw~N+h9+B17Xds3ORHqGz+|={Th|tLaz$MO*&$YB>asCjm_QIuw?!9CpwmQneifMEh z5mD4+$#OSmAu<^0w#3IJ_N3ZVFc@~s+B=KSm8g=)muTUH@Lj9X7t}4xHesfY*w1}2 zSGgZ*TrGvhtwL#DlWS)(uJ_=a&1l*K2!+qbfXxQaevpe!30_DU0jqF zrnP*4TeDNhn1VuMUVmAainVtMfi^O zYx<0KXa-B0byxJIZjINmybdo`?5VY%qRzF>oW3;5iS!+tR`lQabnJw*nLPY!FM7j- zl%GO&4{`u3fx7JEu9E?O={zm~K1yk0|}ln%V8hJ)Q{%VTo8J9cYB=`WPX zF;A^;Z>?%N*riGvNalmub*G7+N(}??b^#0*135jeIC}s0I!nLSG@6-XgCn+A4z6M& zWvio3carCq((b9uWnRKuxsTSnZZ z{`m&x%-w?Y-y!Z4#c1@fjElHRj_VKg}SCaTTD+eRwxxG?~ zTTsJXpw13@j+d16ll9a>@y+Q{ zoDUl$lUuw1GOCn z@h^9pUGyO=0vj9_XfobvQD4NDz3S|$Y<;%B3k_Bu8M*$-Nzl1{#GBvbMRn%4>@IHI zbjtwaTkh!N=7)V%1*O7t5wTxG{<>*9f4!zTP`}xv4TgQqxI`{@aPc?48O@e^r1x~f zjVx-Zw+39N} zKCoYAU&qyTGm0t&w>~(^7=IWVclwz8o1neiA~a4cp%Hb<;dm?N>=3kky(s3wpWriC zGPRMJ`m7kWGbfXRv0gB(NE>SmicTHP@R@+V8zpvr6zsZ>gq{@0@rp22ey6O7T~=Cn zvD5{Tr|dQ66tLg56?_`kb`4K_8l0Ddvbgzv7vdxHVeCrAN%armht_`=EL~ zvBZ!V-zSJoSG4^g?e&AaBh2Bo)e`9rF50~R9&Mn&MW2;R*~tO>nd1LmLg;7(MRpUH>t z4wOYrimUN`BxhnjS>&ocOii*j=|oW!XWjv{EgOn>bY)+nO8by%qnK(cyMM zOwX9}fVQ#4K!x7usGsyRgkCr?f5X<~SL2Q%x|G3wofx$IUU>#0T&4WnUn4yv449?! zI`%reg`9YmBM$T`+}l)7CKw_67j?7>R4F}nuF+_p_OHOaY!m@~vP6fgKs7W%Jn|W) zJzu^s>C-FlA*a?bQT?Q(oN2Zc>*E`tPJU>f*G1h-(7*tlvkprpoPXcenUkdI{4nW7 zv)WmIi!|QjL^aYM7`ELz+KgC$Pgh>%ygx6xyZG8~s8Rtdu!C}y_p`CgE`dY3-#u~b zdD$J3Y7ol3oVezYsHYjYuXG->bHBI6d`3}gx$|FV_rHvF=3PMK)$ek!&vx#-zX`y` L(%#~kxmWBz^|G3< diff --git a/windows/security/threat-protection/images/EDR_icon.png b/windows/security/threat-protection/images/EDR_icon.png deleted file mode 100644 index f2622cbc2bc011758fc1f687cdb004d508a6f666..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 2826 zcmZ{mc{CJUAIB$4W6;PL%Dyi#mV{7*s2L0jA;v?9VQga?Mnnk>k}XtI_H9s>Vel}@ zPPUq|uQ3XPJc)>RJnwn`e9!s)?)RL}?{n|{@1C1zWpVu!rw}Iq062w!8{cFmlGzB3 zlgt&DT~W*oPypN^2mkK_n}MSFS$14ujrx=afGmts9!k5!3a zw66z1^A`_@IRPC{to`o>hq+=s0H}bYW1Z{Y!_h%*7+0o>1vF6Wo-i@TF}8EX`l0cYg@h%>(fB=)vm$w5$HUz8-$TfSrM?HYPiHtl6N0F&=O1M<*B$*3GX}@5+RiZc`f-V&KO}X0DmziHhF=#q*B5YCX(cvaF0H5 zp>#X?t@{)Di|yvwUoSWI2PsCT=gNF6ZkFrCSmu8pjw}U#i2uJ)oJaG%S7M82;ZxK} zJ51{AJual&hRfvZveT!^V3uBW#TpYr!THxhUWL%|5TNR|zvgnnup-)8gNgGHdJuRo zpRju0imCw>Dp0HhB@;iZeF^IrYl4}>&)DYFmfn4~xH&Erjla}SY=!v~`z~lP?gOCn zf7phu%NMWQcU1_6Y3`ZhlU6@>H#TWLEK?>e*|JYG3ld76xQDML-vIB>dzVFdGUQqm zl;jK_sB2%wk-5NLxh^O|?+0PNsR)y_!Mkql%WW>hreKl3t-jJevJ=;Y-DXEb9=Pqu z*w+SV#sG)dF+it;hqhJTgw41rZM!Otk=8L8{h{;zGp`Znbe@H*h?AM69ZBvW$YWdX zRrQRYpLA^0H?tSl;c%e<3XM2@a*^aZlNFReer5Y><)RvmGB+FbE^bb?iMNu3Kk{9I z13FOAXHE$9+rc>hf#T?%1x(jn1-g|2g-H0uS$aaHgB=Ex@p@#WOB&7iWS{fdA?p(& z4!Th6c`sLLtX`|HxJYvLJ$nsaETWCdIz*)ZlNwh6!d#D-xv+IvhG_EbG5wCAe*~vX zxy0Xrz-yS3*D${=&hWBmum_{=FLfHBcxmys-pHKk5~FDFc-)jSZ|&r*pF9mftVqQoUw-E-Y7$-5|1YIk0`0tx1S#_eJxf?cY+_ zH~7MHvU`&|-ZlR2F4fA@8Rasz&H%M8JLC|k!lv2fQDH0e37T=(m%2_s6<>}WX)pI)yc%;+gxWTXIbI=wqC#$Vu z2jdB%cd@Msm3&D%S|8drJ<>Mm-@>*kmW75|_RB(U?2Yn+v|u?z9Pxwh0fWZvPaMSS zSY(p8z1eeFwPR=aT|>jVK$g8f3m?*-Ea4b%fytr;$Ux;v8*8lGW?JBE4QdpW>DZL+ z)aupbxZ?>EyQ0yTBiY}-qjc8HDtug+qb^mYWx^tXa&br0fJ*a`iuAh&4S77N13CO{ zk@cq=OH8!+ngzKU508^Ilo(zpHq|a1oMw@6X@((Jr)ng7`!e*`rGb|8z4vYE+@~_a z24cCw&zO#W={4)ILOfEuP;U@ARGN4Ce7~ioIvz(h=6&OXN<#VMe>}ucoXw`{QJ+k&gqgC6F zLGc!^cL~_o;-+Q!p?RBYBO*^))d%38b7sVj6ewxgRjF!9K|=YQ- zbfY^#?M;TqF{5X{^ez#cM(sop3Waa#HO&1>--l*2F z1UEV-QE<>hK18NB+msGT&vsxHK4H*(Cw=LZt~~Iuv(tWK2a>`twOeZMCYoQwjKM)O3k9$5K3=F zcTmO)v&dR01>Lj<@?APBfUGZla6iPz*~5TT-3#8^tIsZ6{xPb?D#&FnE}J237&BNT zCrVI?7qAyBs)!Z-+-?6hR;Bh7+Eaq_^hK+$o=4h41*+im z-U%_aD|zq;#O5Op$fmM%o5brMf02QY#Q_QOs$Q!N$WSK3fX`Y&mQe!JrC}T z?oH&dTnS%hiPqQd!;Spp;ihIiG>=316p$?J$UYVdn=0KjrT1&!6ABa|Q)X7RGEYmLUZFs?tz6Q?rb)gmj!xi`Z>2dYxZ!lHY(2p3ld*H78#=dpoMUt-uF5f>%Tu+Z0BkfT57)XMQLu{$ZC{XK|U^OX3(`0*; zp=Hy)J{{=%UEFgh??!-A^`x#tc`P)RbwdE>Gbb|Cl3ui7J~D}{=d@cfeIq;V>&jpt zEzH~$X)Vt66Zps%`#Ucd>kluV{b(k}KJ1j}W44yaa4GV|fHFj~N{~?zf20^w8Khl7 zb6N|zxf;bk-zu6+LTk0)q1IwgxH1YmZf*LNv5ov{a7sI$yy5hbS~;CajcLDpm5<8k zUyQ^%=GvHV3nf?=DT=+35U|6J@HZC7ck1b#liD^+V%N4mZ`*E%heU3dL!YLyuzNx}u9_x{d( zo5P2aGs5H+6wR`nVXA=0ca6J*x1I{~&82;dqs*f+m9`2@o^^whw}xX3!LL+s&+qHU zf1v)T>QePlZ}c={ot;R#;}EC3Mk)1H{R=)vDbR`9dM7c|_Oi2Psc5=>Ed@UINoZmJ ziw4%(F0%cv{j%@EN^_zkf4+CR9>1$|2}?y1zqw1y$SwAB(M{5QVGSkY6z|_}XN^j~ z4+942B4SrAcS)=A1g^NB`1Zq)lwK35217f#W3T(CHRIDrFXwNK7?sJrMtaR|1s?AH z=D^Pgxw(w}sDYok!<#9(e!i8g(;KpyZ(M=UxS9{v*lzy|yBf+o2D*WYl^G?{O7*|W$^Od8$>dPk@ nL320#c#M^6K?OwJCu1%BC0>iQRHm|;|XFenc+i11-R z8$dJ|0I4Ir?a)r17$*;R&@CAJ9>A%txtfP(0NTkBg#ne(4=4bX?q7;VBCe%e7$-L* zNcxB#26$lC9%By&j2{Ax1ikRQx|UP_8{Em;&J_Vj(V$PQwFv-*UgPHow7ZkLBdC>a zEec?e|BUxR+aW;*SK*}p%G5mE+>q`V(BVMp7l2V-%S@awu1HYv)(9UE>s&`&)x9n2-JRb$K3f1H4!?FF&0A2l)0vFbq zA$d-ws19D@RAC2cs7I(L-iCawCiMh1-x&_<+248cutY8vyA)Sl=GcIBtvJ{5u2Ot9 zo>%()`9Y~Ob@|7&h^nNh+0f;o=+^XXXl(EQGtmKNx3Rfe6_aZGkw#P?IM_(nmB^bl z$YDCFX}d&D+>{{_iM1BO)0;8~mbV`@UE)$0`FZNC;)9g+tIXb+2*4xKF_QGL>0{P% zQ1b5w3T$j_wM4fRBQ-Bh9&O#|WjT}5XKU;0UhIyHgX|g6&>t9uvJW3dP*OXJ9&#qz z<2Aol8CD44b%jJkBqSx1eT}tv58yK!n9qR+0&$vl27d%x2}Cle)$8)J#!)s~)0a!v z)YK5_{7j7E+8Y}itr~sfGz)Mkj2&W{BKJ9T)AmXV6$?udUpkHrsVcay<|3BJUIah3=C|3 zS~1DyGBrotAqEW#EiV^7y$G>g?S|jRF^aVo+9PDjXcOKavM(un)=ol)Nnx5+ofe7!s)Q=8gNt<6E!7V5^~ zNOQAPyoC~k#|xN~Dw6y);++h=F2C0czh9LuTHJIBzTSstc1r*U>qcaX>FVs~h%y0B z*9{H~&=~b08kAvgIbH}c^D|LJ9cUr$;>3F<42**?-9=}{! zTN^=Y0IM=!m1)92qf&%%XRV?m)jrrbx_)49Pa+jbOP|mUr%`*CGUhDJ%*-6$c`Ewr zxEODQjk`NtC?0>iVRmb0Ws?h44(nj(uPz>U2F{x!`p?F^Xm$ao^7`O28Q|i$dU!0K zT^g)JVUs5U{cRmtC{KcNEy^_ujpQZv=R$aW%V1x(kDR1fUESRN+VtHxIs>bEPHwAH zd-Zsw=jIj}5f=vCZ>05(g#>>dXaomun#-0 zi08w<{@xCW*L|~)&tB3B!KuNV3=^RpiDEQSq)rqxt4O}7Sxn#$%8!$L+~oIG@7UOq z(#t4fUNd3V}i(oiUP6<{)pgbwbFOhgR$z5c4&ZOtc8Qd1~ac+~*IE3ytnjre4%4 zb-kSQJ?SF)9glvbb9tbwny(t3aWlKm(f{z4d`mz}r(-Ib>4$xzeTlctCnD0tC1!9? zuVGe1mypCfvN$)Z%HQh4UV?XW-rqNK=MZH&x2x%?m~-1Z6MRtCG!LP*2SdpMxsp70 z{2xEdst9Um71U??T=^|gIvHj{fW|Tpm6nzQZ)j1t)bOp#O1lhY(los^Ra{-sRBuS^ zCpMWc!4uw`v6}NIh&0fBA3=Y0Kf7CM<2;*`=&6QZ5ua$IYKCj+qel;Rf|GXt7Y~Z&922yl~n7y}ma>$pwpzT`= z4pK$(e}ojnvywhfpoVXf2nE@5&2tAVzm!8bd&cB4U_VtrWWJh9>9?3zcqm5xoOj~N zGklVf`Sa1v?B}|7DR+gT@xo#>Y6>}Y2o_!ugB!ZA67#MgQ`(S32hlNBCZSXbMU$b} zpW{^&hk?zD(nP61n|y>wsejpz@T5I4Qya6e_xkceX}sJ(5i}8%bEZ7OjdmrzErb~I z2$K(%xu6l^QR23?@VeFuQCi*;7@pT)N4stLiFj9O6Dva)b-#SBvh*o+Torgr-?(ts z5b7*{+#VK%e4W^xgVr}3y3^!e*J|taGiP%OiVeDs$i}1(90D}F0`T-vJ({9ua6hwSw84gv15IcmMgSZ zur4UHvRtU1fL95Xd=|s`vIKpyyR`6ihI5gsszRLGO8NQ1fv9Ofkn-g#N_k&$GLBM< zrVv8kDj!ui_?s&CDJy)@CE=HV3nRSbxV?3k+=QRq^(hl)8G z5N*mPbjtvJUf${tEA&oP zf~gi=XUF0|#OB2L7f!o1vTRK?(-&O3TomhR>@8=1-?3JZ?5a&Z*Gq*wvgyncd=YXv zA>+|h6UVT#cOo&5b;yi)pFJk=JAH~u=%8t<=zMcHoM&DxjT0N?Wxyea1K~z~gU!%J oKui|64#9@&Kb14vlH`~Uy| diff --git a/windows/security/threat-protection/images/NGP_icon.png b/windows/security/threat-protection/images/NGP_icon.png deleted file mode 100644 index 6066f305a2bb1f4be5794ebfd3e6b2b6f0d36fb5..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 2034 zcmajgS5(u<9tZHhN-?1tr3eua2m*pqM2ezRX(AA+(o2LuAdmzJ1Sz{56p%zps8SZB zsY?}z6hovLA?hLuNQ<<1DG@0W%E|`sxo`K}`!F--_nGg^yv&?QvAx3A`A!o7|fw^jqf1lgv6l`Ks9^l z3>P}B%#5Azk5&rZQBc>D2~_RY&gl-XOUD+4(H&=RV3HZhRd|S$H5&}Lf7ZM4Qx~hxrp0d-0Xj$a-2AGul$6-9vhWj(qYg| zA~G%unEGAGe5FyPMhnGnZ| zb|uxTuWG>Oi}I^H?sT0HZ4b^9cfDe5A3zhLbElZ48Qs>YFqd;(nK)iom12lz3Ht}pbvEr-F zu#(|1!-sw-<=z6BwBl@ISGWQ)_)V`W8Nck2UXC8ld$fgbTEyJx`_dZ7+Fsvoo0c_S z7mXWnPG2BZ6rag2h{P`j0t*1_YpCLb?K^f0F8NE7JJ3h%< z!xkV0l4(^DfwM6jMI}Loh@M&|f{C;-b@XvS0%cc2e54MyFYnNXTxz0+p;VL0pv^Y^ zND&yLKV!l}qyCjr#LX$6kvED>&gKx7p-bd$bQa|_B~-(_+eOadHyms{S1FsvHtCJJ zWES>Z?!v@?uFP$y$lG^%YV<`(b(hp3&4#?;{NkvF$yHKHd{OYjRHV8<5`aw^+n$_OWRJ0=$H?i5(|pp>(ZL>8%fCz9!a5N_zF01D}iY8b9#KM|h$iY}MKA zdcT_cD`Ub*Lti7a7oJBDMiE=${gdY>UGTSNO`dGjenei}>?Ic)XrxHz^lT5dgTGet z-8gDyAQO_)w>=kROiyA3AI_=_H-`#dQ3Om*{#LI8dxa^k0 z3^{+J@j{?aJH*xcNA0_{FAV*@dvJAhp?%6wM^i8qRCPu=NJ{VA20{oyhmn(R`DHEK zepU~88QjU|D}FT1%x^SBQB^LpI>EB+uzU*m{{JeNB~gFQcB5l_b+}&}U}b*8tk%Tm Gw|@ZWrl=AC diff --git a/windows/security/threat-protection/images/AIR.png b/windows/security/threat-protection/images/air-icon.png similarity index 100% rename from windows/security/threat-protection/images/AIR.png rename to windows/security/threat-protection/images/air-icon.png diff --git a/windows/security/threat-protection/images/ASR.png b/windows/security/threat-protection/images/asr-icon.png similarity index 100% rename from windows/security/threat-protection/images/ASR.png rename to windows/security/threat-protection/images/asr-icon.png diff --git a/windows/security/threat-protection/images/EDR.png b/windows/security/threat-protection/images/edr-icon.png similarity index 100% rename from windows/security/threat-protection/images/EDR.png rename to windows/security/threat-protection/images/edr-icon.png diff --git a/windows/security/threat-protection/images/MTE.png b/windows/security/threat-protection/images/mte-icon.png similarity index 100% rename from windows/security/threat-protection/images/MTE.png rename to windows/security/threat-protection/images/mte-icon.png diff --git a/windows/security/threat-protection/images/NGP.png b/windows/security/threat-protection/images/ngp-icon.png similarity index 100% rename from windows/security/threat-protection/images/NGP.png rename to windows/security/threat-protection/images/ngp-icon.png diff --git a/windows/security/threat-protection/index.md b/windows/security/threat-protection/index.md index 6e17affb80..16ddcac988 100644 --- a/windows/security/threat-protection/index.md +++ b/windows/security/threat-protection/index.md @@ -23,11 +23,11 @@ ms.topic: conceptual

Threat & Vulnerability Management

Attack surface reduction

Next generation protection

Endpoint detection and response

Automated investigation and remediation

Secure score

Attack surface reduction

Next generation protection

Endpoint detection and response

Automated investigation and remediation

Microsoft Threat Experts
- - - - - + + + + + -

Threat & Vulnerability Management

Attack surface reduction

Next generation protection

Endpoint detection and response

Automated investigation and remediation

Microsoft Threat Experts

Attack surface reduction

Next generation protection

Endpoint detection and response

Automated investigation and remediation

Microsoft Threat Experts
diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/ASR_icon.png b/windows/security/threat-protection/microsoft-defender-atp/images/ASR_icon.png deleted file mode 100644 index dd521d492a3bae932f0402886468149589862363..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 2483 zcmZvedpHyNAIH~no7{zvTczMtpyd4E5De7?{3`}rnZv9}TxRuBdN0HQY5 z76_g?@xn$(fVZ0ME9~(Ebj=z?0szE14&u-w9Wg~76eQcgEd}R+#{~?f(7%oH|3sEZ zvRODeAS4V>`mEQQheXIcWZ_G~hT*S~@gczgX^^Tqj|(4gSje@TVR-)lGN3}d*O*7e ze$p^s?*pp}8Bg>DK(@p|ybS0d;}qgYzTq9_3-G+Qe_%iIvpAlFC3y3!VSt9V`cxhk zI>2t;VZr!de?Xh!LOhQN{&#D!)rzvQFmsN0yg~~~l3~e5|3Nj{g8KIpLu53wir({~DTH*I$~X{c88nogN%xup zQe@BG_Y!e0!JEVJ&f4{RgSP^~$RkgYwr2X#!mfO=S3cFYy_&w!p9jsNZtr08D{<`Q zRc}9CzdYR5_;Pncf6LnKnXQ(!%jQBc_f9gQ&C&f*DRxIfaqbV)hs}>uW#^dn5?1uM z-}Jy8>3G%uPc1F-lPz4OKLa&DM^WbKk&%`Q+{@Ir_}r~B#LLiA?J?^_{bI7onS`jg zGXh;EA|g7@+;ykP8LOD$Esd-Z+7h)psV_wuyvsqJtIEU2C5eTdf1=5kXtmHHY1ZN> z$rJtvPpIy5H|EQUOy4e!?DfaiU&k5?RR?uo&oamOaeTE7evAP?s$Ej87fzF%Iss4Z zu7C&LzIL)xIR#S3w$mAXTc$b)ey*JC7XYjUVlH}fK1&3xCY;q@RbBq_!+OP)nvm4@ zw~N+h9+B17Xds3ORHqGz+|={Th|tLaz$MO*&$YB>asCjm_QIuw?!9CpwmQneifMEh z5mD4+$#OSmAu<^0w#3IJ_N3ZVFc@~s+B=KSm8g=)muTUH@Lj9X7t}4xHesfY*w1}2 zSGgZ*TrGvhtwL#DlWS)(uJ_=a&1l*K2!+qbfXxQaevpe!30_DU0jqF zrnP*4TeDNhn1VuMUVmAainVtMfi^O zYx<0KXa-B0byxJIZjINmybdo`?5VY%qRzF>oW3;5iS!+tR`lQabnJw*nLPY!FM7j- zl%GO&4{`u3fx7JEu9E?O={zm~K1yk0|}ln%V8hJ)Q{%VTo8J9cYB=`WPX zF;A^;Z>?%N*riGvNalmub*G7+N(}??b^#0*135jeIC}s0I!nLSG@6-XgCn+A4z6M& zWvio3carCq((b9uWnRKuxsTSnZZ z{`m&x%-w?Y-y!Z4#c1@fjElHRj_VKg}SCaTTD+eRwxxG?~ zTTsJXpw13@j+d16ll9a>@y+Q{ zoDUl$lUuw1GOCn z@h^9pUGyO=0vj9_XfobvQD4NDz3S|$Y<;%B3k_Bu8M*$-Nzl1{#GBvbMRn%4>@IHI zbjtwaTkh!N=7)V%1*O7t5wTxG{<>*9f4!zTP`}xv4TgQqxI`{@aPc?48O@e^r1x~f zjVx-Zw+39N} zKCoYAU&qyTGm0t&w>~(^7=IWVclwz8o1neiA~a4cp%Hb<;dm?N>=3kky(s3wpWriC zGPRMJ`m7kWGbfXRv0gB(NE>SmicTHP@R@+V8zpvr6zsZ>gq{@0@rp22ey6O7T~=Cn zvD5{Tr|dQ66tLg56?_`kb`4K_8l0Ddvbgzv7vdxHVeCrAN%armht_`=EL~ zvBZ!V-zSJoSG4^g?e&AaBh2Bo)e`9rF50~R9&Mn&MW2;R*~tO>nd1LmLg;7(MRpUH>t z4wOYrimUN`BxhnjS>&ocOii*j=|oW!XWjv{EgOn>bY)+nO8by%qnK(cyMM zOwX9}fVQ#4K!x7usGsyRgkCr?f5X<~SL2Q%x|G3wofx$IUU>#0T&4WnUn4yv449?! zI`%reg`9YmBM$T`+}l)7CKw_67j?7>R4F}nuF+_p_OHOaY!m@~vP6fgKs7W%Jn|W) zJzu^s>C-FlA*a?bQT?Q(oN2Zc>*E`tPJU>f*G1h-(7*tlvkprpoPXcenUkdI{4nW7 zv)WmIi!|QjL^aYM7`ELz+KgC$Pgh>%ygx6xyZG8~s8Rtdu!C}y_p`CgE`dY3-#u~b zdD$J3Y7ol3oVezYsHYjYuXG->bHBI6d`3}gx$|FV_rHvF=3PMK)$ek!&vx#-zX`y` L(%#~kxmWBz^|G3< diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/EDR_icon.jpg b/windows/security/threat-protection/microsoft-defender-atp/images/EDR_icon.jpg deleted file mode 100644 index ed71564e87e16e1dd8ee48512b71868ea75ea062..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 3278 zcmbW3c|6oxAIHxalfjgT#O;>L$kswqU1Ba}EnIu$GLy?M!{|q z17iaK;d~klm4gsW~ zkT49u|Im2tAL_q}y8#~z4(H>CBM|)jyk+n_4e*O1#C}lI-Lc2ws(`Gw`0@L(=}0-f zk_HLO?q#(4HJ@NXp}ms(q@?8!DJUu_pU^mY>hzDAXV2*y7#bOySXtZH+FiVK+38p3 z>n^Tt?!LGE{O{Ziz=ec92n+wm!-zOid;&S~wAD?Q{RY*w^ui$*Jj?*}0Wf#u}5gzQNuU($+?vx8n`nheSYMa-pE_oGf+$y&$@9xOv$scv zWA%E*9~2Zz+FCX}eed%ki&%e2mg`4ZmCD|#F7c#fjBn%|Yi*WV`>xEyGGa+eiLld< zq3v{TfGz3%OzH6A<-@@Z02Q5XVn@-?S!|* zRJz8|dADQMOl+c)M`cI--&b&^rb;Dymg)*GSv# zF3m~xNLTM@q=(##C=;{kM2oOQtBZ^ zkw0ju_pTL1CDq1-zBcj{C+>moPh0;Ol=d(x&GN>y@@mfk=T^qxYj)TBNOLuoi ziFjXrZm+|@Wa2Od0&QmFh8wL(*^{-guUwO+T*tmBpd{aWC6`Pd^)fo$I$nF1`O45B zWnQ^0*TAwuzUWVBvtFTY0s$day5g&xCDHTDeLghP7%r% zM1Q$_4@{7@=)pA!Nuz_W3JSQB=G>o{sWwq2baLd@8U)zt!B;6Uf!+=L1b#0dms?=DGdVHa_XkGO1Knv5zDQ$hQLRu!4L=pr1KOv9;)kBFjWSF{WI!x zu5Nq|y|EkPbp0OwTn`BX=|bBgvcv_3Lq4^6Hw5Gu?^o4zBQt(##vE3Vqx{Y7mM zSj=gf?xj9(xV5Cqy#WCa9YRrs4!ZXFWqD?=?P@D|rFHboD^(kP?jiI_eTRVW{o&$* zQ)Xf**CsyR(pM?pRKX=%2IrmbiI2ZFU}oAc-?!b;&pp^nc_?d&F;0~t56J%xt@=PhU+`<{5A(INq< z*qf(J8nz^PV$m#Ynib=WsVglxLD@S8k>w;#emZDRZBGwz$dQ`C2(OLj-VGi(=syy) zxFG69WsAlTG{&aNw8>)lY1d=PGziFFV6Em8Xp+0SYDU_4u17k7Ct?#1=05lqTCkt? zcSfCneKl1M+%KZ~a>ICBEJvyHO3Q>(|3zAQa1-9LMg^ZdfE~kOUi(eOPLF#*z&>3Q z<4%i?Cl@UBvrh(D9X5wkEcqTs*~Bl~#E%AR?Kap+C{K#BjI4H_T{pi@FzSi)jw?0$ z;D6(`p|#vBR?yI8d0da%)62Cl_;NZrS}ja{zlr9WR?2qY5UI;~ z&OyZ^)MbUDj0-GHw$)tlzdp}10$-{3FSXCJgj0Y=rp1ifwBmu!3`35{)>Iu$u_gPa zgbM^5Cpg?j2n-VFEpM-H>{xn~L7ktlIc$E`{37j`-|U0tbQN>iN6%vN#c|3q))w<+ z27xqfY4PIjiF65xz}i9259NdG(u^`(JcFZ*zvMf1{q$sT_+gDgd3w<#_Wicz9fEP{l*7Hd{S0#x zRRV+S!YQB?%+w6%RG+)pD+}_U0Zpg?*%|-m17$fGa1Y#+kIAqnt0EJNs9{ zfkdeW2;^p7S=9+#S%1^4H$V=3VnrtR;X-;Ta+UOJ`=du&we0A}7y8}8o3*qvEx1+; z?)u0ON9SsM8E!-4`ReoPfX4PM>K*6NsBA%7{@q@>JU5iyGG!XRUCb2w?Eq;sI^51t z!LO=nr)N$G>4$x8-W)YJO&b+@%h9_kY=F%nIHRO*&kopB8)gMfLZFq-A?HxWA$MldyZnRH#C)UYsDcp=nc0Wi!gq<-&L7 z{tzgXbbf^~$}tm{$+I+3d)!8}uPgHZ<;5ete>utT#~0CBxzmWpG;QVRvd;IAre(%D zw>8Y*#2Qs@*8PZeuYjjFzkjy9iG4SmNAz1;>kBy2DJ(^{Xm<489>PwYH-JD*_2vv` zxJ6?O8^Rj!6@KJQUbVp-R!Wn>?foK=rOk@T)!faTxyE?X=h%sSdYVb9z`UbbF#A}p zjO8aMlyriuY|!NqRD}+f&sz7L3#{AvkMv}O@&P~r0RT>eT|i>>Rym#N>5so=ta3!G Ue^-|3-#OA>Z}@laC<68W6M9K0hyVZp diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/EDR_icon.png b/windows/security/threat-protection/microsoft-defender-atp/images/EDR_icon.png deleted file mode 100644 index f2622cbc2bc011758fc1f687cdb004d508a6f666..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 2826 zcmZ{mc{CJUAIB$4W6;PL%Dyi#mV{7*s2L0jA;v?9VQga?Mnnk>k}XtI_H9s>Vel}@ zPPUq|uQ3XPJc)>RJnwn`e9!s)?)RL}?{n|{@1C1zWpVu!rw}Iq062w!8{cFmlGzB3 zlgt&DT~W*oPypN^2mkK_n}MSFS$14ujrx=afGmts9!k5!3a zw66z1^A`_@IRPC{to`o>hq+=s0H}bYW1Z{Y!_h%*7+0o>1vF6Wo-i@TF}8EX`l0cYg@h%>(fB=)vm$w5$HUz8-$TfSrM?HYPiHtl6N0F&=O1M<*B$*3GX}@5+RiZc`f-V&KO}X0DmziHhF=#q*B5YCX(cvaF0H5 zp>#X?t@{)Di|yvwUoSWI2PsCT=gNF6ZkFrCSmu8pjw}U#i2uJ)oJaG%S7M82;ZxK} zJ51{AJual&hRfvZveT!^V3uBW#TpYr!THxhUWL%|5TNR|zvgnnup-)8gNgGHdJuRo zpRju0imCw>Dp0HhB@;iZeF^IrYl4}>&)DYFmfn4~xH&Erjla}SY=!v~`z~lP?gOCn zf7phu%NMWQcU1_6Y3`ZhlU6@>H#TWLEK?>e*|JYG3ld76xQDML-vIB>dzVFdGUQqm zl;jK_sB2%wk-5NLxh^O|?+0PNsR)y_!Mkql%WW>hreKl3t-jJevJ=;Y-DXEb9=Pqu z*w+SV#sG)dF+it;hqhJTgw41rZM!Otk=8L8{h{;zGp`Znbe@H*h?AM69ZBvW$YWdX zRrQRYpLA^0H?tSl;c%e<3XM2@a*^aZlNFReer5Y><)RvmGB+FbE^bb?iMNu3Kk{9I z13FOAXHE$9+rc>hf#T?%1x(jn1-g|2g-H0uS$aaHgB=Ex@p@#WOB&7iWS{fdA?p(& z4!Th6c`sLLtX`|HxJYvLJ$nsaETWCdIz*)ZlNwh6!d#D-xv+IvhG_EbG5wCAe*~vX zxy0Xrz-yS3*D${=&hWBmum_{=FLfHBcxmys-pHKk5~FDFc-)jSZ|&r*pF9mftVqQoUw-E-Y7$-5|1YIk0`0tx1S#_eJxf?cY+_ zH~7MHvU`&|-ZlR2F4fA@8Rasz&H%M8JLC|k!lv2fQDH0e37T=(m%2_s6<>}WX)pI)yc%;+gxWTXIbI=wqC#$Vu z2jdB%cd@Msm3&D%S|8drJ<>Mm-@>*kmW75|_RB(U?2Yn+v|u?z9Pxwh0fWZvPaMSS zSY(p8z1eeFwPR=aT|>jVK$g8f3m?*-Ea4b%fytr;$Ux;v8*8lGW?JBE4QdpW>DZL+ z)aupbxZ?>EyQ0yTBiY}-qjc8HDtug+qb^mYWx^tXa&br0fJ*a`iuAh&4S77N13CO{ zk@cq=OH8!+ngzKU508^Ilo(zpHq|a1oMw@6X@((Jr)ng7`!e*`rGb|8z4vYE+@~_a z24cCw&zO#W={4)ILOfEuP;U@ARGN4Ce7~ioIvz(h=6&OXN<#VMe>}ucoXw`{QJ+k&gqgC6F zLGc!^cL~_o;-+Q!p?RBYBO*^))d%38b7sVj6ewxgRjF!9K|=YQ- zbfY^#?M;TqF{5X{^ez#cM(sop3Waa#HO&1>--l*2F z1UEV-QE<>hK18NB+msGT&vsxHK4H*(Cw=LZt~~Iuv(tWK2a>`twOeZMCYoQwjKM)O3k9$5K3=F zcTmO)v&dR01>Lj<@?APBfUGZla6iPz*~5TT-3#8^tIsZ6{xPb?D#&FnE}J237&BNT zCrVI?7qAyBs)!Z-+-?6hR;Bh7+Eaq_^hK+$o=4h41*+im z-U%_aD|zq;#O5Op$fmM%o5brMf02QY#Q_QOs$Q!N$WSK3fX`Y&mQe!JrC}T z?oH&dTnS%hiPqQd!;Spp;ihIiG>=316p$?J$UYVdn=0KjrT1&!6ABa|Q)X7RGEYmLUZFs?tz6Q?rb)gmj!xi`Z>2dYxZ!lHY(2p3ld*H78#=dpoMUt-uF5f>%Tu+Z0BkfT57)XMQLu{$ZC{XK|U^OX3(`0*; zp=Hy)J{{=%UEFgh??!-A^`x#tc`P)RbwdE>Gbb|Cl3ui7J~D}{=d@cfeIq;V>&jpt zEzH~$X)Vt66Zps%`#Ucd>kluV{b(k}KJ1j}W44yaa4GV|fHFj~N{~?zf20^w8Khl7 zb6N|zxf;bk-zu6+LTk0)q1IwgxH1YmZf*LNv5ov{a7sI$yy5hbS~;CajcLDpm5<8k zUyQ^%=GvHV3nf?=DT=+35U|6J@HZC7ck1b#liD^+V%N4mZ`*E%heU3dL!YLyuzNx}u9_x{d( zo5P2aGs5H+6wR`nVXA=0ca6J*x1I{~&82;dqs*f+m9`2@o^^whw}xX3!LL+s&+qHU zf1v)T>QePlZ}c={ot;R#;}EC3Mk)1H{R=)vDbR`9dM7c|_Oi2Psc5=>Ed@UINoZmJ ziw4%(F0%cv{j%@EN^_zkf4+CR9>1$|2}?y1zqw1y$SwAB(M{5QVGSkY6z|_}XN^j~ z4+942B4SrAcS)=A1g^NB`1Zq)lwK35217f#W3T(CHRIDrFXwNK7?sJrMtaR|1s?AH z=D^Pgxw(w}sDYok!<#9(e!i8g(;KpyZ(M=UxS9{v*lzy|yBf+o2D*WYl^G?{O7*|W$^Od8$>dPk@ nL3%;wIx)8aa*{W zOX60xp&HbE$7D^pWGVY@tTXeD>f^ol{p;<0&gY!-IiKg8=X{^%Jm(R13VXo@3lnn_ z0EyZ;Q3FB&ARRR}Jfd{U)y4g?x0kn@hpV5G`DK@#N_Lt%cWVOSdk_VXNF)Y{!J*MO z92SekN#aBz`5giwF&J^Q_?iJpocMPg{d$Y=1(Xi}goM5b_$H7Tj6kB$7_7Ji1mLea z(fC#S7v%;Z2Enix0!AVc2$7kqA{{^wkVIuoLzL9<^XM%;(tEC@;7)DZ zd%>5672mi?cC(y{Dp^fkLrZ(#ejVKdMn{ZIOwG(KPM)&0vv)Y{=yK8ZA8zg*o__uT zfz+TY!I4qdqhoHw#-*mEXWY!Zm6e^(DEQ^x{Ra;VOCOg#DX;kb>9e}}7cXD28ycJ5 zwzRgjcXYn%`qShQAESz z=<_~OTlQSTNFPqgD`8=`?maOjbHSG@zHyt@N0sR{>Mzj$8#C?yf?j7{M;6us0tUDP zFBlTh6CjuX3A+FehC~aP04QK(XM{LV1G!?~JE1D$iJ87K_NnHz($Jd^i}z%6ywqIT zzJd69TKH}?G1*Fof8RhUhz`wl0=O=QO1WJK#TB2Z>E1?CBK?X=5y*{C# zz8%JoRQEN6Qwc0Kb&|dij1O%_?-y-yZeh}GZkf@k47}~cp(@sxJKUP`B2K~DHbQAR zvLP4!-=AZT!UN7XjZp%1-+z*-mr9t@wb~H14Tb(r}i(bpYh#I zmT;%kLd@p|9>o#ViQ=;TU02mW5$>wP{G37~kHo)R28~RcC>tk+jR3|FN)4J@_uz{^ zkmSoUs@a7MBlU598`W zt<&ST;n(HLv!qJ)Bxy>qKKWI|uI9hT2Qv8KPez~GxOo!vsX>Rl2rVa>^JEqI58$j! z=c@G2VXUECXf>AaE~Yd8ypuyLVL!spq9U{y(=VUU<!|rUk9)^s7UqmQx>kSFNUR>iD6eXhtpL#D~~ zYd5avGU(j6kvV&_Xn;AAoc_|ybAPm?lMv{oRWu!-=cGh#`SO7bj4zi)9n+^pku&CDme+gy4Z9rP$#Jsl z%*~#w^pv6BI0|)>*V~WiZq|L9+Cgs_97g2f3&1lKB{D5ZViPqMBJ^Gh;85e&or$|#rfA6}mmQ0-jY>C{P z5$t;&d0Qaoj(6nzK>su|lSAq5U0xAAYr)aw+af%N?BOxGAQK)QS)JqKzWuV9OT&M> znXw3ujU`z}gu!AF8eiTybg;-#UcNEcyEi3bSt^5aL#bnQ(J}6cT!6g;v${Pzk;5)I zbw|8So${FMZP^`$3JAD;O+*>e!IIQ|(-C~_qs&I+!uC3oRT`5&?<{|})k5pRj)_lv zV(H3+pnq&e!zQ~pELLro-4eaqb%AcwQBU{%_W90**J-;A3Bdw47ZwnTD5gSCod`%% ziKmw-{5f|Z1W}$Gt`JNz3>1x~O=}&ZJiB}!YZ+`Geoeen0B=6%7ftGB4M|=Nvq?DB z)28uU{UECR8Tkf}ACcfq3 zQkz(|rcYnl>6+cC;6JnETmn{%@AIGN#5cq(I%e6glDliIvuSyxR; zu9x$740ZD{a5NFDCcfU^qKD@hFq<@kV&aQ6-g5Pc<1(du=Nz|Douda>+(gV=TlGvx z4fo16f9*QzU+WHJfH629*`T+<{r$O_Lm|@(b&YT}BVTpUtE{}9h7Y_!MW>#mQDXGb z?+2F(OY`CbFPU)|GnwAbm5ZVE>ePU#OICx(XS2!S+6!l=ySLUabPaMk$MW6Mf7oZj zCF!Uh4mx)5Gu<$IIlD8?!9B#W)I$G2#n3bQ4pY26f#Pbh<2BQmWZ%48R4YJMOeM(Y z5dUmIXYJG>jhWs(9N9zbHdFXSLyI`XZq4Uqg*9u?> diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/MTE_icon.png b/windows/security/threat-protection/microsoft-defender-atp/images/MTE_icon.png deleted file mode 100644 index d5b9b4808649a7213ba8e2d3f17d93d18f4b8f7a..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 2609 zcmZvecR1Wx7srPTGoweu3WC`v(R&R-bcv`DEn+Z?&KPwNqr_T0jNUdvj1n~xHM-Ta z`Wn4PCVKR?Kl?uK^ZxVxaqoGa&-vbS&u!20#c#M^6K?OwJCu1%BC0>iQRHm|;|XFenc+i11-R z8$dJ|0I4Ir?a)r17$*;R&@CAJ9>A%txtfP(0NTkBg#ne(4=4bX?q7;VBCe%e7$-L* zNcxB#26$lC9%By&j2{Ax1ikRQx|UP_8{Em;&J_Vj(V$PQwFv-*UgPHow7ZkLBdC>a zEec?e|BUxR+aW;*SK*}p%G5mE+>q`V(BVMp7l2V-%S@awu1HYv)(9UE>s&`&)x9n2-JRb$K3f1H4!?FF&0A2l)0vFbq zA$d-ws19D@RAC2cs7I(L-iCawCiMh1-x&_<+248cutY8vyA)Sl=GcIBtvJ{5u2Ot9 zo>%()`9Y~Ob@|7&h^nNh+0f;o=+^XXXl(EQGtmKNx3Rfe6_aZGkw#P?IM_(nmB^bl z$YDCFX}d&D+>{{_iM1BO)0;8~mbV`@UE)$0`FZNC;)9g+tIXb+2*4xKF_QGL>0{P% zQ1b5w3T$j_wM4fRBQ-Bh9&O#|WjT}5XKU;0UhIyHgX|g6&>t9uvJW3dP*OXJ9&#qz z<2Aol8CD44b%jJkBqSx1eT}tv58yK!n9qR+0&$vl27d%x2}Cle)$8)J#!)s~)0a!v z)YK5_{7j7E+8Y}itr~sfGz)Mkj2&W{BKJ9T)AmXV6$?udUpkHrsVcay<|3BJUIah3=C|3 zS~1DyGBrotAqEW#EiV^7y$G>g?S|jRF^aVo+9PDjXcOKavM(un)=ol)Nnx5+ofe7!s)Q=8gNt<6E!7V5^~ zNOQAPyoC~k#|xN~Dw6y);++h=F2C0czh9LuTHJIBzTSstc1r*U>qcaX>FVs~h%y0B z*9{H~&=~b08kAvgIbH}c^D|LJ9cUr$;>3F<42**?-9=}{! zTN^=Y0IM=!m1)92qf&%%XRV?m)jrrbx_)49Pa+jbOP|mUr%`*CGUhDJ%*-6$c`Ewr zxEODQjk`NtC?0>iVRmb0Ws?h44(nj(uPz>U2F{x!`p?F^Xm$ao^7`O28Q|i$dU!0K zT^g)JVUs5U{cRmtC{KcNEy^_ujpQZv=R$aW%V1x(kDR1fUESRN+VtHxIs>bEPHwAH zd-Zsw=jIj}5f=vCZ>05(g#>>dXaomun#-0 zi08w<{@xCW*L|~)&tB3B!KuNV3=^RpiDEQSq)rqxt4O}7Sxn#$%8!$L+~oIG@7UOq z(#t4fUNd3V}i(oiUP6<{)pgbwbFOhgR$z5c4&ZOtc8Qd1~ac+~*IE3ytnjre4%4 zb-kSQJ?SF)9glvbb9tbwny(t3aWlKm(f{z4d`mz}r(-Ib>4$xzeTlctCnD0tC1!9? zuVGe1mypCfvN$)Z%HQh4UV?XW-rqNK=MZH&x2x%?m~-1Z6MRtCG!LP*2SdpMxsp70 z{2xEdst9Um71U??T=^|gIvHj{fW|Tpm6nzQZ)j1t)bOp#O1lhY(los^Ra{-sRBuS^ zCpMWc!4uw`v6}NIh&0fBA3=Y0Kf7CM<2;*`=&6QZ5ua$IYKCj+qel;Rf|GXt7Y~Z&922yl~n7y}ma>$pwpzT`= z4pK$(e}ojnvywhfpoVXf2nE@5&2tAVzm!8bd&cB4U_VtrWWJh9>9?3zcqm5xoOj~N zGklVf`Sa1v?B}|7DR+gT@xo#>Y6>}Y2o_!ugB!ZA67#MgQ`(S32hlNBCZSXbMU$b} zpW{^&hk?zD(nP61n|y>wsejpz@T5I4Qya6e_xkceX}sJ(5i}8%bEZ7OjdmrzErb~I z2$K(%xu6l^QR23?@VeFuQCi*;7@pT)N4stLiFj9O6Dva)b-#SBvh*o+Torgr-?(ts z5b7*{+#VK%e4W^xgVr}3y3^!e*J|taGiP%OiVeDs$i}1(90D}F0`T-vJ({9ua6hwSw84gv15IcmMgSZ zur4UHvRtU1fL95Xd=|s`vIKpyyR`6ihI5gsszRLGO8NQ1fv9Ofkn-g#N_k&$GLBM< zrVv8kDj!ui_?s&CDJy)@CE=HV3nRSbxV?3k+=QRq^(hl)8G z5N*mPbjtvJUf${tEA&oP zf~gi=XUF0|#OB2L7f!o1vTRK?(-&O3TomhR>@8=1-?3JZ?5a&Z*Gq*wvgyncd=YXv zA>+|h6UVT#cOo&5b;yi)pFJk=JAH~u=%8t<=zMcHoM&DxjT0N?Wxyea1K~z~gU!%J oKui|64#9@&Kb14vlH`~Uy| diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/NGP_icon.jpg b/windows/security/threat-protection/microsoft-defender-atp/images/NGP_icon.jpg deleted file mode 100644 index d089da249321b0833f313fabab4317c62a8da63a..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 2897 zcmbVNcU05K7M>776Gfzns8Ina3M>)?mL@1<15ykn76d`vh?KA(AT?5?2rLg!P>O{j z(xpff5=8?7ibQ&c1q1?w7D@==_oBOR-@fzydHe31nS17ZGxvVqnYlAiFEk2vn;2t^ z0gThGa2kNN0rISo!I?wW*RS4iC%6*u&ey#TVcf4OAF@?d{y`N$10WnA5C}d5pCB)< zpddd#zu-Rxe+|PeEb4C zU;zF*#um%BVSchVl!DOYD{0Cwo**UO^G1eo{kI>&Me)jEvDgVN9&7ZESJpFI>EO?fTF7 z8_qYqZh8Co-uCkk3%?r?85MmmG3ow;@hgU>-dYvkrN?&qJ|02O5gHJt6>+#oII%l;xec)*`;r+zmxvoIEVgUr2pjn zCuQgj5at6m01Jn4*bBqp!Z4^G2*P2U30xTH1D5g~0U!^aa{af1t66my-m+d%nfi6e z!fXykSjR1>u34Jh!al?8X5MJP2AdLaWz6(dmoM*%Z+65=q`hK`FHB%-mTXh-`$Y!r zWK@Uc9>Fm++|hTn5O0{|3e;(j`Xm){ z^&_YfcdHy{M_qq==%QWEMq0&j9u=-*(ZBfwdb00kDPDxTKPq$8UlV1lyT|_ zZ4EI7>cmCSBE|X6AktoTD{jSSSP0nqGKM%+|=zOW* z1LfhiOj5i-yH81WxU`9)=x912-Hc1&6Eew6YjXk$Yh(<0W7T4K+NVYKE zK_i)1H%^{i*dDRoJo}kF0Ed7*d94KvAA^9{O+Cq!k1y|MCM8FcZaiU6=-?~IA`U#n zy^3l$M`=o~unLl?NMsPRYU%M3LNP^QDe97_TFR^hjckMOd)$+~<@U;ZN8SKN1OonC z2ZD3#vQ*k7N)n3_%(Ta7M#UX<4#P6PcgQo z4X3e(-Ww+xlab#xqIx+?AbWX`A*q9laZq|c_H@?fo@HEdXXd)Il1fnjbbz(m@smey z#wqCe**7aWg1 zz%~0eI|#EpcIsfrV%4_sC4Clw6Q~0hnMSO!fk2f$V?v0a0D+(!2yl>@nkQFqlTEb4 zrx3vLc8*}G?((i8yeIGYj(c+r+D`JME@#f78{?FMu~}tCK5<5H!;|c&kK~jbyjM?# z_(9^`$m#@Vn7pR&4a7SYc zbx#WlZ-iN=#bAGpL-pj#=E#gIrIs`BZTsSSLT%ak*NB>ilZiEX23`9wj z5NJ95Z&eJT$mX$6#`6m(DTR6au9J01+PeeWxa2iNb{Uq+2^jP6bKhH1lZeeS!#3K4 zcMf$rC2shWJ%#cs*#QTK?OuA{{IOcmDlD}8ej4lYo~hL7g(~x@m$+6WRuovmP9e3o zoEEdthkD#n*4@Rm@9+*0Y7>z^?=>XW@%Z-)U8}C>>7?n}4C-{#^_3iQSjZh2j{7e* zT3ysuVCvo{`Kw&=)j3G|xY7Q%%U~km%t|d~?{WHD8?;QRCJ0FMP`q@`9P5L*Olo#V zrKiT)4EUJ74nSVtka%~xVbjj1n73bsJvTuNB1dZOKQgBG^zkawTwiRpW%&gOL4WI~ zOxExTF1pjeHV=0u$FVws3AxP|4#fGP^S?{oefc6KKxCjT^QUZVap4I*T>}W{c#C@OpHW$5iq>6HD~cI-;RJ41czL93Msr z&PW*_kBdBBm`@3yF0dyjC)>B0kav=K?5M9ZM`~F_Zzgk9XS@F0d)=_#&|4vax}3)n z4S_QkdRnhPS7sk6rlXwfmD zu+XFXDe05F$Z=^YwDnZY_^8*}W*d@(Ap3Kb>{?w)O7PV1q@PQctL@syYO{v=TL!-qpGqJ7qjuNC2wCMLHAVv}lJjAN(xI%9Ir z$%z+s^fId&i2}-~vYu2;ml)T?_SNLW%}nA{Cah__$zw2;HMol)P?>YDLar>Cno_b{ zweIg4D6TD^A=T9|>@n0dkM3ZmjL+8iHrA@sOP}BN|I#9nN+{iJE%cg|rbCy5otl!3 zDtxIvGd6oQ-zG6OsCc1-jB|&8w4JxWgXvM{b20bplbhY>*paG_^K~MN4I}R;1ofR& z8c(^h3N4?k8Nj{PhSA6d9xr=iZS}{Bj2HHzwGcqn2dK!d=mzex5md_WuAnit&u{t$ z6DIuY1F4K>oLBVwHTdq}He&pWK&}`_()_kC`q8<*<x3A`A!o7|fw^jqf1lgv6l`Ks9^l z3>P}B%#5Azk5&rZQBc>D2~_RY&gl-XOUD+4(H&=RV3HZhRd|S$H5&}Lf7ZM4Qx~hxrp0d-0Xj$a-2AGul$6-9vhWj(qYg| zA~G%unEGAGe5FyPMhnGnZ| zb|uxTuWG>Oi}I^H?sT0HZ4b^9cfDe5A3zhLbElZ48Qs>YFqd;(nK)iom12lz3Ht}pbvEr-F zu#(|1!-sw-<=z6BwBl@ISGWQ)_)V`W8Nck2UXC8ld$fgbTEyJx`_dZ7+Fsvoo0c_S z7mXWnPG2BZ6rag2h{P`j0t*1_YpCLb?K^f0F8NE7JJ3h%< z!xkV0l4(^DfwM6jMI}Loh@M&|f{C;-b@XvS0%cc2e54MyFYnNXTxz0+p;VL0pv^Y^ zND&yLKV!l}qyCjr#LX$6kvED>&gKx7p-bd$bQa|_B~-(_+eOadHyms{S1FsvHtCJJ zWES>Z?!v@?uFP$y$lG^%YV<`(b(hp3&4#?;{NkvF$yHKHd{OYjRHV8<5`aw^+n$_OWRJ0=$H?i5(|pp>(ZL>8%fCz9!a5N_zF01D}iY8b9#KM|h$iY}MKA zdcT_cD`Ub*Lti7a7oJBDMiE=${gdY>UGTSNO`dGjenei}>?Ic)XrxHz^lT5dgTGet z-8gDyAQO_)w>=kROiyA3AI_=_H-`#dQ3Om*{#LI8dxa^k0 z3^{+J@j{?aJH*xcNA0_{FAV*@dvJAhp?%6wM^i8qRCPu=NJ{VA20{oyhmn(R`DHEK zepU~88QjU|D}FT1%x^SBQB^LpI>EB+uzU*m{{JeNB~gFQcB5l_b+}&}U}b*8tk%Tm Gw|@ZWrl=AC diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/AIR.png b/windows/security/threat-protection/microsoft-defender-atp/images/air-icon.png similarity index 100% rename from windows/security/threat-protection/microsoft-defender-atp/images/AIR.png rename to windows/security/threat-protection/microsoft-defender-atp/images/air-icon.png diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/ASR.png b/windows/security/threat-protection/microsoft-defender-atp/images/asr-icon.png similarity index 100% rename from windows/security/threat-protection/microsoft-defender-atp/images/ASR.png rename to windows/security/threat-protection/microsoft-defender-atp/images/asr-icon.png diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/EDR.png b/windows/security/threat-protection/microsoft-defender-atp/images/edr-icon.png similarity index 100% rename from windows/security/threat-protection/microsoft-defender-atp/images/EDR.png rename to windows/security/threat-protection/microsoft-defender-atp/images/edr-icon.png diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/MTE.png b/windows/security/threat-protection/microsoft-defender-atp/images/mte-icon.png similarity index 100% rename from windows/security/threat-protection/microsoft-defender-atp/images/MTE.png rename to windows/security/threat-protection/microsoft-defender-atp/images/mte-icon.png diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/NGP.png b/windows/security/threat-protection/microsoft-defender-atp/images/ngp-icon.png similarity index 100% rename from windows/security/threat-protection/microsoft-defender-atp/images/NGP.png rename to windows/security/threat-protection/microsoft-defender-atp/images/ngp-icon.png diff --git a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md index f2891d5f18..84492e0423 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md @@ -48,11 +48,11 @@ Microsoft Defender ATP uses the following combination of technology built into W - - - - - + + + + + -

Threat & Vulnerability Management

Attack surface reduction

Next generation protection

Endpoint detection and response

Automated investigation and remediation

Microsoft Threat Experts

Attack surface reduction

Next generation protection

Endpoint detection and response

Automated investigation and remediation

Microsoft Threat Experts
From 379323220866d8285963519e076f4aa8cb074be7 Mon Sep 17 00:00:00 2001 From: MaratMussabekov <48041687+MaratMussabekov@users.noreply.github.com> Date: Tue, 11 Feb 2020 12:41:22 +0500 Subject: [PATCH 040/112] Update mdop/mbam-v25/apply-hotfix-for-mbam-25-sp1.md Co-Authored-By: Trond B. Krokli <38162891+illfated@users.noreply.github.com> --- mdop/mbam-v25/apply-hotfix-for-mbam-25-sp1.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mdop/mbam-v25/apply-hotfix-for-mbam-25-sp1.md b/mdop/mbam-v25/apply-hotfix-for-mbam-25-sp1.md index 6cea5686e6..cd77d39b06 100644 --- a/mdop/mbam-v25/apply-hotfix-for-mbam-25-sp1.md +++ b/mdop/mbam-v25/apply-hotfix-for-mbam-25-sp1.md @@ -22,7 +22,7 @@ This topic describes the process for applying the hotfixes for Microsoft BitLock [Desktop Optimization Pack](https://www.microsoft.com/download/details.aspx?id=57157) > [!NOTE] -> For more information about the hotfix releases, see [MBAM version chart](https://docs.microsoft.com/archive/blogs/dubaisec/mbam-version-chart). +> For more information about the hotfix releases, see the [MBAM version chart](https://docs.microsoft.com/archive/blogs/dubaisec/mbam-version-chart). #### Steps to update the MBAM Server for existing MBAM environment 1. Remove MBAM server feature (do this by opening the MBAM Server Configuration Tool, then selecting Remove Features). From f4be2a3c0a467cd90bc7535ce50aa649c83a2b39 Mon Sep 17 00:00:00 2001 From: Nikita Potapenko Date: Tue, 11 Feb 2020 10:02:05 +0200 Subject: [PATCH 041/112] Fix typo --- .../windows-defender-application-guard/faq-wd-app-guard.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/windows-defender-application-guard/faq-wd-app-guard.md b/windows/security/threat-protection/windows-defender-application-guard/faq-wd-app-guard.md index 0684b674b2..1e8839b354 100644 --- a/windows/security/threat-protection/windows-defender-application-guard/faq-wd-app-guard.md +++ b/windows/security/threat-protection/windows-defender-application-guard/faq-wd-app-guard.md @@ -83,7 +83,7 @@ To trust a subdomain, you must precede your domain with two dots, for example: ` ### Are there differences between using Application Guard on Windows Pro vs Windows Enterprise? -When using Windows Pro and Windows Enterprise, you will have access to using Application Guard's Standalone Mode. However, when using Enterprise you will have access to Application Guard's Enterprise-Managed Mode. This mode has some extra features that the Standalone Mode does not. For more information, see [Prepare to install Windows Defender Application Guard](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-application-guard/install-wd-app-guard). +When using Windows Pro or Windows Enterprise, you will have access to using Application Guard's Standalone Mode. However, when using Enterprise you will have access to Application Guard's Enterprise-Managed Mode. This mode has some extra features that the Standalone Mode does not. For more information, see [Prepare to install Windows Defender Application Guard](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-application-guard/install-wd-app-guard). ### Is there a size limit to the domain lists that I need to configure? From 07a78b14da48a0a21a59f1232e094908a1453ce3 Mon Sep 17 00:00:00 2001 From: pradeepgpatil <60000981+pradeepgpatil@users.noreply.github.com> Date: Tue, 11 Feb 2020 19:39:34 +0530 Subject: [PATCH 042/112] Update connect-to-remote-aadj-pc.md --- windows/client-management/connect-to-remote-aadj-pc.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/client-management/connect-to-remote-aadj-pc.md b/windows/client-management/connect-to-remote-aadj-pc.md index a7c0f2f152..3afcb4da3f 100644 --- a/windows/client-management/connect-to-remote-aadj-pc.md +++ b/windows/client-management/connect-to-remote-aadj-pc.md @@ -65,7 +65,7 @@ Ensure [Remote Credential Guard](/windows/access-protection/remote-credential-gu ## Supported configurations -In organizations that have integrated Active Directory and Azure AD, you can connect from a domain-joined PC to an Azure AD-joined PC using: +In organizations that have integrated Active Directory and Azure AD, you can connect from a Hybrid-joined PC to an Azure AD-joined PC using: - Password - Smartcards From 9112c9e7c13ab7cda5f07e768e8c22c550ce9c40 Mon Sep 17 00:00:00 2001 From: John Liu <49762389+ShenLanJohn@users.noreply.github.com> Date: Tue, 11 Feb 2020 10:06:53 -0800 Subject: [PATCH 043/112] CAT Auto Pulish for Windows Release Messages - 20200211095635 (#2031) * completion of initial incorp * incorp feedback * connecting to TOC * added update catalog search results image * correcting spelling and some other Acrolinx items * small tweaks * 1 * more tweaks * still more tweaks * adding co-author * fixed missing topic link and some formatting issues * CAT Auto Pulish for Windows Release Messages - CAT_AutoPublish_20200211090157 (#2030) Co-authored-by: Direesh Kumar Kandakatla Co-authored-by: Jaime Ondrusek Co-authored-by: Ben Co-authored-by: jcaparas Co-authored-by: Tina Burden Co-authored-by: Direesh Kumar Kandakatla --- windows/deployment/TOC.md | 1 + .../update/images/update-catalog.png | Bin 0 -> 154719 bytes .../deployment/update/media-dynamic-update.md | 453 ++++++++++++++++++ .../update/waas-wufb-group-policy.md | 6 +- .../resolved-issues-windows-10-1507.yml | 2 - .../resolved-issues-windows-10-1607.yml | 2 - .../resolved-issues-windows-10-1709.yml | 2 - .../resolved-issues-windows-10-1803.yml | 2 - ...indows-10-1809-and-windows-server-2019.yml | 2 - .../resolved-issues-windows-10-1903.yml | 2 - ...ndows-7-and-windows-server-2008-r2-sp1.yml | 2 - ...windows-8.1-and-windows-server-2012-r2.yml | 2 - ...esolved-issues-windows-server-2008-sp2.yml | 2 - .../resolved-issues-windows-server-2012.yml | 2 - .../status-windows-10-1507.yml | 8 +- ...indows-10-1607-and-windows-server-2016.yml | 8 +- .../status-windows-10-1709.yml | 8 +- .../status-windows-10-1803.yml | 8 +- ...indows-10-1809-and-windows-server-2019.yml | 8 +- .../status-windows-10-1903.yml | 8 +- .../status-windows-10-1909.yml | 8 +- ...ndows-7-and-windows-server-2008-r2-sp1.yml | 8 +- ...windows-8.1-and-windows-server-2012-r2.yml | 8 +- .../status-windows-server-2008-sp2.yml | 8 +- .../status-windows-server-2012.yml | 8 +- .../windows-message-center.yml | 10 +- .../includes/improve-request-performance.md | 6 +- windows/security/threat-protection/TOC.md | 2 +- .../create-alert-by-reference.md | 29 +- .../exposed-apis-create-app-partners.md | 1 - .../get-recommendation-machines.md | 2 +- .../microsoft-defender-atp/oldTOC.txt | 2 +- .../run-advanced-query-api.md | 75 +-- 33 files changed, 568 insertions(+), 127 deletions(-) create mode 100644 windows/deployment/update/images/update-catalog.png create mode 100644 windows/deployment/update/media-dynamic-update.md diff --git a/windows/deployment/TOC.md b/windows/deployment/TOC.md index ef3757e12b..84bd681996 100644 --- a/windows/deployment/TOC.md +++ b/windows/deployment/TOC.md @@ -253,6 +253,7 @@ ##### [Update Compliance Perspectives](update/update-compliance-perspectives.md) ### Best practices #### [Best practices for feature updates on mission-critical devices](update/feature-update-mission-critical.md) +#### [Update Windows 10 media with Dynamic Update](update/media-dynamic-update.md) #### [Deploy feature updates during maintenance windows](update/feature-update-maintenance-window.md) #### [Deploy feature updates for user-initiated installations](update/feature-update-user-install.md) #### [Conclusion](update/feature-update-conclusion.md) diff --git a/windows/deployment/update/images/update-catalog.png b/windows/deployment/update/images/update-catalog.png new file mode 100644 index 0000000000000000000000000000000000000000..e199b3a23a2ce5e0b07478f0e2da166d40c71834 GIT binary patch literal 154719 zcmY(qWmH_zvMr3e1Pe}ZhoHgT-Q8UpcL@Y{*WfPQxHJyI-KCLWf#5U*2u*_J4h~yMQC1rc4)FvI4n7bK;q8l;`|Qoz4c=Q@ zK^m@cp5pB71<655O$rXKB^C483i<6F-9ypH8x9U<PWShsH6x>PS#A0;BrY1n zS$Jx%`Ec2JA+8gO^t^25c-{AVLVAR9!0%QLJJ5T-qU#4D%xDBnI8XJL^VEMrCxdKu zw~@bd{4YFXza9yR-m>7l6eel2*W@reR$({;3nO%vf3XHt^>rwZ)oSZ_Dto0z1;ogR z4%G|qnrl-7S#-3fvu*n#Oe@OXfqgRa)z_C;obi>U80t*oS^dEBxg-94>-(>z{9ox{ zM69y`VDgW=OTt-DsunJ4&6q4usXl?$X^)7WRw9qBE^6{)+~&4j$HP}BBBx5p-Y3CX z@84_wNnEOl^fC#K#Z1P>QxIg3Z@ROI?FN3B@jCmckj_bAga7;|spA4M7RkDgh>kba z@C~~@1t%*`zBMpMPlkdWp!_-~_PlLBVp?q*6JQ7sZqPnX3X$tUeph46MDEfCek}Xs zt@wSVE(N<))l7Cxv7l;!; zNYoID5#bwSi5)#}fxP&qPIsuLHAebJQ~A4YHvU3X-L_nKekdD1v~I1pUbp4l*Sc(G zS2m&t7I(FZEO4c`5=*HNICUC60J?;*K;i_~#NaTsPb}?LJlryhr{g z+{v<0jdX(GLi#cI38i=m$CUI#g<4FK|A{ZB6aht=|Ez50xb??wVAGit(wrrRv`sAO zkqj-WQlnE!0mxO_N)6iSApS~Ljuu^`5d9>H@$ryt{h$o*4$Xv-x_CV@>ugX=DMK2+ zZA6ALGNiF8U6&A4-Lf_b-~-HKBz;)_F7DP+qC-BjCfcezx|m>y6V5f69@UjlDop@6 zui$Z&t-&GX|DkR+xk1Wr($fGlkF8p;IfsuLbF(O5*>)sl@Kt>`$16L-zA3EGHoxM6 ziSfIWqXBIOAYI#*ifgPrfhn~E4yr#X>78TFdN}hwR>J}b zL%*@}XgVY<{T!h%DcSyz-Xp_fpn8ga+fUUpL3bM@N0qt=Jr*f4jWs*{4HE0;ap+uJ z9^u2{V_`b~dFOj;+mDsjgWJlf7MdZfbf5$G{d!L?kv1js=ahzYRwxFNQn@^ZLKxdx z`IvKa7Clv&GDQ>N7+X|g@IEr8pjDsguP~lh+EP<4T;{`tvaDNsyknIvZ|1Q=qpWfm zp>%87eb_SuN!eV5f}xWkw3@-QIxu%d?WV9=ut!#Ctt-x}-0CJEK89b-p%I|>u$C|W7S*<}!2kousWy;P; zY+cQgW8{~)YkPuvs^eX)*8tHIjv1-I6dASo>3Q{x#yq=Yw0it_g~}u}J*)2N?@OfZ z1;fHNhVBThyLO-aO;p7`?O$}fmbx-ulAxOeZ5MH;&VH~Be5{3pW`xAJl#~hElg%TFekr@BDCP?d`zgBd2Toe>ZVKaShz>mzoyOG3uHwfMZzu*j&qAg3l4>5>ODZ5$% zT`ng8sg+L(Um}b-0TFF*pCN2C6eM@!OjC(LZ72&QWMq{CDqG=e!oPz%2rz%YU^494 z7M$hHb5zKX#pCCfngO$msN{KDgSMa6#ipl~jV^4}Q$ zK#Q8fM??kS5M9#u%h%HxWXhVX3u`*8@+E5RVKuS=mjjJ=brEwwJ*-5CO{IiNXbyj} znKt!my7a0tK*~hXrFLn)zDPuoAh$|Kl2sgGIgJWmZBi8Fin6>NmLc!451PKQ!0;6g zDQ5?!ineUmBTT4vc;v^Mcw6!A)rO@%A|eqn^KnZXcAtC;lEw6GQg^m5cpieGFXks< z>&rHsuEDy+U@WGP?E7|@>yV_#&u zLm9man z6Z!rMn{~_UxGWx#V~qvIe8%mH=6oV_T)sD>2dqAE$zGI1F&YOVfjpvVH=?ojKUSn6 z&CoaZ;ii9!g43r)+QnDK_U|SuOX$@d+pLNxYP76Lvm@Ip9`0oFtfwCkOSY+kJ5rTw zt>=Jew&S2>&*J)^xs4&Tj_?(gkbi*~JWJd$Puwv}%y-?AwkMct@=eA3Wjn9OXz;A( z@5()<5cp2W_pXM-yTTk2{c)_)^OLKcStz$(6^9n?eV zpJSm%Pn)fHc4SSaEgwoWZ?J0E$N zSr3>{-ztrXcW*Fdqw4h-)(m`iIpy((v%3c8JyGUJ)z~dsU3hK;Q^G=P>;`w1uGb!- zu|mvTVN3ECw*B7W=Z2*{2g$Fxl&V%1F1PHTf{9H&-@LadUn_CMgrh@E!EwT^e6W0y z2>-a2GI+}fuc{Gore5mA%Vjc7=B8&M%)u59@xqWFQ`Q>Vcr{%)Z&puwRgzu zig%Qb5gGnJaTEMwFdnj8=x0jR36hj#$4_5Snyivm%!|`ztUjpB!Vm&$OO4EgP3TP9 z{iM}eGlIXWfA>XQU$3HSpO8PBl~zlIrZ!#|F&R{|jO~+9ol*^CVqw;`)2T4l8|I?` z{3-_d6MKsQ)VAM?6hU3^{?fOmN#p6WM6eo3Hej6n=B}WM3$7now7b0ICJ*MQ7Ow*? zSd;!TjP38h>jWgG{>zMaST1vDh`{W7_NdOD?g^wRhV z(E`^Vu5hrT^y)RPt1}Q@Nq4)zEKyB;P`ZK_r=F7Nq2JaY

9FSe6$)w7|=L2j;p7 zDTW9km-?w{V;}17kjU{$YvF5H}p+p||6W((VS%(W4@zQeMgs`rbI0_M1@gdX}VOk(1)(iBAYcn$8Ca zJ=`oY96_yKG(nt(5YN<#cH}I&)xQ#-sX%xC2XV$x2#z!g&NK-zF%qjVTN=^RN&!$+ z@PMkS!%9;Dq(EtP6t*L6ZD3`!qOKP8C{a9Hf}NhAP?@Q@Sp`ET_NucQwvtMz@4KlW z1f{vsi+mPmGC8B~r9`W7dUB%PEE*cxQ^rNADV<6`PgD?b0m#rHJW#CkFP|DY-7=AX z=B;h2nBIM_Saz9vZ)S&U*FB{0SJ&U+QQOgCP0SM&4&WX@eboy|fhozA<=bmb7OlWJ zPw>e}$StX9`)2y=bS*A7U}KS0gcyIbIPgOgr7Bzh2z#^*j}zVCxbefJ&-*og`OR*9LBw7AznUwY9qNEN zYX$tEa#@;TYu)8fFLZQ0m@+bQeU=J3!@;yP&46T-2opTS+^D)1xSAG^5|kZdO4HP+ zpLxb8UzDvZz_&(b$R`$A-%#eX|0fj*99DVE_qEG~*yNO8@;Ru*fDV0njax>cq`Pfz zYsmq6*#f5;;&)LxBYx?b6yPG`HWP+u*z39IdfJxvNI9RL_N88cOZ<|YbPW;kz}~#A zlHBN$DY3g>5+u8sH^j#lAkjrNeRYCor|_51^PwuNtKuqDLeIWsiOAiDLDO@O+#H2e z!=6gdPZy#@sdI`!YS?R)076w=`JKt}$h^1QfR5!Sk4iXDIte9uLbTS9e2=E`LK82* zdh=URG!o%N(R+g0jMQmy)cCiVD4=APm-+^a?;;q`MQ1Bj$Z1rsH+n(%6>I}}B@e8f zx3TmBQn6!kP?Nr-(2-GId!S#hFHl(LJNB zKcj2<>G7MZ)PGt8{00-TqKqvEDq5^~hx&86c6SlLjk6J+P9E$!PL*4=cTIxRJz-sZ!)ypIz=3FPQ!=x0 z(T*FvefZM2CLKi7!Tksw!VHPf z@b&+af2468FVgPk-#3*l*+3a)--!rN2r06T3gj7FP0u#6p1?vMj^Q5)t&*US&*@L1q3K<2zPZXy$(4XejW9DlQSAWFrC zXe`x#<>N&QDI%Jtg$%S?YzC&=!AU$b*Y?v#N?F3En)N^Y;X?&`8F3xPL_ zTzufEqQ2vKTG$#Azw?hhz{!z32nScZ-EAGAEA%g_ataxx1$4?N`B^*8*P0IX8boN* zGTiYCA8&(>!oSXbpIG%@R}y`mZ{Fq~J1Ye0r2hC@<{X%GNc!`85Lxz$Z-$@}*IXLM z>QoNE?!UYD;{VybrLxKsY|dO)NxsaDpuG$K!)a8t6yM=lGs-=_D4+ ztQ>^7xh(NSWI=h=us0gnm32##`-oR3WWYTAW0g35%lRh^f8d3E#+dWch3`C&lW1?w z-JkofcsM;h5vpBAn&I1GAy8-;GN(H0rK_v0T9f(+D{z1s;bw?xFPb6#g2wCv`eADm z4?RRnr9C2ynB!kzibdSYygu>LE9H)blvC|UIdHR@pfL&595{XEH7a%QVN!Mak!0Jz zuv2^tiH;=NI9k~p*nVsqbDt*4Aa-?kIN?*MvFJ>R^_W}R_L?0oTF-?zQvzQQm)51*s$2jBufwTBU0ex2B{OQp$EnpE zy*?z5W(F>-b;KOxG5S^G>tiSvV4|K9@xO71n}ArQEg#)FploEp;;=vZ6Q8QtkG2`c z!wvtDNuN0`K&VXDRBJMp21cu7l-}NFXs$!gc=RjonhUV!NY}qL8_*yB#nh2mQ)!wH zp-nnQFL3>Dea|RMG12X5mwi zKoINC0cW|dm6Y_L*vUt{1gozuaf?YU!aD8^EwP~M#!f6RguCh?QahiBqe7SHGw!?` z%RV8#39K4JE7{GmCYe9!>=G!pA;ePaJPBMVc(S=va4^~ZXkIusX6$_=-V%H04WkA{ zUWil6Znwbw@>KxO8=_r98V#W`6zTSUA7(64Dlee4sHUxVxR$^j5!$FNltS#^c^XT& z>)9<)ixHJQ(7d`f*MgI&ODFhh$?sp9|G{gDr=R9)`RkkhHuwLV@T1!vWxJ7LaPDn*(>k^8p)J3l6Tc?Rn&yhV z^LJtGb75Ddrl~eH=fY8Ti6fiXuDtMY`M|pN14?Az*DB!}F2V$Q!SH(BTF%_B%F#La z#f{1!r_)tW3f5wUp@;ZDbG!vMqCY;;xd{$O$}hAlabR!eQQs(~VQQu0@{16c2i-cG zm|9Y&=DE&*L$wa%7`qfJja3l>-($}do6*(Y{SOrUV~=*lp+=7S_-gHc?Y9u_7Psh} z=ogER<=Vo;0DE`$FOXLy|1YxJLW&Oht6T7sl4$DCc` zb&?%^<7;IuQ=@$M?5mkiJ&bnYQhSSzKDN}0dl#qY-q`abLB~S7N;u`0y%4IYQV5RO z=Wq4?O{H-?)K5ERf6fkyE}8=g-N5gzXH4bA%4q)_vSOP$@r1iTMs+;tUP`0Yil}mVlPk(|!~1 zy(qRhwXgAPZ41qIBum;o__A!9@vLhmhK5m-)@7(>p*^wM>e#BaDhr1+ip3DfIk8e- zM6NxDX4tl8pnk1=zo36-uM{Ddk90hB+2+SCgVF{QqZ0n`pIm=t4Q>skkhBmTg2O&M znA$Q^U$c7q8d@mp{NaEpkx8?lhJ&J3S3r;X;)dre38;RPpPvN>^c|>f{`(!F>jT`ZUdh9dqRZCTWK zJgdfy3zetbfS~%@I3+@^xMx-?OR)oN5A7Bx#~J@w9Jeem$%Bn&C$qL3&-25h+cK&)zY1`| zDjUfFZSnFmAZjY1rU2n3>;0PW*k1D54IuK5nY1X4!;h;U`Aza42>9hIs)OB|_>-i8 zoO}|_aDD-&OX+n^ykvi;ibzkq7#ALXlNYYrz7l3;w%HKx*boIVk2egCF4StUe3x~< zM&?|VVaVAa&NNJvIPH0xK!zP&TbTh~B~wE-H%ihes?*HQuDhu@%1SkC7a(I%K*C09 z1DP_5n6C#mbL4--Be-{U=~X6epBj-)N!+y7<(*?}oMXEEGZxCb&f(&FYbeez(RBDE z5*@DIXhM@*D-tX$+zVYU{We9#P!L<^;vL}7x>Zo`IjckA-7pYP7u+}{ymtPz$rlIQ zV-vGWWy4;N0R#1hyIMp|Q_Xml8(BhoX<$!~fs+f(&ER$Vxc}Y!<|H_z-Aq@#o6uL? zItj4EHcpp>9_zb@w|P_ClMG})Vq1MpqvJah_=jhM1PJ|)&yJNGUoD!f?oiq`xo%K! zzHf`NRlTur%3KinGk;t(jgU3er2V zh1ImaDh)DH{Ekz?!O@Ba47zJ^zI=8L1!JRrtU?2RDFsZwSx4dH7bl3HWD~-)iCbAm zw0(0;@xW~qyTUdaMZPi1LJPRF0>&sNqHXtssV`^8k{uj9U`DPN?P z!HnnPxSuHplR4o3?65@?>%r^77{Y2DNaePBX|IsqaCz_L?ppsdx@RmTh4sn2i?aEx za}7fk{Y3KV5o6QK@=oAN+WpEy^FevlPACkoTE4Xg1X$$5VYR~_ASe~A7P6!y_3M5H zGcl}Hnb{ehg&wu08z!9RBk>Bq%F+8Q3#s$yXKLzXD*~>#ibafvipFmye)TOmzY>}i zT2As1Iwh2=E?IT1YD_*-{Rhvd{6`FfBkMWjtG#q2!*Zl5t4GvvS0|*-H($*cT}Lt5 zv9@oG%4Yq~GR=l{Akw3*3a)y*i(de!|NJz*usVU8HC=n8&8jXxJ`Io5B#nTo+F!4Q@Gr0jo+TV1^vRH)jx-T?^Ps3x(qLh9Rf1%Uv>K>mdKPl|LCZ_>XK`o zZ?NLNGkPTiT!%wmn_DHOn>t_&=1A(Zzw7EL@g8Dh!=95NZePpJPS6u}?Y)~u*B#>S zeUU0+Bz1|B&ZW7t1!x~|S1)?eZ}AEP5IzU`X$WKSv2o7;c@hNAh>!Qbc z7D`b#RAz|ijgzw+;v5Ja+P;daWmHeM5$ffOa|_4VW>GNmy@=irvg?1(Y|L6f9NrKJmDSRd{2i4cgVdO)COb{8 zlG2ejzPfyE+8P|7NmKveXP35;QC>S1(}V#C1X|Uj=Z`P118QeyvnI@dqiBWh-}N5f z=j4B8$*!f-@zEnn$mg{VD(-58Y-}I=yb;a#lo(Zhyq+&iUT@r?F?D~@WsbdGx8D^l zDxvW{17MBfYY)hg(=4+n;QD4T%0L%D}qwNvvjrZ`S*K(2^1;vn7!`oAvUznE$ zA7E*eLwYyxRk=q<{ao_CgNGA2+UVj;z9fK~u2@9&@hlWJ`yak6ZfSXblgOBLcZEK_ z0V3PEcWMMbHmn~TX=G|uh~sKy%pN^d&#+nhLO34XTCLwPQ4FIq-ITKwI+hm-APpwQ zDBY$TuW@M!N1fbfx1oCUX;JvsC-EBN{4NqRAIW3He1Ce&Zq_!Q_EEz5{AuWalArWZ zw6^s_&9(hlp_CV7;S)oGF~Q(^ICq$RcLXN6$6_-{AvX&4+f ztJ#=JBnBFYW|2md0n?-uoEZi_w3Y3P&;(NJvVhpK{_q$XwRDkaGO~?L&4iEY5Zacv zf>iZ2nOT_i*9!5McAY?hu|`_8<>|?~`RR&hr3R<@Y}gGP12B1!ShxLmSrmN{Ce_)x z{>@ur4N!5M?<00Xn=ZMMBx&)8&czDrj@s!y!iB@yw08&Ch`J+^k-$VKrc#esLTGCJ zcP5O$i&^fBvd*DS#RvA~z8m2$tt?+%aH@@^ok%=!=}i!o^qEKEL!Iki!od=>7s1<| zuXndPh z$P-u*wOr||abozxLsP20NeP$^U4KM{a7LkX*weznj3nC# zUMaE!S4K!kWzH{+@yhPf%jH)BA*cV<6~a)Noc>b{gg&Dr?bl~O<3ESN<~kHH8+q}| zev5>W`eb~ErRfWr^hRXM1|a?P1|9Y_7MgoFqPK;)#%i}8BE2Fq>cKiS%AuXdm&5s}rf~b#9z3FJ$RT-L9QKV2oyTJJRE=65KW_Cd)PS%`4wsb;*BiX*nzOa&D z`Lu$MBOgu(BpmC6>ZlD!P6>IF?aOsk=hi4G`ohiZoEk1Iv+K4Nri@N>>px@HEN@KT zb$TGEHl~hwdPjwJ^OU=HoOvyGm)9`7cFV~ zYJkfMT&S!A4hc01&s89Q3Fd}mWvG`(RHXr^k5r00bfoGoN9%@9p=!CmL!8Z@Y79jr zTAypdsJw$)-`{yE=zM=L5m~13Ew(E9#}6^DDyF}viBAxZsa82BPk*Z5v5>sP1dedK za+TxWPi>F5tT-muHkpcsGe4mfi%7nI;ByY%;@B|-XtZ^tGM|rl$NqX=;@R~e_3tv~ z+jTLtB|8QVgPy zP+Bc*u17OMtg=89kGX(xclW3JZ$zK8C;WysXVWb4`y%U-sUOG37>VA|L=FsVvXs$| z)a#D%cCGoQR5wU9H-g{J+LQFloft_BE7jjmt;+j(otshQWKP{SZxqA)h!ytrF^X9G zOuy)p4W6NT#7yzL*cweB?F#DvFKEts;$sH1_3Bl5O)S{k9yeSB|l| zt6SHp|IkpsAVF~cRDuy%eOLH98`XxCOxoYC* zFdW)$BD}0?q$U`N*hAlD92S;~k|K^5>OA`!Dc#8)vkBgsn^K2`jA*=sP96FKNPT5; zy;!OdJKfX#4Y#uZgqi$73_R;MQm8Hkc)!<*a!xkUwYA%_Wp4=oxLay$KiOuh)FGcH zq{-d@4@t=+_;u@CNNB*xxj^vq1pV$7DbOLn!Rv1~@<9Z?oKhKre?l;fgzcKJcR#7L z*-%S=MQd&m!i7bzjM^ZpE;esPaddY_)as>%IJCH7>14U-oaZOJB4yW`=h9htLZC9t z6KGhKl+U1U7C)L^@s*XAe%|RlCZWz)4|ktk<*cx&3l%4SioQvWV`H@NwRMGiF?`le zr{Y~rT(RI7aT6|mJ_2TPnXQfB8lf_Otad}0kBK1S_RG4-Q*rAT5I8YdpMD4MZFh@i z2#f9O-;x#>29$4;Yk_N4PsL`Ak~{C43KbScAAFt!wYLz_Rp~M>bxU$Oy%`aP;Zh1`9ekptaCTApqqrP z))(Iltp5eUpTjq?+v$olH3UZQ3Jyw%I9y}rypp+Ovh6RjX6DF9{vyKQRLyKnG6f-a z^Vrbmykez;)NVtv*oS9+sK)upJdUAT zft-IM4Gn0qYOS=va4#DB?!b2Gt(RgH;hnOd&(LKbH!oBUNcm|_J<6mZVS4c4D?tALRrU3Dnk_W6_@n7)O{_g!P*)nCgZJrx0X%wAmIG z>6Lo;bl5Da-i!hNM-_x46Ifh?2Phyyk>{G9SRAA3kew`1e5b4Ip~}G%tZ67Mu6oCY zI^B@9V&4XLnUlT6y@_{%sc&?&7okDFG$A|z1yryM<^(sz*Vl=zuy%#IElYYzXmZkI zDY2=H9@#Co@)+F+dBUgNo0`8mxm`J_yKxG9hnYm}yYkb~s4J^6+F36rb=1~a9vva{^sgBBHYaM@ zbZzHYu6rh`>1_!;6$OHCiF$mZX~zB+JSU+-aJEK7`4;Du^?ohOYQ=Cad~(joL-~qJ z*U`i#n(I5nR`jE;`cx0F&Tq27AH47$Wt!9 zeDA_E zDXW%tq^4nb0MjW5?U5{^ShJ!I2+?0Z1u3D>jw#YcRFw_PZ)iGDb2WhRJDc_CghsTF zd0(O<;t|GvI~`3bt^FjuAKeUrq$C78o!A0B@ePCjUQcepm+ul0QeR}e>YWXeNj^Wd z!N|lelZ~qi>-AMN?^lrIJ{XBf>SF69^g37euN|0+HhnYZ(&Hebo3Ux2M8rQS9ba#P zJ%A!ZyuOr7uCaNH{(;pFk`f6@n-*ADrrykIRWI$i;dGc-bD_AO+AvQzwHo!Xo3mMf zbn3a@)K=cOp?|LplTa@?YZ|2QO5mM!I<@*e+e9?PQh8V#vs%H|o5X%~d% zxx)_(xczcBq$Q?oNmh^a^Xd8$Q0m~=OpJJ#IKD5ruyI;C<8tSKhXPS&`8TOytZA_G-u|c@X)N-me;x91=c=2(?7xoc0($MBP!P! zp|Sb7BO=1M`RvJQkLg=yUpa6`xwKBafk77Aji8=fc1OaZROMHeEF5K52SA~ zuE}p6->)I$$DRW;*qoEh@Ce4<)ar7SJ>8p!CqX zaPjC)i_0YRORF+ETCbS!u0#r}bdKRR%zZcr3NJMnL?7e={G$jsbxD4cQCjx467!TqnXt(` zVm<@)I%j#CrV1~F_hMMQrtr->zZZ#!h&){FAga_`9wq8u?e=5l(9u<7X6ghBNR&kA z_h6o^X9YD0byVF9Q~f}_{S)mFJ@z-^fM9mznpZru;C5-~k?uoBvG};CcTzT{;It^B zV7zf}*BhD9q@HENFX70}%>{al-7X_2Nrku9s+uVA=}a+tHH2&JO;w%$X;RCoAU{x3R?G2OKMJPk$>~Ha;v^y zSgcY3xALPHvM##hDKr$(8qs33@khAahYSk8yV^nj6^aR9LgR_ro8PJn1ma7@?0oZe zddc7D(j8T$;eD`%yc*ptZj!wXR1Z7Bu*se|H`H^FlX=R0Hp8K5;)d;k5c1FeVq;^O z7#RmKy1IiW94sWO5Ss!*L*#%DqRp_CzCPaPa^B|^_YBaVos|=J^L`Ic?F!LX^%dX< z2NQ1RF@=*zvT<Nr z+_w#Rq=mn(SM;vk4XAB+qWiI`0M&^Vw3&$BsTnmBib$te`sEb(rPzyv$bWRJCP9QT zL1a9gJ`cUm7sGy1u=y1kRt!@P5Ni?&bS>TDe zKoOX)7PsJMJy^TiL!gkI&46nDuX1CQh9bOaE@<|;@fV#}JNZ;5cHcAZPi0lUMS}@e z+t%`pBHXH_h4ib6+25;yH#!C-j&D!#RYWz*(X@Wzqzje$`KyQ_ZtaJ0ZZzCa@C~`i z)mj{1=k(BN`{%B%arpWrx`-hFnkKhDetN**&?;sbK>di`JEZx<&>8&6A--^KN z9y)U6^`G%R<6S$N%^)`@&2C8$Qwf{=clZTqf$@u2Lk;UG*(_!eE=k!H%3h z#qBKWDGi@sjo=RsMdI_b61$-XM`RIRpNTf_V9zA~#I|lSFWYJak%jt(Da?mFAwbht z;E0R%#3fJb!rUfsns>VOGpP{|pWk0t(NSfmvfMZjq_X;lmE%OW?U!TGnP$VaBH+>^ zcmWl<^P!~|$1^w;?J))8DK-94JppxIF;)wJO6VAq=wmY$bCWTTPOoI|wXn6+=T{CW zzBDR*Bz6p!3*s^-SA{zd2P{4&17Bbb>BV+b6s?pku*M_UDGzTeQcgr;RflCqFr}!AgHZ1( zzM(U&U7BQY&s=Ujrfs`X0CG;g`O(JvbJ4_-c9@tQYMQXUrf1XAJRE3Mhf7JGUyHri zvDp+}!^i56XkuF!!99BY!x2*w$Xt?L9oP-K4VJgCOnr)CW@Bz+VfnNU-(L*t^BXZhEN=}0U9Rm||2pR` zg8RX4LxDf1S-Box=$v*+it1Q}vf2(=Onn z;94jwAovyC?^Q|t$_a9#-D`D)@(gr2*-Zv|nhxZL@up3;NAdWo#kXQK)pO?N{vfm? zte|c(^8?NKg8EMgznqe|?;pY%Q#W@$cn62KmSkZSru{xrL|vFxz*wVmzynCsk-|@# z+ZPVzG2R>lF)nnovCoo&Bp^5qJH2orVuVeY3}nMokBc&p`6Ld{o;Ux>6@&S8Blzw~ ze^gB6^3NLP{*Jplq8;%=)AVC*pjp8bz;XquHG0X=Ul(y@r}ZyrVk2RzEe)x4>2zT)5cS15{5O#! zA4oQ5o9ELy6ol+}IW`3T1fiE&+k>E+_9;Ngmr+pLhosCLH8Dpijf0z(*FSoW)8?uD zNj1$sF{$t}$em0{cyo;nAhX+u5-dJ6cBF*HcoouGR8E&wuTSs4OREJ(R_8I#W1w_2 zMK+B>zw;jEBIUEE6u@tpO_>}_d_q;=Wa$DrE5*>p@cvwSx0nJVylDjM(4S$zdH_fi zPyIrN7;0%WO0BZ1TXLlM&7YNGnAK%udk<2Kdu^#&{3dSS@SyqBOc>?<2G28ADFVqe zQ+m>Hy)6;XOYJzFv|)+FIN@l9&^mLEG0`H!b`aO;O9)c5AOdbGR4R!9Ur-z}g0 zd!@Oxe`A6xfc2q=CZL5kZfvXNHk$LBKj2$Hs9M>bPgE0&X`S@NRyZApkb?0%g{#P` zvKrXM*44p*t)&n7w_n${7e#2E4fLM@n6!c0`q=+$$1|%@afsv=I0CSYGixY|9g28 zZ?D9`1LY6jZ|l2vG~cc(z5dh(RVwmkG*JixNrcNN#H*<0mXeC0vfAIFD{Co2Uuh1_ zsf8VGQb-HE-)o+kQ~y20p2PyqEn)FyIH6TvAWRuYJ-#Vp9c)(-yLReaaz)*(IJ>Wq z_qxv;+QI(SyI-u1S^r47Jw)@~|G;Vk#IJ#WXt>#Za<6yW$yYZ`lWT1#b6GD2KmDk$ zeH+X}JN^nUNJqMM^mwPZs{2`Y@K=C`*hpqFLJA#ZR`2Pxphc$8!?lKuu;qr zr~LF7cWy8kEHfjSm08{;uc zbMr7WN4dV7Z%F&n5R*xxQo31Trlllp`3p!!FNR_$5?(Sa6|9~Er($0fww+nlh$QP@ImueFF}Hflgxo>Fi1L$5p6~9nNSm2-XUuRpzuh^tKF{wh0S?OjBT+6NJ3V| z8U~xgH9jJ=#OQ>!OYx%~3^+impuje@o5Q3r8#JNh_`aM`t?7fC7^DEIH!m*7{}Ker zL%%|t5omWZ*EWu^69tppJNv<@a;5(5-4@#R`sqTCp9(cLsRn_v`81*k#x)y(i=jW5N4SD}94&@-6{+@j{od?p2b>jYcJ{tTr&a>Eb_Q+)Ly(cGdN2R`u zU*Ylm_wgLZFPQsYvGE?+f;pw4drJMzcGMJ&|GGh=nwv}Vyo=&fBNnGwVv|KdpAQHA zUQ+Z5cxYA}u)q`Pz0nnr#5-o0vOo#E-|HC|a^My#9XrGl6BdQCN%uQ2lvRODogw zotO9f+!Upmhg-xQ-ABdLjIw`aWD1;JCoo9kYSAlNY-ps&$nk@!k%7HE>U(nk{L<>i z!E(T7Cu?XkhXP~L-)fYoTCiCMG4EqUfw1{9gRn!MeBgu3q!vIA+0Cy%sPP<}@1DunKUzG^ZoFaJ*Gm5} zBYdZAXVTXtW`t7TPx%^Fu$SZJX@-U6Ef_MN4L00Xx3owMlwH~z*FQ##s0(#x+x zDjL3n(K*pN?6ujPz7pU}W4AeJC1E**aH<<-3v!?fFw~di_i9>~ME?*^OEb!gZ5u zYG~qcKbNk1y}YlwGr`Pl!e#n+E0YJYv=@+JEOL!#ftdl^?-}1tOAsKu4Gq>uzSkw} ziB5(2r#+o%x7+tfxyHRrnOBZSRqvuYYh}H0_Y0jz;L~nZ)x|#C$7FWTzh)e;=52}M zt%wqw9z^Xcb7OUrS*w)*X95>FHonK5Zg2k8?|W_-=sTH*b?f_fljhz2-d4^nO2V?* zvx|0TL7ONt9kXd4`Qvy4W}?l1rFQwRl$y}0h}%v2k=W(hhTCHHG!^bWObyHQgg8_N zcV`q?Iu)A<(yyCr(^tW z%oSh>Rl6yN$QlKM@=K}}+py0Ws;%T4&2+j1dZ3x>lE%8AH^xW&VIQONDbf45IZIckfQBkI~B#KUvf5-$Q4|JFaG z$>a{H{q76Pk(yFT{cj?KzCU1i<@tqgkKixQ+`I4< zK8jNJ{k_os>R%X!n;-8C|6WdC?`YMa5v;-Fp`&TfRNaoW$VTwR zvDi9FJP7$SmVkhOZ}_J3oe$Wqho-L`juYAMDk*tXshXu+Km>PSQlL}x|0C-yqoRDH zwr>ytX(w4;UYo2K!T4tj;YlVTk1zFulWG{#lVb8M=s zV&bY&rPQ7dwOneJVQX#&!s5WfLZ=6iHRsG?@qKZ3<6kb{y!jkWbgpUW=!quaR(1qZ z_gY@z^WtVTnN_gvhjg7VCw~^Txv6Plp`zZg(~17IpJNh1qGOcv-mH@@rnF47dN+5T zC^J>Z*Vs~19m|yc0`;~sFj$ne#j^KjU(Ky!h>!n|Nlc7owS$;X^|k)2je7d{%&Yiu z_D%VL%bGv@W^ekx+c=c$Cn{>C+w~ETc?%Gkd0cR5C$mN~>3U%`dD%B-CC|mVn3}Bq z{*!i?YS?ZUMG5v}lsG-t&3ZawLQ~^E{5H(Td#xSHF#+L9x2uv%yxY3oo9Nvjl+7!N zo=us&487Qxb_S3r>sIZE&&Xn?aArg8k-x6asS{r-hY*}8SBF*}ZRk3$Hf1z~tDd=6 zJ>>Kt31EObJ6EbMxjC0AWhDL$Q)W0l>1d%cVHd(EZ3jp`=to&4dQUV{zT<68r zx;;slD$P3)CZ+({C%F!&>yz_0wwq=IBbBv*9WoTz*{*`|Ql+L?*#!abXqVc`xY4uS zoH{)5WF86Q2xTJlCa_kyte{xx`{HVM0@Y5?pZ!0o22$4QETcGt4lwK?^FRzTA{Cgwkf^WS7Mll#0b-rs!m)SP zOnrL%X&nvrupWb$`{Hk zy{yU_pD?%k{ym9KORRu>y|P!=&Bg8VVzJ}bGVsl`q<~3UxCQak`S&^5#>xRR z_;Qb*-4zJjD>?1-mu~d>t@~q?k%mu9bsceIr_a;&W<~C6Wcxz5`@jLn9gd$bT523* zlZUC9#Lxv1<@M5C1)6ttUK|@Z;HDjbq5Nv2j%mPls*hLb_ADNsfYF zF{y{Oar>rE;-9B5SUszn@L05!Z@uFfdlkcE)sFH5pzXERPY^pMec+b+`9|xTZF_@d z{HLsHh}x{_2*LEg>Z;z&o>Gc-SNeB9(K>_YnFHMHW7d}P=ZZ5_0UI})tcQD&>k5N28qF3p8%zeKTnKgQ7q%Y^3Cx`E2ek0< z(Z#L#ITgs${M2m|w>%9~eD$N^tEGowyPh98$g6_C|I%y)>#o*`U)SDZB!L5f#ULEP zGxA;D^_b@QADtVmT*oM@Rxv!@H7{rJ62mY2x+|Ry;ZD#l+Eq6aZrzb@rkYWGI=Jk* zz3P+$v{^i+%qI1uy<`q+t?xdu#UKp*gOrmB79UP|@Av7ZzD%6@x^!AnWyL7eAJM&j z?5I*TyG%p4tlhQ2u-*Yf@Gw-y(KNFXW^I=l(jGj#=Y53_88N6rik|+D)QZC(i`Vq^ z=Bm2u{Uf7e$40MAOOw>a1(CH2hF&66A#i@DeZL!7*6A)CygiW)MlI;vuuzb%A5QpR zfZXqe4NM);OX*UO(2I8plQRjEcFjGCyzg$#0fN&q2|{a~_x-=Y|i=8TvB#;z=yul`v{MeZ1FA9zY8#;2$JV;1J!?qoQAr{1};J*klv{)A6e8u?O;%wF!d2rhX*B? zDqy90Lb)-}l)3V#w5XOLH7?{8Mq%QcBDo|Xj#oDYlc>7L2kwCKk+Bk_te^HLbLT(1 zHYJ~V`cRQ|BB4faGEKwT8~wdq^76wO1x6;O0w=JFi(6b)+k$-QR(!8s2dt7GG>Y>{ zpcKRrtgbjQpkOKMDX4@vne1OQB8cohsDc-AZJg%Tzus ztk*%te~^&rZ%&D1%a%jbrxGpniBT=ky9=v+cDb;UTM}2+_Eb}A2YmO-?UGxJx~gb0 z?DO_HHFhd&&9gZeyh58`hPOWLpPgQt@xGy|Mr;BkL&EX_p7NOyZ+xMVTQ$+cQh1hr zqG_O^dPW6#t!v?jk)e$(mB(uwxBGNA$^pyERe98}=?!e!MEvZr>k++hYnv&-GXKm~ z&~HX#yt*RgM@#R6xxOw2zsW7XDl-nlIEO2i@}190|A1qk8QrNlxPew1WV{9pBSB^R zkY|@dR!8*n63QnT{f0^HtOmP9g+8DFP7>6eevL=S)z7R7O;w%pA!SxqV%oZ!KG&>Q zPc5F}$)~*?o?bDy?b}oRu~qzPU@~{`MzKbOt2rDe5|lqRUawj=%QgIzpVtJ--^^_4 zu+I_#S5#j3A^v(s+>iVh3Ur*LvS`j6Gt1IZ?_~jlt;KL}VAIq#*#%oyF>nCnGhU9Q z`G8}J$69Lo-tPvr1BICWZ%ECD zr5Ia-azQsU-X-+8+C`&4vr?pMP*myNJ-P_T=WD4PwT z-edOxXf_%#b=Z0OH`=J&+oB^V*%~1(Vn>n+t>$#4$^F-*= zeDp1VDbE*vfJPJ&PiE21iW$<4nvU{d==07&Q*{M67 z=exnzxB2K*QS*=9eNVS?0e=Xj3MKFQyZuXW2p4unXu46#>wOIk573|9TG`Ym4~wY2 zt8EPv^H;wEI8CbAqrBZbPTxFgL`;=oqE9J-K2K49KEn<{z>TB!b``E!R8=5i3%2ZC zQ|oTI$O_Cnsm80v(YR;qzLD}{G2L^0wNxT}iSpNAiU-6a-sJxm|EY(%`M)3C{9^{W0`ZPp#3lb*f2;9r{NyV<5> z3w^*_{?;km$ey$$`!UcZ-p05?P_=hr9?%1Aah!29J_dtaoa+73G=VNrCRyL?g5$ylr9V&xuaaU{t0cP8HRBQoQTmn3V4UFBz~He(Ow$!#Y?ncGCg z8nvJTV|A07p7?<|NKsPAcOYmw+E< zFlz_P6KtS)f#SkUC&EZGVyjb(wEs#}hwJ&D{JaGK!`_>xly8-0ZdQI6{k^(7J|9{>VS(P`SCK)d7y#-VwuF6v zSMTu_rkYABd=A{aD5g}?L99{j^M0rWBPilkg^uJW!Rok{uTb6 z1)`hZfTh3QmdL*w1Y*oO_Fev_em|yeE;V6iu^D^=>%OnSQX_Py9O1!+sNMhWcKsOK zwtAl^(3>9=l?82E)112g$?@oQ>)IXOWER#wk#(v!qQ{>FEAO`{%gIn3Ai zWRq+K(D+_U(f{gvesV=xy6S5n5k@Bo7|jEbk&V9Qh*aZsS@%WDPvKhLBuoO`eZoL~DrZa4#Z?e6-_o z&V1|9AcR~aO25p{oIPBcDxM50wY}Zs7g49oS=a1_*;T3inQ>;C3be4aUIt%r~0 zNdvyRGF~Vs{SR*la71}zmu=UAQNwF>QM_NS?IX{6K5@u?SI5NPsdQu8ifSRB;V%|; zgVgIL-6Y`ZE5Q-gtXKACUk{s`TIZfBy?*~2bIOg14xokHGJG!PtA`IEj1$7+CpN#D zJgp5^l~?k<30f6^ybI4RO`+d!^ymT=ZSl+wYF@c$bd^J7Dn{}h&r7l-N8Xr^w&KBN zr5og$#)at5nhkweW`!#GG19p5>j{m^M(XCT_9XXXCyQZ3VoPttB9>|RxOca$BSHEc z!!fLsm!x9n+k-Q@Z2kpW5)wE$$hFJC%olO&EOj?G%^{pbq7I{PyT`BM3xvn=a#0X3rGaxYkPxv}-b)QBRuGDjECpRPeIFG2D?k=?hG? z0$BY%BRp*ASlesICT(0 zLH4>uVp9Z9`g1%eLsosPzm6d1$OMz^$^QadTsaLtx5>~6GXlhdjv&7`Jb6v*l6a^D zYePgkbHRO1vHKud;J13jkVhDKBVs-2zrh|F2cpJ;dIUlcl@6mSWW?~|+}TT{uKR~8 zK&LEOkgmTA(&Zf;jqjyX(Ka|q^3%gel(}F5c^Kt~>6skwiihme?has7Job>ib0Nbm zqrsgjOYoIn%I&_osCBQb%G@ZkygOi@R=Vc%RIkkQE1k1OcK=?fmf5uA;G05nn@ASN z`vmj*mUMFf61srS_paJtN&GGqjIeE@bzO+>g4cHQ{=w!ZVqjmNn#yhm&8}bXc5kY| z$3LtA5V1TYq@RH690`94Xw&8R?r+-EGA_b~pdj@i>fvlWFYR1(daal9mx&E0(IA-R z?6Kbu0`xVX$LRnuefhx&nes;}ujb{`-Z5$an~4?kAY_8{_YnNGv#qJlt7lB~MnATW z(6{62=Ki}ASJHkr`KarTZ-?(r$MO5Cyj^-O7Udz?!RUOjVYtWsvLWP&)aAPQbT4;I zZg?{d>Ufy&l;HEgr%)U-d_(u{tdmgRUm5??h~VSlIj^*SKG+(JNf&M5GyfyviAkaE zN^iC+RzyX`Rf_WEEC?XWjQqlzYiP)pE81siD2W1=TBm3HPv!Q3(c#r`o_d+^TD8^~ z@xa@e;}HLiFv`9D`$DBv4|HE_>)MTan-tjVkMP?4YBW6YVuO{}wAJGP3aZv|J9_~P zKL53J!pP&(7IN#?HXgFWqyFBWX_|YjKRs`zZNGQMEX%aReShdiGxXFduk)DY;^${l z=)Efq(sp-+W^8x2hUFUXl{yJn#TE4fWL*ESda^1CnY80q%s2#HcOvbaf9g{!67X+c zk9_XGL0sqcHaO8sfYfaFwscO?PfkFq3LhdBq$l(~s;ZAZY69dp85%r?K;Yhue$ z$a=DE2s?u~@B}K-6}bB_GJ}>y3t2ik^9cH3Is?ryBOkl11%`EgNU#y?MoC zrd_lXOYg_^c83$==SDPt5b}G(Rj%1%M-OJLQti_m^2%q%`RT`EELyVl2jBBxAM0SZ4qk-bMK$PS33NpKDiOxn?hw&;LozUh>s9` zD=Z6y)sm3|&;@PnYKEZDSA9ab54T-^WWzu|WDbCbkRd|LWvpoOX zDLfy@iJLVI5dCO&2PV$6XJ|rjsYN>*=HmiPI`p{J(@zDdJ~pVdABW}7b!DpWfkfE} z5U)$UN>tJ(7ASmsZK&@GF`-pnsj?S21LjGr$t_04M6!af=(B3A7FmS(YeQW9pX(~O-|4qZ5ErOetPdmBgEh; z_DqW&#T_v2+D8^Yh-t4L&WtVhws+sY=T-@5lP1KtpK1fb$cA@igsl8Ntlw%yQPh}z zW?)M`lvDKy7s6JbrMu5rDU0vFPs?Q;yEDJ-@prN{(>eQnWnMiC{o4#-4n}})B={W$ ziH3te(0=t7w+lYgegCM6#dDY}PeRC-&frcTJemhptXLO2w-OS*>u6!LJCWSsKe1Co z?|zgd{=;lJUOg9#-lvkB{+^nZ9DJT57J4kMhnT;5L&Hl_$DJP-K{Pc00KlWWC96yq z4KJy?Zund%QeRuvaqja;CH1DH%giq&tW%gSEzuSPA&1$ysg>e%DyEn38!P`jr`qsL z+?-9@VVAnU7zUfIq<(#pSikVyUFxee?eU7ZG{@~IuoMOio$bDsMqlXX2ke!fpkQbu z6RI2iH(5gZ-qUj3xM$Q>R|CjIM;G(Hj=t)*Lsu(yQ!&hndOR}-%dh7!57ar z0VfdYv(Ky2o#W1Az4;+S%sKj}DfzoPl3uaQ2MR$aOKr(H^Lf_Wljr9NAo|8veK9jA zne8dpc>T&wpDV%B?s0=_`HCA`Is7&7gJ9{70JG9ZV6!9NjlT?q=eotVBE>!mZht7Qf56rL4g=q?N9N7< zI5w||nC@n=x7nVq(#SZqb@|HMW)BVPMST1+GWq*AuJdzECZ%~?t)eJpe$t>5J+x0L zZ;~?^J8=K?X3y3_4QNPkyoRR?F#B{RLuRNnD{oTxt5%gk1hsF$adn~ay9(acH{r3L ze38FP3)$tb*q%v7A>fx$W3Jmq4!O3OCE_%8&GL}r*DFo#wn1##E;$wO9JXw&)yioe z{k?Q!VanY@PFV`@ERcrx(W_+n-)C-126r2*i||kzdydu7=--!$VmC9ZN6E5XFTLg9 zaMD4({`@Ci&J$B=u2q_uuXyrSv0zYygO>B@8PCU1k%0!)!P?MVc+L0(hm$EiP;~0| zEMrc-nej<<_|HSBtWU8lxy8~MbRx1;)p&`$80$m3q_|gN@jHr@(1sX&k^Y4z`?Wuf zwyJ8l>v~r@+0tzteC&&Cy6}Ag1&Xp&7>s32M#T3$C!g?_DwKU)ZNPD9n{OQ>j;rnD#8t8vdz^-!ndy$6lS1Cw-HT!`mf`XQ?sn zjKWJPf&Q>$cfv;TT*bYi?$yY_>bpEITaka#$IgG!M>n@@=|z3_=xzdYJp#7&CI5c; zEmy3-w?ouT?b^pMJl_$G`%%CHr<6Y_8!ToF+yCZ@&z zGTYlT)%><>51i}2obG(QLhpn|qzB7H!nqVeTyJYh>BXv^y@lS0tc_@^=gL&C{+-Nc z_-nd+P}Y6Z*Vxu0-#mdv*arV)e&u7Lg*r}T(!x-=0XKZ8EK+wz3h1^Ay`&_D8;9aH zw+Z2n)>+DC>QW0ye{um$DywijeYpvjESTCj$@#Nkem{FKeXHsk-A*-nvu{gk^s&c3 z>UJx%R&om4FGW}SYF}C!@BooZ(fxP!WMh*hOqLyW-VJ6|g$;oCB(AF6GD_C(2G&tC zLKCN=Uu8Vu9o<%aOnA2(=yM$2@%P=LlVT=HkUpm?=VAiE@{05||9Yu6%byWPOwGM9 zVKIft;`qw2o-w{Lbu?1p^xf9&VZe!uzB*dt`)OakgmUx1X6#{yZ=J!73XubBd)qSc zgNKt7bL!}i*(DFIWJ4pco3AC%y0B~LM$UJ7dG_+c`&d4rK5s^DLGF`7zzmBA+9|IE zBHmNf(XCI#VEmy;H_P1d57T6giwapDXB{d-($C(BGt;asCDWN@srxNlnN9m+>Q#5% zxp2f@ZOyA!Y(mP)mD@s#ki{5_F-VTH4Sx0^)A zGd$PMD{9_euk|ZvS+}s(7Jt6h(rS{SI2e?63a73JOy35P?qsi*tB^?kj51v^|2hC7$c>UAIc;UoEfyH}& z5|%lbTIx#Z;K$#avHn$`WuXPr*EAcHc5yFLD2X>LY|^0NUD*I{-cr7Uz=P67ii=QC zSyouNjd_FTwbm0gB)XtLv?j0n2hq5uV~l6KZ?qHk2(Y{3^X||yv0IFM?YRD)Z09zd zh;UdZ)1kpg@-6=lwvG8mKG7Y<%c8Yw?cV#4)l1^zmqET9^ON!O&oE4M)g9P+xKMF# zS!!e`cwi(*sd zw%UMfVQkG38}Sg3$uyxFHD}URpM(ne7jz_W0d4}0r|;_m^!Lt>mdXhL3|F2F$B33% zcw4oSiBX*TVrBrgte!X~0#&&6#F^{A{&T?wCxFa7y6(l^3K2~X)ro+mUZGCe(Ffhg zt8Nr@*onX9!4!4nZJ#I#E{)umMn@9h14GIps%t7_6Od@sj&krtI?3CoGfR9~g}1@? zvwXCT>$Z=t~s1&aBgki1Kh3B z(>#vy^q;9j=cA9LQQkR92I%YLhRodD-AS@BGwZ%Zq*}=3VuBcdF&mH@U}`4d?{BMe zx=6Of4-By7OhS*jpwiK(-R`^W(dRjvu2)~<^DJ(cPS7p20hjsUTg>g$-yhA%k`ZJd zuW~&qy3YCQ=0f^50eu-6^aM<#@dUJEi=IVaqVGj&I{$R+n-Fd2lvM)mnb7^g*KRc* z=B^vdmgz0>fysxW=)In0PtsGt#w1H~R3#sBgeee~?rY?8=0-+4`gy-O4gu{3N2&K= zl-lPf{?gV)Y=_nWOQ45rH0~w_HG<&wheeUpH?edZ*`pYp9#s@-La$U#rQxcmzco zIirl6t+*1Mc?BfoVRWWo*MobW?5+FW&!R2dj0~z}$=a8?Y2AHSJbZkEIyLBp;hJ`h z``a6km7lMtr={2Jroo+e{Lk*o!rN~Op6keIk{mZTUs+bWpkupbp|-tr!mf2m>dnil z@G!)J>$SGioI6EdIYbDW*gIH4-KdL>aTsnCLvq68(7*M>r~(rI_(tvchwTNWF_ycr z`BTvBr}0g_GR;%1T7JOHzASsvEH9s&KC8_A0C*hu`qa}7R#p;b%YwA^NKQJ7X#^UN zTo^}P7{_pD=b^$6CucrgP)!Qz?*6*|t)EO&TgK;P%j?7rsrA95sibeDnv$4k`GC8% z*7D2@s$>oZH~9wMjK=K@QSWP1@Mbv1{wOH@mIR`tVHb7btu=Lyw=ycGwGr-*F3E0( zyc}B|%NAW|cAlKbO~(^d{ZQ4#nt~@|O(yd!aHMq6fyM_FBbwH$YywUM*GWoru(?iY z9}|J%aU%lr98B%PePLIAHW277FAMMLFSFJ>@oo{x?x7a7^vW^<=!nCFRrsgQq3<4i zCaTpgWuncqmFZnGKE*+j;4VqV>`kurWd@{{g1LTx6KrcfPFWwqXO>0Jq%~P%(&}Mv z=aFGas+cQKC}PE^%sypq*bxA`cYr)Q{FGTtuWax*FV_Iv>9#p~ILHm8dEKaN=)$7s z5-EHT3L>K{N%pX}(O)VtjAW6euwGnKMiMQ|0!15+M6nO%kF>S3-Db5?Ib_Lya16yQ z_Fa~c_$+AMMymw&zV@-ayiYUBDSu-1t4Jl>Res+8RhyUlP2a@8-_qDrj-*<B(Q(T1Dq;p!wA}LFtJ_MOx4A`oKK{^m z9v`lKHm=M%5vBDyhYnOFsX3R#Ls=tU)=W7js#PhPv;=%V>kvbK;I=XR3D%wXpZwC@ z1?o3U%Zu0st;y zTf1>S>ptSWSD#cjKw012?0lQOH;AQ9-DH2nl1mNIXDRd9FC%>$qLx4xM;n}zQ)dpc zE_ydX?~i6kR18@XMcXVZE4i8B@O-Tf-LM1T{(_KlG|RT_6)l%v6tH8-F0HlhOd6eh+gKI(#g?%g~% zRMsuD<)-I@_~cbKNt@c-*q0pX680bomymc97lb1>7Y=t*K*y;hdOi))T9NCIW&k0# zI?ii9ZH(nRZ~H!vvd_!{CZ5zg+psBd^NaIrTJvl}b7WfJ;FRFTwZ^M+K+Mo4hevd3 zgJ)JgHyM{98Fy&pjTVO6*~Jl0j+oDG zKNJb1*c01kh1q9`DqfalGaJf`@n*KmWbLWX2H3ynpQW039VXeIi2)~&KUNXJO{%*q zmtOi4Gn+%ivMe$4TA^-o!C)`48MiLnIluU=jpAN-8m%3SS%`aZw44y8lj&EXBV|~c zgQ2uhdT7fmRnAd9hIy1bcFG7FJ%7r(L6#o*p4++@Hzz2kDQ5pqDinvS#oWO&h9@YL z^?5@C%VfsN;l798HCy)pIR&8qldX;&Q8OKKoYcJX#iPJg^3A0p3FV)l{`D%d*9SNg zM#0Pm&)zvP%%sJK`oW%R3V%q)Of%MWy&gvJC_k~T^r4jy4cmY2DwKLp{5GSoK(?7^ z^K0oYOi{+rztkwBX6J{p;epaeJmE8}Yge_3l+3S9Wn8%SMbE?cSzKul#M(`w49$iID+aWGC-ujJT;)R7pm~ zZsc)%EE|Jr`;v4-%)i%BgFr&W@%ZEz!+MeEoX~5uLRmT z;4;0(ULp*!}8v#`ZL~bkV`e>671@R2g^3;r`+0z$G#24=uQ?c;iU|4S&K3|9bU7;IVO2doc1{!d)S=(6@-VJeCUnzri_!se^Pw`rD zS3OSP3|5FieDC${qoB9(Hr_-H(KYMRzrK0nS+BzlZX^h=J9{w+TXpr5RPF@`mb+>#82hrr|YfZ}7c4WUWK?v0i_lAfnOhrTmiK*4ic}eOCwS z9=?No`*OmV6o8IAKBF8hbDNVMo0ZBfM$IS=Ca7`cixuB2wN36TsZP-><^3Y>R^CoM zJ>(#S;LqQCD<;}`_ zJg0BSr4=85zZrr_5pG;D(#Qa%SsBG%F^r}r>~IegidgP@Y!BW>Q6LTMhvmx2v8nQZA2|}(9ll$W?AOhWaDBW z;dv1dDd8@y(%g>*dz?dtO2a%${IYYZC!GEz4)nEoKOt)5O|xU_Jch#6#S50%2e-#rP?f)&L@O;o6e`n64}6v z0WJ4RJ<=JWaP<&W37$%V8v_WON3=BL42zzdGJn0`?#ve_=mJB>oG7Z(oV zXY1WcUuzDiJh6bFxc{35h8h9vh^JmQ@@$GJe&Lr*w>9<{GnuWJtFO7t6^-B%^W#-w zp@`Jy_~VGt!o9lKV|9*d zK|o_Vy8WsAZY-=U(t&5zI7<)U(B($~bSoyNlHG*347|OhN52T$g<45mYI4m(0kR4B zM}LwFjHfTh(rX83_H`J{v>laUhBV6yqyZPEn6+E`!B?^~SJG+s8+F8|#gv3S+ZMh` zH#@Wwv$(hU)U@VrX#52g?s(;m`hZ2hGMIE4*V%CMD&4Sv!BHE2nL9z5J956MTS0Mq zfw^$(PR*krBGM&za4joV6*8>(RH5q63$J7Tvb#qucTc-R8xzmG+{n^V=JcB*W5|YNantC=W?$r^rzJYDx&hgOqg4O3Vf zzofTJaf+^woq@!Ea92?8^7{Vrs8}gUm_Ws8UE8Y;96UZO>6ME77*cQ&$_2mxLyxc? z)OpFRXjb5IQa!cqc7gdHw|LckeLtzTC1$~DI=Kcy2o@ZVKb-LvhjhHPVpV%R;7+$y z1{H!9I!*srH|_3AW>I@k=+a+>T=-w>o539cUJjke32No%{1;-~G^gJ@jR5_@W|36e zVrGw-rzW6fSdWnx&Q!i7cEjJcZZ^HTbGx_IfgT=B-Q6d*m#`QbK9hEjvkUA_$b6-~ zc9d^P?=tNY#=!m+0>W8;06{UL0VhP@tHM9^39R3llbGmJrGnm}cI@Z1+o0?hAocut zY5fh~QjOrBntJ198Y!{;O%Ty2$bN+hpI%2Os9Wyg76wI8``xtr$2;qF5W?>S5C`_o z4sFH9=$yY|16CLT1MmlspcMQ;m@u{ zY|JX$i2~%6(iI7)^QxdR0=$IxKq)ycLs|a4Az{G-b1&>%k>J{eJIWBeb=gs~qX*+B zoPZ=cA%*%$tPqfBFL7pWVP-1DJXM|77i=#7I4{DwvSaE|flh}9wK+Z9L)<&t)C~eM zC01Vx54VlJ?bMjXiB?_8>#RktP~$a_rZ7Br?~&YUGU*iB1UO*V_1-@nh+Ufq{2wOABQz=w4$Rt~#G^)BnG7Da4|1?|eO#Nk+KeA@9 zD#v!v>N$2`Fbe#TW64Hj{C_0@u;S>N5O3^Y^3_od2pth=)l?fg9p$Qc>gV`M3lUPT zh0Jv}jY~4_cfLk<|E#xb&|I0z;83@dNd{Np4$-=EdG5QaF7)l?kxU6+pc(GJ=ewXa zf?Kj?`N%XCuyCC=kFzfE3&WADLUu4c>P9C%H2`RM^^hfuF-n*FY&G4M2dpMc9R>$M zt{pS?e6oMaX{c&_kDnLmRy)Sk;XZq$%nkM3^edJNsiRCi$#T#qs#6KZkb? zI^&9oNXy#p$oeYjtb8N#EZ!%^dg`q3FA=`>CcNdr=llvU8I8~E?THV)r|9dvsB~5| z5AO-E4&nZoK=Ung0T^6%>V0lpSF;st#(;s_pM1n)HfO&qp{$HNCXuwHg7~Y0s z=rpFA(S0%Z{74X;_Yq0TAf#0^U`2(3Nc3KpR1MF^)q5ZBF@6uD|RS!;J zp#IXw6b6pFmAnS#0|5-?ML6VB7PI%H-Vr7oEi@2s|MS=n0|NCM$87b9eF>4$V`Jb< zk3BZ(@W`7g94cpQEVHC*w z^LW=Zl%xmBOmYi1a-xaqmLV?z?z$%FWQoZtY{3(*-;6SYrD6 z<>(E+T;4xjFnMYh7R+_13^ZbE6eumdM4A^I2B zE*v{qfYzFHrK$1$YGQ2LkM3#cJ2a3yooEqXfAi~Z(*Mgz(DPfALK0H|kG!CjRYJao zL}IbuR_yJF$%J;>VKBh<<}>&h=UHuv`Y@3_(_CGU;m2U`GrRU9`7al&FR{2V$70f4 zYqfS}MPr2)-g4OKvVhq#(!Kl;@MEn7vADU)l9^{2U;#slPeU>G4}5p;ewgfsB;q7? z%cpz?SX-pS$-S8yGT(j1JW`zqHJtMC9_KX5EzpM?8?yL6=}Fo${c*d6wE-tK&)HO; zD|(pZ`RJ10eea`1fTZCG&S>7xiy>?f*3_qJ|HMrrtm)jyD!`r{0yokr&mp(iz-9#N zf_O>n+q*+KH_OMsTF9~Com@CY^px0D}{cTfE00)bREJ=`^PHPCr>XB zU58<*9niM5jhV2jOKn+|N==i6v)wV3&9q2STi8B}%`|9WL6h;!GiALPMAN9n3M;43 zYw%&(hiZj8b&SRv-qr5@&nyGa0VeJlUe^BgbU+N z-yDMM>%Y!>Rd(xyAqlnd^Zso6oGJIa^k=2BZK16EoyvT!*OKmfmrvq#`znV=4%cd& zeX4)o2gF^n7BSqunL)jaBjLCkV;SbQ`o&ky`xI#FvyLhIb@zkIUbxl?{B;(3e0BP5 zoZ~ndN?O&m&ry5zwELvhV&kjp=?}X{5zE&7A6gl_lwVB~(>N$h9Slz$ut$?nvNC9w zXvNIzloe4n^rp|pr!6o`4pKR)*d zy9ZiUITykyQ{vF@j$nY{i?+%Z6{W^{NwL_7MtDGz(VNAh<9VOq)S7}JI*q$`f-Ws{ ztJSXWt>XFX5RwDU&)1(kUi|XF_=5%R*YIYJDZ*-GP=VxtV1(h2g|Py0kMR3tmBc3& zFeu!}lTY)tOxj@iZ_fs+sL~J9)bW0K)DSTZi{`pGx-xO=`Kk*sK zES<)mOr0aFm{G2aWo^D^4B4si>hyQ4ULB z!Zh>2x3RbEH(9~l?x@bX?WKE&(5veGhgG6nQ1e<3DSd0-dMJXT7xhvD;Xr5bASyW1 zDwsNA*%Wiw{UIo?z>VC9=MFHYCi!Wp@?ReWHC7UcZq*;*t3~6fN6j1~-adz8cKDHB z31GQ;%dN1F#m>sC{KGVi31hYTg91shR&qCT{N+}#bzB1YZ1Hd-)@B}NAbWnj`F?rL z=&|r}f*=GO&vEx4#4#VgA^t&1u45j~C?@_bvqTQeuYssyGirKuexldl#ov#-gh{w^7{t;9je}aAd`jpJ3 zNfuL0uQ?Nfm?4wLv4U{|X$N4?QOA+6B+CK6A%@ZZpvp9_U{u@cj7g=60lN_q%=F*w zD2bN#hWO|)Fa7Sks5^z=3mKJ^W& z=Y#++(78;}<;yk*t%Ui@s6}#G2UtRWiezT-{pY+}c6o?7l~Ise(#5ly-HD1J+ZeH0 zz4p9Hepz5`eb_FMuAbE@9%k(XU@(epq+ko>)x~6R*IU}-|Ef?DC_MmwH^@NHg7Xid ztmZEVH8NUE9zbi77T4|NX|_if>3i2IH^N*!s{g z4K_w*-7*UAKR7%hOIdwQR$!oM{_TZVl6{)p*W;Tv700?zMXXcL6iI7^>Mj!uvl|kh z9!Ehf`+&O+L0%$MsyQ`=LM*U8DL^F;+G8MDL+lF+ z7>^~**xZDmypd|*Uc74;uU_Q=+eiqAPmAS9=RnW_Mn&-Ce;|U}MEG_q@v}7Q^Dlj2 z6Q8Gxwie5ueT-lmdtH%k$iV&JB5S<95Rs=3NG4p)8EPwV=X)wa#IQD~_K&Z|kcaF3 z+@7Gcr+tP7U3KtxkR(sO%U|=zL}Q6&2ZCE7#0|>d&(zC|ptghAMU1ydKMugJM__sa z^l8R}gYR6(&Ci@FNh7+Fx$9>!?rHli$eOv?9CxfU*{_tHbk^_R^aj>cnJ zM%E-4brO!j9kZgK%L2XzP@xZoLCybq{GIIF3UeejIKKZzt-5x&J@!(bk1c>>C~Jzt zECnlK*aHln-YmK{c;r{K&*68g3^HDPSQ_5zB0f_uCy)g2>{~{iVF|7yf3RA^B=)Z~ zN$dPD@R~S|Od#@w^@55-(XkjyZkNhyGd3LMMLOyzP(tE-|0n$xsOY2WRcbxoqEU;M z@nu%`_o1yP-rn`h#KU$i@`#jNmxHaom5iPspsm*z>sae(fw;mamUSbKt7apB^8yV4 z87zhckqdSW)D|!*LyCWk&M@FLa7f4yiLeLzQ`aKa4Cor+Gvf@X+GAKWK)ZWXs5;8& z$n8o#4xRMEXXz=}G0MrP{dKjezSqG}&-FVjFk)j2y^)R1{1}D(T6Jb(^3*!;v;pd^ z2nVw?IJw4FI<=?z%~L?>QtwQ~W|B_*`KNi`reKzV1bb*9{?g8?U(BoTSLAUDOPD(Z zg2&GtefKX?)67${&3>+c5R#a;UhQi^`M*^bEr$X8ilsBb(u#Y%JutggWNQHvK}$a^ z#wwnlMzX_&ccB~d0&_ccVDOlZA>wfB-0gp7VO=@3yg?P`bMU~bVvR4RcJIJDF)L`7 z>J8Lh5Bro~yjWNzt>HCBKO?C8uHloH>~YTmpcLCqiMZl;dVzd;;OW1D9zR8Cc$6H- zM@d!;QJWziLkg6%C~U@7n3(oJbqk%#MY%2pG=9K;4p4_S7QHEGU>UjKi} zeIY<72;ZQTLnYzhuc)^V-6hIMHL@`JJH~LT46!@c<@yBEIXL`RAx72~V^kabvH!jt zlEA5Q^KmB?D&hXZb{S@qiEn{g7#yl9lsXMNy5kq2e<_#A5!X~Zq^0me_V1&J9?ZtN z*mddxwZco~?PU!=$lH=+=)%`DU0w|@q*Ad><_q&Tr?4;yv6|Ae{X*fl!QAx{pCQ+C;&)S@;kHVEV6&Rw!rz1e$lYfcrGQU& z`C~J2@2%hnDiU;p*~wRhxuc|?wla{kFm3m{VtQXO-HIP%BrW@#_~$7{ zY3&)m4t5roN>bco`53FSXQtrysq7<3V*iV_#THjG6^kHdc5m=H^N^Kbif6&;hxw4& zwF~KRz{gaxc3<}scDSdyL?jC;9Rsz7+gAvzKFPwNSjzvN%L_YDl6YuUZHyBJNc?Q7 z6SCF@tuS}ik+m+1Y{WL~UQe1+Je7zj&Zn%p)S?0fYm};%__WJl6zyki_CRiMKEe% zP@w+Gstd$#t>&T&2jBUsdx74MiQ4-KaSINqdwXaDv#+4*F(SDLti6SrZRj-_T$B0k zdRX#+Bo;(-z&3fnu0(7Z(l8n2w#|a&k~fse_*Z>(%me>1!^Oi#CNIQkuw=GI;s@31 zWSXZEVHa3QPVrXR;Rd0#QQfQ+ab7MU*>yQYcVw25F|OGE_t+6**{#bM<5x-IGl06pHRtf4%T~Ce zxLKbYSjN8hmuqE*b{y$L0eWJk)HSqE@3}BMX)GlS5b+G~u-Z`Kf@`>Q^mX6NlJOd=Z_??Y*o9LdXokk&=J))bGuF*coUx$4|Q zzuY~)+!znPWj4;^;|u@qAqBw?C>EXb*`a%g z=ZiMvhU+Cm!p2TH*vHm`SRoiRI4%^sW3*-s7Ia$&O4ziT-A#%ToUzDkt$hbEFaJ|^ za0?2>Hnos}#XEEfWCD0x6@GwupC1XTw~Vj8^7K^BS^cDt@Q94OLVt@b#R z$HiPf3IiBmyUfa4Zo`KE_+je>5w}0xqWul`ck(b>Jk360+5~L4nNuz6oJ?%nwrxyo+nE>>+qP{x znb@|Cj+3{abDs0>eXG9u{&e;3s;=&Pt-aT}7WTSOS`EF;5|6{|FMmbTF4)2YCqF0s zCyVu+&-@ZtDOysm0T3-+307qV{BJh9yMI$483J(MkuR+F&uWOL4)%B@7Ux<%%W?i(@4je26zU*e5cE!cBjPUR_&L;e?C10w1h3% z#ch9;?ha%E?g9^(3@+t!5_w#700)e#s3U{&**m;h1HSL(=RN4L+ayVcx8Wx7fcZar zPZde@dw=K?({n~v^-J$~v@btBn)W$=f1u~XYrK8hbE8Mv6wxJq8@ zBEJF#vk`AtFF&~o;i#^@r8EA#I(9AqS=f~3Ci4fPt*19Zx6*6XWGo<-DD6fCd|P;` zvpQoD{0|qaHYXl_2DyQWB^}+zp-2Con|Kf%MAo~qB2v8v^94chk6c~^DgMsMr z-JYrhdFfHbliXO8-pvT?1oa|=N<0y?2@XUBMv-hsqU;W!V!^$T-Jd)da4dCFvz*B(;qhebbVbPZ zl7`C4&o%ru3q6KPjwYX_z~>-yn}GY+@GXmf`rLgF^Gkf>Y^&1r(4lZh$CohS319Wi zGwBY!^Rr0m{5~oAI6OOra!Xx8U=@hpfP&eyo8gZmna6dnF;U-`wSW7?Rtum5L3(=I z1^7BYyE;R-scZlT=7Nf@A^($OEn@;=xz}zCw;C3Ca0NH<$1YPpmJiU5Vm+H|u`(uk zRjiVyH&2rhwA}I94D`U~SNGr_zv!tUN825pQ$mxvRG8q9W0JpzN|JmGrIOV^Bp44iD;-+whAgzNOPEF-1CJG3f!QbT`@b*eIgLSABSpBeW zh%xcpIWMgzcGrH$HqB}g+^zbBBPVbDn7goxiKKE2+V#^g0PRY5_^1@)mKQMJ1=G(FwcRvvf8BlDaQ#}O+83h7co znM!eY#tA3F>F56K<4n7mEH6o>j=e23cMRmGE*>nB z4SeCM56l`U*?3M;?9sS~0wcjIguQAYYz|KU1r+`e7m2nQzn*0(2++p71-5oLl+VHW z1K)c+ewqV$truj&Dl_~mg{fo{de?yA$1>qeo4qrI2;BhlXp_~|_Ng5Jv# z?sD*t`4UQeU#*Y#J=O@aO~3YZ_IE>?sTlWZ8aPWdT}zjqwUSO>9M`26g{SEz+ zz>@GzxHY=voN{-8WrA&+@3=t)0({?F{5GPa!LT+_-B=_c@xI?BqD6mevzuCo1A8iAe-Ibe20=(vKr} zdw*FMdlFp6Jk zih%w&iq%}~pqnslqT~)TI5~F(ADIg%WKp@EQDl^rKyRy9DDTa)eNAtjh7=pe798D6 zJOtB{k}4y=+|6&mi}PNQTbqTC3l+RgR6qwO5%NDy2m>An^YduJz3voRr*eeo?;emx zlORSQw3hEQxtw}4nHxplfa8eW#%&L!{M(baA*k_6J#)c+Tc*zYFG(3(9@=$_a=7Q0 zJv`2(6L<^wzNX&15rlVt#qD$uIQluuys!M)MT{9I;IH;PBl#jPIppUocoD6;O(S~j zL6_Jrv2Z|PQzSM#Ib>COL@qy*?YwV_=$(L=KPQ=9Kj_s)`=XbeQZG%`SHi1N?yOPP zwVTz2vg*2C@<3$r@9;uo<0rZ5fWBf-Ek6HV@`l-R4AJuh(ess9$`4gM4hQts*>UiP ziEc7`TqQTdrynXmRfu~1xlojAE>`{q z2;$;ddKTd`1k;cQR9@$2RnCBr-B|W==mqBn?VuU?JHAk4ia`Iw`j#jqCOt@uG|M2u zp+STTHjaP{m-0PC>IF#g%Av~n(-|*GD0Xxgebq-OL*C%=wn{I16?`YX zQ>P#l{N$mQd*cEDv0-2nMnLEytc*LOvD#E*6^G@DE2%{7G>_VwB^YBO7DyHK&uD06 zL2VwEzaJ3br}*Gch zey991ZM$XPWAM+X?c=W<;oT?x9bN~S*FfQX0=%TJlc3i!<++?pwU6h-GYm8C9NGo` zgc|oc8Hd;fonE5^mJ82LyROXdmUfdRGFU{I5PsmiMW?{*l}Y`>FKzRYLK@c|lqGdOZE!oSB4sJrmG zhW34qJE)5pj3J2Q@l|=)$6cN0oFmAI{~!_nSb#p9o+{0up5t>;doM_+;^*G{+-pnL zPgX{pO^;@mMqoeDC&%$qJai94fY<~m6@8+|e~9K^qdPv!O5NCqJrVgs-N)D962Xb#E*BmgwSI~P`rM9&8`>b zW7L70jCcuZ!r(8z5FUCDKnq5`|A)yWtzLcqrv%=H3(8r4Kn%7VUOBbbk?~85Ud2Zr)VN(I=`(;k^BTrcb)cHT@$klQvOzqfJLn?pr9`<*s!8# zwS9d~@#gJ=^i9Ky(ymks_m_4)ikX0c>y3=w%J#y+29P~4_u|VB@Cn`>y}tD%`r&cy zv*nTFHQn}>*)hGjO3OV2>?R2};tt=}+xwwi9bdUcs+1@ajz$UC^1AMN`sc;X@o~#b z9~Lo{kTN13b*$NXtWRH`){p@c&L5P4-{6-iVYxQ+*jBpEDx_q&d0;tjcY9K*xm`G& zO*oBh1dVMpjZHL#Ei}C)0<9%HtvM{6`A9ilg)1D8lv*M7_crn^CfpHsu(^-dIb!6C`jh-Ss|T5j zUbB2(wQgxHN^i$>COKa0o~l(QP1PmKw6DbgeAvrwWX-*7wI8Zl*qVt1%3Av=S{68) zdum)q1l!&#CA;<#$Frr?!m~Ew`D-zuEjgpuF_qbkkyl(;%U*2NPq>Vm-NYMtmIQ6F zOsKQiG5Z;`HESFJIZY%-O+-$BNo zzcplVGg;!yTdvR4Kc*kq6m^Fto~a4dw~(kdk|nl~BsL8uv5%;+j3ly(r?818v52Fw zilMOvW3UU3;j68nDXpL=&A_O7DF||_U1~HL0W}4bwT#D}d+Fuv&o?6=1GXob?+%h% zFZHePNR&Fg*cSlEj8z2(;&8pAHL#;4_J(*#Z}K^rfa+> zITFg=o{R|@$W`*|*;*sb&ecLlR#QmT)=}3&O*u)wZ}jJSzuigCj^eGT!F}8eVBlAk zzE~q3tPSrf@d8EBX`Jo|>MPw~-Xhb1^IK6O;dx`+#3}fQQ5jmeMZNun(CcVZW}Ox1 z{<0IfjZ>bhcuc9@bVjEl1AHBQW*xOiP~Z0CNx==NqgWYwK|{PfHJ)=lo?|tZV?7S}2p9Fe zGUbQ1j%1%>T}D6YCbO;N3#5`L%9hEoo&4RzknYCUqlfg@h4iJuh~$IvVxK~l0r}G9 z4AhAXl<{=J+aiS;cF`18u_P9;AM7GYEI|1yF2JdBCtl=z`{Sj;ooxl&>VbU*449Mq zrvc^$TjweJzD}hp6>3shr(Wk1t$y5zpCb*yJ#Aar zYtz*`WlNa%`t9Of-poTj{=ar2=5)_Kz1#MJsXg@2Y3dTse#Ch*@enuG^W?R$_z{&Yi_4M4;!fsqBeJ)Xwoq5WjaagFR1m6chc>x}J{2ER zn!h{|+uxO#>b8x3B~dobtv>l>vl#v0Ng039QSPH%pE4=57`>9F??x-)iMOZ3&`_}^ z*>#o4{B4zdHLJdu(93K!i-|mo>8C=Id}vZM`SMfo!h*>HTj3JRNXjC4;xh6Ax!O;Z z@v{Uf9A!W$U}bN()v$E=d_ejv*O=U#$Q+v5@;kNlcUtrBl-3A>)W)vMP4uA{Hv=IOFE*o@%So!u z)I^H(c4zFp?dT1f-2kU+Yf^Q^V}<*bnlOhp{}RhXzU-sfXH`z?g7@CK^zvy1HTIV` z^SO+1fQ!=0&~pT8o(BO(%Yt<&8%}8TE301ES*`TN4eeF)^c5%itZ!YygzD&PN|8>R ztApz-WzoKZvHW6r6xo73XaB)kocsX0dSQC>J9N#jDHdG@3FUCK_LmpU^@~|*P1I#a zGHWL?y8~I_i#xLmm|_XrA5$ANLL6w*T+aU^P z-wjPSS^dmzU$e(tlq$JRI0=bLduvKtTR1seIH@RF z87q2;AfuftG_eEEKqxwkI7UrZGG`4R)oFOsf-pr;$4wZ=`TNPSE zF=~bH0p~99KAu?+6@Zas?lqo&l@&*BTRgm0{Jc5-)Ru1PM|C$>7B+Eglw~8-g{V~o zkzDWGJBmu-4yLE%9;}+}&&l(0+aW24igG4#tnbYgQWTPY6nAW=;=8N)l_!1K7go&} zS6Aoppc)!K?S01w80Xwkd&jLCp#!Ck zNW+{E*@E4?(2JzZlG;LX$bhkNcSLpkfPI>5b$3^&upY;M)Rp^9V0(twt?kbMv&CB^ zc@^`pbpv_zv7Dg9t}n6O9GxGGp+3W(Anv}Zd`;jiI&%9ErY?8>>bFO({v-|Xh8$kc zP1b9KF5ec*ZR(9N*_0^Ch@AnmKIi$4))4g z>cUdO+FHueQg#l%VSX<<8b9j#Fx2E}X!@O?qdLIp|6LQ^&N18=C_apH*J2^pFRfO` z`<3!TI-S^;?&E~Kr6B|Bm|VYd9?xFh`CAvr?qv3j?#a8bFHDVz@IQ1zi@!(PmR5g# ztC*Ab!RB)<^PcXo)5-@ndHF8p9cd^$=J}5cf3lkOukktOQ0c1LvdCoLTXN%Wc(Rnf znj3tMg{99U+Z=be8-`PG7C!!MY*R}!?Tla(nlEFK3K8f_#16hteVR;y4ru1J<1x@A z)yeY^L(G&osVFGLN=%zLEm*D}ws9gOoIH6yDJw4nD}&X-O-l`3;tMn}@jO_eljrg^{LU@re3l$k&V5m)+c{_W#f+biLuXdl*@LI zJc0dtE?aRLNnaC5SrbNA5kXZILs=73Wgb;w{X2&d{ZCy`SPZRI6s27RU2uFCau;=R zD`8_T7e^0OXDeTMC2MCXGfNGBbtP+AJ9V)!MSUxKek1XB%cs5Y-prxgjiy>KF%d$Q zOWekG-kdt1A})Y=2#qHG=8f4S#(z*#A5S#TZN@Z;-ZK+mIfu({7sZ~J_Qd&l$VhR- zmShFLLH>I+@`?mE^R}ZiW_isj&*w8-{C)qx> z$dsQ*lv+ekRfN;kgbu2)#mDoucM>+^mH|>7g_=@WMU#mZ@fGJVl@xGv6i`){e&{aY zByL{fZ{uaI;;OEoW^y7WZlbEqq3b~KlYca%2;DW$L;$?;RW9>9;7WI%{vVdf*Nx&b znD}%WFT(vie!DF;w*tDl#E4$^j{~PG@k5wbu$T3rKHcHRuJQ(oh+$Dv}l!NJ?BZ~I8*Jx&E|HbaVBXssWP;$ z@Q#XC=Cj3PLs@D(iQ~epEsd>vNy^e@EzrINUO%0OteOj{nh&8bi4jEJMp-X^obr2@M11ca0QR3|))2M&FMBRYN zY0$CrWH}u&D(m^`f8<@yP~Y#Q zAKdOlLAHPJ>^&b5&f(2^D~U9z$)@x?bw7eNbKGvG^B!owxuhn&)}whIc=^q4m+WWX zbx;J`MxQzTH89lQ(#fUMAl9j*E%&nYxma{1d|VE0y9nh2L~2XQY&GkZ*gX3x_o4># zDWJ6CzuTiBg?G0cX=+c6zLE#xc*%*q5FlL$!cTi*H~dIC_Y-oPW5Cz>{+w{3Z~M^X z?>7YX?YJ}IQEyWcKufFm5&gdIc@vv`1CZM3Q~Dlzp1uJN{ak4HcT{|P^Pc}$1=p;r`s}ED2Ai!O zUzy}^q!2jN_>QtJ^JTD5~U-P66GyZGV~(6!=W=$m$o}aSGOCZB+ACNC?<}h_|H{!z^dvQ zQi<_kRpBh27%r-~F7Wc1GP$nOu#R$wPQu%U(%Xkqdwlu25p{b%Oh&;tcYgUAF;zNI zg;qZGdj9vZXbPJ!D$DO<)PJa~qG~W7W%0Yw`F5~*&#<{K(3p47SdVZy_mH=7GPm&* zR?rog&|ij#iYtA3GaV3*Z84*IRAB zU9$EB=QZE@*D-}&;jbAnzzhq@JopeNM^*+@BP-8giw~YJUI}!@^ zaW@BF>rne%d#=8*Q}NeUe9m-#)&StIxmkP;z{);Wx&X@4A@ZAN{4Oc(2kXu&H81u8%xG8Qf!Z;_je@(rRGs%KBFkl?Q_QoQg_fZRb6pi{(<6e5(Lvl0 z<*q1>?LJ<^yfzR*<*xCYSWjK|SFWq5>IIIM#%YM!cy9L@VP?_ia zj^!VNRiDHuXNa5S{DGdE1pwIT_CUSI(9SbNFLv+K`G+F?`ILYldqhi44PTu<96PrawwtsT-MChdcu|4R0r{8_G7Ke zTeY5>1YW>D2+r-y1*Me}!6!3b?B`Ut@RVfW)NLRg5DDI48 zH$v`%`ZdFyzEt-~%B%F*(%vsROBEQ7dOe9y9s^Wgvgf~B=rFo%626*c`?%F%x4P6G zvTbg?mLvIVsh=k)k7K=737^UbwjK#O)O;?~JZ5mp0bEK=#Jg9U_M;`c(mlh(pMS)` z)1w6!@i#n~3NM{CM#gFZ3CNcvMBI7C;0OP#%Vq&< zleAAUCUB6zbd?au0h*dUal4@y4)UlrvgkKsxM3AIk_Bgyg~p+z77>hPQZ<&Mg$EK< zM3JP27ZcYu(w4SC7Y=bZF3~5B5rnM>eAg&!*C>1!{~Tmuy4k?)GG4{Qz&_D}tyS2( z7js4Kg>$dqxBpkPG*2M?h6{kLm5$-s#kidduT7CN z?sTMk8&Za@(UtI<;KI3k9fBLxUgEUVqjF#8y2i`cc(QT&v`qQf{ks9qo*?HgrjJ0) zd8zHWP_dUQ{#asLl;fr1d!_c&=Cz4|6w@A>Ih@$#&W#{&p$o*ATTuy5Ski!jMb4jA#Q^>^a9&+-1C>6`*|RB zhjd^$e$$lr>miNHQ2Mv?J8!E4hO5QXj@a4F=7x;m3hD|eV%!S(AAt*$P)S=7I6+(# zaa%IDYeNElV*-A20)7xYc0vbYgjfxVjgd^0VO&Emo_MZ6C+>oXj)V$GCF%}TX>C+$ z&w=|qzqh}mOXtX0fL~n*yWr7^fzfe+?8pNEMI!(*G5bJhR{pDx5*M*F)Nhz!US{=h zeKo_-Bf&a^U~b2t1E#?H6*tsW@WW?cu=+fK?O}dc80SGf_CflDUD!pBCAO_JXOtQ^ zioeL&rwWyJ`v{Ai0peV!zU@VGx_L_S!3ZH%Fq@=lkPdSBLbjx{(B{z!#n(Hr0&Wty zn^D`te9=hfw`d(4XMZ%tA2F#wKeW(X=+%iSkw}(^%TkCbkj`&x(tIh6tx_WUGDt9f zv*G(0(ETUD-N&=VbNk-cdW<0UzN@e|A%3sNm43Tdm&%VD<2f*V>e!j0Ew@Hkve2V5 z>2s+wb=)Eq?YWToP|baz<wbjPQUTi3nCRPSpBoMM2cmfI|NNX@ z{*1avyB`UI^cmmy$I{$$WKIk`g~M~?LfwmJe{#QOBP4y$RZ|wWZVz)pOL~_WQ!&EJ zZ>9yBZEO@=AUmjhPkeTDXvC>g*cLWHB;^}o^E}69gpzk;b&Nca8a&!Zoc#80>M(=+ z1Z;rK``Lmd?-rh9@Tl4d0}a!I=&Pg6=lPPM}_m2dP6e6c*_}NqM-V(7*VL zzEEOZ1mV}~eB9W`b>|*W)miS>ZRfule9rKoAf3K0swDo4Ll|PP4Q#dS9!+ZDoatq7Nm+H8JDUs>NE0B#qYnOhT1(Zcdbq?hI*)@1Dt+gEMM_| zL---Q@Qe@|k&leEzOsfti*|6d0Qe9CTUed#9HNtWh#{5$CN zYx?+$it=t5(eNyqJ9N>7oP}F@OC|kflWyBlkIlrV5V|AvN=E{c4LkazS>-ma_;qAo z*|1XgH=Z7NcLop7GrsAX-{MCSJ=G9$D5Zl&Lj&f7!2+tw)qc#@*w+jKVWO0ALaop>PsZjaeL zt1?$YrOQce`TNYAS-E8}bJK*O(&ZRa^9KHfqW7`bmk7plbe~tN@me#EG>kGSf&J3m z00jl5ApaT&Fmxm;P-*jbv2<;NJqi$Q>)-KKU)6Sy%8>3#uz?acKg8c!P{!tGgD9{V z#3y|^y1}TnN8`bgF>8zbiJ6Gxg$5fA{o&a?82q!T8154VO2Kp(C$UiyRru}#%znW_ z&muO^Kzgf0{U`=`u^yRbW*YoKCxeKr@spkTMQfa$@}Nct#2uy=IpbRQnFn0gaCdB% zRIE){T?!H$HSL4S-LrjkGB_9nakT}ue|`Y=wij#nbeGWj8&Y|IfNAlydwfb%r7s-g zjs&POSSt$ZN4Cem`_=>Ed97Tx58y3$^7fnNF}8S1mtWU1ZYIyOr8Hj|8!1Y zaj1vp(JMX6#YDYnUc`UE*!5Aq(HVjDsb-q_;lWF)@lDX6uzsjuAkwHpsr*D6?MjSG zpP#>jgJD2xKkbBwSY?<7G|}_zH}Z|M3UV&vbHPBtU)_mFh4TK`xBd%Z14DcCd8foQ z)vLkDwZUWo(J|+#Ir*M?7sJL7xyEaeIXOcD1oD|DVI?1?D zWuzY^();1@9-rjvp$$A?*5j6XQRk;td}EZ9wpWs@Ml{8^3Y_V*Y@p&$qW71wY@B0N zfwnN>k$i0u6n1rs88ob_#;Y3mH_z|V*Bf;%=(#gV+Frqw^5VM}{FdBuj@JOJCYEme zc1j&yS%cjE8(i>&8p=Bk=UGY*e?;?%dwBT30yK1N68jd^5U_%Vle|Fcna1O9+WK8r z1X~=#i}N09vP^K}upWBOKZxjWD0o#~bk?-;d;Bc*L{me3%)$TAg^nw2Yol3x9Imb` z(WXPzwpNxG{#@5aW&}k5@L^R|m_{e+Cm^~1of=txEKZQWMZ&SCym#PRuJ#J`?4=_rtK38?q{GTmDHfqP(YV1S8^>|2t^hUHj}DYHPfg3FuCL}L~vleq5C&*<-) z0K6T8bE2DwtWR@Md>>sSIGP^l9X27mi<4&PE9;t`5~*)&tYZB#$+RxBkL97XFJd)! zia13En92t#4!Ybd54)X~2`{%Y>RVO^u3{Gj zhyWS;eUJi60%Z`&22JZZMcR)rRsXTs`EO*P5fBop3Ku97F2<(VBZJ9cb&&QiYY_$& z=X&3q#27S@eUAza|BZFfZ@vVM57bT*%L5D$b6$eRh z#$j+R3t;54ge9I(RL@8R5~+T7UuY8H?^)OwXF%+zB_q=|HmCaD`pe4cu~pjh>4z|Q zbMZt?w##HtQK43pBhQsueH*8?mCv4~V~=3x>b2{hggcH|>B{jW`j;!AL3E-Xr;$1X zjj1$^N^(HO9Kr&LMo#!uK29SDO{3WchYx3aGNu2Ra{8*o>{**sqJHxrjglQkoCc^{ zUn3y_)?@+pcM?;W<-w#pl)!8hRwODU3O5+osA!?QCb#M6Dyvp+UR`4pi?F>U?GuG7 zr$!n|Oq%blre3^WgQH1cuNw-b1JE_~v=K6MgNdwN#s?h^$AJ!O9PJXb&%GT&R(T{?>hrT}OJ2O=(o0Q=ILDDuqM|FrcL&SR=CCF`1$tB)gCWb3_Ejf>)olxR1 zp36Vv{U6-H)YopJeg^eZ5&2M5_FiL%H=GTNbuDo|Mah{*ED>rk{h4w7C_eR=GoL^= zpX5KKCb-zWl2Ku$4g$Ph#HMRuvFT0WVlS2q{R1|G0XI%dJ;11<q-lY3HymlGV;uv4qe7T!x#6vHu0eQpc!vxKYc%U%S=9Gdb7{v!{Gc+pWvm( z&yXk%t;$%)KK9aM78Xl6A-ozYw2*) zu-=_aUJx>}%C#gIeQIiRBz0Q(Uc~QX`*ZX&%nU2IA6=DvNL-{uT>RV1Gvv@>)%=jZ zRF>>L`~!T%gNs{Zw}Czb?e~u<>Ga3+!~$6F5dyV%2LE5|1<)e z!}EQNScRoJ>mOkcDjMb9KH_q*Zq9lmkOq?vBTyYC&XL&r7xemW09b^3dqi4%L&YI~ z`q&oqp-so{H?>Xjr-jUk1}45X?jg)QwM+~X1>Yy(wystX|HW{~d*>CdzixoQ(r<3? zQ!nKKN_ZFa-V+rKc>j&aWAa?=iplx@ecMFm711-FHE(UvxjX!CGD~4=HlNef(OFY( zX16B3L5w;F_sS59GPjhGHG=*GHnL5fJE{}TrmQG}_*CdJGepK^wAu(g$Du0?bct9A zY8HZCO!+ycnOv2WTFQv<6oFer8G%ktbaRLMVvC8S@h|%(G*Bek#x^}}4}huKI+&lQ zBiHOK+0Pa;`_lfach&36zIy-tW8H*vF%M?xe)!kek-Gb-TU4Ih>Tnlc53cT<@@kki z`%QAYRN~SwK&$&Ct)01xW9!oAq)AQU)~(6eL;LS>=DEDi{fy*Lt>3tEnoz0_Q{&0p zb5%8KBdkoOTKBj%^shYw+vk zn+WBuRKWvM%`fkbx)O(IHEdg#bDAmRnwq*7ixYrb+KTgU$X6KAdO(&|=I4mAv8uAM zKFpR0Gw(As%HLc0y+&%$aiaIm!&+*E=YPYJKR@GUDxmC0ooORL5(i-Uo|?6;jO<%@Y3tFUgtylpT2E)*PT_59;XTy%oG6N2(rYWb9vjScN|+!Oz(BpkK3G$M92p1-ogh&Z}ru|C#B(IOlNVP$8pzI9^MSU z)9F1)W`s!ENkG>&OA-_kF8VGO7|0=VIR(<=K3Eu^P-+JXvauac>%h@rYVLuPsY5kU z%0jfBJ3&{AR~d#<5GfGA#EfI2fE0zLU)i~B^>}zxzNR-hIa14)fwNrMf}UC2*f++D zgl4B6V6HlDYN%f=#?%x66w)kfm*Smg0czF_vFzJ8?&pnWV@DE_VUMyc@!xXu{|EBfTeLk7&DOa&g7NCYEZ|xJ~1(HyC!N?5*95hs~j=m zP!dmypGter<+9jij8IE%sWX)&d4&PITB6qm(!^!c$aFVZRyrkHAb^0*fIFGnBphV< z)Zuxl1)zB43T9)*H1r#+$P_!QSE|u&8)>Z40`V#wp1)GDcj@^0#@%yaK?f2^s~MeA z*&v3dQ|6i5(0|;Xa9>q%Y|Si&Rs0ul5{Qw9vMhO&!D}tQ&hhf{4AHux|0q$4l@Cg% zFT9KSqO|X9cD1N1E~gc|JWUlWB{(c=CEl~f3Q~N|bQ!&F{LtvG-|Q-bl|x{C*J_Tg z+Eh!%Hb0Bv=S;hEJoT;rzj)N+;909YD`u%FvOsUC=wr1}DRgOA!s6_p#ii?ZhL+w1 z-Aq?7y1Kt=p1*i_{bI5Sr-kiX21)@8$dqHx@~v>3%|*5MG%TC1OGYn*j5Rb;<%9dG zUL)eAehNc^O-$?Y-#N9APQ1#lh%%u+CXJ*6ud%vUsS=hV6{VEaMt#Rs!Vws$KLo3f ztE`rlo=O4u`Xv)rFX!H@sTbo7oaPyl(DramfKZ+Fj*;i2PCjjpb%kit9z0%Fy zSWZ+1=8~|j?xaSk#nsRa-Mh*h70rz%5E?$G+x@eW&H_}sjYkmNE4chP3jFddwJ%!b zNDL_@dz*6l;g{O`{>>WauySL8LF>Fo$fN+}hPMo<5uqKg#GX*Ll z_L|CfSLxdCcSe&lDgj#^bN*Zv=DS=@5Ob>cw4!OYjW_ydNB!isipgbQPYGkg1|de5 zbS>$!WLwm3Bo+)Z$!@&WX`szPXc5`t_-rXd zuFI=|%#b`-jWDufhQ3WH}wLD%w58f%HeN0!}LKLoUNBWFVr5rLLdFo~)JC z`Gg!}m2&_#i}J$zf&Wozq8)C@Hf8RWR5j%wKd znb4u-46BxzG$zTJ8aOOJwkGa0kNfs)3C$CN15Gpd3lm8IeDt)}*^AyU$&=SvzY+*P zNp*1STb46-hg3T$Q4d|&MqqhHTJbN=Yt`wLzc$8HNAcov;`5*y;-l+Gt6nFzj#hex z!~RStfnNs_@rqyw2WByY4)Zd~c!I)_TPhUCST8PrVVC`a6<$s1m?1fx4g1ntiLEB9H zKFh5rsew3bS_tCG=J#gH%gLvChz>EKjzJ_~a(=2fO*x2tn` zi;VLhXLC$?odql~*JMSUZy1(>I<*t`UJf_;@0Cy5uj3$Sg2Ob&W*=Hx?Pnz-9UUJi z^Ncq$lu?_I!lQeXWlyp50H^A<{veYV|Apm&Evqj1d>T_F++Za&VfkK@1)#nN_%`?h zY+PiBHX~t#ZgqrJ8qIS?8_oCA-{v$VUC5&6b1H@J^pX`F*{pJ-AtK$-4v*JysK!QE z7sup2PWFgqfGOVRqd~d3Ex~_H-Tv^#td2MTFVO$%>qVFwH>i{K+w^qqCB!MuY0XRK z{Y0)TxShmhBV`|cicog6aWVno+(`XRlJ&s@g?T*r?5?99`bs$FZevSD*1zeiV;nfV zW=V^RNr&&(>ZYg6V#3#$bm?^gW93%g9eCVMRAdM?MRYHm+MMU;N?i>di-{(#2eFnH z>R%TM^D85eVX#rpu)sv+EixB(VI`XqnmDVWx*ID}6=sXmd9yBr?#_vLb#+l+mx2V! zS;GJLcg&soK8Wo7OeqN-*?MdLUx=^dO}jY7Jm*fPr<_Q7YT@%*aaPElYmD*s6>xpa zGkxxoyq{yCo>QXtc0b&IRv(4qwiRS^F-SGZs zQsI|_iK&{P=iv$NNF&RPda8Q7_MDpL{0hfp@vJ$#i!3~?vzd|=h$WBXqGL*`!R zYmq8sM^R;+Nz{Y_6;wL+cm+Ae%=*luN_Vhu5z7+$@*n8aLB&KDDIW((FyMd|I| ztsP|ioDD40HTfojQ%NA>bH=|EMNJ)iL|wE+KQ6$OxwmF@R=GNQ!G+i=nu<8dYdU=m z>M1%XcuOcMydA?$g!n@TXJ;Y&1&!R;7Ly(o@@!3E;iZXnS3Qc-+KQ3_y*Z@vs_2td zU0tTf+KBemX?t_~&?4X`q@B<`Y`P{;(ntG$q@_xuw!IvtwUL^9SW^+$zle?B8T%?~ zn!2v7}Xl(x-QtZ$N>C(`a&%xW$ncv(|>0q6lmw|mU zWv8KGmXSQ-30vV6!VYTV(pH>bXC^ATsYP9Lagmt}(_~=c*j`^t!P-$-Xc9<8R#Kf8 z1<8ZZ)m+F#+(A*`Zk`_Sqjeq=hmyU@u64vTQT6bk1x`T)_krb1%*4S&%~jV!*Gp9P zcqSx7u0W;#0b??Y267^5HCmGEQUAva;&$IGxmljd>Ol^AH)=vc$1e zJJtBzc__JtKU0f_wvG-nrCG$}1aX$;>Nl*S0w)<_Y2y{ca!Q{2Bd(&d`XVpTWHz23 z@{RvCe8D|?mg~wNA0Zk&~Q{K}7Pg zUvOHz7-yvnHbO+8gIo$A5bJQ z1!$NH+youN+4=hoxE@?3&>)8^!Fb{$%$$m(R zaeODbp~mUqsFG;*xxY!?Y*lC&Unv#PG!RLom=g+ucd=??gCAIGtg6czoYT^V#g@S! z_jC1=>U)XMC8FT?sIZ)sG!S5zGwh59bf{?=tQhneh;;%$llYy#|8WNO3?P=b&aZWb ztHUD0|4}9qu=U=WMW0HAAAu!CF`p|9F762jFx^w7Zh5wa1aT}%8z5hLDj1@rz@+j+ z-{~EF0l_O>?IL2(_e{mqXch|3?q`Hn8HJyw0QT702_}ISC&SZ6jKU#eNCI?_|7KSV z2NT1ffmcGGTxJ?u{?>e-d{2eOfm8)>Y4(1N#}; z%!2Kyd`2LvL02PViwVQ~nb&7&ZY!wsjdrE;f}X1= znHhQ6I^mK!wQSiNHg8_*1UIQ=p9+mu{EGkg^X4zi%PkfPP3ji3HG1|FIUJEHam$~U z_17g|4H^e25^Vj z2T`MWY@PS+f9T&UaZj*4ZSeY=a~&(&5$K1rIl`3U`xE0DI&yI2m<(&g(7!Xlrs&T9 z!nppy^}><=M~wm_c!krL$UP+g^>u((J3`~8OTYeCfY90h?;k>6j!*xG`+*Dl|CEes zO#Xk%{eKnZ{WGs#D^n3jqftLRf3@+@n(w+~kOePzpzOx=D`k9X>v7kvWtD+JWrm99 zREYS2aQGv(?_b^=nEoD-SLmwbC(H(6so$MGvdjSk8t{V^B33Y)bLb2B07=R0L>OIary!mz5P(PqLg$?>tGtBMG>pN$0Zp}aE(w%0 z-=Bg)ek)(HR{Ah9VdOap5#KH`x2A*}KRms@Elu+_6kDf!^G&4YXdEut@V$T#d#gPAqzp|aW~_l;pDYe!Cmr*@n=~N@r?WPG`#I8` z!*)xAA9Hh#^|BM>zN2RmskrH1Ov`a^83f-*Mv=h4h(V>K;b8B;HL6WR#-o& z-WT=K*qm+h#mK07!99+We*%%%^d|4B;bvHx?ias0nI=RIURZd+qPQ%vuzDtjn2}LM z`jJFBVlijxr;*f*Pr_d!vnS81#Y!J;Fz ze|kcM0_#sH7PhjW8^w(NH#WIrq==^qs$8;hSX+aifB+Y#CU{z_M%@bQR~UH^SY*77 zpeb7B0J54&I1^xLK>m4b(z1yuKXk&#L+~}mHBp{LVkfQ-z&0c{ zz8VGS@To{~R>k9ulqK6>zi+`*fe91w;WMPJWr8V{_p0P|+H{ z#WmD_1~tG@lF$4Y@la$pRmU+z6T01x6Iw49V+td8|0kK5dnv1lYn7?(R36KnRVG)5 zm|4la2j#y811Ms4<8D}vUyn`VE^AsVR~f zTc^s%*zkopCWM=-L!gUdbq_x;FTBF2I`7Z(A1NHC2$Z1d<+~=+t{#!$ z{c*k0p)RMENvINOeQ{#_a%r+%Mw_E$Ul|=59(Sm8r>_z{QY-A#I4p_XG>d3Bv__&| zO}d;czj1jUqC-ltGQsF#fnGm&(5lvlO&KqEAwwmgQWlxGg13j*dS}52S3Zx$2-WMs z1+6)vN1({|yP}9EqNlW(_5AHHv0UO%wVhN|%7FM?iDF=wm;6iDq})(Lzet@}DKC+5 zjwKXoTmw2J1`#5CU=&M#$X-k_u@GB9s5pQ8qwoF?u@TGa3db%P90RC3ax*+-0E&aN z_W5Aq)gFF(UZR!LthXR&P>()uzh`|BK=1f$k~8UA-Zl?nA9%}}`? z4~@BND~yL6(E3Y5yf;ZBz$=ue)zms~K3+*RA* z;t9SIa0OMu2*u}&v)^cnp+PVa;Si+syPo13602BMAv_-d_fe;hFDvkUM{N9rV@uI( z)u^N~g@)+V(@T6Aot|R`0GxXIx+dO;6OIyRz*ZCBtN=NApq?e10b|H^uj`oqD#cH^|Zu9n7hdOai}C>;uH+qV6(Eb>rmz)Kji!) zI{c?Mo|$($V_9c zlWJc+(%I5WzXdS@r?OByBr9YdDO?LKyQY@x;Ne&l?0#Y&=cu1M<$gE-G5A zT&XOUhgH8+%#WPWaX-juy{^NvdYxwP9{_k6D*g;~?5{$;p*Hny;^ycBrN~H5MnteS zjB<6rt2D`j(5vsYSrY5g0jhO>%tOZmQ#9<^DEr)_K0e8Sg zT>lV>5Y(MI*K{aTmcyBuHJe(B}gFPfqgO{s*WrHv0aOecKr~p+fj1JxKXXTx0CE^ddu(Eh3Vd zV;(3#z`oL>(|qq{+EFt)L+(Qmlro5`g3W$pv;ImH4%iEhLnGloO3+Kl_CCGe>54Cg z`2pEWC;E{Y5Ga?9t=lIZs1u{J_ycwnMxTIO!?O_~|F(&rpFcKs3dzBdFD!W2r8DWB z#zdl7gEA1;kSpS7y;aLs_cn?|Q}E*;?i%=#)A>3As?CjM*3}8>f8`_<2JPnG8@G`9 z-2$z4a0K!^z!^C}>$%O{mbn|O>RRnNFKfLbPwmaVZ&}x4EeZuE5ad}SpFo(A5!G^ ztl0qC+qyf~ZY2+m;1{jq3!z9LpSWrrUu-`ER@3*x<9fY03nEwuBf8$B1AQOgDAkCu zFm;Mb8z$wWxt6x3J6&2>b{mx1!4!i$SRo3|=qcr%7ngM|HV57=RMOXrw##9{RMCL_ zr3utbA&8O8JHM>U+MSMvwTAIa!yD=c42(}vv1fZqN!EULLsn3w` z;pLo>G@B0uw2=`J^f~Fta?a)voj)SYUZjH}4CS$jPAw5Ez4P};hp4KOEgP?n zF`?C&<|=)DEp~zZRGde7+A0#O$z#FEzWfNNC)Ad6PlTfCxXN*$)%5)yq~O+zW$PW1 zYbcz(v5B)QFum>A=5h7bDkA)Jcnptb2>5iF7YV7$%Ky9mQ-~Qogyuk{1i_ zrRsWz!junrls#E4i2~!IA!SvpU1?`)tEX#$aG=_@ld9~ix`aApO8Ls0PdzA}GTFqr zVhp9_8#0q<(t(VWXOE+~)wQd~)kEO*%Cm-e zAO&iCTye;FiKXcqa4+GvXD(Q^TeLauybv;9Rst6i)wh}H7R+M655hOd-1}Z*OvOF7 zN)U|D1TyOU%}ysNV4_ZX>NyUFdPw(+cf2%BAaq{R0v|?96i@XtNpCT1O25#C!6k&P zl7XSHf~9o>kHz#Roi4mIxA4Jy==t|V>9$0UUEr`xDAUQFB%D{k>uGRm&Wi=`2ife@ zq2w!*P;4mAw~K5CW-hset^5yQBJYfGqu||i;>XN!`Z-1&ND|5bs?5RFS4&U@0q%N|{^G#i7sp z^GXiRY{_7jr*+a=6tqI<%U)C$hftKMF`c?|V;JI#42Psz37I-#ujJ~tB1}tNo$Cyx z(avLoh?iBq+=wfJXd=}SxrFGuA1odRq~!Qm|-jraA(QSY?TqpyhGu;p%#8)tx&s|8G`J zzCR^As$QYFt3EP|tym=i-v-}&DiQ1S$zdGz&=R0l@LS(edj9X`)i7cJ!!&^ZNN*v zD+|yh|EktTAf!WcXt1n}y60L(KcRXCY<0I) zmxvS=HM%A!YzUH(Yx+_V{k|ykXc_8i??~`#H-&_NTOxzoT(k*cEamG~(!+IbVQ&uV z5sp(X^MK{#Ars;9G_nj@QV?AI?Ye7C_a{@{O&;k#3gQg}&4_+1 z&4AUiQ#r#d)gi1Ix^f}+RcNf)4$?4qhz+nwJ*E<3k((~x0Lh&_8cR--9cTY}X`QtZ! z?;1;KR60%cQ0EQ{u^-0zT$nBc73Q8sou59fU3?BN-H9SDm_M+v66tjv%{ao7K2x9B zwmr`9z~=XP)GI8K@sWbFu8C3-8`9uP0(B9!I?n3S`I-#;>(9D3>W|k=;emO0K(TK| zWYEHi9^Q4K!iXeF7pDjwAk@^daE z$s4|$IPbQ(cfQ?w8l%DPN`|&QjC`((`06?dW@}!sbYXN=ag{V zb2*4koaip>!lnsKthJ~sYTRe+mWbv=hLy25yPeG>&9{%cjgF=htH|yTMPMtip*cnD z2=Zb`aL!}rzjx!7utgu^LW<6OD`Xs8SY)p8u+!>NTxck=<_Tq2S^72<7K`Gu!{i%c zb0EhQP5AoK;ghCRk9VXG*~p9&y=I7-IJS2m>eAj+(cu(b{2JA2wta-4D~1N6VS2!* z1>`k(J7f)ft^If%f!)D}gD@nwMF0(3!S9&7{^@<)32au%S+?U2s$cbcSrG;9e0cob zvkR<^ny*n}%K@#Bemt9qdhJgQnl%R-`8AGdUI5lPXL@woAX|JA(RyxrKQ3)lM1awG zBq?12d(XY^Cp#baTbb<|`sl^?Bh?+)^{^EN94JKed0(q6+hAM22dRGIK3Bf;*iPx~ zj@*WKMyH$fqn?#J?(TLNIe`maL}r8xvH5%=CNYXTBm7YNaW|pU6O;R6kRHKze4?<( zMsGMZpVzY?VkI{^Nvvk}F&PfV!3P50byY=dOJw^0UqZEJKL`G2J_`^ zBk?VWadqf9B;fdlJzZ!c2$}TFtfAK?hKkis&roX9hsTMyL7Fi=+2s5GMpXb=f?X16 zVec!e66O<{o4JF<#7Y-HFE0Y?8v=ssyEdMlHaBJ3P;lN_h!nL*HddazU47$&Tq27xft5r=lCh)+V1u`J z0=#<-nC;02<6Zrz(1Ow~-)m}0>gmbZVnRbfVNX{KR&A?mQ#DkFg8oJgahNnZtaA(Y z2ty@O%tACH*fNP#@C?o&C^{I8a_+tn06HXyKg&B}Z82 zu|cFGM$9Q(s|hg_N|8yYClNvlkw{Nq_Xk4;kuTY%ha;e-6%o|=mbaj%huR~d(OBnx zY~{@%_?!we=}lh}K)fjlVXO8VrUeYSUon zsh|kFk2U^oBsos`y)?!Noj0H9O~HrCIcS@VlZ0MBJ`j$p4jFSoozgcz|8Wrtki!>B zl`Ep=u!U0BP4`HYgla5l=X8*aO*&Ci=eF$^sK7DA|6OLP>5EFm8jJCU!CJ+*AIpNf zQ)R>f!GmUf`OEZQtYHTqxyQH+hI686Z*Q-9YO1{abg`-FtRtmjJ*;AVWISVJJ4 zaNzPe63?_r@N|uoU&gVdPD`tKN~>9kt{J*%ZFS zbS6fm%1@jOTfU;Rf&)%koLIbIf?hl}eLM`G9O{}XXL`?oSMc3%<^#FK( zsmZS2YH51oq3l1iutn(r2M4C-E1D+E;v#v51?Mq|{f(&Z9pJVwX2D3u2MzvdM)*E5iSjM*>LF_4nNDAR!0K6+xQACRKqv{V`W5_C0vW?a5Tr zqN5dPM*i#`kK^d%iNzIM2_EG5DJ=!i!nLe&@EWeQmh49;q7@X8TKp}OD1xw#t!nf& zbCepBinf0Y4^GXhfj*U#p5TwKdD}7f7$dW~Mg)!Nm3*n$9(GeF<%Z#{C!)^?vxCvXCX}?`z(K2lsos5_+cyN zgz1L%?vVa>Mm+Kjo?ejH6={^6m}1?_KYn??{fT%xYNze7J&t2S2LGh1e7EH1P?0^h za%CiOhZX{fn)dFIZE@%BRucx-eqE3CucHtRqp3kZD#hpe{v-UyxZ1ttiB{Y{{@I<3 z{~HJQ&Y~C`Oxbh(mFPpZ?;VMdlA9Ir@@KvH-6a)f13VX9H z{mS{ClzHg$Pi&nheuJU)}t;8%UVcgerqn)1wDr$2SfDU8zr1_v7-u-_O-l zYmK)3dJMYE1I~o?cgR(6`C`mwOjbe6g*X`fS)&%NB&)3>f+7Zan6bq%)pZ=n^h(Za^qgC0*_f^0$uAn|3zL0)7_HHqgCMAl!cYV%EAnsoot@;I*6ec?=3ylE^gEv>9{ z@Wdo+k=Y!LT3=n|wL$T36BR zfEWs;&35wKe{kZ<+d!3=n7Cp$?`+U~{zckjcYPhvn}BY!-fS=oC1cL^=N44b#SISv z@i$jrcpk^Ny7-5do}K_(+fM>{^XuEUUIgjHULf4);o1625SpE(T2pIl;{B%`|NnGW zQGd*+Wdrz4NELsPz*53{MMg$Cph-2`VAs^v4q*0i_N#!aV-_O)D7dw?m7Sg4nYmgg zyeF-_7#0?`yK8pxY&O{}vGnVBeXJm;g4jd8GjpdH+;qz|V}~y4&HL?-&J&{vit-(z zOVc<6*O+iBrQoTDkjL?f;|?cOOR(k7M1bjh)Fi6*hE-X^} z6+*g&tV zT()${mL2|+nRT{eF|TkR{n*83_4@AA9i;i1^H8{~ef(G}VFczh=TA)qM7Jv-uKm^6}(`rv}JobaKomD-VD6@0*)@iIx&g)a4|6{V} zSsH|+Wha%TV!lozUXy?=9Hm~i8Oq|hyH7XdSN#}i=*`llLE?^b02k>7D&CsnnMv;Z z!_3w=JR>HmB}=~%O^6wY%uS>bfuwNdd^ZnbxF#Xe%P$mFARYFaZ;7>h7Lx4~GNg*Q z=Hu6`@M(9M2inH_*rWBxGE(&rai7eCm9)vGApn+LI7#4AST~v1Y_7nbgifj zoqc01qzqWpAX(go>k_6OtwHc7)(Wq230iLdKp8Dn%eObtlkP^naEn13L@qmDn6Q0I z9;4@{emJCtHm@cGcE=GCZ(0t%il$0{a_x|$Lyu|cg|t=5}#Zm|j^hZ1p@>1xrDvu>RW zvp95*P7dl#!6JFC%fsC%^0butuuT1FL`Y z`tnvTe+J9_yo7ui6y7N1_<9TrHVSkVKgG%2KF5yP!bxAvLrD~b75=#V7C4a?B(@*1 z#ayUAxr(>fS0929%b0Wl^lrh3x~{cNQN74;H>MPo!& z2Ynv#)Y}UvtI}3ZD~}ht-gARPc~KYPwqw-%w_ZRPxrE@fRz*&pk;zEAk62!NXYquI zR6FjE*m&OyBK%LVwG!kX01s{^Io+H(&FgbJ&6e43xqXCmL~jyHJxy&8DtSv73n)7+ z{k9L*dFH5pHlG0#XePipjb7ikx0z{^v5f7kib+?ed}y*P`OEA>hhXb&_T~F*eVnQ@ z#A5Yw)zMwjDG#oHM!&LBwe(8~Shljd8b#o5iF9!oFP(h#jt%SULAJ$lT#x7En1dly zjDE6owRS&GWw23%HgqP7W0!n##)WE=ezGD{h`J5kCN)=k2K+UOJaxT7^q%COJ~n%| z81ekY^vSOFs(1brU6ku$f@XP^@VB6|T{q>`fFS8*urTWS`+LC2tnH$_=2ts2kNUAS zO}YUrb^fYq+0m(D!9TQd2th6aJ69b`q0zy^Q$$=+G$yEz-|9Mc309Ot2$R?1wQ;Mn zUEz{x9*#B-W)EKc+GiAcy-rt?oA7BIzSDU^o(7N+jo&r&x-BdPYQz2vN$x*pHEL*2 z>FjI9gTcoyaV@%2QvJ2%&z7Wt^%Fv(fHrLX581S^<7$gDXRSqAyOd( zdmj7L8I79d?2*1dasdv|)`{}PlBH^NO9a*Zj!CmA(gHrG_M9<9Imx!eok}Lqyj<3l zu5C1nXGeTY-sgkLV?eg#Ji#pOk)3A_Bt4asEYK0pr zIBF{%o5&7TucIujfQ5GoIrKbF7Kp9?A+BY%T3J=}27XNyGPRh)$;^G5v>X%3U>%OEa zb&@ZjpVKR&C}fszD9sw<*RsE8YAW2RD}*d^ejwG~$&2{9dNxu6>7 zxG1lQS{TdHMVCI`g9GYb@vM4v$c*K;ataI;&B$hl)pb0F9Sq?ZiH#Hg_BVhszL`AS zM3&R)YFk^o4d6Vej9hq;yzFZ=^K&t+3IDz>S0_it)g4HPF3^tMi6s{tGJSALC`8HW z5_Yz*IcUB>RQthgqcvIe$p8H48Yqym+L536%Wu6qk=f9BH1O$iBK57itHxO1;XCzG zUOG$L!}`K?r%lP0-%~PfVMZH4BFV1=&kS-bEk_=M+7-+SeJiL6fj^Axl$zE35l(ds z)!%LG*UW?FKmYQYEBk5qP+^#<*zIEh*O3<$CgDJ-${u$2!=yY+0xw&)nzuIDs9n9q zo+lkZv*2M6>O1N+r^s=q8aEuQg%WaoJ2oQwUi? zNE4+?3PXi-`5kpz!^c!RzyEcG=Wd*bn>+sglRTeL5ap+|h=(Rl`fU_sh-YD56{)+$ zfybP2!td#J-`R~tSYR^?rYe3f^!i+?+ZsKUyK~@Df`VCiaeA8{B~ybo zqJPuN)FCsV4tlb6+LXL8Zql5?9ve}YOcFAEN_v%5gaVG5hUl}nKY{~NmE%UwYEOE9 z0$1i#o#x6ZM$KZAitqJ4q*fWq zL}krosXoNkG$cHd??M?0+_=3&5a9&KqjK>$q z&t?ZPHI(6|UyWb3qW(7Bb^Bh~`+l8^!xDoW9n-B`x$wtY@YJj&$CssPOAc;=SaEXN3~<(y4y~iV zCGwT=k!A)M4;=;{hhrwfpmhWE?r(-wM$;(5FZa1Zzzg8sE%2gp=KVSF^@)_&gHA6V ziWw^dhrgM1;abJ&T-6>4i(pWFcR1P#tB;`4c5+PdK^S<}`}Tr%+sILj3ej&FJk|N} zm}ru%q5uHtX^PIeMi17$zMh(heq59ne9zZz$M6Q&e7py~%>;^GZjG{qR9Cc`1YC{b zqHQvmh!1{M{uqlh2ChZdl75Pq@O&UphYT?kR}>CZ0#6tg7L*rBdC)1yOepnuDFWPk zvTn-Mp~44lOlAn9rCYy5pIB9Tz3)!)Q*&QPRj2{;j2cdF)QE3TLZ(AKZ?Avip=V*S zAFK~=|5hz3-AX?rgnz-}g(z?Vod*y{7d-whbsA!oK+}FX44N(D=ALDwPVm=4T4tsf z>MUD*_*;s*m;b_B)~sJREOse3Gjp<`KO+EqZ|wDXe3}utKb6Z2fF#;OHhQ_+%6)qY z4T<+Bh}M2o8sFRCq+{nNLS0M+Z;$EJ9d~~8gQMN?NlAOBz4$8p?OntR=c0zq#|Am; zf5Uf<#g3=?X%M8q;9&k$NtJGUE6#xWIc5Cev0dx&dpM^y>dB{24~E8q=!dy_M)<}( zw9u9)Q$9p@7Oh`eBzRxC5r7#f`Hc0X7jwYC8Us(z>x>Mbx^C*YyjU4WL&`Lms zD)bHsJeq98^FNPoj*pK|Pb+sDqn%famBE-&9z8RM2Z@wP#_Cr~Q=^Y6o!wG}M;v?^ zF+Yn=#W*WD?FQzycL2qg94u#0Qr6z@LZNrJ2)fe-@DxBd)i$WooK3GSo1+Hglzl?q z-u!eyKP3C{WFLH*W5<;0P$s_?rR`SBe}w};w)Rb=B88nGW%q=uU{yu5bVNxwzf6k- z+mIjy(p0%xcW|!o1Y$$P%6^3knVXSpRYF^~=7W8t_%7>Q-rX4u{oU}^qD^%3;fKuf&D{ls z5?z+F{C7StCij?u14K&SuA1}}bPP3eAi zu#VckiJB-sKVymQK0VUy>Bs@C-69!N??+pdli&v4ms}^1(1k*!t=4|M86Wsn*3(1c zA+L(jpAej54rzkgXTO))4_l6~vY)x;f>}&CdH+La?%)nE`}dhcYbt$u8VywR1C`4> zMY3R>pccjV?KIV~<6%C`!g%a<;&oW|9IE9DrA}Iq$K->&hPx=Z7dW60d+d0@!YUdPgGER=n=DIlq z9^AB-TG@Ukx1ka+m^T2Z@&N=O^#aG@a(vDk%f9FQXqGBfzmCELbI`fUuu5d!j||U1~i8-ap;~16~d^L_4+WnHHl`Ie)x$S->UrDLQ}ROXp_(i=>M| zc7@uGm$GK~*@xaaX#zvRtz!FA>+k1^Vc>dWsyc0}7ss?$k*}%?aNYd0TmfIgFF0%B zNVT0|LG$Wb$W@x&e$Dz%bzFe|jriKl%Lq;KL{Yu1CpAXM8hllmd3;wCmXt>A2Pc4rkPWL#7Ng!nYDm`<3)oUX2;Vz zTOAdd?~Zl%TGzj<)+KcuER=#L&?`HD$>T7+(JV&NQpan9BFz?tS1vjS4?ET@!ReE% zB7)w`r3IbcHZFE~f0v7oor`B!l(30D;(ABW>Q*}Cg;lbnPFBr7y>#Weebv{kM)3e{ zIrL~zN@QEH(*~UHv~`dTqkgj z>$sTh=ZUa&Lrfkvoj6^nmJ_Kxm`;N+U?k+ab?a}(Ojn2kmY4>DhD6G>8O$7;;e`ox zRW*oxnSJ~7&|RsMmTz*smTyB}>+PRHSl^$=OkSS@yZ1TAQ=9>sp&K2Ka>04qho?Jl z0Gr;|OIJ})>c@RECVM-*h#l}Nl6tIs{kjpp{r>9o;$8X9iHP!}Y;y8aodyPi)i+F_ z27V@2xpno+gNm`&yE=O|{lblP$jn-RW#Wb?@AlGsC-o74dRVYKlf&lcnU8CUYguov z$nJ>J%snME3T-x&M5*0olR~f1mD>CUZ!+QCsa@dRI+?*E= zW4g6=-8CBQO9>Tc59v4OSVKdCvxuhTok{N6OV;I=(;00_nj5gK?M!4_#p1YP}$-!L4LKx~$j%~c!}QcAQDp|eas zkzKnTQ?*mHm>o!K2^JD|n%>y8_G0$u0WB5gWS?}}glIEqRK8&3qE>7s*(LkslRyNx z12Ruh$n#OwE?#W^)n*;xEh(l?ff`_7icOU2cFJEvbkDw>*8p=cMG(E zZx^vYin1s;e4!-#}kIx@VD;#4-USZiVz!wo$$d7-$&mGdQ*SP~X!_OfP-#%Xps zDQY`z*M<|^x9k(6qm>rve3~SM65U@e(_RXwR#c#78?*b^((NAHG(qZGzu%6-OY`6x z|3)wD4l2%>D;UqB1U4;~j9n>Zs?+FG{nTzfFEyVwM!YW03*mK0oF?`pJaBk+^TK~L zsRf01HGo&mIujFu;OM&%`xMgCPUb<99~ca1|^$k?xIgGD!DIHt}}1sUt@T5 zjI!-@IxA8TU>oh=w}DeCfsc>*oWg!}dSC^5KIcdWEXNjKA<)Hjz}tOpHXtljWy*r9 zm}s2PJgO*cnC5!1VA4A*?2q}ZEvOPFWa`+7S&`NGn`%9zNAyJEc6Z64el5iDBz~fD_u_le8G-t$rd}sCb zvdyAD+aEUz;&;(k;a0&^p8zx@oJ^Y8p!P0Y=P(_m1}=L_|01^8-Kke82t2Fn?zi%# zslELE@!y%XIMtB$rBm^|?>@J$OVKUUYVM8Vk-vw1((J&%pJ%`McPvCLe}CvM8FBb% z*lTv8NM-J%i{m2<5%T##U$$84<%yJpH=%4wpF?SE=Vsbx*4(auvy#M#F;3^~33_8} z#8N+#*FB5MN~ioQ=Wf8ZUafpdO8o7*11o83+zsE`AG8^-6z25RLHLiGVH=)hZQeHy zUwj&;{a{Z~L7PO5F0S}X_uHt<^J)j)djp#_afGM*N3}Fkn46Sx&5DWfaeadgOAhL) zk)NWZ+aYN}={adA90ZF{y7@qtc1f1M4L}UQYM!$5;&_p|NG>bwcDoaYoVVjISt+4a zghdR<=qb!7Y?tzgVT>_s7s$9jM^RK9A!##a99|Stk80*DsjN~e_E6c<`HK-=LO9@* zjp@N^lzWK7`mg}AhGz_FL~}^#bch!295JfYi6J7K@F{FYEEf?^K|!`RRr-%exm^tTw5P zA}Ebnhr4xytUYJ(bIp?}cizZ2CN#SqwBfyv$E?$x9c#JX`+bBWMh5zq`kjq$$Je=! zpXz!a57#hD30B;@diai0ML;(dg|5FRQhVRZow++Z7av2P&U0(n@+xJ&Cqh1SB z#<_2&?jLud#rc`nM8FCB^NG}He)y8AF{$L^8b1Iqop76lmL<#Y5(V@nQf?C?i9Em4587PKKhEDQ@tvUx9Hs!xDp>Nn}-qjh~_z$4H~;C2Qt5vRJ)2>Caxn zns_>-k#gcTnJIf4MYSTuas8U(FI_ni_ezcEHba_B)&v4-C=x;%og!&7J|Z6ZzMhI< zYZq#lBS-g+iO`9b$Ca;f#(cho$xc~}Ev}tve3G}o6VZU%`q)A4Ob26j4TH=`+$s}+ zZ{sg7*n+e(S6b!2ktz=^H~me(Q%`+8Y$WnTJ^ZAhp57!_Km0XMeweao*+Ggn*{%_AEU3W zcR(Abvx`PG`vmRYATg_fNyAfwvp$x>!;bj`1jGkGPV$T9aNW!nDLGhTF0HRdrg)x< zi)(plNdkWJr_oPUhBdtN>noD{C@d&CrZ$T52>#`r4eloLgs4!8(1>~WiL0}!fRRSM!|G5J^_sAWfav;?W**u$Y5IfIrBX^LeKp+a8J(oQ_lZSehrtBz&o zKu4Y!`@w1ks>+W-!+K5Z&uQ#UORw!QhT%@{=9b7z;^6K$uiXIK zVI5^fb#-Vq#v0{TJ#NZljdD<^oUyHD*Nsb`5(iuEjZA9TU(lCBLPhC#RoWz6*YtXFm3j@Yo8%8?% zTU(kq)Snr+bUYrs_)W2%!100=I+(8TY&K-LMp6=$vN=2g!pyUC!aQgvaTO62s+7Xk zj>u>6GGbM>9?2Tb$^(wJXx5-uY=0Tlsk|S|xKa4|s`ARt1-v8^mhyPAbW)0?`LX1xgh5(Yt4|+C6qiZV(G|NeuOZoDQS?8avZeK+EOzQw=XZ4#ba!i1FULPT z-oloclrIkbp>=dpA2P>39XpP;I=du=gt871r%FH<<+EfzO=76V;!$gY4U$74L`8!Q zGebd)gz4Db6%PiR!ST5QRIG6M(PLS_S@O}}&!s|uZ7kD8dhfbm*H8*C1!)qTWbv=+ z@@5t~d1a;&OQ%f?Ubx2yRET(S!(<`*knz7>y%`$6u!it@r_6(Lc!Km@A9;x;5m?|3Kc()XW$SS^-Z2s1Fwjv$uu1K=dYi) z1ts#*G-N`f%Zg#ax8Kwpq)N#tsiqY+M_OAS-9GR1nNr=1FR!c&D$CWb1U~6JR#xC# z03zmT1(?kVkMN8`v!TMI`ed#%*D4)GDM=wilB1MmzyXumflpE|65P5849N`OoPUp} z<#K#3DS55&=3oyOA;;=Nnj+2JRNO2iZ>y*2;NvGkO$F=5_J)Rr%1R{rsz2S^0|1HO zPg;Vp(i#lO8$D>lc~w8neSP=QxxB2*WEN*DHR8ju91=ia_4xx_J5(Im?do)7cz(k8x5ZM`*t%wooB4^5KJGs}JTx~q z|KFC5`xC;^+SJrkU9D6&Cv^3IQ$iZ`kd~GWnW*zbT1M$1o2JuNNbIdF)c|NX;1 z#je)*qj09r*8ZiT5#joWSMwj9℘1fx;eV!59AN>i=ENe<#4|^}VenMfz1s@CgAd(g^wH_*&j@GnMtFO*^~C%C0Czx$zXR?XOy{=iYZyGk zeP$B|+MBf7C*4Wq-;ZV|1!_20~SL|3!e^<_b-K>4D zMPh;1eNO`5g}sj}`S4Q=@7t!muTV3YY7OB5O(zg{&+rzx8gy|`tTxj@{lt$)4@J)8`&$F-cj|eAGMKcdvpC8@7J{ zd+b#^DPP2ETXAtij@dKTN#kQoBwvjS&NNr@hf5SQCiGv zqqDXFgP!TV*OQjlQ5U-1I})Ep&Jr`fa?sg#Xq;44N^Vicuv7flji`aFRTTgB%(Ow6 zrCSX1BJt4Bt^|Ip6y6>3*KZf zs-c^;dL(O_qC~#%bTBqDsXB#Zc15bQ05Wo;2_0*^Q??pJbf4fZ_mZ_W1xm7xIGhXu zGYL-#kAmkV;~Qxn&8laS$FDT?d=R-zI03bGIHZxmXVFV4sB&~BbQH?k&beSg7z`-c zTg`m|J!0syn-?++%s*N9FeF(>u*6_BhM#2l?8b!t8f24$n@NeCHrX4<3l1kHWb+=yT%MQd_jH48>(L1Q>G-7{oljTo_^QX*&T;dL>gNi|fcL?YoX=q+VY zsw=5H6kz)T8DRQ|1IX)6dJ;+AF|&ofL`lu+@=RD*B8D>tkuV~v`)1nU_1K9%3Jj{J zc8qx^PF;-{@-11F!2u_8**|d5Iezq7>~JL=$?NTtn6xvkgJ*rFYnP;O%cwUI1x0?V zL?nQyX**}Pn2g)A_|RVu1DQ2l&0{wcM(opP>etYCKo85rO!soB4<8`Z2R3ZjzS2<7 z1Au6>Dd+kpr@r{;y$?V6BByf;wlI^)Xw>UrTifc6K3@wvAI;MA{NjcPhNksIpRYl$ zR)c+sL9f+nbwno&H*`9<1)D3}XOPwT{33M;g}UQQIc(S-H-k4SSiv#h7Em(5QcZe% z-yuUptQX7Wd_s9EJBPeF_&~@_%^a;lN=jRs(A&T;0)w`%lagONk=MuK!7OWJCGov! zROmAI6$}-RiHT`p6c;fJFj6PBQW}>_GA1UVLItMT!qN18A>6}WU-V8{gmM##NA#f; zHfD^Yt`#0?kQXNRCeI-8M0(uI_IuxBd)I5vK9s6Ef|47oywIr)=pgcPav zJB}ni(BWp3N5R(Rk_Ea7`R)Wlf7RlJ;5d{IsPCW}ynQ_BB0SU^GY6YF&~fKFp#7JY zRE4sc_42A!2J(=V`*qo+POPDnN$YdQhqlOxY4mZ2L7zRV;W?cnF~g`ZNsUh0w&X;% z=Xm14y&i-SG3mwK?JEV1Q|ZMNLh7Q;=aeZ(An<1MEi^7j-6)H((qPR>3mVk@&c-0fYUpCqm~aHb4}w}4II6N z;SfH)1rwkXR~3vl(*>jHgIQB57+_&yHl$$V_P|l57^@r_B*tpSy^DYDk$@e8JJ3iH zIk|09flW*n;S0S9Pt!)ryn8@P`U24=uwldY6=or32n^j-H(qclUnUx*PA^_xB)$&2 z-4>0gCGpbJb4tsZ(6ueYVE}T@=`KS@8f9&f&lIddmuY7j0vk4L*dG76_FaQrA(R~K z){&eA6>oi|D03akA*gGlgJY3BgrbMKb7Cp4kp{)QS-zeTHnmA4N-;7OQA?BUk!Ylu z)#94Ou@Te(3-YtZ#@EoSyFnmsFPP|;q5Vju>4Y^&qeD=|8;x2Rn{+KKb77=!F>#L6 z?vj@B=w(1u* z;#A8du7Hs>z2+M+Vw1Ss+&UODL=+>7o0d6zK4#3h5{?3l>+|a!6X=49CRWO(p~J%2 zq)*L?WNXxb*kP;0iFP_F8nVU_A8@QS8Pd5eogwSyJ1zHDip4@HE2s&#RQ#qaK!t;w13 zPaCmLT_lDA08mzQ8>l@cqa|~@i+8YL!*;ik&prurQ{x?y=+LE7YIIt39{}9B_PNrm z8`lndl}z-e=go=u?GbPM=qLaAJ<_Jor*g4s$M*P}Kx&v;RZgv8z8%JwXdffPi$;4k> z%ud@NCNY6zcp?M}M8c%wi`h+dw4sw%rS#@3KrN=}$?J8$qjeEQ7P%yf9nGVY^IXro!{;+KWfR8tG8S_m=kB z6mHN&(*DxHPvYiydJ9l1#x~`Y$>ke`vr|G1e{R+xa%!Bf2QqO={bc?ae`8BjRXkX* zgz}HFX4K7gkA0f9!jsA;J4QmXS4QaS`PKQTu(=Ij-sl>#^B!+rlSnm4ml8KKS$;-; z*^E-VG9TZ|S{j>-Xc7X-dR!faV+N}ADX+9Gpc91#);m=(R~hWMkltnF&aVfrbgIF1Erp?UdXH$@tHWEWujk3RDIDZR{%;-0= zXBGrTO8aDPzj&1^tSua?7?$eg8!j%L8DnbUIwiMstY}oS#Zsu?KxAnqAs$99kBjPw z9N?^TCG8Ev(S`7?tnNta`XXX#nkuX*>$k5*U;U7e#*)oJyU8dkpPwhH70|2OOZz_d z?DenQfFl*{*koiYTZ5+Pbd&W{jXl)%s^PRgl-R9-p_`ElD`;?pids%#r^E7@(!&8| zbw*!&3wN0(>FOMd&t#~9sxi9#R_4kKL!p8-gcva}+DBtL+0^+3>(Wi2k)`LfUCP{A zq$ql72QF2@G%M39#~bK+NyljJG`jS#J(vj4!Pu~2+co0rH6UBc&TH5C;srU|4dGymBSGX@0nOmJK@+ z4Rx}!Z?q@U&MvKa!2(Qep-<+bn>RuEidM0Y!E^m$VbM*It4^PpqN~Os-1(xkXgoB@pSI|Ab27(w=aK2E@4wbLi-N5 z4)mdbPZt7dRrp9B@>b^7jzo+i z*Lu}J&Y~FzMOB5fi$K?rI^464GPFH=y#0rnA2LO?0J9EmnwKiap=vjpO@oDl^;BZN zkrA6VwZddKrq7WcfVX+6aGn7*pNyLoJ$NB{;9akwA+`=E)*@1tQNgh30nzQB28~{e z8u}uj*S!}N9l4H5vo?FIjtxw*ruNwe3NbToF|RZZr>{zAeNzQBEHqb3s8V7GWm#{U ztQ-4AL!HP33%Z+fqX}2cBHMF&9=q2P%GU$z(qlMNVxQNtqRGPR&==Zx69( zZ6gV@GU?n#eccw4t1tnw&Ge{c7MERIvAVj+$m?A!N}6ZLq$ADqqY`y{QIB&0g^d=Y z-!`I{EbPT?)ee@HgX`C!o`nge&dlfMY!QPJ@{0@O;_yU9n@GK|lG(zNSTuDJ?O%k9 zT#gwz>fYwtDpm+7k;$`Y6^mAqmECo#hRY|^KWAkjH;<_nQcBzD#B4aQ2!z$SlheR3 zlr>a4gVN65SV~J+K?|#h6|7`)Fi@FgWu$61O;wI&kHD&;o@gD{?g$#7`1RCrfG{tmXu6bRXW)t6ZfZ& zb`Yb@?SepMqwh=aIp8{qX7O~wi1dNHd320SKq(C$E9)8!FWwTE&BH}~QN1#gPCM2< z_OVaj!HDS@Aw)-^;>M$*g z)U>dxwWx8cG&%$MKoYMzJSw0P-TJ^v*_CUxA^=2rY1xH!=*zsd;w!iM#InB1822R9 zEt?D|9-wMTarn<)z3}UQdE#PHJ8WznVL$)=RQr9@e>BOp+W?^H_cQ@G&PUG|p;*v? zM6XBg*!J1;VlRuugq{T2*)o}odKBQ1uBWhNepeG2MA_>N#Lr>wF^iG7B;>7mj}Z@7 z-I+3?FNJ?$OtA2geV0#4=ndxH897sGp^40N@k4|rvG8<2Y5_8+`rtiRX`%>C`@%dB za45}{Jy5bOY&GD?Ewugq-zG3UOsQ#X%@`aON9RZda`Qgzy^lvxwUg3CytLKQy@h7L z31OmR&~mb8hS7YaWhke=WQh<{P~l81=QY#0grYSFsF;p!Q*p3NxEFiCq8bd23%*vvsiNqQ7CBah7P~nONsrHij z6_v6geW;BXHteW&(o{_e{Y6Z&32Ga1hsvj6bv1Pr4CGS?Kj~I@`pgQ8S`;-++(7`? zT(>G%q=}d%5d)p*M#E3b9UY|V%!1|6G$iBzlM<0PGl9e@IXO!hQ8Mbq*;6$vV3F51 zPSh+CMQSok6bv2&(X3^23*cZ082U3ud(e_2AlO{aPhCSfzeBaNDk|pZ(SCLY96PCr z>$tuiTe`Bkwr-oXAVUQztFIU?A4ivpSbuL=>7U3bAuc(o=M>8JqLCI@hO&+DvSo^d z@Z|G~b0&tgvcB~30SYl?PIwca#?k6go6xad)H;+6B_nmjaw92kHQaZsq+<9)*obxX z@Ja8^&jW{xh{WBl2H%B|2_>9&*7fhsps>*2z9(DI*KcGKgZ9-5%KR8BVx*fM)1-f& zMt;Lt!P(q@E)$*&h4e;Kx04MwiJL7f zubp^NwD1$E{ynYcj#Ci<9!Z0F_>Pi>WXjH|ZkH33E<4`v&pmsc+g`iJ-(lZfR|N+V zJu~ukzHx^ebHBI!D&sHJDRWpHWnsnBCd2B&RCOD=az7&T1%?vFuuNuw zql3Xvgbd9xnE)6A48T$ik56{3s@Hi&c%nVY`!<2axX#m$t{FnYA6L~*%ys}pO-T7THR8%I6zY5)sL3h zSQKgH13{xm-OUzurOlfGUr?MmGN=LCxoP*v@vN4u${{u}RlMD$t@lq}iX5#RVHf9* zUQ3@@g1aonmW+1m{DsC5W_0>U#sIueSQb0_U6Yo}N2zt$J#WR#GG&~as9vvDR&U$X zSZ$qR8dB5{Td zT3+51@rbEzx^2igX1;P{D=Bw4uS2K<+R?OL*IH^$)qH620^IgcW@SeGYjmB|}?jrGx1eBIr{Q)Ze*5%(a`z3~F2RdLoB}9Qx9Q zm}#Z~Xf{`p(r2?;=_3Hwn zEde#Pd17^4%U;QDT|(dd+%qji3eC)kQL5}4zxoD6rC-jkS`omMm{6@2brmIh`$wcw z$=Z$nqYn*zBrP^PEIi1^JE>b)MN3<~6TDFFIuYEI*#BLpHVuXU46FQ}y z*SWaCAYRr0*nVS7;9p7~J?Mf-nz$UZnKIxNsXIk#>T2;2Qb zT#AWKeu3ey@IN>l+^t(m2nWs&)F)2R6w$ zWv+kx_4UwNc#)dCf1a`kBlynWA%m)h7S{hYF?11gyuyyW1n+>zG_-gh?I&&sCRX9Z zR9i@BP*`YaP``Gw{aFS)zjJLowR`K81?XJ^o3Hc*F3CQ;|47;h~J4hVp1ZxG%( ziMYN4GZ-!1GqNR)25RC3*296Rnq!%_HakA~&maBxcW=J--bb%J|H=#R1!a$G*96)b znqpN3;Qg4Z)Gg4Ji$V)WVw|J@|JnNs@J6mRT^K#jz5l)cJ?H#$X7-sgd-iMyGjp=T z%pK}Z(%eZiGc%d(HZwCbGfI{$S+d2FC0n)(0$a>fcYUj5w;O`HJ4t8j?P|Gd)q-#F zyS`dr6==OOvr8~x<|w^WCPJbn6h;E|iO8lz;}uFIr?=j{vBEy7GO$!m#G+=sUXjAY zQJC2icElKwHMPsjhtN$!leTd?VJ3_hm)y1_VML~J4BxcKa?sFX%0d-6Ze7-nE4s%i z<&K7y2``li!b|uG9k6te(CC_Ld1neo_y$ZMaS^sptA|GPM!0p4v&A6=+`#4uu@U=m zjeuUKS;U;0My^44$0$`6kC~|)Gni;O$2e2cX;jy(Lk*&ULP>Gk=-`Cj=&=c@lMoQ$;E1Q_Gtd~Qg%cc&m#|nx z+-U`PV;||2UMk?mG>neGP+-1Jx}Bm>1%Q z=~^rJX9`5rVMUEdYjJqYV`Cu&C_1BUv>7$bly`C4g|UrtIf{a9wxUT8RLF~|mGVGt zUsx`+vQmKKLD;Cwk)Q(prE&>wAUsOh4F8IBBvmF31!HV*%#KG^?kS19Yfy`sAYq+T zQaF0TVde;?6_{0OM-@~UUAZR2V@ZYF(6Vvf*u=mjB&cV4wxW_3P|Q#2#cFv3^(>9A z)<8RN8)1w~kf%;VOPBCM0WYdXacygFR4Zwil0u8?(iS!fE|!TZA*zdXM{whw5Kr{; zef!K4P6w||6kH|<&J)s6+PbuT11fN1Hg>f0FBWhkT4s<<%baG2IScVJYKj{K0R{ZD zj%mz{>?4CyV;U%o7A@Gp*@MHuKOUWd&sV7+-%-dWTD>T!kekw@oWUk8lPaa07f>VX zR>HGRIG$L-39A|zfZ17#n`wuPJBgQNAUC?AW?@i1FS$)I4e4(a4NQ&ub``?3&897D zlS@&P?Xd}ZWz;DozI%LNG&Y}`NX46Mx?!J6$@0&7ujegC7fIIjy|4=_>=lZALqfpLt}u@U1p||4$jnE9BEe9w zz8M7`fE&zU$crUHQG*v#{T;c{gAk(2?Ib^lW6nUzIa{^<>vT4HhH^F6{N9Ji9m z_-amiGEeusZl@Ipy{2Hv`OIS6AlvN7H;@2}FxGpikK7Ix{3cV*7YRRp0H~;;lyXaQ zq7ScLvtiHvG*E1q#`+n(BHUPN`1OsjcPrsibVcm_BDHgTZltqGh^w)@JNe|gRqHmT z&}InzRNcQqp>|LAq?`!e^VvP0=8{`3Xln!4zWMd% zJGXwe^n(;GGP!xo;l}_aJsOvhtqs|5cyOaAJ9FlEL?bANoOY+Y>>$j5=Tt3G~y$%cK~KU(`)DbV;|Bymxz*3Qzi6xPA~o5supr73g$%FjPpf4D~G8JZ-val!y-~Fu(nZv8auYE?}g==4f@QVVQ z|5`k6%lG$6M+;2+I#`sGC~>~WBC>FGqFo1jkO1WM1vkw%Y;Q}{c@ z#=Ly~4GR9dC0HaV3Wl@>-hO{_+)Ut*t&KHV8=?o%oo6^^#j;PoINSlo{Df1PXF6e| z`aM&}Q6Goic^eMxE)n1lC_f8iPidcQ$WQCek9jy5G=#)#L&T0t*~940Ivv0KrCM@y zgX{T3^`67sKBA&(4f$qcf(Qrx)AIhOgJf6Q=0iJ*_(%>I7wWo~T*|5)19RWl;0k!% zKzoSG6{#(+wK z;H0z`M5p!>gmK!8Pi|AQat=IOO%S~8TLMzs(a3Ucw0X;h;BkVmaO-lK>QndcsuY7) zoY26t2Qq+AT8DP6J3at)>$i|F^YD7G3S=n!d{H|M66fYkG{IGz;3maHY)*!nN!@o( za5EYof&ebs7n?7XGY#mDTfKdIGz@Q05k$WpJNLq)n~sO95g^{`g*rc-yLn$|$nieZ zu2H^BDJg`hx~8ht_oTpwpkJcNN36Y#r5li&=wmnS8a4EfIfq3pOaHR;Ov4m?MAa@M z##yOPtUeq^H#KFRd*IFw_Qah3;E6{zhcY@_V;@;lFl4kRp8oQMHxE{g5tM=*&mOLh zKl|nXbLX?iQ*yq1;y>@)Q`jvYKfn97%{9abEA7qqpZ;`D(C(G5-tm4mRjE9&YTHvE z9XuKt_vwp&d?{HhpONqT{FA5N-F!4H`klZ1`=)P;PO8+rxyTb{Lh zJaA%>(|18wC`6YV46i7cFmm>Zg7`IQ|9k2kXvutUVfhK^`Bm0Y2Tu9}MM{lW5r#9@a+4l2*o7QxNaA@M{8_&4eoN!jk{`(_imh zRVKtAfqY2~($K>1j-jG%&)t1IF*gYA2&;}+wCr>zgo#oN{mLu0Z7CT+iE1`O7hZMr zL~ch_%92pbHV9+y!E?Cz!(1h(A~Gcx$OiEu_Pxg zA-Jw7W7}i*zWQamOp|r$tN;El|2w!5G`5o7;;;k;_@(ao^1WyOc*i53T%w>Sj}!WC zZR5Vp1zaQt$foUjFD$Kg!b2##Lj%k5V^;m^|NPhOF;!UGYah@FD1Bax9E_HuGRWs<5oN8Wmz$=wN&ymNTs-0U4fo2+O4~7RGgmF7zQ?W$U$P-u03OV`N9x;~_hlUqUj6U?@*hz>Wu-}`As!O1nxZ~B#7~X_m0;JkoVB~Nb}wZiXzv4N$T=8zm*S79{vDg)3Gw| zK60$`=%#vD3Pso$r*=dXWb8cHgA$$kSx9U)O6Qs8gD2vrkoWUl%}s^Nt>MwHLe96!1NYwb>e(?g?5v1d_19$w;s%Cx zJhUgeQxz>=d82QxiN!R|X!fCZ@P2aQi!%YUFZVqzb?S~(?1`vILKcnR*kAGb0 z@iZ+7Yw4GFB)?D~H8y6Z1Z09Ti5hZW87x{w;*lfU zbI@2~`0O3GeUi>qj@Mpz<*%#zu^!n-O684Nyt=Bwk8=LV4v4X6Hcsv7YSRaIid@v{Xi-e5!Y-n&9kSASj2y&u14 zK#%mRLDE#8ed^C|UKH90dc^&!lkt%)s?v;J8~@8^yQ2H?|=RC{rBD;(u6nE z_(iI=+wHAq=(1V*+?#g|YO`6klKzIb{_Be^B~y8Wsx&rHSr>Wt$9oRd3bwDjYL)O2!WMx!5pU9{3_H4iXvwUYx?(s+O_`m<>AMW_qKmYm8U}0{4;F~Kx zKi1_bVO!6gy6c@tK?&ECJ$Q|fH|WY^>9Yp4jl;IETb;FEp-lb9;J#Wt3A)VhQsRCO zkmY|&AW*)dAW^)0A!BVTHX-G?;-f4AGG9<^&nr+DX^uhNdpVI%dXW}PMB1QCix^q50{BXOH4dfhbWACJU64 z_0ps4xfh*&5CZ8KZPe7&3efxJ*3=29-FGST- zYAJnbCl6Keq_WPyQ+eKDQm8ue)1ffJ2{gT663u2?}hns;q3#w(%a6&K?oS`nR*H=KFo>1Xf1?SH)T z=-HZgS&Ec(V;3gq7D)bG8%+&6r+Uo0r6vmmqd-DhONs zz~hhJ^?x4Q9NdVg$WY8(5p)|tD5Fj+{lEVDz)Md*e(!@1y>_MvGUcC2o!_la9LD!xa)(@r6GS{E~`AHfYMOK{8D91Y(<8nCIQIQ-E zgI82>JZ66Jxl>eB+F&w?Yic-o*Yn3~$sNr`V)muhEY`KdEtK8L-CIh;ST{`Q>(6}i z$p8Ao!+Y~H_U>Et zAGzz_ANwSr0eJ9@)0UC3o^1&ZI)}&A+U}rN_LSj8WOy$zY4K+--+$*LPwgqp3A%_! z*Vx!G+Z+548Zxm`&xSWhCvul1_6^N2OSbOoM2SxQEHplwkE*$~Hu~j_buiWM7xyq{!s}HR#J#gUD|2W!{GpIfmc=CZgt>sfhPUgu!@6LM7iU5W1jVNs-z4~uQ1jDoycWJDTV2gtwczwpD4p9*rusGA>O6aL)myPDfI zF2XuNIsD=3(1bNCP-77Tv5%(+RFjRhmp-k)tX-V=M9h$CvOQ)0@hJG#j(GgxFE&?- zriUs*_l5v%M;Jcz?a`(wtDM^y_Vvknu5et{b|I$t($2FiVC0~sR%f4h|EXQomc*kM;j@CZ zYtOEnDVtT;o^m{9oEX3G?dJ1rnBg-&#wPo8Y4&|flT2jC+m`UzzOWwTi#Y$=Phx=% z5k$xF6%obVl$?*(7m||~_(5+SPOH-(K{$UGet3}yctlUyY28y-Ml*_7v{BVWHsNe4~HFToTwwR zRqx+XhBwWHfN||}kDcH9M!_$(V)9y$tbL@gIC=%i+WD~$M)L{dP+5M!E<9iGjbu-gKE*8O*nX46PKO1BlWD~@l*>SWIS}6}f+wj1pA(LiG(uH@JzzvYyT(@`c ziXNDr<ugkW50!2JNDS4l1=l3-?10Wj|HwL zE-Oti$-(>20bd8t?98E&i@Ds;Qu&na2Gz+Q1FvzgO+ICI3M7+MIGBj=SX9ZivT?IZ zAs7uW6@(PYJVQ=+;_y;Lq>wfQ5DrMM>1|V~{v^@?oZ zJj6);!QjBoNo(=yx8GX6_Vkty-(LI45jsK84}KBVWJGMARTH}9AZ*!fZCbrDe%xx| zHpFf`+=UF1w(NcRldslp-*vW(j~;y=7G2{NYgRqGbj#j-tCzg;T5>iT0T5<>;i{+C zoDST+Y4wWLpJXvd36E~@^Dm$Oa_zQ@kz3xre?xSGa)Pqq^A|tcc=F&^uP;4tyayV~f1h^Du5^M_HR0&mqGC{v(6u=Mzz2LulVt=fA!VUwcB=XSo8IP)43AVm!=+C`u3VH zHm&;X=wS+0y2B(IYvH=(**u`0UUgsMnJ>Otv1!-Q)g_Zq`+lwDAz8a1KmEe861?3H zJLth6#)OnwaylKV1$u30S-b9)Pu83`uzdb!d{sPclgFZ+7snmyqMY9X268$2YHW3Kb`y@Bw(&Ybtr`|m};+Ie?( z+_DW#=q+>Y%8#G@aNVBm8$LX;egMx@`UQ#~$=b8|wp`xLyR11pXCX&+;K=EBmaTtl z`8R+6aR1J{k>W`rXV_jOHHN3|`1?D{mtAU4l@LV&Th5^TOibvhUZPSqe(XehaJ#ld zW(hBA*_b0K8Y6OATh?T;QU^6bS(lEtm`W8yMpf=-%fEVk-SJC9MCqhECAVz(C(B;` zvM{uRu`Y?3IYJZZkjC+*mJm7NqEDqJf1C!XKmy54xQv*cfZ8c|>^_=TBAqrC(-xJy~?Xp`+OFEXNNV?g>r-JDWC5}J(@0dP! zs(eQoUKOL9ObzP{@1Cjb7-Qp|1r;1YKy2Tta7vB{>bONFJs8-N!B#}3^u*UqAsbRE zyPTrPE$4(}vPV!0Y?n7Tj#l(YW7B$5n)OH=9&^07W1^lu7LnY3I7c|tJ``OyhMO}# zZ};OyfF#1ssU8+bJPW0oa2vU-icTnwP{!sYjWUDHIz1)sA?uh?+9*^3iMC0G%frrG z2<>1`@P?H}APh1|cSJ~NcxWVDbg|JGlg&fTK z03})@t{<60Vvti|dI}Q)!{giG3@fs@la*A#$V!Thjt&h7E*Zjn-i4>~P8DZFe0Uy4 z9xktWa*#QJHv%HJ3Q+mbo>Ds9O>-R&x{Q7ux3&joqBG1$oasG_BLVHqLcjth+2Lx)P?dkjM5qjnmS>aVWJ2 z6L|-N22qiQlt2|t-cpnpekn5MQg~oWe)|L@imI_XE+`}=7oSN5qhIvbJ;_2<1Zt#L z&#x~C3IWkwRo@ms13j~&It}}1UQ*9)g3`CKH zsGRU3KT+%|G(@wJD3%hXBd+YLWxJ7AuE3EYu>T%dJGY%(UNr@`i)IU=o9_?x3JYHR zxz8~dSH&p8t4?6`J7KA+rd(`?4$&@TgAE_vG^d$F`a-nSkqs5;86kzgVAIKQ! zf{o?P`8CWGnOa&!jjB=te{q{io0ymIIr+TY?o_4~hhpbZ#jyb`33ND5(>Nio&%@{E z`zBa=4LYMjG#*jGDipzhWTK67v6Wr<+yfHI#loP^yB(~=v=Ro zk)+WF6axrcFDTr+y&ByB?L%hB9X4N#YrUE`0UmX=Z9l#nBx~m-=EiMq!zxe0Wf;la zwXX*{kn7KG2Q!a}Ua;$QH`Y(14h!t*~eipxU4kJG5v zsqxt&*AvXB7&U)iRaz+f==TRE|KHFJS#AuxHnVCJG*x7J`~o?H>f@rO?0PAJSHJo0 z7lSlIudXX3GW>z$zi~hrS%+A=#FZm<-sH=X$unng@x?J`3hWE!S$t$-%HZ3wNfVJH zlW)lqxpL7f#JNQdWSA|mWg=RPw!oUfH6d?d>>>HtWxoU zuH8M!WgiV5Y?q?g5MIY@WlDb)a9Dy6iS`r;r7Yre}AH z61B^9we*!C)Nf+h5)_=-+Fjk3S|>Pku<>;JtgMf->U8^t*kL~MbXF0P*7xzL?k!nZ zlTX%Ct2`{8r9iE^$6V1quqmvktYLcoI39Cp4fSN_9HAYHNau_j!Ma{Nl2JX`f&;I}Z^}qkG|8+2j<|bTSaesgCp1WROcZ3QJ zusHpl*Y5bkf4%f+G;Ck8xNzPaTv`56nOIc*p#+h42$u_~50~%Ze4=^yY5^24ruBeof+KM z1kIdFF{2-pP9}wQ*H1gOQeMbKHY}L|Xe%ytCs4Ff^>k8XM|Ss|xShGVNQy*sNk_H@ z^j6@x;HYGis+yuYx%8msV>N0t0;nzQJ~ON}cMS$)OUbX`xIe|~ zL=~bn`F!}8PFPy1x*y)rmCw^6S>W@#$I?{M^~#Cf4Z%I(4N5q9)2^>=Vi%z(_YdY# z)mYV!niKSErQ~%6SEx}J4&K}5;wtF5n6(=O{Ed+V)JZeHkH7U|PZ!KkpGgkv-W)sB zG-5a5j$F$aM7>j(CQTErJB?|Z)3!Bj+qP}np0;hN zE*J0I7n744_piN_OYuViohPX;2C0l&&bQN#dB#jE+{Vx0pMFK*ex)&Rff2d70xwC> ztIvry+n&46s#iGy6j22^riHIHSoU-7!`=E_3ZjEU!%>ut>6)&=lX6rQ)ee~bc5cP* zX8K(k1{T!hMaS!_dD?!~Wm@R^%O)kyAt(+RBGjY?gqK#&)dzlAbs!mZb>&8PYSzRS!=0aB0R;-(1Ml<@0&Rb&dq|B+3~7{kWGQbwV_k#cSz-P$P|+YYxd*h4tr;! zm07j~*v;Ab(}yXk;Cp841{fopCR`qdo`_8#N4ZnVB6Fwv2 zV{66;1NLGHRw#2ObE1w8wPKsiI8;j>D8{91u}Ab zJ-A*t?v_}%oP8@l#emy5?QX3UYT=#U8>x;XBS1>>{IS7>_a{{4pd6r(_^9x|0jbGe z)N^15r`2C#aX|KOG;?<`{hC>0f;`CrLT99;)I6Ku&k<6K>|72Q@w^E1%ep_Tcg6L6 zdR5iwyhp;afBE>Kdw2oemAMU6)bzaVP1JOMZ79aziCH_J5^HvQ+{=mC`9%F;?#>nc z9rN*%m-FR_ZAjYR-#2PuuylpyJiUE2{ChlLXeCw51XnR%-ytKv+d$0NMdyhC!5%Nb zOS0)+AHzVef-Q3nM0-9|Az^iS>+LR3S(u&8gDOga72rCH&v|)fzC=DIMaE`Z1P##< z#yu%MgED)v-wGshGwB42ErGe`o*AINcm#=(Tvb%a3S$d-tZ8M$)Qs}LIv}NLEez9z z)$p{%@+PjPCg27!qt>!>^Sitk=#oCL0+&6O83xm?rmZ#@ZK??YYBx-84S&|$QJiQW z2`j;r)X^|cNh~Q)^+quK_i=v5iYP<4yV_~M08Ul0@Di0AWp99XhTMo072F1sZzxh)p%+^~_Z|5m)GA0DiW;unky3_;WYI4FE_Q0sPLhxG_GNQLlG1 z`Ns)&M|g3(FmW_C-U>L&`Q!Gou*Bc3mH_mN!!Flvdm99lf2J80czIO_FD2K}6E&f- z!uT_9zSiv>lqb3i`b_m3tgR=;-woA4^Q2;A#wY@q7f?NQSI35+wd}$DeIXQQzLX_b zj(hzNuv#_4@O(C$@PSWyY!(lP9Wi{VEmcpoc<<7)n>4wFJWRIe7;Cat=m-qcd(>u@J(BWB-&G|Z73o}f|yUzJJtHmt*X2t(VH=S-aC5#4<^48W^!`#}Z z3OD5BlNJ_`5uJqGfhSOjF3sjAP>ql+_=DZJ&=p74cSk5esLHS0+yBkrG_Inv_Pv$* zZj0<=mItxw{3JXbUR=&uC=mdGYtX{RW^AP^dKZJri6PtmH}V9i6_B7jdVq`K;)$zc z&cAj7GX)*yNKckJ@+<7q-d!vp5m-D#K>E5xdCMkV%Uq^npthdp$f2HlQWWdoM)C!N+voHAu5US)yEpZb# zyqt`^rl~VCFJ*LF7p0JG0L=grEON8zb7|rlPj&FP>Vy++;^dn;a<=r|{B&wmEqByP zDXXl87HwACkfO6AbNwr<#pt2Fp>v}eCgI|idX_q*q<$P1%hgHd{6&))EJ(jPr7ZVf zLs2@pkzGE-2LzQY@v;CzZOSTlG&p-=E|&zp(yOECsC_?R zkCKecg4-o-fy-8)e!|RU0?0f5DO^?{`Vm~Uqew@VKj(hv4)$hsde}8}cVj<`>OTv4 zGhp$pSi`{_6;$QtYwgP2GeudRj0(|-&CuuPmZg}r!7$7pyGP@9!)R&4^i{v^s&?QO zm6R4GhE3Tixm@QMhRmoiV*8CGDsroetBcD!BUo*oHAFenEhH+=DBN`2c#WTb;^$8c zsQl!>7pHXhrP-kwi$u3u+DBD8fWP={%cPX30KBfhJ{S~q4e_(-hdlqq$Mj`8%AM?` z#*~XBvhQDVmREOoB=4fvckCbh6I7Mjz9iBJ?%OObJS@164W)UV?ZzY-Pv?G_o{l(LfVr355WH`z7xPN(D%bB( zOOt8+=db)q984K6n!rFj`vi~I+q?CO3py@;WUKmLIqVy!5rm%6Xak_=+ru~a)o5M> z-n}jNH8)spPoG1+vr*SRTWg)K2C*(^I&s~35l#-w`Z@>T?Z2VB$?(uTg*95w?CT(3 zAxL=whQ10iCWe24 z7x=ieEV|)J93{{m=+;eKw%Pw~(tobo4UNk-IKHj?pAoERrTYAZ96z#jJY@_2*NJil z*Q{me;xgkYP@v>~krO|h|Nnjb9DTsVwm*%Ij?xdo8edve3EGl^0klXH2vDG2|DPrQ zJAZ`tmmlBk=4MsqkHc(6ggrN{$Yu~2IwJoLGA^v%G-&|*FOdAtr2oFMIln7Vqo>4W zWwCM?HdZkhTtY&`q-W3~0?B`U!(jX$)Bn%OF93Yg(ZRvNjT`sN-nCE9(f>yB|N0)` zjSk{A`l#IezoY%%B|Zf|58GSi`YkTSV*2U<2_wz@U^>QU`Rf0_E(DJk3%b(VOQM9) zy=HGqRl5bu^1C`V7D83*whM`-Q;2oj@)l}i-Y{YNy!Wi!?Ni0TUD>=7Otq)e+~HdV z>7WHsej{oXp> zch=nb~o!&c~0K)v-AuCc1Ct z50^7=z_2cCdmwaD28{o5I+=7VpSciBtUO+r4(!*d#|3tmSnfEp+k+XnY2k)mJP({Z z=MulQ33yz{WDT8u^vOZ6LG&`)!a7IE5MyAJj_ljHbJ3;@y@B-SkG59lF!N&I#;k+6 z?@!=_EafqCQq#8PfEN~Cqd`ltaq%+P#jG1QwRbZ{bYtnTQgTJq&s?T6vQtO@X76H& z5R8!65nx!$(nuHxq@hNeI=@Yog1e6yO}hR!5{fiGPva41qsME6f8nE=6`g73hH{Pa9#KuH7m%$Ha4r?;9L$0KHx zMw!xS6e%%MnlWySa)AQnF^o~e&4SPn4_l;2ltS6E8Ja?P;Dk+PgAPILJ7&Up-?@v1 zEnocW&+FJjw{cgw8NrEAVMWMP=xxrookFoe0rG(Fm|u6FXRVuQ-6dDzhqiS(hqc7) zj>8|M*s!{JQTlMv7EL$Pf=wPvWv#cDfcRZk8^RjsJv zO<$oLxU^icSkd`-7kp~n@>daxQBdcRlaPmSlriuaZx;#Gl$9=SUleYB4ry`1eotQR zr3PMEV1P_^>M*i@dk+twjXs)L50s3YzBUDpBI)a}I@^gf(Xs{kQxgIX6#xEr$wDWj zOK>;@`(kP?ye+KRH`l*(PAicZ8FD^}#JSr~)w!4qaOzkcwLiBWUUHn(Xq7k zA5vg+oOs&#NX$N7ok%Q&0`#CrX3ujTpfT&_4Y?XN6@Z?qQ24gcU_Kd6!bBdV80uJI zFoh7NK4b7Glvq(X@K>~W@XuDK0xy|+K*$%Gtf-GaWQWVdgzVSu)A}_`b?rZzKjQyh zjb4+#?^D+Cyk5H3zwgHmJLW~LdtYY%ZXIJu=qYJ&z4R>TyXMx`A%p^RVw0;WO^=B( zMG6a|fn&lAtp3hF8f4Z`i1XgdARR>wLH-2cw+|C7g8#I@dbXw5$u~9IZq&XGDN&8_ zV^`}x4G0JF5aI*Uh#VaOgv-*RqDuA+hAW0x8F$(&R7x2(zRr&y3eD#M0eSEZAQ|P` z0-PAg1pOigtbF^!oF(7v0?hHMbiXVFbZy-q<_qbK^co6Y3~Y}@V@JDS4~r$Y)DXW^ z>cG-g?SaieO=hc%eM9>Y@PN0Mi|x03Qqglnc?+1sqyW)t}9_UmE)D)DhL!}?N2YbKCqMj zgPCNa0-eUL;CfM2N#F!h4m(O-KgdVm=fFPzVJbIgIECuSb&=;_3hwl|j!=9ebx;=Ve_ja=`Zo*{5mlqOhmPT<^{ITZKiBvG287=3CLmm7O`FPhTaffz z!c5*Z_z)CRi4m6D^s4l*UuI}c={kS)B;^KW(+>jlJ>tz+!CA|4{n z`{gZ5(NtzLfeUmfK#$DV<4XY=6Z*vSnY$}2OiE7f~R_iqBs8bm5dJRaBR+YVTW9(3RRNuR3NLkL0NZ^rULQZhC(sf_Eat;{1i&4zhkk(FjayYz?D#jrndYZVa%7q$6~kxaRK((UG-6(ym5N z`J?EX0#Q6^lVQMBuZ5sOSsY0u4?A_Z*mV3h??JjdRzPKm{u>qgE|o7`ev4mj7?A0| z)dF%Nj6$3$I-O9G47q=11iTYrb2ylp$*8`?Es*7J^y@tV*&cO3Y1T8EB$!e1yi}gc ziPxLS`XBctF?GWy7q>p6WC;_}v=M*P-;m!baf`Y|%!R zq8QJ|;mkY)#&d#+>&3~!ljCPamA8f2M>uL|E0Kg&d8-89kyz0zHD$ycvA{`Yns=Oi{O4!J zsU)v6i7{NzIrh|DWn8M~0gj2$Hf7PF)LP)N2r5&l-E>imE8{{L!EGZr4HG{%PYs8s z<9Fde`E4inK3#8*>y_5>;2J%c4B6mWQk%X;ilY((HB!HJ=%5uSr!ZHRupoD!wJ-n` zXWv{Awy8u*YlA+*N(Ix4DgVnbD2eDX%{xd7n+)EI?-va{#oH7R?axRY`CkAMi3M-P zAg1B*a8;7n!msma*m&+RaV|JiVMX-Q;w8mcgE-b>=PVcck-IY{ff(nIY*ZNLQ;FJarqB?cnmSr&98u+G>x8Q;ne?S%s zc}R}bWt4?K@x28m^~zDb?KN3-Mo)7Dh6CetoiBQuVKb(UlKUGBBLx&?86Bf>pagCo zom7XaHd`}-3yN`ZuFgVg*g~I4MY1-V&*j`eZrEa=Ez+9pw+*!4J@rqS9a!}fp6AG3 zwCm27ZKzCP1?dSk91BP~mTjU=CS~67+qzMhJcptXtS3CbKd-4` zh#T{2wLnO2-+Mk?W^P?R4tw{58S+L~@wNz=kYt#P?$)P{p%~)VW+%3gWe;zaP1+)L zh;I?#uJz&F&cX=c1X#c)BKAZar&=4)*w zwM@W7DIhdk&PHXgOGo*u>!^8NAI9{ZOj}m9*(@P0TkVnoDM{F|OBARsPZZQgc^}Gj zonLPw6&1mxrlKBegRMn#ijsydHfzmvA$f!sic52x@^!0m3zULk=gUj)KasKrI{z<8U z$>R_fK`xkGD{waqXCsL0gw*Akp<4_mOxh2f-5?k|6GqRu7ub_0a)!mWrp@q1O9j!} ziYh|vD59KcBL#f$mx@ENm07`@NM@SS1@w>so7{_rkcA8qUi3DxRoIZcvz;yRx{6~j zEWrR~kWcCmj=4bv;v;yY7D9WIg&0=b8U16G+ZkckK-F-G_21yru1rL?N@xB`7OZ>! zpyrBtDb4BUl`r^vxE7UzHknNFewUsW12lK$jh2)fE1>l8JmNt6m{ncm5s3tC6 znfxm1J*^ZK0gGu@CQrKzd1@7SKco|G$+6-JX)sBuq=Y&4*T7iS!hnrfh+`FEvc3S!!Ics z2Nz#{4N(n)jTZuKYFGHwNJqDWi2dbouvMI?B$T$tSKR9hF-9vg#6ypu2a*vSAp-*I z19NU;`qR^SnPbPvPSL@`iVDV*K4dg3-oWBZ32V(XP)W3+lHf#b;ks*sP!x!$PLXx! zbuJ$xjD7l|Mty_7=wk2`nHeB2dWlTokBuUMyGTvJQXi~eKM&;;ila&B)fS@Fn+xj& z=SGuFkKtWzrf>sZX5*S~#&5HM?2Ty{n}yQXIarPyWbZ=^Xu}XK%f>IbwI*jS|Ab9l zh+7K9(K8P^SwURSn4^P_IA>oCw@Yn+BrNq&W|33w+VTDAw_ZLze!7Y*3P}!=Yv#lV z(3e(J5fkMs2ws|{rJXKDF{s!V1OXRh^V&&}Q$cmw4U3KbTv~t%aH&nkj3pU8#SWu7 zk*wk~8dAepc43Q7TjyjCO2r90%{_h^e4L>mGwx6baZYdZuaC}}+t@prOFgI_xEu{5 zs)br_Z_X^yVr^;7W?Iy7j__By==LN)*l+ynTO zS-lDEGk zDmK05Nlo-}`NfvA$v3s-ScnrIiJYK5xYnZDtNM#|8UHyO5I47$-ejS?ieLn5d3?l( z2rJ0UdF|sOC}A?XW^8)}Da(HuDJ_SWm6YwZ`w>U9%RQ?7J@=lY?!)ueUuK;{_v!Zj zG&p(lSi{v>;}(76aGuYCb0$($?5#R`78L>q4ocd%XAsGJw>JEl;{20gTR20YOD^ns zY&nJ}Jq*m&YQ8x9=Yn!RwoD@H-E}3U=kezEe7%mV%^8JR+?@LonSX;^A%li~O6`d1 z$@}u%UH@eODM)SPY8+&YW>hSM2dTatU2x=I>X^UHqbgI0gNKyIH7>b+_NN=OK znma&SGsFET!V{l&5v7`=?R#c$Gq$AL)sl}H)nZCZz5TVt3f{jrgST0GH2{BxC>f>e zyB8omLK~R9^?taO`==z!)k;?=byhGHleOz(7LEyjK1CN|hRRGLeB1f#Wv(F)pk!9y zO}tr!1-EtoqY{S~IyEe{QE|8^`UAGhWOqMtI;&k65?_0K`NYGHu|bN7*)uyREX0LX z*P#$i8iKA%wcNr~iG`KM1WE{<&6x{_-FZHdlB)!lx7ja!BLQ%*ZM@#+&hz!~tD z`SXMw{}Na2kHA~S<;Lw&yeuzg%4%P6am|(zvvlaha_8N2ha_uDIFtW|GgXAVV1bOx z_T$jjW}oRa3S9YSbK28J?PTUbRtFsVLxFur7sZPWujTW;O33;?4nq2g0hQsP%RL>+ zc)#;fMUMR^jI51VE3e(0kjYai)rZ35K_tH|Y4v|8%^vyXXmZXsXUX9iV>xK|T*53Q zyZU(1e;fHWxxV;jKK@N{KSj*mm>z1+D7JRnaaYW9ldX$Spye{GG%=C+Uf#*^eGHV~ z!Sn0N9tZ##Thjw)nF^r-<;VR?E@f}3j&dKU6BzNHzn0gcpKPylYsAo0acU-wQ)N!1 zg!|Hw7v1Ust{f!)bl`JjrAgQqDZx%+9-#npm3du$H17=uj-?e)=MzA`BiIXCkEO`e zlF*(D?YRaotb}o~9y>wGyh*S@1{YG|53YqodUIhm1y-~3kUTJu#V=1sFUIr)RAo+# z^2!9~(*SP=ezaVx_=EY*r-H~QMVlKMqZ~^uV~s8F zl35upjnP=#im4X`u1(dL$>(~}ON0nI9tJ8Wq;Kgmg5i``hR2UGl7q1WNRU@8(J_sL z8lqIT#5DYV6{qL_OY)Dn?H7L)5|1+y;mp$EO+}cVOMl#?$wYhA^3gay9cD*x%B~~Y z;k-tf8CiqG<<0jnLQ>RW&q&B32oTuoze9@7tNt340ih>^s*aOow|?A>$`P)mLxHp9 z&~a^5D9XWtj?nKnn=B0vw`PYAfB~IpjLk@^vO66yfD$IOGD*uEm%&Csq_q&yg~_Jo zr8o>8f+kSo62PwraFmkQx-h&f@b3Izaj!9}FSe)+v(7e#4Plnm;HMtZqbX<<-v1k| z#kSpWgtTvl&D^5F=I@A2XvqYdsIVpn$s{It?*_~OWMXnRpZ4h@XiHg?nt22S6i?LE zHqLYwz4PUPQtik>-b`eG09B|$5*>++y>qKzc}R|w!0eqiK(3n^Io*fKpXh8qu%SL$ zoS_^uc4mmphV4jckecRFoycjh(}=6CD=;=1v#AKZ7=`(1RiY9lf1u#?V`9AhJEW~si?klM^nWR z5s5zxSL5bltb(E_~e zTql{u5Tupb_=O#V4|)z?f-(=GdfY7=tqin)ZUicvX&v&$q}t&yHQ$o`Qp36pc|atB z{W4Zftkj&2paK*VbIywjYOVdE=7;_vvet zsYdMP+#;u;v6yWpr`(wRfVujlG`L*Z6SQ{~%xH44)P7OUfvf{9o3O)-7Ir_+% z-u{t0$renhpxB~4kNRShl5Dry$9p{vJ2%ZgcyCkJ1)(|Lu*4y_&LBeZL8SGk%s+l}shS)ju_>U=E5E|&1pv{h0gns?t3Og zct2E3&}Fzzb7|HGSgc&XNJ5wBQ~tzLEK0hL|*rdLYK+}ZmhJ>BV+ zi;msbkFRjcxZ-_vQ%4PDlu+vSUQLP8uO(w+kD9GdPP^ulyKrEflEr~D`x`q)3w%f4 znYib1j;!YEa+_tOnFvEu@M_$j^i@^wved8thWqXB_M_J0Rka0M8v~Fy<8}gk1ng+b&3VAg2l~H((^G5)DU8kpj_blN6CE&v zHKEB=NRsa2sL@%+rmP$XX^b!m5c{OvXB|)nhR=n}j|0iPdl?Kar!cCy;Pvzy_S zSw@6Ub7R3Ah*&5`H)gS84vej{ez_tIopjy^_k5FU4Vc5GxmAz&(}qg`W;91vf~LqS zMtGmvGN$^{T^Q_4+|h5YJ@v`x|Q-JGV2uVITkt-q%a>MY9>z|=|) zhhQYuggD{fXh(i!Y04%sJK3EuEV4=&fz|QvOQ(7`fNKCmMheXg_hwV4h>CBJ!i^OJ zyBQ*Bg$~AzCoS~`VFRu^!@IrmQfAG@q1Xf(2zZNf=)tmxuc|^05mKFJ-3lj5!(T>clUod7D%!DHq?}v* zum>RR#;5=mH-Kim=+7M#&IO)RUUp_mT3`mHR-wXxo5CWC9RC<6zE7<{FCO(5sPju=A61ov(J z_~R5fU^I}>xAefcZX?KyopG1bqR7vlJX1fvt&k=e!d0<)XM71WVR3QOR{Olv!}17$#-FB!533 zL8jp59}|@*s5|6K!3*K?6{cchVtl1H>AjV13?vz|E|NNNq8;dZxDdGVaRU0B>MlC=^*FBy)UevHS-P7={I9cv{vQ;3^R)d@@`R)UduD zBD{l_OJamrPE|?FvTtcPH|a1lUrWOJbI0v^_@=vPM3aX@bPR{VgBtBNQNFx!>N3H5d@M{2m@XeK03x3 z1-tcEgNoc)+d2GY*>MzX3t47yu4w8;wdHD4l}7olf+NVYFw@OoKv!Gd;lo+&K$D!& zB$~il>uZ(hwwRGXc>I`9y^F+yw>{He6cZ7V!6ZNHjN+pYqEod`@#$EMnvFK}8B1_r zwxyTl;ZV4wl+>i8lE9Y7W)pPMg1mrckM}DPt_kDDH!m-Sp+ZVeZ&8V?RqCr%``u9= zrdHFO?VpJWeL9xK7#kkc7S=la#bjEu`tK_7k^SPzi%(OV* za3xq{pl_cLg!cUt#ISx1!=O&fZFw=0lCg9rkt%ACf=-9ydfAuI9tC5Rx#lG+;&!zOF~l7LVND_p2uIZ3gJaMQEabeT+F2 z4Q*k5jRP_r3Np;#dyZArqa>P9iD|cIwzYi1uo5QtqSgpgRJ#RZ)UpCBmi=+=z(m+1 zfCe)Q{0YO~Q z_2nut5h%?4*}oz+St5X)^HuxJGxVUeUFISsnXJ+E1f7U7UGR|)gz@Pg$@(3$UJHz|kxg*d6+}+ODnrXIT-S zX^dG#WMa11uDusRS%{NE+og;oj-EZ>4XlLe>*1HmXIi=fg|pN?c1{~pbd9}QDYJHo zp)q4%^^F#t$|}~v_?!P}uJ9g;Q=vU~=r^j#tT~)PeUb;YaxX5cgz2PPdqd4KJ*7v_ z7?O+`4nw=1DsdA$=|D$$yr!#ijCthrRk>fSM%&cs71b4#wVVtFY~$Wm3sLZJlcD-? z2Q(SiG~(EFL{^jocwUMYgdv={cAzmWPcvt5c{**x|3k#Tcpl{+$7DpyA2GH7^JOI;mQW{ zfB|!bGLBxzVLQNdl%P7KOp4MENFFZHt;QBYF~uWVi7M@Mv~*ef{jl z`)%&jT(T>x@c?AG>R8LDE?AJTLq&~#ImEfNKKcki!5jt*Sa{A5p`tp9gS0trl}fN; zdSqUoTFRUvG^VsPzm=$4g+wu{Li_35SZHrXg@EU}h?iGlBhT7!s8t5GF}(F;03kbo z_fG;RLuqYO(&N<#^4O#b*&beId^H=T`m7H@EQf@)>sa^*F89{tZ~e#q2D;7Xp&(*C z|4@+-oFAkUpcB_Y=7m=t{pX9mmL%S2FOH?|VZH(v-U4fD_MVaqr znkY>&!P&#mD^+8=0k2}abG4G*P-8*hJz;rb$3IXK8_z5J0Q^+Z?r-`Ggic})S%1YR4Y>wEd zy@LZInjTxjv09@@P3MQEdlGJq0`mPj=i`pH`rE$2mMa~!*+MKzue%1uM@Lfov$rTt zSM-A55G=>|{dJK!zP zk2yD%gGn>x={8o0%s`s&poO4IxyRvhN0~0ou(OA=DNowuXQ|N>`*j}ohX4*HmhG2k zYt95s66A~V2p~_@-MJOM)uE_uu!6Y=XHt_xMqOc)g2Gzqu%Y?9<&V~XL@Bwc9=W~i z!Hl%ZPxQfo{lTRzzzOXlr6pIJsZ2~|MZ;comr;)7SsT(+Dx^_FnABsu&HCaNBa4NJ z6B)DoDtW{MREg^Ll6Y(0^#Q?mR;5=5s#Lt}6SoLYSBa73GNhtgsy$h2DYE_@c<_4hk;UI0ZqL1fGH(_o^*|5va3703!MH z6gb=rW6^BJjVN7*%vg#1JNO_6BWTRRVs++$B8Adiqm8`lB|VihDKg+$!=%-#DZ?Ht(!%(gi*zm>oe%HyJbJe3SGK$lDUwSjsa=t(9Zgki~Wy@#%`)mKwb<_7c=limI zrDx1G2Y+xOIS;bIE;`j7ai0TRR{yB1Yaf$LRUg@mi^wBIZ@xe4cGOuXZk)6HF;XKG zgOfl7S>RM`$M5}lk)3R5I1l4EFe|m*12N`UMkAOEhk?kibhB_MqLmZM+ijkf5wQVI zaJ8IM#Uyf^NoHC)f?7i4t1*ev0W@fZTinzvE(Osgor$rZHg?( zu)Injg9h2|I!PIHi`Z}mxKaatgybsyi#3F?Gnnr$**D%_Lz)hMe2F{$mN!913n zw;xg4$yIDAK*F?fUx;Q7O~0WPm7Y~}@nyS^dKOjkPE&DiW1U$7V|&6MwFHA4bIN#N z0zxZ6Yk^?UI&y1m25ae6Jv+1t4~Q|tGaAG_YltdqCVi4(^*bG%^Hy|w28ohD_^gcX z5;HqXvF&UaS}dpLdtf%{D!@Y&{pY!V8VyqIaorlYet_iHa_yFL5D^2i&;|=@8YcfI zN2L5*Km4WgiM0)CLIZ7}M{#VH77IhUz-N6Gb3{9tB0isVl?Y;-h&HmsX3}8s-g44n z@ao}wEbfQ;cPyd&*Znb65d)GZbTOqi?@G zd4 zXb1$8xnCbEW7qp=&ZYKY{Ne^?qq$Wv#Z}OM%!HZ%Jc>%(!3_r0t^e9NGMkA+El4`w z#N8dMfG1J!a+S{3~ExaNo=eA%J>gTgDc^#Fr;0dSIJLKAZiq~ zkz{r8wp?q?0<{cxQxmTuiYq1b&?S4b!fDyu%3K9E^gjQnYxTkPS{S=P+!CXsOdbR| zt+D1M3bp|Q;ley9L$#G63f%Ofu?7mGrm+jn`~h^xD(e9l(mkNY_cy8J4% zVr1g4KxtsESLof84n~*dpr4l&9#-a~5EB2Jgx>XFhg!`M3Zi0NnK5f|vRI#RaONO< zIc)H8XwppTaT(yc@xC~eIKTSh^Shj9db!gOp6g?gF^1QrOcHbpiN!=kU4k5%kYTNr zupVSXeegDfx9!_6M0YhqmNcF&o$a?9>h`i&ZeX6Lvt+Mo&Bp!WM9H64qh8C&wd1$^ zEuX_6bX}i4KTlP%-hP>W>yV8!+8B=S@s`>SCLUq0LWbTy&i zn~c@5_(AFlAM@MaUz0@7zFurP5P-v_C?)GPJ6gNvebR#o7i^+pm)gar)8%+v1rrr$ znB2U*pN=0iJ@eeG-plqh_8=&t{9-RMF86q~q~ra334pI=LxJ$)R~cvAcHe&;!EL>+ z_-xCKzn!%G{YJ#+Lo)xIv-vRn`6C;-mN9ZdPSki&pDqBkEGp$BIwFsMHoUvxO!s*! zlx7y5jkpaBTNb8VdmjLf>-KPJ_*j6uB=^$by8XK9mmtcTa#w1C)kmql0&F__ zjtStCW5n>(@qWq!&-Sq&DHBiBtKFp;r#StZ3IQ)Z!t7_+czoEW+qivv;(C!{(?)&+ zEXZ=d-b_@uCdPll7Y2vB5btGI}qa`R)%z8Yj0y0E}ht|S+=`Nb-11u zOm(>as2B0k`?I`5+QzS0a70IUPjPUTAqIMzr&WhuE^jo_H48dKw^vt_GaJEIq9Cskc92uwECw0wNKNvDsvc<6e6`H0Hnn=`TkE@Wv>_|5i= zFuV89+t-&nwjs3B*>a_rsa}51sl@wD91=6FPeRA>yo^Lypa4*|16@~`h3A7cN5QNC z>eb1aO!}C>7&g=muOc`#Bp=5d`UPEbV`3qpvKL)azA<>vcKB{cDPO}zGy1J3NV#{K zzC3HqPvE!iqC`|Kj4*$Y@a_se(1`E74{q5{(ktQXV6(xLo4?nW;Wm!sVzRUp032R< zb3)f`!!`=3-@ezsH1pNd+*~kMvYCGbRXc5PuxChCe!wEY-%)#J#`cFjt5m3uYMZ5o zSvN3Ai5&Yb;@!2z(4W^)S(ju9wU;j`>HR80J=gX~Fy+z%Y_`=&FKBM)%#iY_pR@jPjeJ$7F*AI^ir_fk z>-!-$%5o+B?rI)*j@#kTGq2B0jcYY|T5P#=9QZQN-Hmt675nYi!1t~58oBMb2wv9@ zgwr`HJqz zvuC^;OJ?0~!mqQRG(qYqyS1AE>dPOZ&waBSS#vjl5+K=HhwL>7q4tkg56G>@Hag69 z-{>Lb0gd#RPtULJ)HN$>bDY|P$@9BYa0E1kflFbNQH0kBT>f9wK)^48B0!qmKP)k? zuUCiM)n7y7=&w|MMjB$ii4S&Ki0(0rz@G&B@O-x<`=|F9i`YCrG+?y!RN>c9VuBz6 z)>fF8Npz41R{%{K3begC%)#}Zc_H*1Xa~8RuGMZO2}HzXp70U$X>gF*=#{Vw8i=qj z588sAf0v9o$>Fx`O z?{Tt;4{>)i?|0u$AaNqpU;9*Qg`fI)``rZ39lZ?qrpoo-q8HR0l&FUlGXxIDjKXDp z@NI3BcYju&Up?8}A>3V^XvY zGGsikkX8h3UVz`spxXpQZXjUy40IgErwj;l{ksEU(rh$N8yBeCXaokJ9SGB+z5B!9 zSb2dY>zoQUCCD;l>CbpDwM=Z%I|qdQ#%alLusg5fg$1upf-@&R1RA)kZRzn3UU86W z1IPGzYA-BuWJL9LE`rK$7 zziFlQq^HJ$X!y5@kAHW+o-lG^wz37tF@jWTE4DFJFtF_2he|&pyL9RXRePv=(M;Nt zcmT`d7VplzOws9=#y9OtODP(`QrcAT4p`-xv~ss{H`5Ct zyz3Q=vE9whS9jaH@91I68Zxo+xier9Ojba8ST63o5D^yWJwkRSq8DBMz6A(cgYwV3 zKgDc|q|A#(U$=S-63u1S@1-e^NHPWLmA-|&XLGL8#)O_q751@jIh)&lKQ7)N5FKB( zY_DrePqLA^bl&Sq?hPf%D@NS>@WMBiDCb@7tO)e!dBdCNw!rS*Yjk~jp0?o{9gI`N zz!$W9lFU50+A(l=;Gc?NzJJQQVy**4x#hIxfE6v#rVQSG@79wC88DN27yA9wk(vD~ z2mLe;_q;A5!*x3nvd8iG)yI7OB!W@|&sqHd$rvO0pB$9+5O+dZv_+C*{ zl+?5wbmeQ|%d(~ZulEPbx2dVR`MqtkEi}*un!|;?sj0&IZR@)A{aljGqvfCNJusdD z)3UzaJ9}8~{K|T5Fm+g8W!xCt@@;wgbeERD+eQs1ubt!dJQ4!GbnE*6adnSDvTaeD zsCU`6t9IG8cGP*Ozk= zk=NrE9u1tdK~l(%HjkFis|3&dGRm)k6q}!gE4ZJt=8YRjR1{>8u7>xA1g-3Qy@?Inh@p{CQBHoh_uW(3!6QKWZ6HgB%v3sg68IPPYHm3r0Q>; zO#p);JX@(|JI$T>vMVTXR&!YSTzJxI7}O38x1(>u8sVf-*>hL{OrV0hKZLa3_C{d- zP$*uzZ6@vqiQl}udK_u!i2Z2eyVaOLD5c`P$~-_!0V zv5MjV=G;Y+-o1PuFYwt(+oA-+C5Pb6Rt;mtv$bG5>YGvQwTA<l4>Ku33seRJ~R8RBvvWR-oG@k%vweGXK{YdN zxtW!FCy$D)J?iM(aP1t4(eggbNB0MihRc|s;BdDc$7p2Cn=Xt1%KR3n+dSh(rFoxA zaMVu=jV(Tj{9yjz~%Gq=X<~k?#d`l@^QWM(tH&X zZKjq~*qz}Shq}L|GxsDw!?lnH_v^GgWq4U-D$+6A-B5y!N}Tw(yj$90CdBPZVY1#z zrlfDPC4;vv%kYXFTjAI93x;9GHX$$AOXBVMbTfSjvKMyb>)XkByS$2sLs zc6jx48L98tc^Qt*r^1L+%DLY?sPS|bR;0cBewuafm{$jI zFEG&!WM!d&M_6YsQ!KhtWR7ri7n|c`T4SarPxg^vDcwQzDIWRS^MgHr6KLbUT%Jn8 zSjDqj0}!Sd1=g7BNiV^akydH9m{%vTuT5rJ8_YD`9g{e{CS>S0o9TvwcHnRx)w4(8 z#t?e<5#1fQK-FVzC|*A2Z*Ka3ZdUet6F-u&mT%!>;UAbjz~j}#bd;~|lZIHUPtWeY z`+aL9@yB6?f4zwA&dbQ&Do3)4it}32zq;pyok8$y^G!&&Y9*8Bi9!*dc1%>SROKLw z`}EG!!qW0=B*kXEdcNEr)FmCYnKzB(A>bJzflp!47usKhrzHOKSOJXI^g2pd<*vT z?i8L*$5ge|bd>=W)HFo!Ax$+A!iU7Z++Jqe(fK6l#j=w=(P4(Rk~!dj3IkL1b~@03 z=Xst@n)Ci(W#j1{m(9s{Xm=F^I5k%=^LdJd;=h0fuJ0cXw`4cb~1(~knVE!X8P{LjpskUxHHhNa@ z-jA)DsE#IbAjb;xZ*=5Ynh?Li@%xDH&WCr?gHJ5`4$+?F@Q1wF9Q^MA)E%TC3y3h= z%PsT)%b$}>_neiJkY`_|C{A4Gbqk=cTLLjxqTga@z5gTT_l9=XVFZG(a^84pX}+A7QgXT)JP+a| zY&CnJ^t#9Qh7!SPSlgCoRhCZB0OOTLBUZu66KPZl!p+Ir9%sXzLKUt=?#ESUAw2Hh zm)?d#RGW^{&Lw!h?1`z8ft2#uY>w9TSB(MI><*5qqusg^(NGcAWqnGnVB1-1!7kax ziekDstg?|C-cKnGE6|Ak0K@`!tG?cK08qI7qEg`!km@=SE!;$z9D0}KHtLhVU8ZMz zL&!BBSt~gnnlz99RvU4|D4!d1^^cp@@9ed7>|eQbufnX`dh2OwawlCbfS1H4-!9b?Pjr92SIqFd9SUBI8hU&l z7v*?=KiwbU^}JZ?Ysf4OHBckL)82{*L2?$#);+SD`P39DXI>A6U z1&5Fhq{~VcWgQGzbicl4aCaO?ysufBvRU6+;=WpksN)`%6tm{4mD(Xb$8{>`c-^1X z*Ytd!FUTY#)9FISxus%$E<@Gej>YvN5mC@2D@&V$C4{ZS%iJCGY$dQ+F)s~UeY_UL z@O;=`T+wV*{K z!EofO?~R{qIJ`z{##OlXN1S?~&O~J*i)XHJiR49=qCfa1AjqKn-RC!n+tgt2*Is)t zyv97N8rC4HH*&~wGuSq#mg5ycj)G4**w)OZ7C9`JMTAk$R~1f-ZndvYz7p1U0~AT_ zm9Br*aDu~#Z*tgB8&Xn`O`wzLrl_?T(B`@TA;}HE>db30ps5a*BMNp8pBZmhRF?DC z$jff$dWU%80@LaJBt#wHj$PcqANZK2iM~~muJ-JHCuZnF_SX@uNfky+gE9w29CSCJ zCB)Y<7i{J(o+l9ohT_*Naw&R`_Ii?}7xtfC4w3U6!a_m95&DbnbP(4#Qb`3}v>UK0 zrKXlxPe8~Z7M9oNJzpAZAU5^6m%ubzLZxWP04P4DDwPDzT-p$om{8U0@(OJ%8w}V4 ztcPJ)2ijuwApJXXeByV>tN0bQwpZ6pUZC*A*|Qo83AKQFRqYH@&Csz9Ns$dD9I>sn zr4^?nEj9+_QvlI@0%Vbr^qWHkwBAj5nIH1@49IBubet+-+6yNlK=y1T&qPHy83Qd^S@%;3!f=gye>|b4)4F$Kb@bk06RxXe_ zdfYw)T>9i=WTj_n_I`guznE{7PUT@QFeMcdd4)Pf9PF;wNloY!Gd?HR(Z7qqqbRp( zfJMf8;`c5Fw`xC|jI13*E)L=zt=8PO52?_Qc^p=D-<$LlkF2q#(RH}O9~hw8XFh@C z)igrK&BKZ8F=iv%TV~7g!wuBQ2G`NS)V>B|9Ts{Mh|IRX9;hqfqI3+C#~O?XC1@ND zz^9;XO(u77IJG%bErzy{qZ<>yP-QeR6gyvHmSaCif~8+jqr*eBW*(uysp%oRjnncq zx+Ru1HF~s#ZdK=M4l{J*G93plhR_thi%K)cT+*nxt9+C1#5&{EO9iehtJm zlzHahX7QW&*>gOWy59qFDDzC>UES9IJo|f%lfe2xCj_etoR#6Bap^Vp1 zV`sBOd2L(v7X0YFwseIuDYm@dg^C9}hQ#!Eo@xMKOI41NMA?#=;drkpq-UiK&(pYMm7rJ| zd2>8h>P0F}OYHrY!pj}E8c-govgD#SR3O81zlv1yAc9~eZ?E3Gl&Ey`G0;O*qr3k0 zR*~cRS#~6L%bps$G_15Zkf*fWw*N)D>9vw|Aw9fDO>HZ~wUB~zZ$H3gk&J|GfjGCjqKa7eupNTu_Ix(wMCjbl zh}pD1-SfTCv(ro*89w~6z--g`xad_w#Tg?LWw-rmbL#zRj<3eaO2cW)UAjX5Kgi{> z1pKq#>3iSe=hMb-TwGnz-C>vpFzN1Yhs(~#y@j0F+lI_v3DoyFn;q}nIZ|y8N-UJ< zvg6v7pBbI+*OiT#OrFq-Q-_+jPNUWh z)SjCBSudWt+AR~tIUzti_#K{bqkW$=MXMx$o+s%(ZMB3X4E#Kr^jVlZ$#LU^w*1)| zjt?f*pXj|DKs()ZxGg}2{4Y@CF^9peeJ#i@Qpdg8uh?(|xrO{=2S8@PVXZScjfFF%B0lx#up<3*SEkEr9D#@d3gHFNQ`;}YF(nggW>nbG6 z&K6n?e=HHl3St19IQ#|6Lc~R zYZm(bCPh)RG|jZ%v&omZ|7wzTG)+>gQASyKNt+>XA&t{53G4GO_M^yfBs7iRwB;F4lNo}BJc$<^ONSXJ8@KP6 zoU3BVN#(1ymkeo?6Nn9>)H#jn7`3y;_t2d(G83fxMC&Py9+0n2eyKJ+Ku^a%>l* z`Ek|&1_};zAZD?V0O>@7{-+IvzwdVsyBP!nzrLsT4qz0C{*}Aj_;D4TMYz}FjSH6x zO$H^dbzAF8oGba>Df{~rD^|G2aG)26$BoA=6$}bcL!iLL`Q;dIo4HR!u&u4Y3l0~$ zYW^K!07eZ6$|5ZE-2F68=;*1O{lPL`m|2O$@ZsUuRF5LUJs{)HoL`^k+>YIzaM)c( z^v;yOs-6YrB5MQm_XS>$x@xd{uyXn1@ZcbM@zcA8Yp~>nt~bcFFE_3mC2`}9;3^Y_ zTbB;-{BoAL7*Z?vm16JEb!#?x0vK~u_#l$igun-@cD|=`A)}jZC4rY~D$!K*+Ud9- zAVTb3(Dc#;(Pm&fS2d$uFGERe;Yb8`AP;W_J(&xl{C2smd%&!9<6r(OeZ!ZP=vDBV z0`8ittA<1?ghggFjvkui4w&NP&Tr7y%^J#x+~zU4fs1p?3tnMH!~z44X{Y7Tr^9vW zMEP46&Bl7)8h-Lq7F4DNe<;-xg)?sP$ylx8`1S7yZn_t_%|URh9OTFO=)s2(>}

xz2qYOpQm8UWf_|oP;~VgrQOTd$;O{q?M|@W_o3%KLNjzY9+QiZT7je^b%I3 ze)6&&NcRXcp9#tSgBC)}8Ra?cIqQ0-v^Ohf8@zJiG}BYb^ZV~KGV33xO73S>d@A{d z0h3|~?6g^AGPUN*R5+Zt;p?l3iLj(KSkgD8fl3*Hc`0Wak&iBZNo$r+`8J^dY zpXM6R(Oh(JFCu&NuH~jq+}K5?Xixb?(9M*P%t#`fP}*JdpgNgh{2cgW3${g+8|Wtd z^DAQ}9$Sn|ZT)h+4duc0rmnf)yX1QHPEEj zQE0dAc7R+yM@;4zf%SBoi?U$?ap=fQ@LWHyKXBde*F3&IX={9NXai+!&L<6dy~T8w zulI{udsn;PARQgP{pWP2sB<0FH~KL7Ibc# zBtg>VmxjOJd#M)+T}?BQ1sDg0oLE}mv2Ble+~B9xvxYFHh}Dw!Vx(S6o&eG6SW%P}h(Sxk zhF;E7rKy~~OPBaX-h=-&9PHOCABC1C0bLNDZRDHoXrI1*TFO}R4z5S^(4BXvrJRp2 z2dDYR08&l6?Q* z6y^{Ty}79DM@byw!B#_WSY;PVf7!U-dbN4jY)yF&JtYh^mhhqp_iJLW-(ktaJMa>@$c_{+0~7Y^anZQ-6ENrbnBi)$Rq@l- zC|9cHL1rnm8*;R93K5<(#c>pUj5Qa>pCwDbCWH0s*kX`Nc1_42?6ekK4ZGY0=~Isx zkety&f9kGI*O8I6FDEwwi+sHgCRzf@wGTrYl@(kk_b>5P4JnOwPprx}S%r#(8L)xi z@huTvw&kD~tNQ~N@cOi@3vnLLVo+_||n1Cz-%Ju<2Hym3NOqz;P( zpnb@_31~ezrZ(mrb;Ybwwk0MSE+ENifRockf(yAJ(Dmcn~M1 zlP}io^`$_#rboE1-{V^jQla>>vdNXSw#Uz1LStd|-J`m=?0D(2nN{iKHpU3``LQ;e z78>uVZQ9ZjO1&l~EpgI_LOQ!vV}Rb}rLmY}m16GGs?os607lqU{dxU&4ec{>r0+F` zO@L9-e8>P~Av;ceDYCdIoViSw0pj%?qhdS!vUR%1VcArDr#qiKyUaNWi3QmQqpK2O zuo#Dn3ovo97gLk?D&rAfWfw_P1!%jS)b`MJv)p1br-r%5%VQ}-6Ge-B{1)Nl=w4KB zZNMikJ1*XM;Mk+Kg1gxbJLDz7z^J805|Prh8l^Z#@}PaW`|$Lj!o^#zIw>cdfP{~G z3*?)gicGTNL_No7S{x5*56yKkk&MNuHc+)lIXD;i5kAbG5M7FooJ---^)9n zs~uw@7S-n4FrkG^2uK$D*HN9zNYOfPSI3)$EpE3i=6l=IBULXCh z>8Ome(&|}xnVxp{x3S*c*9Qx{4&LN_oJ!8y&yoshu%gVLa~p}je6+mFNUfhqF$wO* zOP>KZ)o+eFaRy*7!iI_DdHQdpqo3Zp#2VU2UyEleylbBLm-}lrJ8I4O=+Tc%FF4xW z4_{6t2{SkwPfvTaoR7eL5nSE(0asuH{?Qj$l*1mG2_Z?YO~KE?e2!6Mc@kzMElGP43k&R2m4+;% z!wD52dP;;{2EDCe>`r_MWESXgmZUbKm`ViFrKrv_t>7gNnrzfyOJP=l%#3D&T`eL6 zIcF=XI7ka_N}r?RVrZA>KpZHQFAWX$9}av+H;CiLs^*>2ODrmj1W2Zv;%9>TSEBk& zbZJ!}VO+Q&6H(Y$!$|`Ns6;7B>}smS;S^|1qmrtUH5>UiWoRHuk>SPv-U4)6Ov@+U z_Ouf82?JTVi6p8~wab&_?lQd%4_T(?+*~E}awz7xW*HGRNG8wH0?!~E2npJ-%TP%X zK7W1E8L%~;R+#Og5q(+#s4Z;XY>Ab@fW(j$fnZtXAbwWKufS4Uap(d#J@@uAixA}XN8!L5wu z8yU>qdq#FLvVngVm&q_13FaB=8-=g7AP>4mr|saK7)fmwM=7?#8EMCCf!F`*}KRXI@}0mz&t~Vgi+2thcY*QXVnHjskPfGu6-k zgXi8?e!2I0esBT-%hd*dGx#QXr+f(=yJ|R!xG-LM5=+X7Og;5WIJU5blXbWH{FtTM zgx}#Mkg?hRkqIQoscG;+`fW@W1<2sb<4wUSpc4hsQ3Y;Sqhi1OaLS?qD5ld@$gwYD zZlG7oO(tKrM~cu}1II=G>fd z6dVFe?8k&>;~R>)KpNXZ+f#=)9tzC;L^*VUO*La0H^rnlJz;GT4{t)l(UuH{AXCauI#Wx)P>ZO7Lmo*o-hONAu4+Y9K*SyS}q zM7e4gwOC4V(uCQcK1APEdK1q-ibm-E$T&9=4aHT}V5YN2jPMpp>RQ>?^ay*T7Gc znxVBHxQ#eVv)K>)9R+(V1=f{1%ffnDzmCTHSHbR6qrYKSPLrh@$gxI zS628C=e;%YU5SDsvYx}MKg5yWUJ-zKmnYSQi;%7W~+LEbv!ZRK%lV-%Txpf0+vElKgloVv}#A-|2ObYNKl?iZNy(5 zhq05S|D;(N$iey9n;4U;X*{>GCYH%{2Ok)%kEwtaYX|k)z?Y2Z9dG})4me(Gj!u>Y zKAXC|`ezGdHo*eaY2&AX7(AF7Fc^rh1E&8NeozAhil)Z6dM|ZkiD0Iur$7JyW4_*>nxlsGcXxNi#Ux9aLMHc`LtQoP-iQ`08(V^2 z0#GRf^ytv$P3r$6@%|q^_>&5sqiW?MA|j$>iKOf8H`iwR@H-Ao|4Q3mRBQqn5+u+k zIP(8c!@tk>3G_=53kqw?Po738?^9fREj=Zub^y6SSI7zVR4kSLe=6~RFYRt3Kr;#x z50AI36QYuv@k52(Xzc&K#a~ig1>foF&d%=tVTpU>KDAXju^C}U(rGwg7ES731Cfb9 zqif(Eq&;I)eq)JX*6uJ~sdR7>Kpb41kn|xOB0O7G00%W(BZ%Jg0PsP)yHgDfeIh*! z&+56cOK+A_2zmLT56?w_9}Rqo)Zl%gF^BZyApXeDxJ29%4rYubW&Z%j!lH#S>x831 zi?Vxxc8jomBk}5h(p2!OZ(H~d_42$zkJef%?tlFLZUJuXG$W)(x}ez#Kg0>ywq8Ok zQeMsnYX0Z@^Je{j9Oj#PLMOBrEvkZ4YekO8a4*H!;;r zO=sdG78T1evmvCE5T7m7zhv3ko{{9e*E6oBRlC3UOYr0#SAzQL7i1H;* zS~(lcQP|ryiRR;pEXl@!FVKKr=T`kkop0vVHxnS~nj5AK*O?wyIfjeL=y%ph{A!Vf zG-4FpJFukrd5>4&=;{;(&Apllb%Q{oLBi+EVUW1DDNhbB*1v_j@~L(j3vitU)V8<} zK&>BaJ+h>b&`XGi1R}}w1oHBy&V}~8$@2?KSFUz-Pao(H2GoV2x#!KCtGH@4a?eUK z(IYZLRIr+tp1MmIIw*r{;>q#yv(UV5>>pvsZ&tNWHFWYc#`LU;k6EP|puD4o^cn6EWl@lhC+eBh5s3GgxoD~N0`Cz;A@{*-?)b>4AsLc7 za4|nudFQtPyEp%>6_@@17l+h~ouBh@90J!w6o z0pxZE4oecn6*6aE$m>q5DbL^~o_0V=ok7AV3 zF%mTm>i-b?tLGP7DcS{D!K6oll?*``L}qbRZ5t%cj-YY!k68lbY?>j06T1vZpu~oe}138MkeJhH=n;O_KCP6dAtPZ25$6;Do`O%X~RPKZE_eKhBPJ}BS8Or^)3Mxh+C77Riv*k@TK$z z2+R<{lB7uc=b|mS!CcTes)#U%3&TEc<_67OUxTI63`3CyN$J=@lOb=F6<5*5h}zLN zxL@l2>VO%ta#d?#a>W*b?LW7M8=X$gdLYuGY-Fc42^|*9ZcOAw!dF~sAt|Rm-Un%| zpWkL8gX6ih$Hc&RQEYXv4Jr7or!)_nS;~-2Vp(?xqn@NK;eh zGj~l_q**I`P7P9ID!!mSa(BMGa##(=K@jYK$k$81-_)-FnajOMP6Ykk9Ml4f)K!6F znM@y3o79zEL5_w>`gHt+FFF^r|IGgat+ekKo|Wi}VDBiP1prGHp2 z@sn7Ach_Mly+X5~{ymT_2TU9-VP^hU&}-l@<=#KAv0IL2W3>J!H8$3DMG+!CIUyPE z-w%X9OF>wQ63XH4*Ee%p_Z*h^&m2qn2Xfp@q@DVQ+&zas-nR3A z|7mxwcDgAnlOR=F-<?XdaTRG;G;0`y8As@1{+VGh3Y23;~!#E;;Mk=x+vv zlb)~->wYz=kTIZ<4fL0wUu*FB_nDnG>4abTC z8}RvgUEiLTNyoEsEyKKfx9CYlm37xY&qh(?6h3Y_Miv9vloA(O_C@b{O%hhuqrY;F z?4*UUXxY3(grrfqIcsCRfzfC&&%;dQi{*2PuiIS^0$}l+{o;$-{X=FL;A|USTscb& zkVgv_ef+Unvy17xGz1132TSjYQhxj&zv!|e&w z5(z<$MS96YJRV`*bVj;5o;r54kkTp$+g=3KH;Q?(f&6}SQBHMQYS;;DrCcfhPNFI* zGRR2#(f!5(I0M@Ag9+%>FF@nnnKwCvm;bOo|MzF08ti_c(uj!t>v0bNJ&AKS0_!?7 z@k#`)^7DSF2}|FcgRy%{jo0in+Wlb0W$SGh3F1ngZ?BkH=wQ@KV=3+>nd|NO;wIAu z*Cma}OeEQQqxm}uW~4lDcAph^C*jEC%6oJF*0pOu-hp*wapFOTb@%)rjUxp5)6T_E z@iKATcB1|_gNc9PydTosb_3cy8^NA2LF9H3h`%GW2`jC4y(CY~DcqeL%pXjEvMo%^ zDvuiT>rzq-;zg08MB7~98Lp@$VPVHAvf1xbxyZ@7xkDLQjUbc)4^!9A852eLu_3i7 zV0f9qy-b#^B(*He2pqhBojrB4Y_YvWf99E3G?q|6oTSJSo{J?zksW8gG;mr$&7L}s z7Uqlx4i9)TE$!+fLlzla&st?XHY7ExY81~9DUhv%HOxQhQiUvzlz|3z`eI!xV2EjO zJ&tH<45v@ZmE${=jxK?d-J)FLdLkQm1(n0a?XL&mR(s~}a8zmfmmFP@!#Lk6aU6N9 zLZGp}i{M5!pqSLiXjp9VRTN#>dKehv^4#7L^MdK9oXUL4dPvi*w1AhSP0>2X93y-p z3#7e(asmYz7IBEW_(GI|>Ja}Ila8z^^~nP8P!tlGj^zAaEH=Ad&hL=xB(Sj9?Y)OW z5DRkzQVzTS7d`8+lSut!peqxRQ*1P|g2R3u5XQb)T_qbH%$Q=DQDf}C=qY1MD;$~= zNs{6wk=Z-ZDOMFc--I#FrqCu49pkG3c8pxT;I^mRX`WT#s1o%svAa0?vDBeC)P+_W zEp_RnEI3mxIi7-*@qmF+$3(~Vv(VLNLHa|Edr$RIshLcC%Y&1BH7a6YHdd0T7>sNp z&Be%UAfts*Q5xMGal`{nfBOT2D}(TT{rDy%^)Xi~ZraMs4E150Z08HGH3X>yW!qi! zO1;FEGG>F#hP?nZiNL)wZh9ep2tyLo4O9I@xeeKLbrFGmFf#F1NIg6(i6{d*a0eHA z8UC8S6l_zj5bvpjH1>cvvqto`Uj!f^KRxE#*frP;-Z@RqB} z`CN+ZEERPn7)HZEA&r+tHE^?|Yev!srP1EAz;tQRA*~Xc?2X&Yfe%Cuxh)HrHcF^; z!~gI})Zkyw%n*wNW^hrerxVFx`tHqw|D;LFbf zQSg3tXu3D{6eFt7R-)edvO%Tjx)OI9o#8+XBvAeDm<(F1qE~wmq6jer*Vy_9y~T@b zrLpslE4{*++M*6mA)^Ki^0=#BMrNL)S_qq*6eQQnfc#3oWbrr$WSNnwm~~pZWK=WQ}6oSUt!7sw|0Gh+qKfIO84&ihM=VhkwVEhlu_X+7V`-Y2T*lT80&$ zZzDMf#zt4i^jVd_d68IBX#r~>Lf9F{W97#qsIEX^g>+u3#?uFd(@r^Eb6C~xu!Xxe2@Lm=jV+zcl^{`ObZJr|7}yD7VmZJ;MQS=*^ex4HtQD+OB_R5w zgea!IJF@lO)~PZ?P@-Gk{_&$R_QzFJA*Y&7*MIDl!EjKAkKlwMPfl;ZdP~eNw;A|$ z+_)_!of+A^OQY?pM@b8#9&p(Pe6R(TmU_;ltc0GiC$}8MCK(d${0{6m(5V;IC~zQz z%hs}}im(Y5%0*X?ipP(1NlMGmsF^hS(c&>!^JQ%F-I%E({=%@%U#@oWGBzuPi_j`d z4<1Am#y}m`s%t9!LM)N?N**W6XH=Q+CZX1DRUBg0@`eQ%zVJe7A@FELUctRBI%M=9*k|grkkWKHnr*g2Xt0uNrqbk{PN}4=K!X$dO ze`pGd&$Ugx;EYwVbc8O?cKG;IewCLW(K`2d;4g1;8^)S#?qj3~x;@a8s2&Mz<&2A! zVh656EGjb`Akubb`9(BdGIkCFf9YGi${k@YARROmuJW8bbjK|pTTN$#8fzK|^V6TS zmC*}jPb^9gt_Q$dsO+Ry;yh4u7FpDm!Zo78f-OH_9>+6!!~=&OQy2hwd>H$E`_c!b zC`+8Lcj2a>C58-_HDCa7=Xwrr(Y(zqP{2Xu(MxITJO5=5UbAR;K6V^tHjN|h;*ZB1 z>hG}7eK%T39C=i@GsJ}Y4cz5-Ayqb`BnnS|eSY+_OD#UYmFn(I^hHsSF!n*(DAb$V zkpWq{5u_!g;$x9I9S0<5GJN=%+4kvevD>`pul2ck*}Ca^$=+dS9}{yx9NCIC;FPu` zwYwy$wxhL=uu@BoaKGu2L-zQ6(6$HI92NllpE*%~UDAKPr#P!N#;Ap4<3iFzYU0Op zgtjiu&d0nB4U99B)6?(NAWxI%G|*+Lgb144Wt~aHbmhhj|FNbWkC34#bvpI z;vvIARO9^eg|gjgCNxCz>WZ>ipo3JK{#ed;vmQ$SjyXQc$>W?%vtun7NE62%TaC0f z$GHhH6_((&}Jsxurjsk@d7eYcje`|R>hY$k$` zAPYGF?XD~RRrv$|rZNZ{^Do!x(4H9q9Q_~|xQ!$-C86zl$>boYHo6{zl=D0=&>NrP zT9dilUUsVN>I7KhZEfSo>mMcWyb`Fk zx%i|ZZvW=d>rTfH3*B@$OxuX~Zf5RsIN9D_=)q zy1sE;S<+^PHGBdfGw^0z3acAFAyd!?ZZM@_ZhuIlKRp>Naug-imLb)P>=voc9~r&$ zxchaJOL3jNP(_bPJm}s`lE+>~o%>v18%f;5yVDt5PoBul-V3(dxtU#)$zRd=jBfN5 zq?OsA$Mr`8oi3Ih1d!c;y!fP3VDn>`p@s86^(i)P?VhQtk zqkD*_;pOCdrgQTL^Ce%l(MVT8qZ-#j*@W9{ad=YZ)<)H*7ot_R~G2#Xd6 zrBC^kQ+1DWE__--ax#^IfooOjvbNvD1&(D)K}uvW`3M7QvX!PwRPdA8#^=>_Iiht# zTm|&WV`aVl4ZD-2=xQEnQ!`$?!5!W2=b^L3xLA96wE1~3Y1vBHj0i`)JnCaK&UpU1 zY}VQK_|ap|#jF@N!dDoi2&Bd@)Lr7(6OwCnM z)3DVy;H>o3JjCb)gT_jQ@rKzVeO8j_<57%|Sad;*P$$iGqx(w>9ry^n`{I_V44;zs z7Ld5kQHt~>ooWe>+c(rjWE-3)`LR zdrfTh;ISvE%1eBvD4hVR2~{qcIac>b+H1s`E-D{b+`FWqpC2V6z1!no9VjilE+lr^ch8SVtRQ3mlI5L?}e59 zwzKoI_IvK=F8PDnbCIy|ujvH_LukQy?~u7*n1ks|fsAwIYkz3qXkWUIDrVznT7kC5 zUGJYMK2d}8UTOXBXH3Z$e%vK6zUEyd#&m!!Pg6^zzMUw+W{n+tx_Us8uF2Yqz`|$} zQVdZh?&Q3}tzmKXo6P!a^i82#8&!mya05nZ4fJ3|(85k5#Tb+>Be zLcZTNyD$hRJya7+83}6>LozwfB}UP7geiS2^(isY;Gdivi%Yb6iGpeMaHIq-h*6s~ z5;l2t6?6mK-lXjN0P7@4?D7!Tb%uOvd*p(S$SR@Up{kpO&N^AQzAU>Sh3q}+pPWF* znbJr7QUpqWK6*t<_2krEmaewdNrI8$WJ}_J%T@q%&3BK-eOwv1Y5{xDAa#*Gb}eKs zdEH;Lp&zjWV^O>9Xc}=u@5`2PdbokD{5e3I%g@uRHq2)|P6E5EM{-v1D*xGd{2`YN z_Aon58F5|fMspMc+^C3$#QURt4(HVOSmnW*1P#Qw`+y^`BZ06Mbui04YZt6KhL?lp zu3qlV*xra(#fyBZ=378la;WxlOra}+^o*xG{moj*^Ue2ZVVJlRam*?o-G!qh>F|NG zMDMe`tq1x$45=VJnFHyHYV?ujd0R`*sx$gyyyl}5f|w8k=^hd(&pRllK`U+!;Ggm?m(kIM z)mEgHNOLHUeoAG>9+!=fxB!;3P6<;Y;HZw9S67$nQ1s&k7M_nTyshVij-O9E&@GuN zw#SHpDF!q-$M*o%?6r+t;^1_CpC=(_%keOcpZEKYn(c=ko3@7=v%lT$46Zv`8|Rxy z?PalEGuvJtGS(ee%~5CRdRZOhwAXhbH{WwsF5izKGPoB@QKn((kAyKhUq74g(|IjF z?+r2c!+gAcRo#=L6+%r>C3W+{nFuQ7>s8y7hxupi<<9W$O|;%RVa#$FBuiyRk)6RH zZ0@+Hc?Cd!Ca^53w2r!;XIp{>=CT%4fJQjFHJfT$b>IqP{R({hGcG&j9|+>R0BUi(()Nw382iFgl8yo`Z&TDMmTbl;-6C_6&8j+iHc~bVg(gU(Qr;JF z@>CR+({OZ8ofN%XD`)42hFl1ZW@*8$b5dM41&6Gy(l(_AK3Vb@r+8{N;TobA1fL0x zs+5qQSwJAix!Cb{Co$k-3T{GDZc;mxC(gyetjFS^-tc*l>Yb?DxuXs~!*QavJpM>b zyFeta6&X-^JjUKZnRsDBsxa#WW#`XkwusTg1M6sSeB}AlXH)At;l5`^IAS)8G$q93 zR813pZeQ8)v*FS?^iXF;H6&R;*Knb#C@nZNCZCF)^dW6;Xg{#6ObqNms(s+4=-j3W z58<8@j_Ag@r6*2?^vdA+Qovf{TzA;9^Too3qSrE-t5iP1K#7Vtclu0fLpNx)AwUyHVtMysMRKu5Sw6h-Cjhj!b{9AV{$3~e zJ+LI%t6tiY(u_!lG-Dw6JXbe6*;jY^sZJxZpL_oA83SYjWpAv$@exONh{7^~~kKFWt9#h^@ChLZ1&g9~MPgsCA}!RWmvn}lBU zNHhy_YhI@@;i*ezMY!%1% zW#pfMs@+LlmsVa1g@HNa^z-CP7ZQ9ch9sh z(8rBkDvv_g@yLe}QIxri<4@fAS}(Xl>0dnk$Okdi0@{YZBsa*XG73)r^|Q<@3VpMTwO=ieiJaoelDnp0SN1zew#TCxo>ag|9{(n}j&ak&kLGgN zhO1)^e!wLN-j>t#OmY3WXZp;9xGXaXO-x~h+#Ahb)b^(T{hk-!Pf6bU?A?z9H36;Q z6SeMt_RVKEY&#Hl=K06hSEy{xF-pW6>oF^u^Oa z8x!*l=RT{|%=N_|_~QL-n>StP*FfD(w$U4;?(50=odTV~;%d`ML8uHhu8Y#!t`ej*8sz;;$Y(-T-j|>1W zymK+@-rM-m_FX}>Ku&>91GLc4ad68esyzp`#LB#v?|c48LhOzWPrmV7BpozXTKXq{ ze(P_aZ3~Ux@%pd!r#H_Kgr;`i+3@%ydpfLyTv?ci>1l6!Y%ExTk(~s1td(4odQyf##qQ6Sa}=J@DEGNeR23x%<(uP6LwV z^wQj%qIPiHtL!{^i@kx>ogrE-v zBDHwfRs#I4at>_5I(!`PuG||GYa3)*06)qrF~# z8+WNpxKwfNDA1P)?e(0tzy0jpJ@xZ7Vnd18+uB)t-+WO!B{^2_#ZRr~!DU8XJ(ddeog#Zwbkh8y5eV%y+ItPLYQJ)T6l2khfpKLZXKF7ojwBq7 zQ-}+Wl?!D{!j9cL8+mypsrwq>B0|i>hcZX>`ktaKPn_?9=Sa6a5hpe*4%NpTjD_Ea zCy245>%OR!%?{T^?T#EmE`;d#mUGR+Lv0x+D<+rv+e(Ap-qNFxGZdE>rF3l#?;NN{w2Q^jRnn z%gU|$vdRa2u7LwD?ks^V?r>&!^qGDrZ|noR_iuggulK(6VgwN3;;@%KjR8u?%j?|t z;s?cWke%`B=FD-MRneDoG*(9V+O}^>=D>P1(9n`IWENZZ?yi(vqS~hjLS6Rp>qpT? zehJE%PvWZjR2>&S4@VP>h>`GTj;2(@%v=y;f42RjXYP7>``K=g$cdagaz^bS$dtY7 zesuqHI}Ysr@P)g6v9Sy!^4q`ghH;aEoQtv08PS}7CM7o`Hnu4LJRgoejV8us_VM8R zH2&$H$XB1b^ACUB8FFyL>-oZY@6>qh*$_B#j>@ECwBfZEqdS`6-8WhNR&;p@db|Ww zd*-^bCq-vk3P22oT1nOZ7 zZ+bimzIf&0R+U85!1~4yGE7>yd&l~h?|J&IlbtZ5JXd*sj}JZXnvIW28{ngELEv6Q ze;oWH$Fk7_eG<^kwMdQpUFpP3UslNJ4$#~G`|-x1QBLKq1AV~Sq4oQ>zk4XEC^N0B zU`wqO-rUz=h73^ct=y%8Ayd({BOiqCtYmgPf9rcYYPF?8eSwT9FW+<9+uP1`EgaZ< z`>R=#H7cT{^!RNX51s3AWt8oB;b_ybbGe6;Do%#&x%2(Hbn4Xc@RRrM@2H(33UZGB zWM@J0fO5x{J3ne6;t#*{>ZX`98BxjPZT#rhA7=|b+q~|N*v{hJh3I3@*1$pK_em(}q8UzNFT4S4&Kis;fr*q0o zXh%9f{NzYR;f8ATY8x~0*O?=8n%36z*V|E3B`bU=kvE|ps5%-7$I;>WgQxbli^qoh zv(CeX_}swBO5MM$K`|#7%nLo4+$vTuI&pvmZdUc!TkRM76i(KciMOOe?v zlYU~NcE^!^(B1<#UF$2+buH~lPnS=aQTEt7-%M_-(@Y4X|8hQ;#ieDR*dLNo2f7K& z=-XpCF2X+%9Cz})xOy?Ir?rQnm^2{if^q!-tL5*itt2I)rfBzpSQcFB#xHA6_~LKv z;6~eUKD$j0XNv*L+)H{vdk00s$#_1Bp_(6JpAI;?vd-Jzr_{B`N+5%*-x5vH~ic{QgZj^;BarffsyTMmGJm4o_rMpX%{ zM_jzp&mYTyvwGmie6KM`)m}7gDYye)jgx23@Jl*D4!*`}r4sv$vsi zf;fNRnV&pSUSV+^c=LCUe3+Q2APSo^?|*XrM<;mI{OISiH~nC z6}SlRd&-(H0#wV*qmRPB_=d*aFOJWSNR zb>>(OXGTjc*!*}LY@Fem5zvpi^7Fr^P^M;e_6gdS7yiB>ori|x^fvmb z$%@ZEEruJ!XvK-x1p2h}%&)ccSG;z4}O|O(-^(8E&E^JvpW-Hi)T3h z!~3?kYK-uB-IcfS|fX&fqi@Xa_7vAK5duDyFJfgTXV z-+8o3;U^5OXO8VY)BxW$T+&~x8!)~WUZ=}xbq6xb?{!+q8uV-6_c*Qg8?F8%-^F$^ zK6&xrsfr0dUI}MG6R_7fopgXqR9KB#7onRro@O|m`|W0NxtuuSgM(@@{aBQ zVpj!}!``c@+Tr5V;LmVsXmVOT95n#p&r(XFpKga0qP=0;=3*Wi4!A_M4_>$@3eGta z#y$7r|K3ptJuouY@8|*7i1F^33(*~N>-0!w$e&L4!xw$7gQoF%{H;7=q109^xn>kw z3dNo(0qwQ>@B97_e|hU&cYXgqfAz$c`V2WyKH@57%Qn9IqyPA?@7?+8kr0}{del=$ z>wkaUqaRiJd!_~N{_)J7(wW97^YMt_hmQ`_Xo;fI3wIo@Ol7F|9eVVGQb+T&?ewX4 zZ~xhU{m*UpZY;LeX|2Hrcii*8{?~usc6e*h*}Hbsm(36vB~g$4=9d5b;gR)6Houvx zsgyek#g`d*l~^LN6-cb@;+t8uqr1y3>f)8xOu@IzoPpJCL5v=+&keZzgxBZwxu8p6 z7x)85L8%QK^>}Sy%chH~W|g3?b$ZD0a>IOn&cJJ7j8B7U{qyj44U}^bK0Ft$?nZ_K zj+pdTz0E@^XP@tq=)kVm=l6Kfod^fxA<-ddC-AxY5k35|jmAU_O)gn0o0*Yt0YqY& z!u=#+Xw2m3sqKH_1a)h4&#pYx5|jxbSnzACNa;LZXMheyLtbS2%OQ*pgQ(>ru#;}L zSY=GrzSzNX_#B+@c-)3rZG8phLY@i_e5OQxzK(!xOp8dNjrXW z+r9VS`HP@>3A{N78#5&@_AC=dA+LJjY$JSdZ zy#g+S3d^{<;n?3E{^30j??dxjNNEq18>Mp*&RL@czd`_LX z`$AnyFU&%5!95Q?_Fg9FUCf-{{@M?3z5Q1YK6Hv)hzj4|UkP%il6N>IKjDi`SY&;K z$EeKSwyPgpPQTL)7vS``T(0G+9<(wZutPYOsCk=D^f`eiJ5c<<2RTsWck1Tm=5**Q z3Ggbr;4!%7Al&u3;jSCBDCp?507wsvT2=Y(a}WOXXTN&x&1NT|ZA!^(X@_q(z(e-2 z+(UQ%=m$T2`FQq>k8n>`M4apc_Y_*8$k_hbJAb_6?gt)u;Er2=yWtoTnu4^aAHD0Y zN1w?QfwMu23B$07D_$>w3qgX?+H&gC-~9MT_dXoSUws4K03e@cX zWeh1hKOqEaVjsM*41WcRwC-FDag z4?g@tAzBLSy4>3V)eh9N)Ol?=;wn{milvSsiK9^BELC_*Wv(KLvqbJKQ@V@9juM5h zRPF{IibvewXo(D%s-~tYTU_E8PGYEFXQ?B&DSmYkCTPSvx zDt%=r3J`Cp%vmIHl_`DXxz~;*QfGnG(Jpq~^s0Thn_pUozHfw7a-fb}2HL&E0&>Ik`&~tLR!8_$p>ouYCiuPv}^LF@cRS&(3exgoGIMoqF!{bJH2pz}3zySSm z@MEKv#_rk*=K%Px!xQL>fKeIc)q4-YrLX@TmwmnNAXU3Kr7-D>u7GMcDRX!18Gyq+ zD@%^T8WL8kplu>s1+STtyXE8n6siG94iqhvXp2Qf#ii(j&2ASs8aM>-B~u=+HOO{r zo=>MYqJ`NnCI70s{A1 zbL4BcN1Tu=j^9kuGx%LTYjv1#ca{4}6r{^FW3kMYCv$d4ZhF=3;&%)CYURzs(F?`0 z0aTCJXXh)chA)&!lemkh8}F726k#Reh@PnhV4BaxZj+oV94_T8qMo#GmNj~zT;AO~ z64o?SE`yaWnoQ!P_tN(lYmgtp>$ZsKnn^ScNEjEZ__GGPnbRr@E|OFW7N*9gA};i7 z%O1`a89{WsA;q~uQDpnH5t!q2O^r{Dj4l-9iQ1=~{<*2R3P}-d9(E3V=H`BRNU0=q zV2-T+P=%l^PvMUPD}0vHuAzi(QA3V!a0WIJgvV0Z#);wsBRs9e^e!cwPe|D2Iy+?b zdF%?-B2@a5@`w|ZGj*~OuE7isqp!fa^(l?)Vw5y;yk=1{T2>~9pIZRiG{*WkUMR=` z2^z8^v}G6ij};FmbxbPZ8PF;;^VrQ|bHkfJXWv?t!5kciDOlU>z`*#20fY_wHc?>5 z=UpCYggamp-X7$GbW5EsJ&Jy=r6g7X4HVqgoL2tSh&@U#jS zLx6Xw=Jv;_9 za8>cijT`pwudl1$e~JRCa9Kv^-VfGq*mbBMG%+TA@%rCC`NwD1mC)h5a%IEzkKX_L z;lxrE9ISEiE*#(V@ut&J@FPy3cNn;|*8=diK!q)E2Y{cI*kI9t7j^8+dwN2nA3K$J|(N^;IM>jIrY+nn&itA$Fph`d=>Lcy> zk~mi~7gipm2apD`I$623uV;RPTBn(3DjxL~jruUJ3JX=9HimdNb2O^+8QbBg&>C5(k7w_VmFZlTWiOULqy zhUhZ4X;iu?f?h(MY;WRz5yhxiLopg?^Q?>ArJTKCj0z8mB+LzsglLoDt4)0iLg6LBO7<*%lj#Uv&pQu zN<~Ar;#>kHcgo@84abyA@+nhILyNEp0CyPpomcEE7@mcrEw-*^$^+Z`I!4fER)Ix6 zTU#CF#W3!fS&e~=j zeg5%3A30i>9(`)V=4a{_2||&u``y ztvg_N(-xy+?~`v&t%q5`xYaw~v}93yg0 z)M$#fcet9G$cH1&tv!MrDV)uxy7Lqs*X-!=A%-qY93IL0;- zqLJ2p%j8ppl1hjD71E551SS^`6s3BlCgH3L{UnPwS(FS4)1|2M^7!Y zpcTFTN7hgCb47(5at#cpQno9JJA^tDV0XHcl|#j<9Rp)6z>R#_usp`U9)M~EzaCLa zVagYMuwwOqUejp)HmKS?%masy91_CGmDb^wb0>0{oa)T%;z3wp+I20b-aFX~TN!z5 z@Wv;edi3`{e*nIXX)Y@(uS82GRc-#oFCO^IoA15*=uiIN7x!i9N9rH?^Pg&_;HWz; zSQs}KJRYCf;=#OHTr$FW(W$8^GYd;Mv1%Xg8LF?JhCpcQxm3N=WOl(XToH>^QEbs7n#b-~Os?gWqj~LcJQ`?OPvGrR zLOS$r`6yvrV)cwrIFp_Iqe$BmKC`tpwRdmnxRLNN^XScEPQqvJucoGOEMB*3(dxB> zvrXon3T8j7!S!{?T+Sq@eBG2@_8A%+H*tFB8!~B|Q>Acj3h2#)-)Y6?rILA2!TT*G z&D>0dUe&@lUObM5b1YRI+*kp60eqOZzHp?wpzp;~l+Drf_s;aZda6HWkQ|FaszEdy z-8i~PDr=`9t)5eY7Vuh8?PcYPX|M%+6QpW)v6{G5ZS(Lj`7mCut*K&n%oD_%>PV9^ z&?i7$f~j^^4jrp@42;zPN)A3T5A1yhSecQ7am_&vL(jD5M+POp*N8zayEGj4*>)yS z=Dj<^i$ccWahtd=?|fucMNv*+74qdWQqy-ts?5rWunXHNr~E!)`H{QeYUT5Jamm?m zL49xe=J#U;l!nDctzpsbcEKjdu4_L3$P<4HCSUCQw;JTez`$6654A6;DJe7Bn_0Dw z^wLg+3i~v6sZtypH#}~zlot1$Y@A)POlMwbPvy7>uVY+kR%j=(61i-RuCIy~UOzQ4 zYZ8td%|2qD%05#lADS|aPzCGH4OF1%+Hg9G$13MYN|`3vl!@NL-chdxPIBe&nIIN- z7*1$$8%)w^i-|wG*=omfB)^It{%XgT}>YI#|ga3qa2M?Ix+rC|j5;OlQ>bEZ`8#BUUGTTxok|f4xPz48i3Km=m>%Ns8SNF3k%x2Pw@L9-4UC%!ps-?IEs~=`SE|}g zcJCF^V1du_3W~0|YDaInyC-E+9TmgjWvp!pyzUt|7O|unPl#u3N|9D}4$~GqcHKlu z9D7qdGlyer| zO*ouFid+bn!m==%6(c$~2wpOztQa@BWTWTe8QW5L6(exiA5O}Fk(m2ZS*=>I0o#u3bfHmb-u!pxLaStRj_qI;M#nWLXKvRw4(H^lG2y}~D5thK&7RStB>Cu^J z{N8P8XDSECg?7+cCe6&?;0#)fmKg6Bf&jlr9;zRP2_dYrWd+D~1w|uJ8lTKl0lbU&(4_=2U=&(b#Zi%kLg}^e-v7<$K!U z%At07-LAj=@^}SYm~Y_xi%&lN$44LhIH5`JpRfMl#Xmj#)N2PSpf^0yj)C!Si%G=D~PEQh-4t)90ArL7UEV+xe;YXdwLxCfKh`|1`U$mt1 zMZ=)uMfe?KygB&cDByv#$L|N;z_}nKGUPQM+yF@?mwy8hz@sR!t9<|?$*4(yixM~i zolBk)NXSa61J(kc0S`_%+ukOV%unlJ&*hQ`FfcGM{{7(hdE73C6T<67-xyu&+!K;? z0lxh2wm6sHH1N9JP6zOYS}IU;`n}*R;NbCiT%;er$K`aOMK?i{1cP%p$Q3-jF0k!% zUe^x*U|?X}cpz1KN=nL{)@XAQYqa+o-ngp$I>GN6mubb*aEi@W4TW4aT zu!(_zfq?;m8at0^d}e+czTJguNem2(tA}f=+6#+H<#MRn;Xw1h0$`S*G3x7)9QX;8 zz~+qxa6RFuJO%~^2F90xY$`A?FfgtrylAd=YHI3LSM6{>Iy)y{CWCLhgP6cC1_lNO z1_lNO1_s7I0CKE7K0a=C;i{^3qs0Zf109_`V)3xaWYTK2It&a93=9km3=9m6e+WQM z8;!>5>T0dtYIXS6Xzw-rR;u0Y_7MywXJ}|>a&mGU0|NsC0|NsC0|Vn9#n{-GMx*KI z=+GPOmaC}R$r&=4S-B%4Qm}z%$Y5Y#U|?WiU|?YU!ysqK#KgqRE-YQa3>k;-3b|y3 zpSmw9DO3DQy^V^2fq{X6fq{X6@g0DC8#OI0ZEn$Ia}#T{_Zog{)&3oQWeEcV0|NsC z0|Nu&Ukc<{J6!ouhgCZU1_lNO1_lNO#tn&o71iz!eBAWn=R%Q-3x4b~-~a$p>skI9 zC_vzQsH?vhx&rheQgAwX)Vus;P%?^DL0&urJYW4(23Bnk>|F+s#*1;HRn))H0{`k9 z__iPuyE^$_1z^dFG2rU2WHN9CSH$o8W-~~iR|O!bi&q(a_I2gTt^h=~$^m5imF5z9 zVs&X)R|aU+s#t&lAa5_aEZeyp_R8mb*BS;th3oz&@@n}zxT`{dDZ(FN#K5>>_|bPy z;nz&p)Q>)&JMi7pW%w_1`7-!@Ue`ZTtzcka{7d6sW~}{U_^>_%dlxG_GHxV9R#la& zr1xdU`Qbs*5gfa6+kw)#<_WzBhklm8WApzL>z43D$rR^&h|X(sX*&`bb}Lfy>Q>Zd2F z>L*NK|Er%*=tsu7R5q~jl|HTj=v4olK%ULgfi3hFhoPlfus=hP$JRp^G8sNIzh`U$ ze$UsB?g+E6WnAM#N%?A!h8btnO^up)w10(`lK%AL6U}Y2^Dq*q%BN`Jy(!$(fw?7k zknp+ZOAC0rbB5bwX5?VyG>8wU@)A3zV78)sL*e*MGwRSdey!99eSNFKM;3{N>7)|g zfgEA066Q9_BHM7Mj4}=jGX@66*TV0GZJo6{{`k7TJon}YAN9ey0NtDD{+yts>}XMf z4fv1@xlB@1wl^yRE?)(&UD9!i0fV}N2dEer82>i7=~X+@&Tfrzw6R%DQ|R*ZXn8yn z;deIHF;CZziv+@xkpd-9V|Ht8F>~*Q_NeBmIjBqAJyn$L`N|QQEGU{q)j++5BpxY7 z^|h(AZ02-xpD;8{q;V74@wp!E98EG`Sv$BVL4xEal5{R@NqAopeV!`O^|tbMM{|cv zF!X;MAokT+<#bJqFV5PKWvkr-o;2yFSTe8)R&y$}Xd) zHBWXkCgM}+{R_|w4Bzi$lni7_fkl2;6qb~mlK4}OD~io&F{+eC)Is^mJXs5$m)XGC z719-2EEc0YvMA&`;20AIJOHkzF$`uOB9!^x*b-KpuPjUaxn_>H&wK zE0BhEm%;2>a-d-vU>uxU<26~`4iJ>rYqPp7p38E~<2Bn{X1fO+A&*WMM(|Z&6B_Lm zRI_WjOE5s657=k7xXiAL<1`+ZTL&7G+0pG45{=alQm|xk>Mb58GRdG4or)JP!s+H< z&u6i_^k#7S^2rD~9`F5{39tc@>UDc9R+rfpXi#7@KA+v;aRTGewRX$KOX_5DD1m45 z&J0GCvbwckdm$r-Gc<{wegIz}(cq8AYqhyAJ|pn@>^7Ix;nxhX;*mV{`+W|l8)ObD zQz&sDI(WJ-a1v-BfgL^{2nUp6_*LE&_}ohdiYc>6w7}HYZi&7D{Kq7V5BibcVVDMmKzr055`@G{AAu0Px=e%FMEZ6BP;Y z&kZlGW2l~6+%>y$J4sIP(A&n-VJ|CIS16!!VA#W&`)uPww7U7q~{T|zrZhn4#(dvMq zx{V#t4-}yh`9PzAfpOEqvN_O zF*)H#FalV(()^YQsM<}VX`yT$Qi0PQ{Ig{$Ba$`b%=d*pKG5+dxanjMaC6(CwgXkK zbxDigHA?<2t z%cp;IuJ4Of0T-$}Qff{Wgz}VN171Y$P!+p|XY~4fjH>?FdU5E5f#=ULdetx+jGD0v zLEW!~Fmj7%AC}0pHqYXaXnj0qcf>$g&%Dh(mmS~x!hz0h*%Arpp)9Dw^O&E-uuhc9 z;Xp9xbb#Oa@dMF4f7sV^v{daN78~*hKRQSKFuXU53M8LIPM~h%ET%;hr&8IU?%L7`$~lplixKl99F0%%-W(FW=h`B!LZ)9V?|mRjhWHR z`r_EYM^WsY(!qEJob{pM$d86~zZXi~kRY1&I|Sg0G(golTE{q72ii)Xh$m_2QcKyA zJ?H!152x3U!mJ^$5cxAB6T}pZ!cB=Zs!=tCW`axzh70q@;3kr^Zv9+sCYJ+8$@GOu zEQZEGIIKMttWELsBLz|wxCExr$T&`1GCizA#$$^1o*Z~5gh@4dv?^&{8XQb>h^4#Y z2HrVO*&NSiz#?O8%jHznu(!lhJ_w~ZXn+flzu-4;J9x&Ysw#(vp#^ZP{a~I%HMdY* z&mSCf`GPYBtA(bgm%I}_%*b*j&?i~$?KT36S~oe zsKLJn_kWha>Vc0I49)56tbFR$bb*kZWkVRs6KPH00(#APIn2Sag-!}DDUNj@g7RK4 zt#KO0r=SWlx@I{Iykg#0&$hzAz#!$gSCf$wwx{^{}G z-MR5>?+ggT+!}FD0aoo8H#tDzRZcqwgeHmz^D1yqWa=GS8lU$kCZ){Z#Ot+_p<8Ss z8t*`<%1-#_W#YU{6)98<3~qQg)KCB>t~9T8Viw79RwE^-SWT6yi!*!9*3O!(rXl`x z19eJb@XyhP@_Mysny`b{$1QF{6BP;HXgxDW3PmvNARv&corT<>_Op#A7D*=6>hgF2 z5NSS^Frj@?>zs-?(RY>$1h63{lUg+l?Q%HGOyxp#89k~*V@p*`C>K-a=rn9{zZ z9x8rrPG7djPb@Ch7V)?~V!oac***=WS^%U4lX)R4W9=SZC98%HtoFAgb{(jILq9IQ z=t7B1Z+5n3_lFI^cxQU~?<5MQUBEc+lxk7P9Qi1jIWXrTjPj_A5qQlEQ-{(hQ9UzK z*?eYN_whd1MF8D9@N1U~Kdheyf4eFvajj@RwtKE5oYrS^Pg0o2<7E@j3BKKkw5hct zmsZ6wYWadZ{-Q=WoYy=%Cz2JlY7F37jS55a)j%o7Ms`NBL4)TR%o->h^O%PvQK`dd zgkDz?(HqON5t_*}N%T$~OyL}pv#VM)GdxmUH0~h`CB@WJ7sP&#wXIuFL?2Bo9Ly5I zD}e^y13=m2pOy$>k!tr#q)82`Y4l)aLLe&28;9Kza#b9!gWX2Y81fK{qkAew6lOOw zx951{f@pFfKe;!uY2Iv9pFcm)39Mh7j?bW!tH~)p{@Ib?tZWVVdoqIFJ_)mMRy-V? zBr_2%T6X{X>`^b_SFyPV^2eZWwB`?4VBO4H={iw=+c9nBwsE_JCND8v7%D)c{Z?ubr;`VSwXwRK zz9(05B7X2xg?fQls*PkTf#CF-OWL?eA}Fs%>ZrvsKcUlAmxxB3=ISiAcnnV2aJb0# zC&~PrtBmEUJcRgt`W65HTti7jK~x7$3h^szIJLYbm)FaxqzwXb38z5Jrf2d*n$h}H z8ORt52*9k~QYD$RIH$Oh@I=9xV)mz@4EB`6tCNSNN?=E2LX(;^xI0sHCYyh#WTXm+ zPhb~{(kd2wST{vDmO2NeoiIIcTxp8RP94^c4G3!LVQ&biQgDErKcu6J%Lm6AGl%## zpM7$^rJ9*rE$O0bfj6U47*RAqnCDCDge=%EAjW&y8N4|ON7UE}MWoZ^Ut+UUg@*ZI z6{8vUK%8!`!#GhJAz3ib=hcY^XsTwRrl&&4n$WZAhvk0nC{3D_$4_n>pM=sqkU{9z zKeMdb38nmagB-m~>`@6s`Ne7|j6LMb48BpGsJK-vW{q?V%sUBleH`U*f#`VF(9v9e zrP%J!jz(ul(b&ALpCXPd6lb(eX$jxFT%2DpX_!;@a3{4MwEoJ{Vpj#9;dBq?u$U5P zjaD^MlA-|D1oRLrFCq0-w zbi7odM02mM-F*y#_IWQ(IP!ViD-X21Zn!F^|C<*b1tF|i&+{J!T*&XDS_0O%oG#b$ z1h-{CiAKWd@?3-2$8cWVB`XbG0+iZS8TNHc#0GFho-nQy=p_(hK07vccPy-=p%PWeHW@7lxcUMP=itpZn=OvJOGCrd_Ip8-V1>n4c@fCBP{=` zt@L|+&}_KI<)t?cxUZ1QsuhbtHiBp_dhobGaLeJ}pnxlrT?YeEW{}qcVmTMlHCl0B zb&UYv9L`G%3`~6T zN40CcT_IIk@05+0HTaZQY_@9NH{~Gajs9zzQV{sK&cjyT%&Hv~KcAE>X=gztgVucn zDrr75k5L9IQgd-ErDF=}A-Kbn=C^9l+o-@IQeiGe<+D2EXuuN~2`VAzrVLKtPXagd zVo5f=Pz}R$%0wZpnl(+c&!KD1U_#7=L2 z!C=~;;nFSxfTug7_cR+l74Ya1k|=dDV6?X>r$2;?q^nF4QXrjLT&zu`w`gH%4K&e5 z8N(BcW7$E2Ot9~sjm~BCO}Gf%NLV_&QpBR>d^($|f$h=7TN_U=Cq0Rpq=Dhp}#GB|<`r(h8dK^rZ-9p(@@M~X08I!hSspcCbuh)QA(qKjZ1 zRb?az<%G2-mDxWE%Qnmi(rn#qO_QXcoE<3!5xW`HjDj9e*Aa^%-mYYcYGg8}V>Gv8 zEGDUcZ@!!fAIgvy|GMG2M)nmziem*J{TH*~Ycc~Cqrm3P20!R$->kNOmmu#!ePh(? zf7?(8XYCOVt9^(vN-R?1k}lN3r)z|)a{JCEaKlb##AH^W7ir{W+YStxeUzN_AMUC} z56wWG)|dYIACq7`CO!3TczhM8D|(~vDZFuJ$Sm7%(U!H!?~)R9xyj)0rDY85fChKf zZF8xg%fq-q01UffZMzI#Vd-^C0O(Zo3rzBPw{*reGJB2al+OB8Q_9%=yIy(u&6nPM z(!<#h!T2zm zk;&J>K+sSg=og}wJ^iCi%+I5#pT*L0dIL)qPBc+dsO0STRq!kp26w&_&EA{HdOwO$ z$koAKVdNae>AG zBFb;ht))kCp)wq<=+6=R2(7NFfK3Gs*0F@}fzQL}dvnABsM!Lq!KcWraDIe$;Mm|NiJYA5f!A{+vt~29WZ?BM=Gjc@ zrt>s9e9cjte5PYZfqcwPOb_xmMf9(aVr)y{527jkl*s%bh}jJC#jFU56T+u9Mtx}!^~1!WBN=?5(LOI9 zPEU}7pyVy=&C!Ej#4>iq(>tKzHZ>&BJCSN%Pz-0p%iz@^RXfU0_n4-nR3Jdc>eS+s zCkD4B(l*DlyGKBQ_0M%O-UsC~k{Q(ndP;!)t!oB`1I$Kt6J~R3KD8Ap z2Ct66|16UBc^rLPBE5kRr1(-*6g{BYeW)MhT#SzD&Xn04)`^p$)b1%i;hibZWNZ#$ zZcgMfjp$}VcglR@V2KnC$AevPU%;_2GP-L57_{Fs)?c=X1M?S_7gqWw^%`LP4q*8bV4BaW-8zN zuwDu(F<6j2qVNqb-u2)go^PIlnFBqb9?&8+?%5}Q|HnT)`oP^UoGa#|UhAqCcLU*~ zUow`!5wwF4*j;g3-arM!JJwnewx<^s5I5Pi1OPk05A462IqC6zYTy9lwTO;awbRjn z1bQ-d(Jz9}3p3S1J5$p?fJT5l%W z`D5P2+8uv>urriEc8F}$+_FbQB1ot868g^ z59?vCVvOx_QV|~0vq-`tGJXy-QmF{T^cG3>6{c3Nc$?cM&60ZvWkoJ_mBLxv_={46 zPfIkGHi?mjP^nVZrpFT|YqWT#G{>3pi6E5EN;zl-2hW)@ElOUuh^*hIpWQ4Q&sj19 z3Qhv?bH$pDEWWb2cEHF#3YdZ*q}H&QRo&*Lxfc=o9^UXV-j2)FIjvPDQimGMz~P%z zyY!M}R`ASzWwyV0%cKm1ERGPpyX1*587mxTU^ozdmIrJV{AG=rT%)A|x!y8%)L_t7 z1n)6buZ@~WRi2|L*o04kxzBmC7T466v{A_O7(c7Q8bP;tM<|;^uoUQ$wv3ZiH^som zz&xgSwxXbfSu?HSls4-?ZbHWcLEuXt5T_U4{kbe!6f16|b`AM{!ws)8P%q8|%0t2) znxHOIrszgtnv4d)?f|+wZkWm(g#(mt zUU&)07SO2_eE`^5mT8O}J0o`EBNcy{s1L38HL`5#tnm_SIB8bw+p!`M2Wxqb*15|X zsJe|8IH$$=(pSX!Y9Rf5+v(-@r=8rp=FFDz8c4JyA8)7=aKv30UXoi8b-)t>+wGQs zjZj&2GaR=&D3)i)GuExU-gkbt6vsI@uw_Jx8L2~G%_jmsywHObLK~sKFVibrG_3K_ z;fOL=>i+zwZ8SF~w9@i`TSwns8eV_f%}a0eaZ+U_bapFTgSc%uw4I<0786?2wU5EQ~+xpWq4g%g~JA^$>`~|EfbiP{9_A_raWk`$=@`78ge~0 ziBFLtv?EgzZTP`_!PX;I-7GyL)`8P&hEc<&`;75#6q}NIYlR1I%fW1nQ6ENJ>mff!r?PQ#_p z3>l>K-z6IxN?GAcnFQ@`1%jA6ms>TY&t$<>W-?rlMS4H3IprIkT4a}eZ{LT$BYU!0 zftcl+6G)Ljmf71nL;|y4pg5Rgd#><$Q0l@Qt$Zd^0uNuE?CBMlRnM&H=#Icx$dQ-ZbCz7I`g4u z16*9B zyJgSr9z)JzXBz>JA3^DdDgo(mrR}Y^d9qi7t=;zMp7vlGi@>oe#>x+`3P4hz-rkvT zTYNM9t9pXvR%%#^L4&P>r*d}+LC5^v4}lxIoARn#aG*f7O|65gGTG)sfr9w~8)`0e z8DLF>)4vxzLwsurhGbCOq$Kovf3U<7PJsUC>o{O z@;4TV!YH>nn#=bbIk*dD;{TxnEEEfRqXW#p@sa*sx9)fz)5K4fNBejfre=xf-LWsb zPip6E28;)tN^Dl-zi;>U;w`sP*+VPI_jB;n0PZ7f3W{BxgdQoFE<~9bES@MOrQmlz zk52=#dmd8%vS6QMBy3#G(s1IfeEWh!ovFpB&6$0hly(lchsPA8*K~k1*&3nlV&Z5Z%KM4@K!;eF{hCnzy*z7v9p~ld(QUk z3Eobxs~Uj~bGIpJ*~3(l@p@X?BgB|>Xfohh3))IlP99H&M}dzS-s=8EUNeB3=jH3?xKX>8Tr>$$o4x4N8MJ*PSN?w z02m}bMf#SSuibBSFT-JBegJ{5AIx6e6z0WiIeKGu%KrHSXyp9S&$e}lrSpvV0rVAp z4LL~BEnHPC;lIE`n9n?HnM^J+0J=OIy|Y+tjb43VX(zHg4mwTQ zkLn#(bv)@@^(>g^%$E|belNiMIb5G0EVQ4M?fCG$@~kil80NoT_Vr1dr$~cZ^;}C< z5n66N^T*UhI9Y5s#Q*BqXggIhY}?{*;gg}TM+y6V`8fc-)Bn8P%Fp+8YEG}X@Uh6? zd+icpVKytOto@C@$+!R3yD0UZ(X($3`zQa#YyrVQZO0;|s%OcQD8{F5Bfm*GOPTk4 zDUNVR9 z5H9h6gO`krezC3u7L8P#4q*uHh zfZS$Ok9gnq2`^ta0DNNl{@R3TA$rFg%>`0$R>7qsjMoZIGO%XdL!*3NHfJr<6^QGf zgbcokKXl2U*39N9tKRRkLisoveLhG9$)mD2k}3ED`XIDNDfa(aAByuc{X zVcJ#w9Ne_&eblnFxsfvDchd1ng4G#@_z6dWU%Au06azvY+AiAfv~bd=w5%_1)BEMZ z%l(z}=lF8nnp3M<@;Cx9tF&@#(+f+9hi~(D=#wvUmTp43p(&bI#id7NeV&y05&Z%j z!-5WX`29lPBZkhJB)_Mt@19qlQ;EXv=}Fn=!degIS|VlR){9ADp=Vk#&BoVQ6l5O+ znJ1z5#jhlyk{|CEbnwXNiKw=Oa3>02`1~G6Gz(D}xh2o{6>YE%#kbyTm+$qN!(1=7 znwohqLw{WOT<6-Fx>R>^M#*MQuz%;>vH9FD>4rqs{~YS7y_sME?eG5H-W|qgpp2>? z9$)weR>7kj3y4|Ax_dZm>e zm4s$OP~o>HH2w@Zn-AfrdwBNblLo7Mq1XQ0^o-nQ+|2B7Rw?S%n%Qz07DJO5L7Jow zur8xaUygR|5<8BqJ{6L!Uxo4!zWp?1bG2}~yFI@cfvDSFZd9GR?_C+%&(J|JiV%x{ zEX9|A8QqB-C;AR=DMWWV4Lj`mEkzoxe%T6n&ivsxIuCZaNew{0cR$4wl*)Xit*9R{ zC_MMwx9zEpGwRod;_MBID)+1}re*h9vc%nrOaX?*e|!eGKD|Nlx4m{iW<~ke!M%Py ztEY{cDBd69!4X0LUwKjIroiu!hXRAJ7->9R(g-6GcSlz~9TaD%OlxA%c%8Z0=4|?P zo!{Y$FTDTlNiE_(4-qFZ^CVouk%w$UlXRRvpKZ>Rt>X7;MEp}dGtOO$<}y8OO8BzN zP(?UgMIW_scYmR2sYkUnAxAmr3O;Y;{#)2Jbl8tsgnU8;2YK^X;2C1KAqGyv=e4E0 z)(+keY@Lf#M(4G|T7Q{)qoIl&W&ABM$b*TPLq3@X(GarW3~Z3KJY>xH(wP)mKMRHk zpK^j|l)&Dz;;ps{1qfXO`xx|K+t0N|-ngT^JeQ6aCG^+q9ajY)@rBBY7@wCM>x1h_ zT(6xMHNJJM6543$W8sE~sWL;1q(Ok&=bo(WeYUC180u6d$~!^o$6`S2Fa?eW%j6L` z=4ycYE-vgEK8Xkmg*-wJVM;X4huX=XS{l-4G;}4o(8rXTgYw%ANDqJZ8&g1s`xHQD z<$5NR^8tJI>;Vt7_)+Cjp(nQFcr^~O*Hwj?JFD#>lMa1OB%_6vSbom#u(GKU-!^^u z?gZcV(0p{@m%H_IX1Yw)MJ7K`E)OyDuT47fYo}z zw0^0&1GVXyy1V|RAvV-|pS#W*x_sRY3JK~njd603qD7wT9b9q^HNmu%4ZPY%jttT@ zjvSY+uQzF541*X%A3!9(9$ctDbc_?o=YmrSKnlh?#Uj8jJO~1zyI{q_57KmSvg~jQ zSow>UB{xeJTaP|qqQid|Vp#|DSJxCoaGk-}We`Es0_TJ*%-CYg17s4}LmQOk-DJo9 zY|Uxmc7451penNS=X0p%)YaSjjqFn<8VVSLnJN4{D3_qCzS&Q!3~AoqE|`;C=d+cO zdm{-hpJBy^PVli0Y;~Dl{vhTs?7X`rC~=q^fxPT*2SEYJ_J~aCO=ozFGYDuYVXqce z-jb%LmiQVhz_$T*Gh5>pCD`oaO}<|D-8p+he4cw3sMJy2lr)FY)q$b5jvIjLl=H6HvD@$KOzrd3<65|VsH1lrK&Q#Y5M zeCyagd_*M$fBI!F;L(XnsM zL^gT;I+1zB=mAY)a5m;z1uKq*8Z7-6vD3@y&R&C{!FjCk=rRmVDJ(@MD5Kq0R&|3% zUd!%vk$0eEeny-7@;%$1YU1Vo)7jHN`In{c%!O;0b8YF#2|NE=?hq{V?XhIn*9oUO zpm^^Eli!1XO|Xe->+M2TM@&w6>|CVxpQs;nb(rA7X#MYm;7w8z z!*xvY-9ITT#OE@g6D!+W`uD(F&$iX%Em?shB?YUDD?N2E3l;Be;ZtXOY6J?w)0_b_$oFz? z-sW4zF=P!DF$)<8@Ys2==2(Q+7s zC2nJ6gUjOwR{};3%$DIK7F*R_*IIJfJH2RdhG3e*5kvG{ee#nnZNomIy-ypYB57Hw7dMa zD|)VBB0L#PtMq|{TJyxG4#)qQ8y&;vRShz_Q}xo?%MV0|Gm=^yJxVKjwE&bNBJX+t z%*Ol&r?nuKJ=h_1oaFgzc8>Hi8Zr~c(((O`|NV2&g(E66;pwH*XW3L2GhG>kfAsiN z+Ve8cgJZeV#Qez;xN2x?lm$bgVj$j9w5COFw`A9q|D%rZYy0u{rRRH?=cU`eD#MU& zHdmP_FDKo_)Ym6u6QA7@1EJ@U-h@F?+VEAG=Vh2~XPogFz@Y2B`$*Tw9H(gF_as5P zsi$XD7S$;CeL_VGb$yL>`juDS^jvPD_v=YQSNqfD+ST(5%TeNjV=E}2!*lKHV+TJ5 z@AYkK>+Ph7mG$nI*>Rlb)mvB7#y8cT9pFRn-Y&62g{Et=uWS(3uR&B(ACbv^qsE&j-Oj-|I=<;cub;I3ZC^| zbqcW(apzWQTEC^svj$kC2job=&vJbSVLg=357tR78iydzMe8)79om~kgu0h0u%qMq zs}Wz(X|g0c{EuU7ZP8SivIdH>s|lpnH&aN- z8Fr_3Nk{dX#3dO-GKB`a_vxdY6vR$cAy3R^IE#@YZ;0S$HKceLk6mjDr;>+i-js?_? z1CDhqp`vHa_lpTOlXs=s^f$Ujqlh+P2FmXRQ5Jh+V4^I~iDem*y&UR8vh?$ZZ-{*-7{`R{Z)x4ckq-%K`xEXGBhu6@i zE#I$9{`ZG1zO$6Rx8>sEkMk&ePyWt5-_JAlbeX3!fBq^y{i%xYX~CewRqyjgn0K01 zRDK6e`1L%*|2}s&)m6jFSq5yB$9ZoN@(uyXil#p ziIoC8L3l$Qeg+dWv%T<$Oc2p}dhX6fD}5ZHa&0MW$0~Q6PP?zSX1%kJ6|V1pcHrv1 zZO_nhiO2&7JQ?VDO{zJ@J?5#0d8tkFJlz&E$LSk+9H2`LR_$_x<}#mGq`gfaKX3J- zyVdm;2YJ=<_V_(hioL|*Zf3rRb_=wt_32aheIIgY>}B+D?xuP@50hcved_C>2e9FD z73li;4k_E|lLj$MGo}7C-|_Vl5lR?CAmEBJTM!-M&0T6_#^_#a@^tp~0Qd&#d*%e& zy^gy=Dm0Xh{y_QM3}O~adre0RQCLiLuO-w1COi$=$A2BD;Q#2Gi|K0QCFvlbcXL)A zS{-??$oP0utjptM()iovi&S!glzR6o(>m)&wn~r{))R=EvF-`6 zepq4iCs|ft-JykL7D&hvr~6i>;z%!Gl)aNH{I2Pb7gjVu@EkKbjI^AC_Mq&vOh}$nB;rq8&aXc%!Bo|D%^e+GKS81hQ zzb^3-g)3YZ4PY2sM~tvGsl4IB0tHNm$hkg3o4xK^)g?u9zK5=qqDukPPy-eFo2e6^ zEW6>yZ4vNs9GB(D)EKS|#!nW$SWK?9?&4yQ2~lj4Cn~NSJ9b|IWA2XncLzPu&SRna z5#l5m0V;*uyP?k*5;%5^Bp83Ch}3H_m&*feOJ;d~W=HBYH|AP%4A-pa&98hWWkBI{ zdg&{tKrvxRc9Fm$P-2y@qGS@Yr^t<-T?=*k;&>8&7>N^l?0y8zqij|DIVEjY&Cc6A z2D9Rq`10Vuj(G8|lc%;F*z98Z2-b9umwmHd`mRHBluFf-d66?C%IbZ8B6F<*8~B~M zwas@Rj(W}2k)1`^6RgI1Ei1oJWFV{kl}Cp-lDD2q0(mN=(!V1=ydzN z587d4KeH{`3e@I?qx_{*h}lV+Bj=W}!5H&NFLt`?nrel(MzK zzirBN(b8Gc1$S8e79NDMx?8WdWrvRoImnPP*V!e*g$7Q(swsDlsS{`a4O~ZF!e$-w z!p;e-*d>p|agMG2*VYez_%*C;T$EnRLQ@}?d`t{Vc6WDBmQ>8LvC$uA`Z4kEi)*3)|E5xs-dMp7WCl_5#}YnC|>(vszaraSfCa37b{Txd%cNfzb^f)ueSyD)kd}#gxDo zfnk7C*<&EEM-$f;`C&``$6ywb%x9pu%B)|WW0zVrQ0$`s#%;7fMcWvp@78D%VFbO* zB|V{8C~XF&L9St}D%1kg3APny9;G8Ekd+@n)rEAOf+dE3WArb6s*pAEP9|W%rPieN z0D`4?=)DtqL<-e0joX;q^7l}FWmHjSyrn_<^T9Q29+<-M<0RYajmrHhHyYgJ3N-0y zO!uJlPwU#YOvU&YmB;bv`~fQs+Q>6R>omRbfYW7erjF@vkOLNz(8l>qS`7j+iiYCLG)z}Pa} zP0bAjIrlJOD%mx?`6xbu*m*MfMNo$vI5Zjo+Pb*nG`r)qL*t^&xXpe#fjMP=CPHXj zY4?q5ITOrMKQ**9;UZ~z55Vn`#?X@{s~*4*=n22lJZSBP%c;gzJs!KoflGxeWfVV? zYAPKdeYQ8_^X)z`&Cn61n;|FPFxY^qwtAnsc*PdzW$2_<=izBYvR9=?*YQ0edcf82 zX1EKBULk)-jBqPEQ*A#ED1y+J5-TvMTg#gJZvB*N^9=>n(t z_%(BI_c3w%U`XVr7?Tw$U42f6vBSWzm;}t1+YibpE?x?Je&^P^KsOx{NlO4=(i)kZ z^#`fL$_Eavew}JjBLOv9QQD7P^&QmU`plZ~9{DD34>BH2(dd~Ih!@TdjfACTd3wI2sda32wGp5ecQ zwb4an9&2wHu!%+9z7@Txtb(scIz|?3Rkp7Ny;!jBLtyLzqhvEhqWE`FSaJB>=- z9U6R!PAF$yN*~`4T_sZQ=+oi6Gdt!mHnUiRE5zXU1Cvp)R-FBkjraPz$Bxk9di;@+ zmLe@vzB#B1rJ3E{{7!#Vvl6Z{&J7^jdL-Ma5{x{ zzKLdO85SUY0*aOt2ZY}gB0sf9&2)`aTgaK*wxJ{a=m4;_G~8ms!iezJdFKj=($!0~ z=|r}X&>m!%ri_X}VZLk!!EpV?OmrQ7US9f`5fK)1v4u?*#FS$p)&5>|k;5Mp?XbZ; z9Y;A{lqS@D>gai9LNw!uS3z97ncRMd$Zs2LCctHm)YsYn1QN06+;$UuSLJVL`mYRQ zeT{xs_`Ch01`pG{?~Wtj5Ejkqu;%u9(K{X-%4f=3+Lxi;4UeKLJ+SAs6(PN z1}S&Yw)Bz!c$CD4LdbYUz5x)ETlaiXTNE85uB34eRqSIUsY66S>0|= z<#MW(nx&h;G)CNq*6IdnP|(&A*ihl&J5a(5tsZk@u`WMx$?{p{)kGg!qV0|OjYJ@< zK+^;_5eqFv73|Ei&ZxkVeoDE)b)nbyM~&rsu}z@&Kd!**q+tDvGs|~G+p3nz%hIP7+Pa4v>Ih`TSgp4J6$xKhd ztC%=7(UvNS-j5E@Qk(=JO*^5+gEI$&j;>jjSnc&^V>8Rpn;M3d^ETbBkOopZxC1h; zyt&O7lfa7_-*}FdljY5|&X)JfnQ1U8@WAoXnhOHCmbKhw*e8$XS03V#>vGtWdb9&> zxPPM!M3pkR!MQUsu(8^&O@k=9^qEPF47l2uR9g&ntHA<>PJY>jc>TV9Tc=^g9At&C z@cvWN8h>9$ZudeYXO6=vqRA$|t(n1HcPc#ND4w3Ug6_iCR$rS_i4c8_B$H75U{^id zsRY3N{5(02zukA#yplpg>K78U(o*1*d#xOuAjFd$9-bPTqNB}@lKM{G(y+9@-yGU{ zt_Ny##MHGL_+}711t3o3%80kLD7UF@$|A}rMFv`@P;jS_PGi;GzR`F07+NY?$x@`_ znNet6o;))`I9nA`C#VonG|>E%(hx?p1%PLr!@L~cC7wdxXCd+Ql;Wt!Z_}&={bg`# zQUkWosxjc;37Enh@5wP&a!n%(PxT@gx=c=-9t-MT;Z+mnodL33>Xtm9Q1m3OKo7~Q ziqyX^@h5n^cV&*w7PMm6(Zm9XMdv!s2&<&pFW$hKgFH9b_bRLl#Owz!9?kW6IBqxn zusVo})ce6>pP%I3=)Br$q$-15P?ufS4OOB-6Xnx;)zH_k{t8p<9w^DzyOFd4Aa_Qc ze5os`H$mq)tOgy^4q#KUI3WAuQX1GCqPj9#r5 zi#-duMp17Rm7+RWj-2zr`41e(=Z647BWifN>tkmk58SB`dzaf)UK^}+wog93m&Mg! zvbbE41w1Ow}m(bhJ8lf20g3AS;16eU47}12sc{CQAAZ=3r&=6)% z5}Ie9@0(N!m{qJI^YGyuMP<94l_ay4$#By<4h_U$6oQx5*&H`H3L)RjlL{0&A7GVnr*R?%0zlx!ZADb* z*aJ6N8$FbP|4bBlYr$A%h*rED98lcDKB>^>xZEQhpUhNjIpThCcykjw?f=vZu@!?F zou;2FB_ZO3m*TI3Jj)!yhmg~bKRKGy$F7n|GJ=`&!QECL)Tb1`_B86g3MuHVE`+IH z2fuhnWjC=<(3nB|2zN~6mYSHOR@1{myX9PX^3o zRezf&OTU6Nkz1OXAu|a3EqEC$zey*TIqBYl@2Wiqp3z)B<;*7c zQWLfG&!9=5ucV3$jr$1;v?D16Hd`$EM(C(-fYzb@%( z)vJwy9GD%xED?N-;qt#6;7=Vn#vYBtTUTv;1Oh$}ceWGP18)Q}${g8w-T+%)H<^@^ z86I4O;r4Vi7Yp3BE6MC&X@2!luInyKvcA{8S)7`s57I|pFH8JiI~}q%!v=w;Y}H&` z|KJJ`stm3+L?ox*TF;+BC#nWX5Q$UE_cl~l&a5jZsP~*D zq#Kq>z1SOIE87{3UE&k{X3a#VgYR>#y?%m*fg_tO=Dq3WKJ;~WHxpl1<*f>$9Y4%O zFvZy>fI!X~Pt34>s=BDY5hL4$rpvfj-D^?gX@OIA_T5A$DJBaGw(TF@5<7ui>fU08 zSvR+w(`~oIeW6sy5C?rF)a``=t4$SFf?KM{Wut80$D4E~_laDhg|>E4T|R8H$p@ZAeeu4-{Y zRF599;!uB=`8KNqSpZ*046Rnd`QSE4>kI|&oiDv3A6N`{8-l3)(M0;kr79Dp06Us_ zwDd{c!z0kvfA7;*;#6CFJrWJIf^sh*_*5MY;;RV~t`0^a{|DCN+}ogh0Uk{5!1)ex z-4$s8dD2Zv`5kj%Vd+A0)I09+Gk$x@<`IF?$Nl~N;IfL<9mU?-TZu5RP8{2&HT-`b z`LCZZBrCRO9b*rVRuy0HEm7^dFV=dlccSK!zb`xbVQS0)VgI$4DLXYDk_4J^1i(at zif7eMliURvzD@5z-#51B-_{P}$xS47VhX3tq^SHkh zAN4syv>VMBnO=V}cwQqs`Pp?u^kpETXsh`4^nF4Zu5T#S%J~ z0=086-%_G!>*SR({^U_N{=x=;iXG!%+t757U!kS=q)I+_$vLc=U&O0xCkLkBTYLV$S{e;S-4P|?re`gPmB`sz+6x1fDG z?pn+0^MihSPS$M$%st#R>Bu*pp4kovuyp_?bgF>ZeJH@34a~Rg{xDM}O)0k^R_>Y2 z8-$tGv^bT7ln=Fhu8k4wFLf6{2Eh!-H$6!6&*KBh$9Dr#yQxkif&(C$O`u~I@8Rpx zJk$4{LAG9SnbnR(YDqdFFLC*h0t<9%Yrl;|)DFgxHE*1MNdYckP977$w|`L3#eP|? zZ&W)0du>>siI8JBjV(3*d(QdbZi1vK^qMEa&nwM0&MPUi6h;cDfm+v`gPz(})K}GX zHns+qsDZ)PPe~(DfERQ&b_P;wfJxWF)*oi8v%x^R8H(Crg=6GpENSR2&5xxzfPA3H zIqOvU`UL$xl3w*ohvf=rTxX*sG?E6=wIGP#&UF?5w?j9Ahr&xWPDfW+auTe|-Y5%j ze#>69lfHLqTvTFzU=;O3tU4paF7H4QGW2us4_GV0M@M8Hq9yuE1-bbAuJM|=ZLo5* z{PU!I12&Osxo$E_GBJSyv4-eq7{iM%J4%4ryF108x~L+jGp8}3KrIMnGXK!kVO}6Y zm!!HqXvrL)6ppT8wjNFaVZ1F#w#v-AS+LXdnOsw)mDk`kuT1# z64lZbCt4Bg!2(R0%PY)RGECLjio|{)tOW_>Y9)MS=le(J%1p`AVP}F-d1A_{KLT<6 zLx}DbNH_P##y`(R* zF+VG%r5i0hPHjZZqE?ZRP|=ihc5#pp-{QIE>9e657ej>QRpy6zgsKaPLqpY7o>Pm% z1t{>sIJco%P?(YXsNOQE~#;=42by4@(p{4KUlO17Sc)TZC3|RuL8S*3{H= zG*(0;gfZ_04thIf+<`c85Z@l#H9R;@Sr)bdLX^QwJlm5xoqk4P6kunQGLF&|WX{Cg z69T5U)pcqK%3pEOH{1{FQy2CiiWle-9x5HCvdy|j5)S@-7pg@BEkik-+fTxJrzB+~ zX{u_kV<9Tee{9V;zb->xvMTs&G|xxLI1Ey0YZV3*bWxWlP7yRznOsf9j0y)oeB&pc zkIiUK5JP6|E9T;9Ybzq7rNQY4@wl4dUk=(ey(TePF0G-*Zs%l70loU60MMa?+Wfhu zgQH6Uau{G)pRoq~DhN5Qk3Y(x!vXU1=HLU;Z9xB*T^7XOaAVAAf9yTdg=m7`*}}m5 zDbJxn6oQ!b$aX;l^h|>XL5Az77h&cTUc6M-n-MV;dV?O`3E^S8`l&VBLb1T~Lm+`d z^uvyNxDcJ+Q4ax!v2uP&bD%C#oMj15AclHbzIn3p+o|I4#et#V+n)ph9*PAb>GM&QkQkv?Z=o6ARCe=<86t0HnLhYl!| z{6tUCrv$~U&>TC4+PostMjqHyNFzOSj?D`6hX}hyQdU0*T`Q)!Q;csp%b}B(pf~^g zD?R286C$N(Qe$F+Wj9|q7!-9jml%+~gbW+dH7I&#JN&i?s3#4JCrFz=?=~)hLmFke zLT!PaZ#iQ}8WYSp(K*ph1~lL`e`B$QNf?IUENZQ9U%>($!2h zaeKE4lx3g47L*aw;lSBSfe|7gM$AAQAW#gz&AU{J-3OY$%R10tKv>W`!fV6dLVPs# z-zpS5GEYYs&WH^DzbfP}f@Hadm#5*t%Qp_X)RqOJbNH~JnO$y)A`z_pb>)as?y$0I zQJA+SP6e_Nkm3w^NTiMGg;a0pLo%TqK+s3MIFiiBsrG&BqD2-m5=m{^k(xyStr%$1=bo9+gv{vAtn{cTcGb-<(u zRz7(MXyHt9SloSBgF6o&WSXw7Z2x%@JjVo8=1^Un|E;xt`e(v)JXIj@LKmyDf*wC8 z9QO~ynx4EF=(KcD13!C*g8+CUo_<>S6pUr8KV2878A6k1K06IXS3yg;Ib0Zox}}$> zrmecv5Q*UR=oweDVz>HKC5P+hdRX@SB=Qk$Q*CL^4|?VTm0cHUXqa5t3}^)SXj_6n z!&?eL&&d-no_lH^JVhdcGm*s!K|7SODcsZjyW@ z^hFnp-XMOH2C|O#_7|MHj{3vabwKK~3!d0nUfZsR^OVS(Y^cI7+ zz?UDW8aa;&u14YL_zZ{b9mV6Eg&U+BSCZrB(b43Uw$a`$=lp4v&l@5u{gy0!&IvS) zcvY^u?TK8@HWZxU^j0L|y6wSuj}&dY6WjV1|fAvO~WgK9%cmLKrv4SJbe zuZN|a63thN=?)rqRXq%X2p#J03uS7w7gRM=@lX+0uu%I|0TvC98q%}4NT20@9hpov zqzx55S!qD>w`n>l#p}{YO~^{n-cTnG%;Uph!3G^OM9F`)$)kJ&y3LfnC%e2&2uW+u zYfsA8iobb3OTV?9Eya^6LFY$pSnIPfnzV9Q5PURJP%^cI;Rzf|Ue3`8pdXH)OlhjO z|K%_=^a&Ea-645yk%3F)N8E`Z=R=uW-%5dnUeOkQs-{TkW65TDfK1#D%EBdN?J|9W z58C|4c-&@P0}kj;N)t?DD58zTZZF^YxRpC1KhxiiCIcrgrN62~l_dqAFK__9Jo5?T zc6*y^r7Dc&oct&}1nh4_mIg2vV>RIcq_%EsUZ8P#R1auXD9i2&h27EuIzne_)mb1F zff!mf{QfGfb916ewVy(vrbQJxvmZm!trEyV!`-|v{;~Z^EHhR3qx{bbrDKRyj}(maMe$SJn;+g@y=!3(TaW>Mw#{oC}Q5UVhwG`NH)q8LuKJO_)KvW#VOM4);OU zVrWZ+RMG{VZdQz$g~3O;zwOF)d;b+7ze{Y+vS;J(u^uT4|Gj*8_4i<1X-L%J5Q49# zy${mxHjv+xmseZomPBe@ttL6Ghb~=r7gtv1ELp`@k<^t}L&dQK94YmiEWwvO?Bx~~ z-`QK+t->i?_%vA-vlb;26Po>~Fj;{zs3$A)G)hdyoay}aY_<{%A4we=hf1hGQPV~z zsX{5&s6A5DCy}Jm%ULxp8Cgy^8(2N~cGpV-9wII%?*xM{-SG4Zgaa{WhGcEe8DEi z2s}6m$U9(vem1~Efpb|QElZRM1&ortAuY!RnUB1JzQG{!I@&0hY+($;A426(mC{Jz zyk9~3{vVnax)5@JG%qQC9lyPd>j zCb#2j|H}3=N^!bBLBYXb6IG_Dw(@NY2u!S>jf;JM&pdFr+hdrzii$@`J zQ}9Mw`Yc2*JDW&RGGeJfq)se}5i}KwP8G>h|4Q~Y%bN`4PdjHKJ9+0{8hg{v<8T!e z>}8Q`#MUtrB}ojqOsZX#ZMpT;{@+@&`}1U374mOKFVIJmi|~KF`^^O9qLEU$Da&cA zFr=u;W+OB?OVtdlL(F_Q1Z1fRfLvgtZjL5lFKHMq4;?RT!h8p?0YlVoaE! zkeJ~+v@I~>AdenmLD$Xfk(~4Xt#=4czh3Q8CwAi4Fg^gE`}S{UjKp4BC$Bdt_CXhckNI>{OL zL?t#aqo7OaTBYU{^vGCaj=%HCR|=oNOfG+@s3o(-@MEes9+qa8VVsSleK2l;DSZ)*Aeg;|A1M3cIXJh0$ zk2ECYp3bjA+jaQ;%sfG;*yoCjm=7uEdM*Xl-$xr_7k?)REp8&q!*vl8ZKa7v32$3g zXn>YMaey!x9)<}l^Dic}tQs%Q2R#@X{{t5h85S-b3D*|8NXs}LrD8OczcdpfDjg&| zr-bEALdM6*M?uD1neC{+-&0ynmE^C3yMwtTf)+;io&OY`jNCgI6N7*l5g8K^#Y3q6 zD+xyP6!Mu=G&ScCTvXF03JV9iH8}-iw@UTG#)iAA(;VZ6eW+`BN)p+8DFj%7^W3$3 z@R%e+;o=ms;!l13h57*=0%cwc2b9N?mBjN;SyWCy#yK5|#vt~)wpsC-Md<{ZAh#O#qEPh80Hmd@$_Z{_qZsElvq&~)XDOvlRWrA9qYpAV?V%yqR1r`u`Rnl z{}+~`pAJ%7bU$0MiGZpszhV|etmnqN%jL@W4p)}U6%kK%6EtdZ6)m!~R4+T4KudwM z?bCEcQGmPjwD+pWq11_INw4hYtH( zT0SzJ8V#d%u-TfnNpXxRVQ> z@)hI}5`qeHQCKc$Q>H8V&wp(%j#nMf<$b6h;9I@)n^~I6yN4>#XDg*(T>Ie!uMQvG zpzs|T{C2K^>x>tDp7vUZ8|{aK!GqR8ayi&nDVqU~>64(2vIyqZX<}fUQej`sO4~$G zVwldd8?9ZUvyqr<5U27Id3-ZSHA6f@>Nl!xW8Jl=KEPJ$h2vt3`XtGk@G5=TiG6A&$*t}yO|9V!8{ z`eFx-G34bc?f@R&)jzAJpcQDKpq!rOFRI~Rm_z<+$sCRgL+*kEYs~2X1j7wH@<;rc z@?j9q(kP=K9mqmrC_l4Z4kt8^F&lFmCkewqMs|Y~sWjslBRjQh(r0MMtznD-bNy;g zb6$-!@d46raLWPc)b2w;@65MKj86Dtc8_xfBlbdd(VUPFihOX91j(ZlQ%H)=a`z zcFB336i>4~fw5g+x7r$>NlhZD?v(vi42#gvoq=%=eP z`9hc+*n!C}?AhK7^Ao9dOKUcxnvb4+c}$%ZgSiY)gr;KB_+!Y;?Sh%E@8h0qorW`H zW~U2M`EbA+!rWNJ+Mg?y@x<16Fmgm1 zSFfA|g~MS1s=a>BEG%Uf&~)%V@}hb8Gn$+lA%BT5QCWK`;KVa8r91mn4Voe2m=@NRWTm8MCFIud;V7Kng$6_k zuWP6_DtQ3Tav82n3@_~mF_|a(Q%=_|5k5*?6PjXrlTL)ry=%{7kL5W3WB}IvmDdqfGkVAs*yzuk!#pR_*k;!F4bA&_R zR~B2shw^tx)*KfVm!4ag5*-nhR0*WYd}mf@Oi~qle3V|BP#^-QvkDVKlT&gF@=_C1 z>v%wEjpoLe4XS{$@~fy7snwGU!lL+s1~pJ-Q2e+=oz(@^94MjS(+tmecX~*^L@RI1 zENz_h5`v;*1p+AITrQ~Eb(HkTT9FO`4s?$|xu)tIUi# zUcm91wY_C=r9;qc9W^VWO5g$A27bk32nm$ZP4Gqi6$xcbgYZuH}w1TSqjGUtC!lHVS(QoC~M@L1)X69#Q=XQ<} zE>(Yiey#|13V`Ca^~atIF78Dd-l}X$I}?+dk(rTR)G)LN>}XAlPE5`&FUd&{j|y+n z5XPRUs7i_!q{|0vAq(->t9F-ofFE+65nL@knbRLpJYy%kyk=HzsRpTb&tP6pju>vS zyQo{w^EI$IyM|f^cZKs#S8xv=Ys=%BybgVJde6qJ;S(96P8GC!wv)amiAM+J62t<^ z_HvA0tJ=X4-<(45$ze(^Q#-#f5f?FVAenzKi=V<=B4#II3%Lw9m*1}ua?hp8pdc0v zpD&Y60M)LY$cf{~Esowc-tIhUVlF#v7^-%c8@^Awq#g+lrJl+Y9m?PaRmtE=oR-m` zXqFN#;tK9fa-|^k$*|r-*}@CyeJA6&Oq+j4P;8(glRl7oN^E)Etz2;<}~pI9HySIGgzDB zs41o5qX~@DpxX;mcuDSIVq#)qVq$&`Z-GOA9_x&l+D~N-Qm8V$6)MC)QwkR~_n8-D z!(1AZ!(y?hOo>Kk2kOH#E~ZggA{Cr?-~&1dt_b1LPL0i3;8GZ_r5O>AHOSx&&%zep zx!f>&y*}f-Mx%$y#<8?$vRc9EPMcmcy5Jyu`pKDDJ=B?Q!x)Fb9At>bbuO!Za#Cw` z0T}`Gg4LiLVo@0^wnPhdoz_Jemq{I@@y7K~auPnfR>@?rX!Ieq9xk8ZcG_mulLol( zB4N{NhFA>Q0$fZUSmJg=A?#aJ@;J;vDo?6_0RrepYtS!D%$q>y9;->tp;Ni4aavJKqsZ>`=;t&uNZ~mQ(_?ecHn)9ILSsp$XVeNA zYmi3ch~~g?I9&%^M{unzQ_2|=$VL#HYe^{|U$lFT<6;JjMH}SGrpy zN->?r9ulZ$muBY7gnMabN@sF>=~#Q{m#TIrze`wBBpVo;YogCh!hVgWbN4 zJ=PBHYd>kE6`AYN&KfjJ@W#@Q>$*_VXyaDGi^t=0qhY`Rfc9MT%=+Rn2tUvPKz)#o=-a3(A_=&G13)5N{NyN*Q_XDug`T!FmNFD;y!QzmkFhJ*$k4T zY8T}Nl_`Ly%f{Ndt(>yDX=pO+{P^HyMNyK%6b6UVj&ccF1y3h4iv+Y27#7$AfjC`; zrc6q%6y)66p<m%PuUfe?i?y3*FSTU08`! z7lI25Mcld2lG2r6NJ2t9XXbw8CRQOul5ieBp7(2J?wyz5$$h?<#^69E^A)k26z?X# zvWcMDzwPhZ!w-dOck(3tQt}(wlk>PV)^83^w)i9n4-B?Hz$^R+A%qa(pEUdjBrl{K zaB(~VRF`#?10Z=>EhIY|AwAtZnN0s;Mj-bx)&OW|gZ*FgHyn6TLiZ=lu z$CE9sJcP}k5#tO?=joEgktn3pSzI$GVZv4KnbvdLR>pyCC@A~Xj&$E`$PVluFmz^&QY_)hf`Ca z!~nj=shzit1;XO&(*=U)gRgb>dpsCMxrBirn( z)Y3AN_G@ueUCWGZ>(-3~GO@fzF)y}_jbmmk$8K5FjmysbuYbEltMrl+LI@#V6sh*- zQ*UrCEw0&I27zHBPc>xi$X7qE<02LI@$m3(*+zu{I%u5JCtc n#Nr~=E`$(52qDB`Ga5etu*2orp*1~f00000NkvXXu0mjf?jx^p literal 0 HcmV?d00001 diff --git a/windows/deployment/update/media-dynamic-update.md b/windows/deployment/update/media-dynamic-update.md new file mode 100644 index 0000000000..6f79f71c7e --- /dev/null +++ b/windows/deployment/update/media-dynamic-update.md @@ -0,0 +1,453 @@ +--- +title: Update Windows 10 media with Dynamic Update +description: Learn how to deploy feature updates to your mission critical devices +ms.prod: w10 +ms.mktglfcycl: manage +audience: itpro +itproauthor: jaimeo +author: SteveDiAcetis +ms.localizationpriority: medium +ms.author: jaimeo +ms.reviewer: +manager: laurawi +ms.collection: M365-modern-desktop +ms.topic: article +--- + +# Update Windows 10 media with Dynamic Update + +**Applies to**: Windows 10 + +This topic explains how to acquire and apply Dynamic Update packages to existing Windows 10 images prior to deployment and includes Windows PowerShell scripts you can use to automate this process. + +Volume-licensed media is available for each release of Windows 10 in the Volume Licensing Service Center (VLSC) and other relevant channels such as Windows Update for Business, Windows Server Update Services (WSUS), and Visual Studio Subscriptions. You can use Dynamic Update to ensure that Windows 10 devices have the latest feature update packages as part of an in-place upgrade while preserving language pack and Features on Demand (FODs) that might have been previously installed. Dynamic Update also eliminates the need to install a separate quality update as part of the in-place upgrade process. + +## Dynamic Update + +Whenever installation of a feature update starts (whether from media or an environment connected to Windows Update), *Dynamic Update* is one of the first steps. Windows 10 Setup contacts a Microsoft endpoint to fetch Dynamic Update packages, and then applies those updates to your operating system installation media. The update packages includes the following kinds of updates: + +- Updates to Setup.exe binaries or other files that Setup uses for feature updates +- Updates for the "safe operating system" (SafeOS) that is used for the Windows recovery environment +- Updates to the servicing stack necessary to complete the feature update (see [Servicing stack updates](servicing-stack-updates.md) for more information) +- The latest cumulative (quality) update +- Updates to applicable drivers already published by manufacturers specifically intended for Dynamic Update + +Dynamic Update preserves language pack and Features on Demand packages by reacquiring them. + +Devices must be able to connect to the internet to obtain Dynamic Updates. In some environments, it's not an option to obtain Dynamic Updates. You can still do a media-based feature update by acquiring Dynamic Update packages and applying it to the image prior to starting Setup on the device. + +## Acquire Dynamic Update packages + +You can obtain Dynamic Update packages from the [Microsoft Update Catalog](https://www.catalog.update.microsoft.com/Home.aspx). At that site, use the search bar in the upper right to find the Dynamic Update packages for a particular release. For example, you could enter *1809 Dynamic Update x64*, which would return results like this: + +![Table with columns labeled Title, Products, Classification, Last Updated, Version, and Size and four rows listing various dynamic updates and associated KB articles](images/update-catalog.png) + +The various Dynamic Update packages might not all be present in the results from a single search, so you might have to search with different keywords to find all of the s. And you'll need to check various parts of the results to be sure you've identified the needed files. This table shows in bold the key items to search for or look for in the results. For example, to find the relevant "Setup Dynamic Update," you'll have to check the detailed description for the download by selecting the link in the **Title** column of the search results. + + +|To find this Dynamic Update packages, search for or check the results here--> |Title |Product |Description (select the **Title** link to see **Details**) | +|---------|---------|---------|---------| +|Safe OS Dynamic Update | 2019-08 Dynamic Update... | Windows 10 Dynamic Update,Windows **Safe OS Dynamic Update** | ComponentUpdate: | +|Setup Dynamic Update | 2019-08 Dynamic Update... | Windows 10 Dynamic Update | **SetupUpdate** | +|Latest cumulative update | 2019-08 **Cumulative Update for Windows 10** | Windows 10 | Install this update to resolve issues in Windows... | +|Servicing stack Dynamic Update | 2019-09 **Servicing Stack Update for Windows 10** | Windows 10... | Install this update to resolve issues in Windows... | + +If you want to customize the image with additional languages or Features on Demand, download supplemental media ISO files from the [Volume Licensing Service Center](https://www.microsoft.com/licensing/servicecenter/default.aspx). For example, since Dynamic Update will be disabled for your devices, and if users require specific Features on Demand, you can preinstall these into the image. + +## Update Windows 10 installation media + +Properly updating the installation media involves a large number of actions operating on several different targets (image files). Some actions are repeated on different targets. The target images files include: + +- Windows Preinstallation Environment (WinPE): a small operating system used to install, deploy, and repair Windows operating systems +- Windows Recovery Environment (WinRE): repairs common causes of unbootable operating systems. WinRE is based on WinPE and can be customized with additional drivers, languages, optional packages, and other troubleshooting or diagnostic tools. +- Windows operating system: one or more editions of Windows 10 stored in \sources\install.wim +- Windows installation media: the complete collection of files and folders in the Windows 10 installation media. For example, \sources folder, \boot folder, Setup.exe, and so on. + +This table shows the correct sequence for applying the various tasks to the files. For example, the full sequence starts with adding the servicing stack update to WinRE (1) and concludes with adding the Dynamic Update for Setup to the new media (26). + +|Task |WinRE (winre.wim) |WinPE (boot.wim) |Operating system (install.wim) | New media | +|---------|---------|---------|---------|------| +|Add servicing stack Dynamic Update | 1 | 9 | 18 | +|Add language pack | 2 | 10 | 19 | +|Add localized optional packages | 3 | 11 | | +|Add font support | 4 | 12 | | +|Add text-to-speech | 5 | 13 | | +|Update Lang.ini | | 14 | | +|Add Features on Demand | | | 20 | +|Add Safe OS Dynamic Update | 6 | | | +|Add Setup Dynamic Update | | | | 26 +|Add latest cumulative update | | 15 | 21 | +|Clean up the image | 7 | 16 | 22 | +|Add Optional Components | | | 23 | +|Add .Net and .Net cumulative updates | | | 24 | +|Export image | 8 | 17 | 25 | + +### Multiple Windows editions + +The main operating system file (install.wim) contains multiple editions of Windows 10. It’s possible that only an update for a given edition is required to deploy it, based on the index. Or, it might be that all editions need an update. Further, ensure that languages are installed before Features on Demand, and the latest cumulative update is always applied last. + +### Additional languages and features + +You don't have to add more languages and features to the image to accomplish the updates, but it's an opportunity to customize the image with more languages, Optional Components, and Features on Demand beyond what is in your starting image. To do this, it's important to make these changes in the correct order: first apply servicing stack updates, followed by language additions, then by feature additions, and finally the latest cumulative update. The provided sample script installs a second language (in this case Japanese (ja-JP)). Since this language is backed by an lp.cab, there's no need to add a Language Experience Pack. Japanese is added to both the main operating system and to the recovery environment to allow the user to see the recovery screens in Japanese. This includes adding localized versions of the packages currently installed in the recovery image. + +Optional Components, along with the .Net feature, can be installed offline, however doing so creates pending operations that require the device to restart. As a result, the call to perform image cleanup would fail. There are two options to avoid this. One option is to skip the image cleanup step, though that will result in a larger install.wim. Another option is to install the .Net and Optional Components in a step after cleanup but before export. This is the option in the sample script. By doing this, you will have to start with the original install.wim (with no pending actions) when you maintain or update the image the next time (for example, the next month). + +## Windows PowerShell scripts to apply Dynamic Updates to an existing image + +These examples are for illustration only, and therefore lack error handling. The script assumes that the following packages is stored locally in this folder structure: + + +|Folder |Description | +|---------|---------| +|C:\mediaRefresh | Parent folder that contains the PowerShell script | +|C:\mediaRefresh\oldMedia | Folder that contains the original media that will be refreshed. For example, contains Setup.exe, and \sources folder. | +|C:\mediaRefresh\newMedia | Folder that will contain the updated media. It is copied from \oldMedia, then used as the target for all update and cleanup operations. | + +### Get started + +The script starts by declaring global variables and creating folders to use for mounting images. Then, make a copy of the original media, from \oldMedia to \newMedia, keeping the original media in case there is a script error and it's necessary to start over from a known state. Also, it will provide a comparison of old versus new media to evaluate changes. To ensure that the new media updates, make sure they are not read-only. + +``` +function Get-TS { return "{0:HH:mm:ss}" -f (Get-Date) } + +Write-Host "$(Get-TS): Starting media refresh" + +# Declare media for FOD and LPs +$FOD_ISO_PATH = "C:\mediaRefresh\packages\FOD-PACKAGES_OEM_PT1_amd64fre_MULTI.iso" +$LP_ISO_PATH = "C:\mediaRefresh\packages\CLIENTLANGPACKDVD_OEM_MULTI.iso" + +# Declare language for showcasing adding optional localized components +$LANG = "ja-jp" +$LANG_FONT_CAPABILITY = "jpan" + +# Declare Dynamic Update packages +$LCU_PATH = “C:\mediaRefresh\packages\LCU.msu” +$SSU_PATH = “C:\mediaRefresh\packages\SSU_DU.msu” +$SETUP_DU_PATH = "C:\mediaRefresh\packages\Setup_DU.cab" +$SAFE_OS_DU_PATH = “C:\mediaRefresh\packages\SafeOS_DU.cab” +$DOTNET_CU_PATH = "C:\mediaRefresh\packages\DotNet_CU.msu” + +# Declare folders for mounted images and temp files +$WORKING_PATH = "C:\mediaRefresh\temp" +$MEDIA_OLD_PATH = "C:\mediaRefresh\oldMedia" +$MEDIA_NEW_PATH = "C:\mediaRefresh\newMedia" +$MAIN_OS_MOUNT = $WORKING_PATH + "\MainOSMount” +$WINRE_MOUNT = $WORKING_PATH + "\WinREMount” +$WINPE_MOUNT = $WORKING_PATH + "\WinPEMount” + +# Mount the language pack ISO +Write-Host "$(Get-TS): Mounting LP ISO" +$LP_ISO_DRIVE_LETTER = (Mount-DiskImage -ImagePath $LP_ISO_PATH -ErrorAction stop | Get-Volume).DriveLetter + +# Declare language related cabs +$WINPE_OC_PATH = Join-Path $LP_ISO_DRIVE_LETTER":" -ChildPath "Windows Preinstallation Environment" | Join-Path -ChildPath "x64" | Join-Path -ChildPath "WinPE_OCs" +$WINPE_OC_LANG_PATH = Join-Path $WINPE_OC_PATH $LANG +$WINPE_OC_LANG_CABS = Get-ChildItem $WINPE_OC_LANG_PATH -name +$WINPE_OC_LP_PATH = Join-Path $WINPE_OC_LANG_PATH "lp.cab" +$WINPE_FONT_SUPPORT_PATH = Join-Path $WINPE_OC_PATH "WinPE-FontSupport-$LANG.cab" +$WINPE_SPEECH_TTS_PATH = Join-Path $WINPE_OC_PATH "WinPE-Speech-TTS.cab" +$WINPE_SPEECH_TTS_LANG_PATH = Join-Path $WINPE_OC_PATH "WinPE-Speech-TTS-$LANG.cab" +$OS_LP_PATH = $LP_ISO_DRIVE_LETTER + ":\x64\langpacks\" + "Microsoft-Windows-Client-Language-Pack_x64_" + $LANG + ".cab" + +# Mount the Features on Demand ISO +Write-Host "$(Get-TS): Mounting FOD ISO" +$FOD_ISO_DRIVE_LETTER = (Mount-DiskImage -ImagePath $FOD_ISO_PATH -ErrorAction stop | Get-Volume).DriveLetter +$FOD_PATH = $FOD_ISO_DRIVE_LETTER + ":\" + +# Create folders for mounting images and storing temporary files +New-Item -ItemType directory -Path $WORKING_PATH -ErrorAction Stop | Out-Null +New-Item -ItemType directory -Path $MAIN_OS_MOUNT -ErrorAction stop | Out-Null +New-Item -ItemType directory -Path $WINRE_MOUNT -ErrorAction stop | Out-Null +New-Item -ItemType directory -Path $WINPE_MOUNT -ErrorAction stop | Out-Null + +# Keep the original media, make a copy of it for the new, updateed media. +Write-Host "$(Get-TS): Copying original media to new media path" +Copy-Item -Path $MEDIA_OLD_PATH“\*” -Destination $MEDIA_NEW_PATH -Force -Recurse -ErrorAction stop | Out-Null +Get-ChildItem -Path $MEDIA_NEW_PATH -Recurse | Where-Object { -not $_.PSIsContainer -and $_.IsReadOnly } | ForEach-Object { $_.IsReadOnly = $false } +``` +### Update WinRE + +The script assumes that only a single edition is being updated, indicated by Index = 1 (Windows 10 Education Edition). Then the script mounts the image, saves Winre.wim to the working folder, and mounts it. It then applies servicing stack Dynamic Update, since its s are used for updating other s. Since the script is optionally adding Japanese, it adds the language pack to the image, and installs the Japanese versions of all optional packages already installed in Winre.wim. Then, it applies the Safe OS Dynamic Update package. + +It finishes by cleaning and exporting the image to reduce the image size. + +> [!NOTE] +> Skip adding the latest cumulative update to Winre.wim because it contains unnecessary s in the recovery environment. The s that are updated and applicable are contained in the safe operating system Dynamic Update package. This also helps to keep the image small. + +``` +# Mount the main operating system, used throughout the script +Write-Host "$(Get-TS): Mounting main OS" +Mount-WindowsImage -ImagePath $MEDIA_NEW_PATH"\sources\install.wim” -Index 1 -Path $MAIN_OS_MOUNT -ErrorAction stop| Out-Null + +# +# update Windows Recovery Environment (WinRE) +# +Copy-Item -Path $MAIN_OS_MOUNT"\windows\system32\recovery\winre.wim” -Destination $WORKING_PATH"\winre.wim” -Force -Recurse -ErrorAction stop | Out-Null +Write-Host "$(Get-TS): Mounting WinRE" +Mount-WindowsImage -ImagePath $WORKING_PATH"\winre.wim” -Index 1 -Path $WINRE_MOUNT -ErrorAction stop | Out-Null + +# Add servicing stack update +Write-Host "$(Get-TS): Adding package $SSU_PATH" +Add-WindowsPackage -Path $WINRE_MOUNT -PackagePath $SSU_PATH -ErrorAction stop | Out-Null + +# +# Optional: Add the language to recovery environment +# +# Install lp.cab cab +Write-Host "$(Get-TS): Adding package $WINPE_OC_LP_PATH" +Add-WindowsPackage -Path $WINRE_MOUNT -PackagePath $WINPE_OC_LP_PATH -ErrorAction stop | Out-Null + +# Install language cabs for each optional package installed +$WINRE_INSTALLED_OC = Get-WindowsPackage -Path $WINRE_MOUNT +Foreach ($PACKAGE in $WINRE_INSTALLED_OC) { + + if ( ($PACKAGE.PackageState -eq "Installed") ` + -and ($PACKAGE.PackageName.startsWith("WinPE-")) ` + -and ($PACKAGE.ReleaseType -eq "FeaturePack") ) { + + $INDEX = $PACKAGE.PackageName.IndexOf("-Package") + if ($INDEX -ge 0) { + $OC_CAB = $PACKAGE.PackageName.Substring(0, $INDEX) + "_" + $LANG + ".cab" + if ($WINPE_OC_LANG_CABS.Contains($OC_CAB)) { + $OC_CAB_PATH = Join-Path $WINPE_OC_LANG_PATH $OC_CAB + Write-Host "$(Get-TS): Adding package $OC_CAB_PATH" + Add-WindowsPackage -Path $WINRE_MOUNT -PackagePath $OC_CAB_PATH -ErrorAction stop | Out-Null + } + } + } +} + +# Add font support for the new language +if ( (Test-Path -Path $WINPE_FONT_SUPPORT_PATH) ) { + Write-Host "$(Get-TS): Adding package $WINPE_FONT_SUPPORT_PATH" + Add-WindowsPackage -Path $WINRE_MOUNT -PackagePath $WINPE_FONT_SUPPORT_PATH -ErrorAction stop | Out-Null +} + +# Add TTS support for the new language +if (Test-Path -Path $WINPE_SPEECH_TTS_PATH) { + if ( (Test-Path -Path $WINPE_SPEECH_TTS_LANG_PATH) ) { + + Write-Host "$(Get-TS): Adding package $WINPE_SPEECH_TTS_PATH" + Add-WindowsPackage -Path $WINRE_MOUNT -PackagePath $WINPE_SPEECH_TTS_PATH -ErrorAction stop | Out-Null + + Write-Host "$(Get-TS): Adding package $WINPE_SPEECH_TTS_LANG_PATH" + Add-WindowsPackage -Path $WINRE_MOUNT -PackagePath $WINPE_SPEECH_TTS_LANG_PATH -ErrorAction stop | Out-Null + } +} + +# Add Safe OS +Write-Host "$(Get-TS): Adding package $SAFE_OS_DU_PATH" +Add-WindowsPackage -Path $WINRE_MOUNT -PackagePath $SAFE_OS_DU_PATH -ErrorAction stop | Out-Null + +# Perform image cleanup +Write-Host "$(Get-TS): Performing image cleanup on WinRE" +DISM /image:$WINRE_MOUNT /cleanup-image /StartComponentCleanup | Out-Null + +# Dismount +Dismount-WindowsImage -Path $WINRE_MOUNT -Save -ErrorAction stop | Out-Null + +# Export +Write-Host "$(Get-TS): Exporting image to $WORKING_PATH\winre2.wim” +Export-WindowsImage -SourceImagePath $WORKING_PATH"\winre.wim” -SourceIndex 1 -DestinationImagePath $WORKING_PATH"\winre2.wim” -ErrorAction stop | Out-Null +Move-Item -Path $WORKING_PATH"\winre2.wim” -Destination $WORKING_PATH"\winre.wim” -Force -ErrorAction stop | Out-Null +``` +### Update WinPE + +This script is similar to the one that updates WinRE, but instead it mounts Boot.wim, applies the packages with the latest cumulative update last, and saves. It repeats this for all images inside of Boot.wim, typically two images. It starts by applying the servicing stack Dynamic Update. Since the script is customizing this media with Japanese, it installs the language pack from the WinPE folder on the language pack ISO. Additionally, add font support and text to speech (TTS) support. Since the script is adding a new language, it rebuilds lang.ini, used to identify languages installed in the image. Finally, it cleans and exports Boot.wim, and copies it back to the new media. + +``` +# +# update Windows Preinstallation Environment (WinPE) +# + +# Get the list of images contained within WinPE +$WINPE_IMAGES = Get-WindowsImage -ImagePath $MEDIA_NEW_PATH“\sources\boot.wim” + +Foreach ($IMAGE in $WINPE_IMAGES) { + + # update WinPE + Write-Host "$(Get-TS): Mounting WinPE" + Mount-WindowsImage -ImagePath $MEDIA_NEW_PATH“\sources\boot.wim” -Index $IMAGE.ImageIndex -Path $WINPE_MOUNT -ErrorAction stop | Out-Null + + # Add SSU + Write-Host "$(Get-TS): Adding package $SSU_PATH" + Add-WindowsPackage -Path $WINPE_MOUNT -PackagePath $SSU_PATH -ErrorAction stop | Out-Null + + # Install lp.cab cab + Write-Host "$(Get-TS): Adding package $WINPE_OC_LP_PATH" + Add-WindowsPackage -Path $WINPE_MOUNT -PackagePath $WINPE_OC_LP_PATH -ErrorAction stop | Out-Null + + # Install language cabs for each optional package installed + $WINPE_INSTALLED_OC = Get-WindowsPackage -Path $WINPE_MOUNT + Foreach ($PACKAGE in $WINPE_INSTALLED_OC) { + + if ( ($PACKAGE.PackageState -eq "Installed") ` + -and ($PACKAGE.PackageName.startsWith("WinPE-")) ` + -and ($PACKAGE.ReleaseType -eq "FeaturePack") ) { + + $INDEX = $PACKAGE.PackageName.IndexOf("-Package") + if ($INDEX -ge 0) { + + $OC_CAB = $PACKAGE.PackageName.Substring(0, $INDEX) + "_" + $LANG + ".cab" + if ($WINPE_OC_LANG_CABS.Contains($OC_CAB)) { + $OC_CAB_PATH = Join-Path $WINPE_OC_LANG_PATH $OC_CAB + Write-Host "$(Get-TS): Adding package $OC_CAB_PATH" + Add-WindowsPackage -Path $WINPE_MOUNT -PackagePath $OC_CAB_PATH -ErrorAction stop | Out-Null + } + } + } + } + + # Add font support for the new language + if ( (Test-Path -Path $WINPE_FONT_SUPPORT_PATH) ) { + Write-Host "$(Get-TS): Adding package $WINPE_FONT_SUPPORT_PATH" + Add-WindowsPackage -Path $WINPE_MOUNT -PackagePath $WINPE_FONT_SUPPORT_PATH -ErrorAction stop | Out-Null + } + + # Add TTS support for the new language + if (Test-Path -Path $WINPE_SPEECH_TTS_PATH) { + if ( (Test-Path -Path $WINPE_SPEECH_TTS_LANG_PATH) ) { + + Write-Host "$(Get-TS): Adding package $WINPE_SPEECH_TTS_PATH" + Add-WindowsPackage -Path $WINPE_MOUNT -PackagePath $WINPE_SPEECH_TTS_PATH -ErrorAction stop | Out-Null + + Write-Host "$(Get-TS): Adding package $WINPE_SPEECH_TTS_LANG_PATH" + Add-WindowsPackage -Path $WINPE_MOUNT -PackagePath $WINPE_SPEECH_TTS_LANG_PATH -ErrorAction stop | Out-Null + } + } + + # Generates a new Lang.ini file which is used to define the language packs inside the image + if ( (Test-Path -Path $WINPE_MOUNT"\sources\lang.ini") ) { + Write-Host "$(Get-TS): Updating lang.ini" + DISM /image:$WINPE_MOUNT /Gen-LangINI /distribution:$WINPE_MOUNT | Out-Null + } + + # Add latest cumulative update + Write-Host "$(Get-TS): Adding package $LCU_PATH" + Add-WindowsPackage -Path $WINPE_MOUNT -PackagePath $LCU_PATH -ErrorAction stop | Out-Null + + # Perform image cleanup + Write-Host "$(Get-TS): Performing image cleanup on WinPE" + DISM /image:$WINPE_MOUNT /cleanup-image /StartComponentCleanup | Out-Null + + # Dismount + Dismount-WindowsImage -Path $WINPE_MOUNT -Save -ErrorAction stop | Out-Null + + #Export WinPE + Write-Host "$(Get-TS): Exporting image to $WORKING_PATH\boot2.wim” + Export-WindowsImage -SourceImagePath $MEDIA_NEW_PATH“\sources\boot.wim” -SourceIndex $IMAGE.ImageIndex -DestinationImagePath $WORKING_PATH"\boot2.wim" -ErrorAction stop | Out-Null + +} + +Move-Item -Path $WORKING_PATH"\boot2.wim" -Destination $MEDIA_NEW_PATH“\sources\boot.wim” -Force -ErrorAction stop | Out-Null +``` +### Update the main operating system + +For this next phase, there is no need to mount the main operating system, since it was already mounted in the previous scripts. This script starts by applying the servicing stack Dynamic Update. Then, it adds Japanese language support and then the Japanese language features. Unlike the Dynamic Update packages, it leverages `Add-WindowsCapability` to add these features. For a full list of such features, and their associated capability name, see [Available Features on Demand](https://docs.microsoft.com/windows-hardware/manufacture/desktop/features-on-demand-non-language-fod). + +Now is the time to enable other Optional Components or add other Features on Demand. If such a feature has an associated cumulative update (for example, .Net), this is the time to apply those. The script then proceeds with applying the latest cumulative update. Finally, the script cleans and exports the image. + +You can install Optional Components, along with the .Net feature, offline, but that will require the device to be restarted. This is why the script installs .Net and Optional Components after cleanup and before export. + +``` +# +# update Main OS +# + +# Add servicing stack update +Write-Host "$(Get-TS): Adding package $SSU_PATH" +Add-WindowsPackage -Path $MAIN_OS_MOUNT -PackagePath $SSU_PATH -ErrorAction stop | Out-Null + +# Optional: Add language to main OS +Write-Host "$(Get-TS): Adding package $OS_LP_PATH" +Add-WindowsPackage -Path $MAIN_OS_MOUNT -PackagePath $OS_LP_PATH -ErrorAction stop | Out-Null + +# Optional: Add a Features on Demand to the image +Write-Host "$(Get-TS): Adding language FOD: Language.Fonts.Jpan~~~und-JPAN~0.0.1.0" +Add-WindowsCapability -Name "Language.Fonts.$LANG_FONT_CAPABILITY~~~und-$LANG_FONT_CAPABILITY~0.0.1.0" -Path $MAIN_OS_MOUNT -Source $FOD_PATH -ErrorAction stop | Out-Null + +Write-Host "$(Get-TS): Adding language FOD: Language.Basic~~~$LANG~0.0.1.0" +Add-WindowsCapability -Name "Language.Basic~~~$LANG~0.0.1.0" -Path $MAIN_OS_MOUNT -Source $FOD_PATH -ErrorAction stop | Out-Null + +Write-Host "$(Get-TS): Adding language FOD: Language.OCR~~~$LANG~0.0.1.0" +Add-WindowsCapability -Name "Language.OCR~~~$LANG~0.0.1.0" -Path $MAIN_OS_MOUNT -Source $FOD_PATH -ErrorAction stop | Out-Null + +Write-Host "$(Get-TS): Adding language FOD: Language.Handwriting~~~$LANG~0.0.1.0" +Add-WindowsCapability -Name "Language.Handwriting~~~$LANG~0.0.1.0" -Path $MAIN_OS_MOUNT -Source $FOD_PATH -ErrorAction stop | Out-Null + +Write-Host "$(Get-TS): Adding language FOD: Language.TextToSpeech~~~$LANG~0.0.1.0" +Add-WindowsCapability -Name "Language.TextToSpeech~~~$LANG~0.0.1.0" -Path $MAIN_OS_MOUNT -Source $FOD_PATH -ErrorAction stop | Out-Null + +Write-Host "$(Get-TS): Adding language FOD:Language.Speech~~~$LANG~0.0.1.0" +Add-WindowsCapability -Name "Language.Speech~~~$LANG~0.0.1.0" -Path $MAIN_OS_MOUNT -Source $FOD_PATH -ErrorAction stop | Out-Null + +# Note: If I wanted to enable additional Features on Demand, I'd add these here. + +# Add latest cumulative update +Write-Host "$(Get-TS): Adding package $LCU_PATH" +Add-WindowsPackage -Path $MAIN_OS_MOUNT -PackagePath $LCU_PATH -ErrorAction stop | Out-Null + +# Copy our updated recovery image from earlier into the main OS +# Note: If I were updating more than 1 edition, I'd want to copy the same recovery image file +# into each edition to enable single instancing +Copy-Item -Path $WORKING_PATH"\winre.wim” -Destination $MAIN_OS_MOUNT"\windows\system32\recovery\winre.wim” -Force -Recurse -ErrorAction stop | Out-Null + +# Perform image cleanup +Write-Host "$(Get-TS): Performing image cleanup on main OS" +DISM /image:$MAIN_OS_MOUNT /cleanup-image /StartComponentCleanup | Out-Null + +# +# Note: If I wanted to enable additional Optional Components, I'd add these here. +# In addition, we'll add .Net 3.5 here as well. Both .Net and Optional Components might require +# the image to be booted, and thus if we tried to cleanup after installation, it would fail. +# + +Write-Host "$(Get-TS): Adding NetFX3~~~~" +Add-WindowsCapability -Name "NetFX3~~~~" -Path $MAIN_OS_MOUNT -Source $FOD_PATH -ErrorAction stop | Out-Null + +# Add .Net Cumulative Update +Write-Host "$(Get-TS): Adding package $DOTNET_CU_PATH" +Add-WindowsPackage -Path $MAIN_OS_MOUNT -PackagePath $DOTNET_CU_PATH -ErrorAction stop | Out-Null + +# Dismount +Dismount-WindowsImage -Path $MAIN_OS_MOUNT -Save -ErrorAction stop | Out-Null + +# Export +Write-Host "$(Get-TS): Exporting image to $WORKING_PATH\install2.wim” +Export-WindowsImage -SourceImagePath $MEDIA_NEW_PATH“\sources\install.wim” -SourceIndex 1 -DestinationImagePath $WORKING_PATH"\install2.wim” -ErrorAction stop | Out-Null +Move-Item -Path $WORKING_PATH"\install2.wim” -Destination $MEDIA_NEW_PATH“\sources\install.wim” -Force -ErrorAction stop | Out-Null +``` + +### Update remaining media files + +This part of the script updates the Setup files. It simply copies the individual files in the Setup Dynamic Update package to the new media. This step brings an updated Setup.exe as needed, along with the latest compatibility database, and replacement component manifests. + +``` +# +# update remaining files on media +# + +# Add Setup DU by copy the files from the package into the newMedia +Write-Host "$(Get-TS): Adding package $SETUP_DU_PATH" +cmd.exe /c $env:SystemRoot\System32\expand.exe $SETUP_DU_PATH -F:* $MEDIA_NEW_PATH"\sources" | Out-Null +``` +### Finish up + +As a last step, the script removes the working folder of temporary files, and unmounts our language pack and Features on Demand ISOs. + +``` +# +# Perform final cleanup +# + +# Remove our working folder +Remove-Item -Path $WORKING_PATH -Recurse -Force -ErrorAction stop | Out-Null + +# Dismount ISO images +Write-Host "$(Get-TS): Dismounting ISO images" +Dismount-DiskImage -ImagePath $LP_ISO_PATH -ErrorAction stop | Out-Null +Dismount-DiskImage -ImagePath $FOD_ISO_PATH -ErrorAction stop | Out-Null + +Write-Host "$(Get-TS): Media refresh completed!" +``` + diff --git a/windows/deployment/update/waas-wufb-group-policy.md b/windows/deployment/update/waas-wufb-group-policy.md index 5119f6f5be..e571a94f62 100644 --- a/windows/deployment/update/waas-wufb-group-policy.md +++ b/windows/deployment/update/waas-wufb-group-policy.md @@ -23,7 +23,7 @@ ms.topic: article ## Overview -You can use Group Policy through the Group Policy Management Console (GPMC) to control how Windows Update for Business works. You should consider and devise a deployment strategy for updates before you make changes to the Windows Update for Business settings. See +You can use Group Policy through the Group Policy Management Console (GPMC) to control how Windows Update for Business works. You should consider and devise a deployment strategy for updates before you make changes to the Windows Update for Business settings. See [Prepare servicing strategy for Windows 10 updates](waas-servicing-strategy-windows-10-updates.md) for more information. An IT administrator can set policies for Windows Update for Business by using Group Policy, or they can be set locally (per device). All of the relevant policies are under the path **Computer configuration > Administrative Templates > Windows Components > Windows Update**. @@ -42,10 +42,10 @@ Follow these steps on a device running the Remote Server Administration Tools or ### Set up a ring 1. Start Group Policy Management Console (gpmc.msc). -2. Expand **Forest > Domains > *\*. +2. Expand **Forest > Domains > *\**. 3. Right-click *\* and select **Create a GPO in this domain and link it here**. 4. In the **New GPO** dialog box, enter *Windows Update for Business - Group 1* as the name of the new Group Policy Object. -5. Right-click the **Windows Update for Business - Group 1" object, and then select **Edit**. +5. Right-click the **"Windows Update for Business - Group 1"** object, and then select **Edit**. 6. In the Group Policy Management Editor, go to **Computer Configuration > Policies > Administrative Templates > Windows Components > Windows Update**. You are now ready to start assigning policies to this ring (group) of devices. diff --git a/windows/release-information/resolved-issues-windows-10-1507.yml b/windows/release-information/resolved-issues-windows-10-1507.yml index 1469d2dcf0..1edda2c7ba 100644 --- a/windows/release-information/resolved-issues-windows-10-1507.yml +++ b/windows/release-information/resolved-issues-windows-10-1507.yml @@ -34,7 +34,6 @@ sections: -
SummaryOriginating updateStatusDate resolved
Intermittent issues when printing
The print spooler service may intermittently have issues completing a print job and results print job failure.

See details >		OS Build 10240.18334

September 23, 2019
KB4522009		Resolved
KB4520011		October 08, 2019
10:00 AM PT
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
Applications made using VB6, macros using VBA, and VBScript may stop responding and you may receive an error.

See details >		OS Build 10240.18305

August 13, 2019
KB4512497		Resolved
KB4517276		August 17, 2019
02:00 PM PT
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on MacOS when trying to access network shares via CIFS or SMBv1 on certain Windows devices.

See details >		OS Build 10240.18244

June 11, 2019
KB4503291		Resolved External
August 09, 2019
07:03 PM PT
" @@ -60,6 +59,5 @@ sections: text: " -
DetailsOriginating updateStatusHistory
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
After installing KB4512497, applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and scripts or apps using Visual Basic Scripting Edition (VBScript) may stop responding and you may receive an \"invalid procedure call error.\"

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4517276. This ‘optional’ update is available on Microsoft Update Catalog, Windows Update, Microsoft Update and Windows Server Update Services (WSUS). As with any 'optional' update, you will need to Check for updates to receive KB4517276 and install. For instructions, see Update Windows 10.

Note Windows Update for Business customers should apply the update via Microsoft Update Catalog or Windows Server Update Services (WSUS).

Back to top		OS Build 10240.18305

August 13, 2019
KB4512497		Resolved
KB4517276		Resolved:
August 17, 2019
02:00 PM PT

Opened:
August 14, 2019
03:34 PM PT
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on your Apple MacOS device when trying to access network shares via CIFS or SMBv1 on a Windows devices that has installed updates on June 11, 2019 (KB4503291) or later. When you encounter this issue, in MacOS you may receive the error, “There was a problem connecting to the server “{Server Host Name}”. Check the server name or IP address, and then try again. If you continue to have problems, contact your system administrator.”

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: For guidance on this issue, see the Apple support article If your Mac can't use NTLM to connect to a Windows server. There is no update for Windows needed for this issue.

Back to top		OS Build 10240.18244

June 11, 2019
KB4503291		Resolved External
Last updated:
August 09, 2019
07:03 PM PT

Opened:
August 09, 2019
04:25 PM PT
" diff --git a/windows/release-information/resolved-issues-windows-10-1607.yml b/windows/release-information/resolved-issues-windows-10-1607.yml index 829cea21b4..343f302b6c 100644 --- a/windows/release-information/resolved-issues-windows-10-1607.yml +++ b/windows/release-information/resolved-issues-windows-10-1607.yml @@ -40,7 +40,6 @@ sections:
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using PXE images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"

See details >		OS Build 14393.3025

June 11, 2019
KB4503267		Resolved
KB4512495		August 17, 2019
02:00 PM PT
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
Applications made using VB6, macros using VBA, and VBScript may stop responding and you may receive an error.

See details >		OS Build 14393.3144

August 13, 2019
KB4512517		Resolved
KB4512495		August 17, 2019
02:00 PM PT
Internet Explorer 11 and apps using the WebBrowser control may fail to render
JavaScript may fail to render as expected in IE11 and in apps using JavaScript or the WebBrowser control.

See details >		OS Build 14393.3085

July 09, 2019
KB4507460		Resolved
KB4512517		August 13, 2019
10:00 AM PT
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on MacOS when trying to access network shares via CIFS or SMBv1 on certain Windows devices.

See details >		OS Build 14393.3025

June 11, 2019
KB4503267		Resolved External
August 09, 2019
07:03 PM PT
" @@ -68,7 +67,6 @@ sections: -
DetailsOriginating updateStatusHistory
Apps and scripts using the NetQueryDisplayInformation API may fail with error
 Applications and scripts that call the NetQueryDisplayInformation API or the WinNT provider equivalent may fail to return results after the first page of data, often 50 or 100 entries. When requesting additional pages you may receive the error, “1359: an internal error occurred.”

Affected platforms:
  • Server: Windows Server 2019; Windows Server 2016
Resolution: This issue was resolved in KB4516044.

Back to top		OS Build 14393.3053

June 18, 2019
KB4503294		Resolved
KB4516044		Resolved:
September 10, 2019
10:00 AM PT

Opened:
August 01, 2019
05:00 PM PT
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
After installing KB4512517, applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and scripts or apps using Visual Basic Scripting Edition (VBScript) may stop responding and you may receive an \"invalid procedure call error.\"

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4512495. This ‘optional’ update is available on Microsoft Update Catalog, Windows Update, Microsoft Update and Windows Server Update Services (WSUS). As with any 'optional' update, you will need to Check for updates to receive KB4512495 and install. For instructions, see Update Windows 10.

Note Windows Update for Business customers should apply the update via Microsoft Update Catalog or Windows Server Update Services (WSUS).

Back to top		OS Build 14393.3144

August 13, 2019
KB4512517		Resolved
KB4512495		Resolved:
August 17, 2019
02:00 PM PT

Opened:
August 14, 2019
03:34 PM PT
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on your Apple MacOS device when trying to access network shares via CIFS or SMBv1 on a Windows devices that has installed updates on June 11, 2019 (KB4503267) or later. When you encounter this issue, in MacOS you may receive the error, “There was a problem connecting to the server “{Server Host Name}”. Check the server name or IP address, and then try again. If you continue to have problems, contact your system administrator.”

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: For guidance on this issue, see the Apple support article If your Mac can't use NTLM to connect to a Windows server. There is no update for Windows needed for this issue.

Back to top		OS Build 14393.3025

June 11, 2019
KB4503267		Resolved External
Last updated:
August 09, 2019
07:03 PM PT

Opened:
August 09, 2019
04:25 PM PT
" diff --git a/windows/release-information/resolved-issues-windows-10-1709.yml b/windows/release-information/resolved-issues-windows-10-1709.yml index 82bf0df89e..3141761298 100644 --- a/windows/release-information/resolved-issues-windows-10-1709.yml +++ b/windows/release-information/resolved-issues-windows-10-1709.yml @@ -38,7 +38,6 @@ sections:
Domain connected devices that use MIT Kerberos realms will not start up
Devices may not start after updating when connected to a domain that is configured to use MIT Kerberos realms.

See details >		OS Build 16299.1296

July 16, 2019
KB4507465		Resolved
KB4512516		August 13, 2019
10:00 AM PT
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using PXE images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"

See details >		OS Build 16299.1217

June 11, 2019
KB4503284		Resolved
KB4512494		August 16, 2019
02:00 PM PT
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
Applications made using VB6, macros using VBA, and VBScript may stop responding and you may receive an error.

See details >		OS Build 16299.1331

August 13, 2019
KB4512516		Resolved
KB4512494		August 16, 2019
02:00 PM PT
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on MacOS when trying to access network shares via CIFS or SMBv1 on certain Windows devices.

See details >		OS Build 16299.1217

June 11, 2019
KB4503284		Resolved External
August 09, 2019
07:03 PM PT
" @@ -74,7 +73,6 @@ sections: text: " -
DetailsOriginating updateStatusHistory
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
After installing KB4512516, applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and scripts or apps using Visual Basic Scripting Edition (VBScript) may stop responding and you may receive an \"invalid procedure call error.\"

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4512494. The ‘optional’ update will be available on Microsoft Update Catalog, Windows Update, Microsoft Update and Windows Server Update Services (WSUS). As with any 'optional' update, you will need to Check for updates to receive KB4512494 and install. For instructions, see Update Windows 10.

Note Windows Update for Business customers should apply the update via Microsoft Update Catalog or Windows Server Update Services (WSUS).

Back to top		OS Build 16299.1331

August 13, 2019
KB4512516		Resolved
KB4512494		Resolved:
August 16, 2019
02:00 PM PT

Opened:
August 14, 2019
03:34 PM PT
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on your Apple MacOS device when trying to access network shares via CIFS or SMBv1 on a Windows devices that has installed updates on June 11, 2019 (KB4503284) or later. When you encounter this issue, in MacOS you may receive the error, “There was a problem connecting to the server “{Server Host Name}”. Check the server name or IP address, and then try again. If you continue to have problems, contact your system administrator.”

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: For guidance on this issue, see the Apple support article If your Mac can't use NTLM to connect to a Windows server. There is no update for Windows needed for this issue.

Back to top		OS Build 16299.1217

June 11, 2019
KB4503284		Resolved External
Last updated:
August 09, 2019
07:03 PM PT

Opened:
August 09, 2019
04:25 PM PT
" diff --git a/windows/release-information/resolved-issues-windows-10-1803.yml b/windows/release-information/resolved-issues-windows-10-1803.yml index bdf3c62854..37a0f56eab 100644 --- a/windows/release-information/resolved-issues-windows-10-1803.yml +++ b/windows/release-information/resolved-issues-windows-10-1803.yml @@ -41,7 +41,6 @@ sections:
Notification issue: \"Your device is missing important security and quality fixes.\"
Some users may have incorrectly received the notification \"Your device is missing important security and quality fixes.\"

See details >N/A

Resolved
September 03, 2019
12:32 PM PT
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using PXE images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"

See details >OS Build 17134.829

June 11, 2019
KB4503286Resolved
KB4512509August 19, 2019
02:00 PM PT
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
Applications made using VB6, macros using VBA, and VBScript may stop responding and you may receive an error.

See details >OS Build 17134.950

August 13, 2019
KB4512501Resolved
KB4512509August 19, 2019
02:00 PM PT -
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on MacOS when trying to access network shares via CIFS or SMBv1 on certain Windows devices.

See details >OS Build 17134.829

June 11, 2019
KB4503286Resolved External
August 09, 2019
07:03 PM PT " @@ -79,7 +78,6 @@ sections: text: " -
DetailsOriginating updateStatusHistory
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
After installing KB4512501, applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and scripts or apps using Visual Basic Scripting Edition (VBScript) may stop responding and you may receive an \"invalid procedure call error.\"

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4512509. The ‘optional’ update will be available on Microsoft Update Catalog, Windows Update, Microsoft Update and Windows Server Update Services (WSUS). As with any 'optional' update, you will need to Check for updates to receive KB4512509 and install. For instructions, see Update Windows 10.

Note Windows Update for Business customers should apply the update via Microsoft Update Catalog or Windows Server Update Services (WSUS).

Back to top		OS Build 17134.950

August 13, 2019
KB4512501		Resolved
KB4512509		Resolved:
August 19, 2019
02:00 PM PT

Opened:
August 14, 2019
03:34 PM PT
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on your Apple MacOS device when trying to access network shares via CIFS or SMBv1 on a Windows devices that has installed updates on June 11, 2019 (KB4503286) or later. When you encounter this issue, in MacOS you may receive the error, “There was a problem connecting to the server “{Server Host Name}”. Check the server name or IP address, and then try again. If you continue to have problems, contact your system administrator.”

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: For guidance on this issue, see the Apple support article If your Mac can't use NTLM to connect to a Windows server. There is no update for Windows needed for this issue.

Back to top		OS Build 17134.829

June 11, 2019
KB4503286		Resolved External
Last updated:
August 09, 2019
07:03 PM PT

Opened:
August 09, 2019
04:25 PM PT
" diff --git a/windows/release-information/resolved-issues-windows-10-1809-and-windows-server-2019.yml b/windows/release-information/resolved-issues-windows-10-1809-and-windows-server-2019.yml index d113831f80..fe9b47b46b 100644 --- a/windows/release-information/resolved-issues-windows-10-1809-and-windows-server-2019.yml +++ b/windows/release-information/resolved-issues-windows-10-1809-and-windows-server-2019.yml @@ -42,7 +42,6 @@ sections:
Domain connected devices that use MIT Kerberos realms will not start up
Devices may not start after updating when connected to a domain that is configured to use MIT Kerberos realms.

See details >OS Build 17763.652

July 22, 2019
KB4505658Resolved
KB4511553August 13, 2019
10:00 AM PT
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using PXE images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"

See details >OS Build 17763.557

June 11, 2019
KB4503327Resolved
KB4512534August 17, 2019
02:00 PM PT
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
Applications made using VB6, macros using VBA, and VBScript may stop responding and you may receive an error.

See details >OS Build 17763.678

August 13, 2019
KB4511553Resolved
KB4512534August 17, 2019
02:00 PM PT -
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on MacOS when trying to access network shares via CIFS or SMBv1 on certain Windows devices.

See details >OS Build 17763.557

June 11, 2019
KB4503327Resolved External
August 09, 2019
07:03 PM PT " @@ -81,7 +80,6 @@ sections: -
DetailsOriginating updateStatusHistory
Apps and scripts using the NetQueryDisplayInformation API may fail with error
 Applications and scripts that call the NetQueryDisplayInformation API or the WinNT provider equivalent may fail to return results after the first page of data, often 50 or 100 entries. When requesting additional pages you may receive the error, “1359: an internal error occurred.”

Affected platforms:
  • Server: Windows Server 2019; Windows Server 2016
Resolution: This issue was resolved in KB4516077.

Back to top		OS Build 17763.55

October 09, 2018
KB4464330		Resolved
KB4516077		Resolved:
September 24, 2019
10:00 AM PT

Opened:
August 01, 2019
05:00 PM PT
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
After installing KB4511553, applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and scripts or apps using Visual Basic Scripting Edition (VBScript) may stop responding and you may receive an \"invalid procedure call error.\"

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4512534. This ‘optional’ update is available on Microsoft Update Catalog, Windows Update, Microsoft Update and Windows Server Update Services (WSUS). As with any 'optional' update, you will need to Check for updates to receive KB4512534 and install. For instructions, see Update Windows 10.

Note Windows Update for Business customers should apply the update via Microsoft Update Catalog or Windows Server Update Services (WSUS).

Back to top		OS Build 17763.678

August 13, 2019
KB4511553		Resolved
KB4512534		Resolved:
August 17, 2019
02:00 PM PT

Opened:
August 14, 2019
03:34 PM PT
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on your Apple MacOS device when trying to access network shares via CIFS or SMBv1 on a Windows devices that has installed updates on June 11, 2019 (KB4503327) or later. When you encounter this issue, in MacOS you may receive the error, “There was a problem connecting to the server “{Server Host Name}”. Check the server name or IP address, and then try again. If you continue to have problems, contact your system administrator.”

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: For guidance on this issue, see the Apple support article If your Mac can't use NTLM to connect to a Windows server. There is no update for Windows needed for this issue.

Back to top		OS Build 17763.557

June 11, 2019
KB4503327		Resolved External
Last updated:
August 09, 2019
07:03 PM PT

Opened:
August 09, 2019
04:25 PM PT
" diff --git a/windows/release-information/resolved-issues-windows-10-1903.yml b/windows/release-information/resolved-issues-windows-10-1903.yml index 0554cb4e28..a5729004b1 100644 --- a/windows/release-information/resolved-issues-windows-10-1903.yml +++ b/windows/release-information/resolved-issues-windows-10-1903.yml @@ -52,7 +52,6 @@ sections:
Initiating a Remote Desktop connection may result in black screen
When initiating a Remote Desktop connection to devices with some older GPU drivers, you may receive a black screen.

See details >OS Build 18362.145

May 29, 2019
KB4497935Resolved
KB4512941August 30, 2019
10:00 AM PT
Windows Sandbox may fail to start with error code “0x80070002”
Windows Sandbox may fail to start on devices in which the operating system language was changed between updates.

See details >OS Build 18362.116

May 21, 2019
KB4505057Resolved
KB4512941August 30, 2019
10:00 AM PT
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using PXE images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"

See details >OS Build 18362.175

June 11, 2019
KB4503293Resolved
KB4512941August 30, 2019
10:00 AM PT -
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on MacOS when trying to access network shares via CIFS or SMBv1 on certain Windows devices.

See details >OS Build 18362.175

June 11, 2019
KB4503293Resolved External
August 09, 2019
07:03 PM PT " @@ -95,7 +94,6 @@ sections: -
DetailsOriginating updateStatusHistory
Updates may fail to install and you may receive Error 0x80073701
Installation of updates may fail and you may receive the error message, \"Updates Failed, There were problems installing some updates, but we'll try again later\" or \"Error 0x80073701\" on the Windows Update dialog or within Update history.

Affected platforms:
  • Client: Windows 10, version 1903
  • Server: Windows Server, version 1903
Resolution: This issue has been resolved for most users. If you are still having issues, please see KB4528159.

Back to top		OS Build 18362.145

May 29, 2019
KB4497935		Resolved
Resolved:
November 12, 2019
08:11 AM PT

Opened:
August 16, 2019
01:41 PM PT
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
After installing KB4512508, applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and scripts or apps using Visual Basic Scripting Edition (VBScript) may stop responding and you may receive an \"invalid procedure call error.\"

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4512941. The ‘optional’ update is available on Microsoft Update Catalog, Windows Update, Microsoft Update and Windows Server Update Services (WSUS). As with any 'optional' update, you will need to Check for updates to receive KB4512941 and install. For instructions, see Update Windows 10.

Note Windows Update for Business customers should apply the update via Microsoft Update Catalog or Windows Server Update Services (WSUS).

Back to top		OS Build 18362.295

August 13, 2019
KB4512508		Resolved
KB4512941		Resolved:
August 30, 2019
10:00 AM PT

Opened:
August 14, 2019
03:34 PM PT
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on your Apple MacOS device when trying to access network shares via CIFS or SMBv1 on a Windows devices that has installed updates on June 11, 2019 (KB4503293) or later. When you encounter this issue, in MacOS you may receive the error, “There was a problem connecting to the server “{Server Host Name}”. Check the server name or IP address, and then try again. If you continue to have problems, contact your system administrator.”

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: For guidance on this issue, see the Apple support article If your Mac can't use NTLM to connect to a Windows server. There is no update for Windows needed for this issue.

Back to top		OS Build 18362.175

June 11, 2019
KB4503293		Resolved External
Last updated:
August 09, 2019
07:03 PM PT

Opened:
August 09, 2019
04:25 PM PT
" diff --git a/windows/release-information/resolved-issues-windows-7-and-windows-server-2008-r2-sp1.yml b/windows/release-information/resolved-issues-windows-7-and-windows-server-2008-r2-sp1.yml index bcbaa365e9..76a98fa268 100644 --- a/windows/release-information/resolved-issues-windows-7-and-windows-server-2008-r2-sp1.yml +++ b/windows/release-information/resolved-issues-windows-7-and-windows-server-2008-r2-sp1.yml @@ -40,7 +40,6 @@ sections:
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using PXE images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"

See details >June 11, 2019
KB4503292Resolved
KB4512514August 17, 2019
02:00 PM PT
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
Applications made using VB6, macros using VBA, and VBScript may stop responding and you may receive an error.

See details >August 13, 2019
KB4512506Resolved
KB4517297August 16, 2019
02:00 PM PT
System may be unresponsive after restart with certain McAfee antivirus products
Devices running certain McAfee Endpoint security applications may be slow or unresponsive at startup.

See details >April 09, 2019
KB4493472Resolved External
August 13, 2019
06:59 PM PT -
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on MacOS when trying to access network shares via CIFS or SMBv1 on certain Windows devices.

See details >June 11, 2019
KB4503292Resolved External
August 09, 2019
07:03 PM PT " @@ -86,7 +85,6 @@ sections: -
DetailsOriginating updateStatusHistory
Windows updates that are SHA-2 signed may not be offered for Symantec and Norton AV
Symantec identified the potential for a negative interaction that may occur after Windows Updates code signed with SHA-2 only certificates are installed on devices with Symantec or Norton antivirus programs installed. The software may not correctly identify files included in the update as code signed by Microsoft, putting the device at risk for a delayed or incomplete update.

Affected platforms:
  • Client: Windows 7 SP1
  • Server: Windows Server 2008 R2 SP1
Resolution: The safeguard hold has been removed. Symantec has completed its evaluation of the impact of this update and future updates to Windows 7/Windows 2008 R2 and has determined that there is no increased risk of a false positive detection for all in-field versions of Symantec Endpoint Protection and Norton antivirus programs. See the Symantec support article for additional detail and please reach out to Symantec or Norton support if you encounter any issues.

Back to top		August 13, 2019
KB4512506		Resolved External
Last updated:
August 27, 2019
02:29 PM PT

Opened:
August 13, 2019
10:05 AM PT
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
After installing KB4512506, applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and scripts or apps using Visual Basic Scripting Edition (VBScript) may stop responding and you may receive an \"invalid procedure call error.\"

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4517297. The ‘optional’ update is now available on Microsoft Update Catalog and Windows Server Update Services (WSUS).

Back to top		August 13, 2019
KB4512506		Resolved
KB4517297		Resolved:
August 16, 2019
02:00 PM PT

Opened:
August 14, 2019
03:34 PM PT
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on your Apple MacOS device when trying to access network shares via CIFS or SMBv1 on a Windows devices that has installed updates on June 11, 2019 (KB4503292) or later. When you encounter this issue, in MacOS you may receive the error, “There was a problem connecting to the server “{Server Host Name}”. Check the server name or IP address, and then try again. If you continue to have problems, contact your system administrator.”

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: For guidance on this issue, see the Apple support article If your Mac can't use NTLM to connect to a Windows server. There is no update for Windows needed for this issue.

Back to top		June 11, 2019
KB4503292		Resolved External
Last updated:
August 09, 2019
07:03 PM PT

Opened:
August 09, 2019
04:25 PM PT
" diff --git a/windows/release-information/resolved-issues-windows-8.1-and-windows-server-2012-r2.yml b/windows/release-information/resolved-issues-windows-8.1-and-windows-server-2012-r2.yml index d7ed2c1633..14837c1dae 100644 --- a/windows/release-information/resolved-issues-windows-8.1-and-windows-server-2012-r2.yml +++ b/windows/release-information/resolved-issues-windows-8.1-and-windows-server-2012-r2.yml @@ -38,7 +38,6 @@ sections:
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using PXE images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"

See details >June 11, 2019
KB4503276Resolved
KB4512478August 17, 2019
02:00 PM PT
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
Applications made using VB6, macros using VBA, and VBScript may stop responding and you may receive an error.

See details >August 13, 2019
KB4512488Resolved
KB4517298August 16, 2019
02:00 PM PT
System may be unresponsive after restart with certain McAfee antivirus products
Devices running certain McAfee Endpoint security applications may be slow or unresponsive at startup.

See details >April 09, 2019
KB4493446Resolved External
August 13, 2019
06:59 PM PT -
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on MacOS when trying to access network shares via CIFS or SMBv1 on certain Windows devices.

See details >June 11, 2019
KB4503276Resolved External
August 09, 2019
07:03 PM PT " @@ -74,7 +73,6 @@ sections: text: " -
DetailsOriginating updateStatusHistory
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
After installing KB4512488, applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and scripts or apps using Visual Basic Scripting Edition (VBScript) may stop responding and you may receive an \"invalid procedure call error.\"

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4517298. The ‘optional’ update is now available on Microsoft Update Catalog and Windows Server Update Services (WSUS).

Back to top		August 13, 2019
KB4512488		Resolved
KB4517298		Resolved:
August 16, 2019
02:00 PM PT

Opened:
August 14, 2019
03:34 PM PT
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on your Apple MacOS device when trying to access network shares via CIFS or SMBv1 on a Windows devices that has installed updates on June 11, 2019 (KB4503276) or later. When you encounter this issue, in MacOS you may receive the error, “There was a problem connecting to the server “{Server Host Name}”. Check the server name or IP address, and then try again. If you continue to have problems, contact your system administrator.”

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: For guidance on this issue, see the Apple support article If your Mac can't use NTLM to connect to a Windows server. There is no update for Windows needed for this issue.

Back to top		June 11, 2019
KB4503276		Resolved External
Last updated:
August 09, 2019
07:03 PM PT

Opened:
August 09, 2019
04:25 PM PT
" diff --git a/windows/release-information/resolved-issues-windows-server-2008-sp2.yml b/windows/release-information/resolved-issues-windows-server-2008-sp2.yml index 8f891fdf1a..475eb994f9 100644 --- a/windows/release-information/resolved-issues-windows-server-2008-sp2.yml +++ b/windows/release-information/resolved-issues-windows-server-2008-sp2.yml @@ -37,7 +37,6 @@ sections:
Intermittent issues when printing
The print spooler service may intermittently have issues completing a print job and results print job failure.

See details >September 24, 2019
KB4516030Resolved
KB4520002October 08, 2019
10:00 AM PT
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using PXE images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"

See details >June 11, 2019
KB4503273Resolved
KB4512499August 17, 2019
02:00 PM PT
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
Applications made using VB6, macros using VBA, and VBScript may stop responding and you may receive an error.

See details >August 13, 2019
KB4512476Resolved
KB4517301August 16, 2019
02:00 PM PT -
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on MacOS when trying to access network shares via CIFS or SMBv1 on certain Windows devices.

See details >June 11, 2019
KB4503273Resolved External
August 09, 2019
07:03 PM PT " @@ -73,7 +72,6 @@ sections: text: " -
DetailsOriginating updateStatusHistory
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
After installing KB4512476, applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and scripts or apps using Visual Basic Scripting Edition (VBScript) may stop responding and you may receive an \"invalid procedure call error.\"

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4517301. The ‘optional’ update is now available on Microsoft Update Catalog and Windows Server Update Services (WSUS).

Back to top		August 13, 2019
KB4512476		Resolved
KB4517301		Resolved:
August 16, 2019
02:00 PM PT

Opened:
August 14, 2019
03:34 PM PT
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on your Apple MacOS device when trying to access network shares via CIFS or SMBv1 on a Windows devices that has installed updates on June 11, 2019 (KB4503273) or later. When you encounter this issue, in MacOS you may receive the error, “There was a problem connecting to the server “{Server Host Name}”. Check the server name or IP address, and then try again. If you continue to have problems, contact your system administrator.”

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: For guidance on this issue, see the Apple support article If your Mac can't use NTLM to connect to a Windows server. There is no update for Windows needed for this issue.

Back to top		June 11, 2019
KB4503273		Resolved External
Last updated:
August 09, 2019
07:03 PM PT

Opened:
August 09, 2019
04:25 PM PT
" diff --git a/windows/release-information/resolved-issues-windows-server-2012.yml b/windows/release-information/resolved-issues-windows-server-2012.yml index c2bef06cf8..fe6611a3e4 100644 --- a/windows/release-information/resolved-issues-windows-server-2012.yml +++ b/windows/release-information/resolved-issues-windows-server-2012.yml @@ -36,7 +36,6 @@ sections:
Intermittent issues when printing
The print spooler service may intermittently have issues completing a print job and results print job failure.

See details >September 24, 2019
KB4516069Resolved
KB4520007October 08, 2019
10:00 AM PT
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using PXE images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"

See details >June 11, 2019
KB4503285Resolved
KB4512512August 17, 2019
02:00 PM PT
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
Applications made using VB6, macros using VBA, and VBScript may stop responding and you may receive an error.

See details >August 13, 2019
KB4512518Resolved
KB4517302August 16, 2019
02:00 PM PT -
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on MacOS when trying to access network shares via CIFS or SMBv1 on certain Windows devices.

See details >June 11, 2019
KB4503285Resolved External
August 09, 2019
07:03 PM PT " @@ -71,7 +70,6 @@ sections: text: " -
DetailsOriginating updateStatusHistory
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
After installing KB4512518, applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and scripts or apps using Visual Basic Scripting Edition (VBScript) may stop responding and you may receive an \"invalid procedure call error.\"

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4517302. The ‘optional’ update is now available on Microsoft Update Catalog and Windows Server Update Services (WSUS).

Back to top		August 13, 2019
KB4512518		Resolved
KB4517302		Resolved:
August 16, 2019
02:00 PM PT

Opened:
August 14, 2019
03:34 PM PT
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on your Apple MacOS device when trying to access network shares via CIFS or SMBv1 on a Windows devices that has installed updates on June 11, 2019 (KB4503285) or later. When you encounter this issue, in MacOS you may receive the error, “There was a problem connecting to the server “{Server Host Name}”. Check the server name or IP address, and then try again. If you continue to have problems, contact your system administrator.”

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: For guidance on this issue, see the Apple support article If your Mac can't use NTLM to connect to a Windows server. There is no update for Windows needed for this issue.

Back to top		June 11, 2019
KB4503285		Resolved External
Last updated:
August 09, 2019
07:03 PM PT

Opened:
August 09, 2019
04:25 PM PT
" diff --git a/windows/release-information/status-windows-10-1507.yml b/windows/release-information/status-windows-10-1507.yml index 9891ddf467..df76e08bd1 100644 --- a/windows/release-information/status-windows-10-1507.yml +++ b/windows/release-information/status-windows-10-1507.yml @@ -29,11 +29,11 @@ sections: columns: 3 items: - - href: https://www.microsoft.com/en-us/microsoft-365/blog/2020/01/14/windows-7-support-ends-today-and-windows-10-is-better-than-ever/ - html: Find out what you need to know > + - href: https://aka.ms/Windows7ESU + html: Stay protected with Extended Security Updates > image: - src: https://docs.microsoft.com/media/common/i_alert.svg - title: Windows 7 has reached end of support + src: https://docs.microsoft.com/media/common/i_subscription.svg + title: Still have devices running Windows 7 in your enterprise? - href: https://aka.ms/1909mechanics html: Explore the improvements > image: diff --git a/windows/release-information/status-windows-10-1607-and-windows-server-2016.yml b/windows/release-information/status-windows-10-1607-and-windows-server-2016.yml index 4a3d572494..349276ccd7 100644 --- a/windows/release-information/status-windows-10-1607-and-windows-server-2016.yml +++ b/windows/release-information/status-windows-10-1607-and-windows-server-2016.yml @@ -29,11 +29,11 @@ sections: columns: 3 items: - - href: https://www.microsoft.com/en-us/microsoft-365/blog/2020/01/14/windows-7-support-ends-today-and-windows-10-is-better-than-ever/ - html: Find out what you need to know > + - href: https://aka.ms/Windows7ESU + html: Stay protected with Extended Security Updates > image: - src: https://docs.microsoft.com/media/common/i_alert.svg - title: Windows 7 has reached end of support + src: https://docs.microsoft.com/media/common/i_subscription.svg + title: Still have devices running Windows 7 in your enterprise? - href: https://aka.ms/1909mechanics html: Explore the improvements > image: diff --git a/windows/release-information/status-windows-10-1709.yml b/windows/release-information/status-windows-10-1709.yml index 47169eb98d..68f5967f84 100644 --- a/windows/release-information/status-windows-10-1709.yml +++ b/windows/release-information/status-windows-10-1709.yml @@ -29,11 +29,11 @@ sections: columns: 3 items: - - href: https://www.microsoft.com/en-us/microsoft-365/blog/2020/01/14/windows-7-support-ends-today-and-windows-10-is-better-than-ever/ - html: Find out what you need to know > + - href: https://aka.ms/Windows7ESU + html: Stay protected with Extended Security Updates > image: - src: https://docs.microsoft.com/media/common/i_alert.svg - title: Windows 7 has reached end of support + src: https://docs.microsoft.com/media/common/i_subscription.svg + title: Still have devices running Windows 7 in your enterprise? - href: https://aka.ms/1909mechanics html: Explore the improvements > image: diff --git a/windows/release-information/status-windows-10-1803.yml b/windows/release-information/status-windows-10-1803.yml index 9f10885c6c..d5408f495b 100644 --- a/windows/release-information/status-windows-10-1803.yml +++ b/windows/release-information/status-windows-10-1803.yml @@ -33,11 +33,11 @@ sections: columns: 3 items: - - href: https://www.microsoft.com/en-us/microsoft-365/blog/2020/01/14/windows-7-support-ends-today-and-windows-10-is-better-than-ever/ - html: Find out what you need to know > + - href: https://aka.ms/Windows7ESU + html: Stay protected with Extended Security Updates > image: - src: https://docs.microsoft.com/media/common/i_alert.svg - title: Windows 7 has reached end of support + src: https://docs.microsoft.com/media/common/i_subscription.svg + title: Still have devices running Windows 7 in your enterprise? - href: https://aka.ms/1909mechanics html: Explore the improvements > image: diff --git a/windows/release-information/status-windows-10-1809-and-windows-server-2019.yml b/windows/release-information/status-windows-10-1809-and-windows-server-2019.yml index 2e9516660f..7beb2e9c30 100644 --- a/windows/release-information/status-windows-10-1809-and-windows-server-2019.yml +++ b/windows/release-information/status-windows-10-1809-and-windows-server-2019.yml @@ -33,11 +33,11 @@ sections: columns: 3 items: - - href: https://www.microsoft.com/en-us/microsoft-365/blog/2020/01/14/windows-7-support-ends-today-and-windows-10-is-better-than-ever/ - html: Find out what you need to know > + - href: https://aka.ms/Windows7ESU + html: Stay protected with Extended Security Updates > image: - src: https://docs.microsoft.com/media/common/i_alert.svg - title: Windows 7 has reached end of support + src: https://docs.microsoft.com/media/common/i_subscription.svg + title: Still have devices running Windows 7 in your enterprise? - href: https://aka.ms/1909mechanics html: Explore the improvements > image: diff --git a/windows/release-information/status-windows-10-1903.yml b/windows/release-information/status-windows-10-1903.yml index b1bf959c78..c37a9ca547 100644 --- a/windows/release-information/status-windows-10-1903.yml +++ b/windows/release-information/status-windows-10-1903.yml @@ -33,11 +33,11 @@ sections: columns: 3 items: - - href: https://www.microsoft.com/en-us/microsoft-365/blog/2020/01/14/windows-7-support-ends-today-and-windows-10-is-better-than-ever/ - html: Find out what you need to know > + - href: https://aka.ms/Windows7ESU + html: Stay protected with Extended Security Updates > image: - src: https://docs.microsoft.com/media/common/i_alert.svg - title: Windows 7 has reached end of support + src: https://docs.microsoft.com/media/common/i_subscription.svg + title: Still have devices running Windows 7 in your enterprise? - href: https://aka.ms/1909mechanics html: Explore the improvements > image: diff --git a/windows/release-information/status-windows-10-1909.yml b/windows/release-information/status-windows-10-1909.yml index 36288e57f2..5d5aa24d52 100644 --- a/windows/release-information/status-windows-10-1909.yml +++ b/windows/release-information/status-windows-10-1909.yml @@ -33,11 +33,11 @@ sections: columns: 3 items: - - href: https://www.microsoft.com/en-us/microsoft-365/blog/2020/01/14/windows-7-support-ends-today-and-windows-10-is-better-than-ever/ - html: Find out what you need to know > + - href: https://aka.ms/Windows7ESU + html: Stay protected with Extended Security Updates > image: - src: https://docs.microsoft.com/media/common/i_alert.svg - title: Windows 7 has reached end of support + src: https://docs.microsoft.com/media/common/i_subscription.svg + title: Still have devices running Windows 7 in your enterprise? - href: https://aka.ms/1909mechanics html: Explore the improvements > image: diff --git a/windows/release-information/status-windows-7-and-windows-server-2008-r2-sp1.yml b/windows/release-information/status-windows-7-and-windows-server-2008-r2-sp1.yml index b801c81883..594303eec5 100644 --- a/windows/release-information/status-windows-7-and-windows-server-2008-r2-sp1.yml +++ b/windows/release-information/status-windows-7-and-windows-server-2008-r2-sp1.yml @@ -29,11 +29,11 @@ sections: columns: 3 items: - - href: https://www.microsoft.com/en-us/microsoft-365/blog/2020/01/14/windows-7-support-ends-today-and-windows-10-is-better-than-ever/ - html: Find out what you need to know > + - href: https://aka.ms/Windows7ESU + html: Stay protected with Extended Security Updates > image: - src: https://docs.microsoft.com/media/common/i_alert.svg - title: Windows 7 has reached end of support + src: https://docs.microsoft.com/media/common/i_subscription.svg + title: Still have devices running Windows 7 in your enterprise? - href: https://aka.ms/1909mechanics html: Explore the improvements > image: diff --git a/windows/release-information/status-windows-8.1-and-windows-server-2012-r2.yml b/windows/release-information/status-windows-8.1-and-windows-server-2012-r2.yml index 388b55fa0a..596f76e9d2 100644 --- a/windows/release-information/status-windows-8.1-and-windows-server-2012-r2.yml +++ b/windows/release-information/status-windows-8.1-and-windows-server-2012-r2.yml @@ -29,11 +29,11 @@ sections: columns: 3 items: - - href: https://www.microsoft.com/en-us/microsoft-365/blog/2020/01/14/windows-7-support-ends-today-and-windows-10-is-better-than-ever/ - html: Find out what you need to know > + - href: https://aka.ms/Windows7ESU + html: Stay protected with Extended Security Updates > image: - src: https://docs.microsoft.com/media/common/i_alert.svg - title: Windows 7 has reached end of support + src: https://docs.microsoft.com/media/common/i_subscription.svg + title: Still have devices running Windows 7 in your enterprise? - href: https://aka.ms/1909mechanics html: Explore the improvements > image: diff --git a/windows/release-information/status-windows-server-2008-sp2.yml b/windows/release-information/status-windows-server-2008-sp2.yml index 2ea115dab7..122a392439 100644 --- a/windows/release-information/status-windows-server-2008-sp2.yml +++ b/windows/release-information/status-windows-server-2008-sp2.yml @@ -29,11 +29,11 @@ sections: columns: 3 items: - - href: https://www.microsoft.com/en-us/microsoft-365/blog/2020/01/14/windows-7-support-ends-today-and-windows-10-is-better-than-ever/ - html: Find out what you need to know > + - href: https://aka.ms/Windows7ESU + html: Stay protected with Extended Security Updates > image: - src: https://docs.microsoft.com/media/common/i_alert.svg - title: Windows 7 has reached end of support + src: https://docs.microsoft.com/media/common/i_subscription.svg + title: Still have devices running Windows 7 in your enterprise? - href: https://aka.ms/1909mechanics html: Explore the improvements > image: diff --git a/windows/release-information/status-windows-server-2012.yml b/windows/release-information/status-windows-server-2012.yml index 96c3cad5e2..c83ea0923f 100644 --- a/windows/release-information/status-windows-server-2012.yml +++ b/windows/release-information/status-windows-server-2012.yml @@ -29,11 +29,11 @@ sections: columns: 3 items: - - href: https://www.microsoft.com/en-us/microsoft-365/blog/2020/01/14/windows-7-support-ends-today-and-windows-10-is-better-than-ever/ - html: Find out what you need to know > + - href: https://aka.ms/Windows7ESU + html: Stay protected with Extended Security Updates > image: - src: https://docs.microsoft.com/media/common/i_alert.svg - title: Windows 7 has reached end of support + src: https://docs.microsoft.com/media/common/i_subscription.svg + title: Still have devices running Windows 7 in your enterprise? - href: https://aka.ms/1909mechanics html: Explore the improvements > image: diff --git a/windows/release-information/windows-message-center.yml b/windows/release-information/windows-message-center.yml index 1b87554500..1177033b2d 100644 --- a/windows/release-information/windows-message-center.yml +++ b/windows/release-information/windows-message-center.yml @@ -23,11 +23,11 @@ sections: columns: 2 items: - - href: https://www.microsoft.com/en-us/microsoft-365/blog/2020/01/14/windows-7-support-ends-today-and-windows-10-is-better-than-ever/ - html: Find out what you need to know > + - href: https://aka.ms/Windows7ESU + html: Stay protected with Extended Security Updates > image: - src: https://docs.microsoft.com/media/common/i_alert.svg - title: Windows 7 has reached end of support + src: https://docs.microsoft.com/media/common/i_subscription.svg + title: Still have devices running Windows 7 in your enterprise? - href: https://aka.ms/1909mechanics html: Explore the improvements > image: @@ -50,6 +50,8 @@ sections: text: " + + diff --git a/windows/security/includes/improve-request-performance.md b/windows/security/includes/improve-request-performance.md index ddff438e13..c2499cf092 100644 --- a/windows/security/includes/improve-request-performance.md +++ b/windows/security/includes/improve-request-performance.md @@ -18,6 +18,6 @@ ms.topic: article >[!NOTE] >For better performance, you can use server closer to your geo location: -> - api-us.securitycenter.windows.com -> - api-eu.securitycenter.windows.com -> - api-uk.securitycenter.windows.com +> - api-us.securitycenter.microsoft.com +> - api-eu.securitycenter.microsoft.com +> - api-uk.securitycenter.microsoft.com diff --git a/windows/security/threat-protection/TOC.md b/windows/security/threat-protection/TOC.md index e108eeae6b..41c9c858e4 100644 --- a/windows/security/threat-protection/TOC.md +++ b/windows/security/threat-protection/TOC.md @@ -373,7 +373,7 @@ ###### [Troubleshoot subscription and portal access issues](microsoft-defender-atp/troubleshoot-onboarding-error-messages.md) #### [Microsoft Defender ATP API]() -##### [Get started with Microsoft Defender ATP APIs]() +##### [Get started]() ###### [Microsoft Defender ATP API license and terms](microsoft-defender-atp/api-terms-of-use.md) ###### [Access the Microsoft Defender ATP APIs](microsoft-defender-atp/apis-intro.md) ###### [Hello World](microsoft-defender-atp/api-hello-world.md) diff --git a/windows/security/threat-protection/microsoft-defender-atp/create-alert-by-reference.md b/windows/security/threat-protection/microsoft-defender-atp/create-alert-by-reference.md index 2e5c7cec45..0a85cb240c 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/create-alert-by-reference.md +++ b/windows/security/threat-protection/microsoft-defender-atp/create-alert-by-reference.md @@ -24,8 +24,9 @@ ms.topic: article ## API description -Creates new [Alert](alerts.md). -
Microsoft Defender ATP Event is a required parameter for the alert creation. +Creates new [Alert](alerts.md) on top of **Event**. +
**Microsoft Defender ATP Event** is required for the alert creation. +
You will need to supply 3 parameters from the Event in the request: **Event Time**, **Machine ID** and **Report ID**. See example below.
You can use an event found in Advanced Hunting API or Portal.
If there existing an open alert on the same Machine with the same Title, the new created alert will be merged with it.
An automatic investigation starts automatically on alerts created via the API. @@ -68,13 +69,13 @@ In the request body, supply the following values (all are required): Property | Type | Description :---|:---|:--- +eventTime | DateTime(UTC) | The precise time of the event as string, as obtained from advanced hunting. e.g. ```2018-08-03T16:45:21.7115183Z``` **Required**. +reportId | String | The reportId of the event, as obtained from advanced hunting. **Required**. machineId | String | Id of the machine on which the event was identified. **Required**. severity | String | Severity of the alert. The property values are: 'Low', 'Medium' and 'High'. **Required**. title | String | Title for the alert. **Required**. description | String | Description of the alert. **Required**. recommendedAction| String | Action that is recommended to be taken by security officer when analyzing the alert. **Required**. -eventTime | DateTime(UTC) | The time of the event, as obtained from the advanced query. **Required**. -reportId | String | The reportId, as obtained from the advanced query. **Required**. category| String | Category of the alert. The property values are: "General", "CommandAndControl", "Collection", "CredentialAccess", "DefenseEvasion", "Discovery", "Exfiltration", "Exploit", "Execution", "InitialAccess", "LateralMovement", "Malware", "Persistence", "PrivilegeEscalation", "Ransomware", "SuspiciousActivity" **Required**. ## Response @@ -91,16 +92,16 @@ Here is an example of the request. ``` POST https://api.securitycenter.windows.com/api/alerts/CreateAlertByReference -Content-Length: application/json - +``` +```json { - "machineId": "1e5bc9d7e413ddd7902c2932e418702b84d0cc07", - "severity": "Low", - "title": "test alert", - "description": "test alert", - "recommendedAction": "test alert", - "eventTime": "2018-08-03T16:45:21.7115183Z", - "reportId": "20776", - "category": "None" + "machineId": "1e5bc9d7e413ddd7902c2932e418702b84d0cc07", + "severity": "Low", + "title": "example", + "description": "example alert", + "recommendedAction": "nothing", + "eventTime": "2018-08-03T16:45:21.7115183Z", + "reportId": "20776", + "category": "Exploit" } ``` diff --git a/windows/security/threat-protection/microsoft-defender-atp/exposed-apis-create-app-partners.md b/windows/security/threat-protection/microsoft-defender-atp/exposed-apis-create-app-partners.md index 549743f14c..5f6f4ad48c 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/exposed-apis-create-app-partners.md +++ b/windows/security/threat-protection/microsoft-defender-atp/exposed-apis-create-app-partners.md @@ -34,7 +34,6 @@ In general, you’ll need to take the following steps to use the APIs: - Use the token to access Microsoft Defender ATP API. The following steps with guide you how to create an AAD application, get an access token to Microsoft Defender ATP and validate the token. -
**To become an official partner of Microsoft Defender ATP and appear in our partner page, you will provide us with your application identifier.** ## Create the multi-tenant app diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-recommendation-machines.md b/windows/security/threat-protection/microsoft-defender-atp/get-recommendation-machines.md index 1343ebbc71..449efaf986 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/get-recommendation-machines.md +++ b/windows/security/threat-protection/microsoft-defender-atp/get-recommendation-machines.md @@ -73,7 +73,7 @@ Here is an example of the response. "id": "e058770379bc199a9c179ce52a23e16fd44fd2ee", "computerDnsName": "niw_pc", "osPlatform": "Windows10", - "rbacGroupId": 2154 + "rbacGroupName": "GroupTwo" } ... ] diff --git a/windows/security/threat-protection/microsoft-defender-atp/oldTOC.txt b/windows/security/threat-protection/microsoft-defender-atp/oldTOC.txt index 2e2b69385b..a65e4c2dbb 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/oldTOC.txt +++ b/windows/security/threat-protection/microsoft-defender-atp/oldTOC.txt @@ -336,7 +336,7 @@ ##### [Understand Microsoft Defender ATP APIs](use-apis.md) ##### [Microsoft Defender ATP API license and terms](api-terms-of-use.md) -##### [Get started with Microsoft Defender ATP APIs]() +##### [Get started]() ###### [Introduction](apis-intro.md) ###### [Hello World](api-hello-world.md) ###### [Get access with application context](exposed-apis-create-app-webapp.md) diff --git a/windows/security/threat-protection/microsoft-defender-atp/run-advanced-query-api.md b/windows/security/threat-protection/microsoft-defender-atp/run-advanced-query-api.md index 540c957c3f..19ccd7e62c 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/run-advanced-query-api.md +++ b/windows/security/threat-protection/microsoft-defender-atp/run-advanced-query-api.md @@ -71,21 +71,18 @@ Request Here is an example of the request. ->[!NOTE] ->For better performance, you can use server closer to your geo location: -> - api-us.securitycenter.windows.com -> - api-eu.securitycenter.windows.com -> - api-uk.securitycenter.windows.com +[!include[Improve request performance](../../includes/improve-request-performance.md)] + ``` POST https://api.securitycenter.windows.com/api/advancedqueries/run Content-type: application/json { - "Query":"ProcessCreationEvents -| where InitiatingProcessFileName =~ \"powershell.exe\" -| where ProcessCommandLine contains \"appdata\" -| project EventTime, FileName, InitiatingProcessFileName -| limit 2" + "Query":"DeviceProcessEvents + | where InitiatingProcessFileName =~ 'powershell.exe' + | where ProcessCommandLine contains 'appdata' + | project Timestamp, FileName, InitiatingProcessFileName, DeviceId + | limit 2" } ``` @@ -96,32 +93,40 @@ Here is an example of the response. >[!NOTE] >The response object shown here may be truncated for brevity. All of the properties will be returned from an actual call. -``` -HTTP/1.1 200 OK -Content-Type: application/json​ +```json { - "Schema": [{ - "Name": "EventTime", - "Type": "DateTime" - }, - { - "Name": "FileName", - "Type": "String" - }, - { - "Name": "InitiatingProcessFileName", - "Type": "String" - }], - "Results": [{ - "EventTime": "2018-07-09T07:16:26.8017265", - "FileName": "csc.exe", - "InitiatingProcessFileName": "powershell.exe" - }, - { - "EventTime": "2018-07-08T19:00:02.7798905", - "FileName": "gpresult.exe", - "InitiatingProcessFileName": "powershell.exe" - }] + "Schema": [ + { + "Name": "Timestamp", + "Type": "DateTime" + }, + { + "Name": "FileName", + "Type": "String" + }, + { + "Name": "InitiatingProcessFileName", + "Type": "String" + }, + { + "Name": "DeviceId", + "Type": "String" + } + ], + "Results": [ + { + "Timestamp": "2020-02-05T01:10:26.2648757Z", + "FileName": "csc.exe", + "InitiatingProcessFileName": "powershell.exe", + "DeviceId": "10cbf9182d4e95660362f65cfa67c7731f62fdb3" + }, + { + "Timestamp": "2020-02-05T01:10:26.5614772Z", + "FileName": "csc.exe", + "InitiatingProcessFileName": "powershell.exe", + "DeviceId": "10cbf9182d4e95660362f65cfa67c7731f62fdb3" + } + ] } ``` From ba07af28aa50b0bf72c34431eee6d805c8406a74 Mon Sep 17 00:00:00 2001 From: ManikaDhiman Date: Tue, 11 Feb 2020 12:36:09 -0800 Subject: [PATCH 044/112] Added 20H1 ApplicationManagement policy setting --- .../policy-configuration-service-provider.md | 3 + .../mdm/policy-csp-applicationmanagement.md | 82 ++++++++++++++++++- 2 files changed, 84 insertions(+), 1 deletion(-) diff --git a/windows/client-management/mdm/policy-configuration-service-provider.md b/windows/client-management/mdm/policy-configuration-service-provider.md index 9d72af8a49..6e8652ff9c 100644 --- a/windows/client-management/mdm/policy-configuration-service-provider.md +++ b/windows/client-management/mdm/policy-configuration-service-provider.md @@ -198,6 +198,9 @@ The following diagram shows the Policy configuration service provider in tree fo
ApplicationManagement/AllowSharedUserAppData
+
+ ApplicationManagement/BlockNonAdminUserInstall +
ApplicationManagement/DisableStoreOriginatedApps
diff --git a/windows/client-management/mdm/policy-csp-applicationmanagement.md b/windows/client-management/mdm/policy-csp-applicationmanagement.md index a7680a8600..4af540d934 100644 --- a/windows/client-management/mdm/policy-csp-applicationmanagement.md +++ b/windows/client-management/mdm/policy-csp-applicationmanagement.md @@ -7,7 +7,7 @@ ms.prod: w10 ms.technology: windows author: manikadhiman ms.localizationpriority: medium -ms.date: 09/27/2019 +ms.date: 02/11/2020 ms.reviewer: manager: dansimp --- @@ -39,6 +39,9 @@ manager: dansimp
ApplicationManagement/AllowSharedUserAppData
+
+ ApplicationManagement/BlockNonAdminUserInstall +
ApplicationManagement/DisableStoreOriginatedApps
@@ -414,6 +417,83 @@ Most restricted value: 0
+ +**ApplicationManagement/BlockNonAdminUserInstall** + + +
MessageDate
Take action: February 2020 security update available for all supported versions of Windows
The February 2020 security update release, referred to as our “B” release, is now available for Windows 10, version 1909 and all supported versions of Windows. We recommend that you install these updates promptly. For more information on the different types of monthly quality updates, see our Windows 10 update servicing cadence primer. To be informed about the latest updates and releases, follow us on Twitter @WindowsUpdate.
February 11, 2020
08:00 AM PT
Take action: ESU security updates available for Windows 7 SP1, Windows Server 2008 R2 SP1 and Windows Server 2008 SP2
Windows 7 SP1, Windows Server 2008 R2 SP1, and Windows Server 2008 SP2 reached end of support on January 14, 2020. For customers who have purchased Extended Security Updates (ESU), the first monthly ESU security updates are now available. If your organization has not yet been able to complete your transition to Windows 10, Windows Server 2016, or Windows Server 2019 and want to continue to receive security updates for your current version of Windows, you will need to purchase Extended Security Updates. For information on how to do so, please see How to get Extended Security Updates for eligible Windows devices, Windows 7 ESU frequently ask questions, and Windows Server 2008 R2 SP1 and Windows Server 2008 SP2 ESU frequently asked questions.

We recommend ESU customers review the applicable KB article below for prerequisites and other important information you will need to deploy these updates.

The following updates were released today for Windows Server 2008 SP2:
The following updates were released today for Windows 7 SP1 and Windows Server 2008 R2 SP1:
February 11, 2020
08:00 AM PT
Resolved: Windows Search shows blank box
We are aware of a temporary server-side issue causing Windows search to show a blank box. This issue has been resolved for most users and in some cases, you might need to restart your device. We are working diligently to fully resolve the issue and will provide an update once resolved. 

This issue was resolved at 12:00 PM PST. If you are still experiencing issues, please restart your device. In rare cases, you may need to manually end the SearchUI.exe or SearchApp.exe process via Task Manager. (To locate these processes, select CTRL + Shift + Esc then select the Details tab.)
February 05, 2020
12:00 PM PT
January 2020 Windows 10, version 1909 \"D\" optional release is available.
The January 2020 optional monthly “D” release for Windows 10, version 1909 and Windows 10, version 1903 is now available. For more information on the different types of monthly quality updates, see our Windows 10 update servicing cadence primer. Follow @WindowsUpdate for the latest on the availability of this release.
January 28, 2020
08:00 AM PT
January 2020 Windows \"C\" optional release is available.
The January 2020 optional monthly “C” release for all supported versions of Windows is now available. For more information on the different types of monthly quality updates, see our Windows 10 update servicing cadence primer. Follow @WindowsUpdate for the latest on the availability of this release.
January 23, 2020
12:00 PM PT
+ + + + + + + + + + + + + + + + + + + + + + + + + +
Windows EditionSupported?
Homecross mark
Procross mark
Businesscheck mark7
Enterprisecheck mark7
Educationcheck mark7
+ + +
+ + +[Scope](./policy-configuration-service-provider.md#policy-scope): + +> [!div class = "checklist"] +> * Device + +
+ + + +Added in the next major release of Windows 10. + +Manages non-administrator users' ability to install Windows app packages. + +If you enable this policy, non-administrators will be unable to initiate installation of Windows app packages. Administrators who wish to install an app will need to do so from an Administrator context (for example, an Administrator PowerShell window). All users will still be able to install Windows app packages via the Microsoft Store, if permitted by other policies. + +If you disable or do not configure this policy, all users will be able to initiate installation of Windows app packages. + + + +ADMX Info: +- GP English name: *Prevent non-admin users from installing packaged Windows apps* +- GP name: *BlockNonAdminUserInstall* +- GP path: *Windows Components/App Package Deployment* +- GP ADMX file name: *AppxPackageManager.admx* + + + +The0 following list shows the supported values: +- 0 (default) - Disable. All users will be able to initiate installation of Windows app packages. +- 1 - Enable. Non-administrator users will not be able to initiate installation of Windows app packages. + + + + + + + + + +
+ **ApplicationManagement/DisableStoreOriginatedApps** From aec404ce7cdd1b94c15732bf02824359177f1991 Mon Sep 17 00:00:00 2001 From: ManikaDhiman Date: Tue, 11 Feb 2020 12:49:20 -0800 Subject: [PATCH 045/112] Minor updates --- .../mdm/policy-csp-applicationmanagement.md | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/windows/client-management/mdm/policy-csp-applicationmanagement.md b/windows/client-management/mdm/policy-csp-applicationmanagement.md index 4af540d934..798bbae111 100644 --- a/windows/client-management/mdm/policy-csp-applicationmanagement.md +++ b/windows/client-management/mdm/policy-csp-applicationmanagement.md @@ -480,9 +480,9 @@ ADMX Info: -The0 following list shows the supported values: -- 0 (default) - Disable. All users will be able to initiate installation of Windows app packages. -- 1 - Enable. Non-administrator users will not be able to initiate installation of Windows app packages. +The following list shows the supported values: +- 0 (default) - Disabled. All users will be able to initiate installation of Windows app packages. +- 1 - Enabled. Non-administrator users will not be able to initiate installation of Windows app packages. @@ -1112,6 +1112,7 @@ Footnotes: - 4 - Added in Windows 10, version 1803. - 5 - Added in Windows 10, version 1809. - 6 - Added in Windows 10, version 1903. +- 7 - Added in the next major release of Windows 10. From 811e8be792d843b2fc74fbd47e48d735ca242262 Mon Sep 17 00:00:00 2001 From: lomayor Date: Tue, 11 Feb 2020 12:53:18 -0800 Subject: [PATCH 046/112] Videos for TA and AH --- .../microsoft-defender-atp/advanced-hunting-overview.md | 5 ++++- .../microsoft-defender-atp/threat-analytics.md | 5 +++++ 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-overview.md b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-overview.md index 73a0af658e..1b97d7c5d9 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-overview.md +++ b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-overview.md @@ -29,8 +29,11 @@ Advanced hunting is a query-based threat-hunting tool that lets you explore up t You can use the same threat-hunting queries to build custom detection rules. These rules run automatically to check for and respond to various events and system states, including suspected breach activity and misconfigured machines. ## Get started with advanced hunting +Watch this video for a quick overview of advanced hunting and a short tutorial that will get you started fast. -We recommend going through several steps to quickly get up and running with advanced hunting. +>[!VIDEO https://www.microsoft.com/en-us/videoplayer/embed/RE4bGqo] + +You can also go through each of the following steps to ramp up your advanced hunting knowledge. | Learning goal | Description | Resource | |--|--|--| diff --git a/windows/security/threat-protection/microsoft-defender-atp/threat-analytics.md b/windows/security/threat-protection/microsoft-defender-atp/threat-analytics.md index a1c5557fed..7abe5c6fc7 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/threat-analytics.md +++ b/windows/security/threat-protection/microsoft-defender-atp/threat-analytics.md @@ -26,6 +26,11 @@ Cyberthreats are emerging more frequently and prevalently. It is critical for or Threat analytics is a set of reports published by Microsoft security researchers as soon as emerging threats and outbreaks are identified. The reports help you assess the impact of threats to your environment and identify actions that can contain them. +Watch this short video to quickly understand how threat analytics can help you track the latest threats and stop them. + +>[!VIDEO https://www.microsoft.com/en-us/videoplayer/embed/RE4bw1f] + + ## View the threat analytics dashboard The threat analytics dashboard is a great jump off point for getting to the reports that are most relevant to your organization. It provides several overviews about the threats covered in the reports: From 055a1b0ff23b4beb734f68a87bcfb070ab7c711f Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Tue, 11 Feb 2020 13:05:41 -0800 Subject: [PATCH 047/112] Update automated-investigations.md --- .../automated-investigations.md | 13 ++++++------- 1 file changed, 6 insertions(+), 7 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/automated-investigations.md b/windows/security/threat-protection/microsoft-defender-atp/automated-investigations.md index 96cf4bd271..346bd331f0 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/automated-investigations.md +++ b/windows/security/threat-protection/microsoft-defender-atp/automated-investigations.md @@ -19,6 +19,8 @@ ms.topic: conceptual # Overview of automated investigations +> [!VIDEO https://www.microsoft.com/en-us/videoplayer/embed/RE4bOeh] + Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP) offers a wide breadth of visibility on multiple machines. With this kind of optics, the service generates a multitude of alerts. The volume of alerts generated can be challenging for a typical security operations team to individually address. To address this challenge, Microsoft Defender ATP uses automated investigation and remediation capabilities to significantly reduce the volume of alerts that must be investigated individually. The automated investigation feature leverages various inspection algorithms, and processes used by analysts (such as playbooks) to examine alerts and take immediate remediation action to resolve breaches. This significantly reduces alert volume, allowing security operations experts to focus on more sophisticated threats and other high value initiatives. The **Automated investigations** list shows all the investigations that were initiated automatically, and includes details, such as status, detection source, and when the investigation was initiated. @@ -26,10 +28,7 @@ The automated investigation feature leverages various inspection algorithms, and > [!TIP] > Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-automated-investigations-abovefoldlink) - -## Understand the automated investigation flow - -### How the automated investigation starts +## How the automated investigation starts When an alert is triggered, a security playbook goes into effect. Depending on the security playbook, an automated investigation can start. For example, suppose a malicious file resides on a machine. When that file is detected, an alert is triggered. The automated investigation process begins. Microsoft Defender ATP checks to see if the malicious file is present on any other machines in the organization. Details from the investigation, including verdicts (Malicious, Suspicious, and Clean) are available during and after the automated investigation. @@ -40,7 +39,7 @@ When an alert is triggered, a security playbook goes into effect. Depending on t >- Windows 10, version 1803 (OS Build 17134.704 with [KB4493464](https://support.microsoft.com/help/4493464/windows-10-update-kb4493464)) or later >- Later versions of Windows 10 -### Details of an automated investigation +## Details of an automated investigation During and after an automated investigation, you can view details about the investigation. Selecting a triggering alert brings you to the investigation details view where you can pivot from the **Investigation graph**, **Alerts**, **Machines**, **Evidence**, **Entities**, and **Log** tabs. @@ -56,13 +55,13 @@ During and after an automated investigation, you can view details about the inve > [!IMPORTANT] > Go to the **Action center** to get an aggregated view all pending actions and manage remediation actions. The **Action center** also acts as an audit trail for all automated investigation actions. -### How an automated investigation expands its scope +## How an automated investigation expands its scope While an investigation is running, any other alerts generated from the machine are added to an ongoing automated investigation until that investigation is completed. In addition, if the same threat is seen on other machines, those machines are added to the investigation. If an incriminated entity is seen in another machine, the automated investigation process will expand its scope to include that machine, and a general security playbook will start on that machine. If 10 or more machines are found during this expansion process from the same entity, then that expansion action will require an approval and will be seen in the **Pending actions** view. -### How threats are remediated +## How threats are remediated Depending on how you set up the machine groups and their level of automation, the automated investigation will either require user approval (default) or automatically remediate threats. From 2aa3ea70033097ce4d1e186f85313b9e98f64fd6 Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Tue, 11 Feb 2020 13:07:35 -0800 Subject: [PATCH 048/112] Update TOC.md --- windows/security/threat-protection/TOC.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/windows/security/threat-protection/TOC.md b/windows/security/threat-protection/TOC.md index e108eeae6b..570ed37a4e 100644 --- a/windows/security/threat-protection/TOC.md +++ b/windows/security/threat-protection/TOC.md @@ -76,7 +76,7 @@ ##### [Take response actions on a machine]() ###### [Response actions on machines](microsoft-defender-atp/respond-machine-alerts.md) ###### [Manage tags](microsoft-defender-atp/respond-machine-alerts.md#manage-tags) -###### [Initiate Automated investigation](microsoft-defender-atp/respond-machine-alerts.md#initiate-automated-investigation) +###### [Initiate an automated investigation](microsoft-defender-atp/respond-machine-alerts.md#initiate-automated-investigation) ###### [Initiate Live Response session](microsoft-defender-atp/respond-machine-alerts.md#initiate-live-response-session) ###### [Collect investigation package](microsoft-defender-atp/respond-machine-alerts.md#collect-investigation-package-from-machines) ###### [Run antivirus scan](microsoft-defender-atp/respond-machine-alerts.md#run-windows-defender-antivirus-scan-on-machines) @@ -105,8 +105,8 @@ ### [Automated investigation and remediation]() #### [Automated investigation and remediation overview](microsoft-defender-atp/automated-investigations.md) -#### [Learn about the automated investigation and remediation dashboard](microsoft-defender-atp/manage-auto-investigation.md) -##### [Manage actions related to automated investigation and remediation](microsoft-defender-atp/auto-investigation-action-center.md) +#### [Use the automated investigation and remediation dashboard](microsoft-defender-atp/manage-auto-investigation.md) +#### [Manage actions related to automated investigation and remediation](microsoft-defender-atp/auto-investigation-action-center.md) ### [Secure score](microsoft-defender-atp/overview-secure-score.md) ### [Threat analytics](microsoft-defender-atp/threat-analytics.md) From 406d01af12d0eb64049ed9335a7f4180873a7cc9 Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Tue, 11 Feb 2020 13:21:08 -0800 Subject: [PATCH 049/112] Update machine-groups.md --- .../threat-protection/microsoft-defender-atp/machine-groups.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/machine-groups.md b/windows/security/threat-protection/microsoft-defender-atp/machine-groups.md index 0c7105a289..de2ea5f99f 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/machine-groups.md +++ b/windows/security/threat-protection/microsoft-defender-atp/machine-groups.md @@ -53,7 +53,7 @@ As part of the process of creating a machine group, you'll: 2. Click **Add machine group**. -3. Enter the group name and automation settings and specify the matching rule that determines which machines belong to the group. For more information on automation levels, see [Understand the Automated investigation flow](automated-investigations.md#understand-the-automated-investigation-flow). +3. Enter the group name and automation settings and specify the matching rule that determines which machines belong to the group. See [How the automated investigation starts](automated-investigations.md#how-the-automated-investigation-starts). >[!TIP] >If you want to group machines by organizational unit, you can configure the registry key for the group affiliation. For more information on device tagging, see [Create and manage machine tags](machine-tags.md). From 25541dbc3b650c69d870b84608de469425339c92 Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Tue, 11 Feb 2020 13:23:06 -0800 Subject: [PATCH 050/112] Update machine-groups.md --- .../threat-protection/microsoft-defender-atp/machine-groups.md | 1 - 1 file changed, 1 deletion(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/machine-groups.md b/windows/security/threat-protection/microsoft-defender-atp/machine-groups.md index de2ea5f99f..cd57c99e3a 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/machine-groups.md +++ b/windows/security/threat-protection/microsoft-defender-atp/machine-groups.md @@ -83,7 +83,6 @@ Machines that are not matched to any groups are added to Ungrouped machines (def ## Related topics -## Related topic - [Manage portal access using role-based based access control](rbac.md) - [Create and manage machine tags](machine-tags.md) - [Get list of tenant machine groups using Graph API](get-machinegroups-collection.md) From db8d4d2b16d29345cdf86b5a0da0de508979a7f9 Mon Sep 17 00:00:00 2001 From: lomayor Date: Tue, 11 Feb 2020 13:46:07 -0800 Subject: [PATCH 051/112] breaks --- .../microsoft-defender-atp/advanced-hunting-overview.md | 4 ++-- .../microsoft-defender-atp/threat-analytics.md | 5 ++--- 2 files changed, 4 insertions(+), 5 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-overview.md b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-overview.md index 1b97d7c5d9..94c471fbd7 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-overview.md +++ b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-overview.md @@ -29,8 +29,8 @@ Advanced hunting is a query-based threat-hunting tool that lets you explore up t You can use the same threat-hunting queries to build custom detection rules. These rules run automatically to check for and respond to various events and system states, including suspected breach activity and misconfigured machines. ## Get started with advanced hunting -Watch this video for a quick overview of advanced hunting and a short tutorial that will get you started fast. - +Watch this video for a quick overview of advanced hunting and a short tutorial that will get you started fast. + >[!VIDEO https://www.microsoft.com/en-us/videoplayer/embed/RE4bGqo] You can also go through each of the following steps to ramp up your advanced hunting knowledge. diff --git a/windows/security/threat-protection/microsoft-defender-atp/threat-analytics.md b/windows/security/threat-protection/microsoft-defender-atp/threat-analytics.md index 7abe5c6fc7..d3d5a49d80 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/threat-analytics.md +++ b/windows/security/threat-protection/microsoft-defender-atp/threat-analytics.md @@ -26,11 +26,10 @@ Cyberthreats are emerging more frequently and prevalently. It is critical for or Threat analytics is a set of reports published by Microsoft security researchers as soon as emerging threats and outbreaks are identified. The reports help you assess the impact of threats to your environment and identify actions that can contain them. -Watch this short video to quickly understand how threat analytics can help you track the latest threats and stop them. - +Watch this short video to quickly understand how threat analytics can help you track the latest threats and stop them. + >[!VIDEO https://www.microsoft.com/en-us/videoplayer/embed/RE4bw1f] - ## View the threat analytics dashboard The threat analytics dashboard is a great jump off point for getting to the reports that are most relevant to your organization. It provides several overviews about the threats covered in the reports: From ebccc799633f05ac5d6754520200e632ed1c6d55 Mon Sep 17 00:00:00 2001 From: Gary Moore Date: Tue, 11 Feb 2020 13:59:43 -0800 Subject: [PATCH 052/112] Corrected mark up of a note so that it will render. --- devices/hololens/hololens-commercial-infrastructure.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/devices/hololens/hololens-commercial-infrastructure.md b/devices/hololens/hololens-commercial-infrastructure.md index a99a851024..568bbe92e5 100644 --- a/devices/hololens/hololens-commercial-infrastructure.md +++ b/devices/hololens/hololens-commercial-infrastructure.md @@ -166,8 +166,8 @@ Directions for upgrading to the commercial suite can be found [here](https://doc 1. [Create a device profile for Kiosk mode](https://docs.microsoft.com/intune/configuration/kiosk-settings#create-the-profile) - >[!NOTE] - >You can configure different users to have different Kiosk Mode experiences by using “Azure AD” as the “User logon type”. However, this option is only available in Multi-App kiosk mode. Multi-App kiosk mode will work with only one app as well as multiple apps. +> [!NOTE] +> You can configure different users to have different Kiosk Mode experiences by using “Azure AD” as the “User logon type”. However, this option is only available in Multi-App kiosk mode. Multi-App kiosk mode will work with only one app as well as multiple apps. ![Image that shows Configuration of Kiosk Mode in Intune](images/aad-kioskmode.png) @@ -183,4 +183,4 @@ Certificates can be deployed via you MDM (see "certificates" in the [MDM Section ## Next (Optional) Step: [Configure HoloLens using a provisioning package](hololens-provisioning.md) -## Next Step: [Enroll your device](hololens-enroll-mdm.md) \ No newline at end of file +## Next Step: [Enroll your device](hololens-enroll-mdm.md) From 77d42e765ecb837edcc84443edaef1d915aaccd7 Mon Sep 17 00:00:00 2001 From: Gary Moore Date: Tue, 11 Feb 2020 14:07:33 -0800 Subject: [PATCH 053/112] Put space between 'span' and heading to fix lack of rendering of the title --- devices/hololens/hololens-provisioning.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/devices/hololens/hololens-provisioning.md b/devices/hololens/hololens-provisioning.md index 3cd9ed9707..7eefba6e17 100644 --- a/devices/hololens/hololens-provisioning.md +++ b/devices/hololens/hololens-provisioning.md @@ -137,6 +137,7 @@ After you're done, click **Create**. It only takes a few seconds. When the packa 10. When the build completes, click **Finish**. + ## Apply a provisioning package to HoloLens during setup 1. Connect the device via USB to a PC and start the device, but do not continue past the **Fit** page of OOBE (the first page with the blue box). @@ -191,4 +192,4 @@ In Windows Configuration Designer, when you create a provisioning package for Wi >[!NOTE] >App installation (**UniversalAppInstall**) using a provisioning package is not currently supported for HoloLens. -## Next Step: [Enroll your device](hololens-enroll-mdm.md) \ No newline at end of file +## Next Step: [Enroll your device](hololens-enroll-mdm.md) From fbd6ebccca8e121d031c63962d69e5d46221e9bd Mon Sep 17 00:00:00 2001 From: Dulce Montemayor Date: Tue, 11 Feb 2020 14:58:17 -0800 Subject: [PATCH 054/112] Added video link --- .../microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md b/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md index 3da4badfe6..41e41d783f 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md +++ b/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md @@ -27,6 +27,8 @@ Effectively identifying, assessing, and remediating endpoint weaknesses is pivot It helps organizations discover vulnerabilities and misconfigurations in real-time, based on sensors, without the need of agents or periodic scans. It prioritizes vulnerabilities based on the threat landscape, detections in your organization, sensitive information on vulnerable devices, and business context. +[!VIDEO https://www.microsoft.com/en-us/videoplayer/embed/RE4mLsn] + ## Next-generation capabilities Threat & Vulnerability Management is built-in, real-time, cloud-powered, fully integrated with Microsoft endpoint security stack, the Microsoft Intelligent Security Graph, and the application analytics knowledgebase. From 068720b138a79f6d3c525c8c21bee80b49bbe2aa Mon Sep 17 00:00:00 2001 From: Dulce Montemayor Date: Tue, 11 Feb 2020 15:08:43 -0800 Subject: [PATCH 055/112] Added blog ref --- .../microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md | 1 + 1 file changed, 1 insertion(+) diff --git a/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md b/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md index 41e41d783f..54b425ff8c 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md +++ b/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md @@ -77,3 +77,4 @@ Microsoft Defender ATP’s Threat & Vulnerability Management allows security adm - [Software APIs](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/software) - [Machine APIs](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/machine) - [Recommendation APIs](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/vulnerability) +- [BLOG: Microsoft’s Threat & Vulnerability Management now helps thousands of customers to discover, prioritize, and remediate vulnerabilities in real time](https://www.microsoft.com/security/blog/2019/07/02/microsofts-threat-vulnerability-management-now-helps-thousands-of-customers-to-discover-prioritize-and-remediate-vulnerabilities-in-real-time/) From 1e6c939968d1a7b0997a50204144d6cdb8658e08 Mon Sep 17 00:00:00 2001 From: Dulce Montemayor Date: Tue, 11 Feb 2020 15:14:28 -0800 Subject: [PATCH 056/112] Update next-gen-threat-and-vuln-mgt.md --- .../microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md | 1 + 1 file changed, 1 insertion(+) diff --git a/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md b/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md index 54b425ff8c..12272ac0e8 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md +++ b/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md @@ -27,6 +27,7 @@ Effectively identifying, assessing, and remediating endpoint weaknesses is pivot It helps organizations discover vulnerabilities and misconfigurations in real-time, based on sensors, without the need of agents or periodic scans. It prioritizes vulnerabilities based on the threat landscape, detections in your organization, sensitive information on vulnerable devices, and business context. +Watch this video for a quick overview of Threat & Vulnerability Management. [!VIDEO https://www.microsoft.com/en-us/videoplayer/embed/RE4mLsn] ## Next-generation capabilities From 22fb445694b1fa2aa1c8b1437bbee4a396e803c3 Mon Sep 17 00:00:00 2001 From: lomayor Date: Tue, 11 Feb 2020 15:17:42 -0800 Subject: [PATCH 057/112] breaks --- .../microsoft-defender-atp/advanced-hunting-overview.md | 4 ++-- .../microsoft-defender-atp/threat-analytics.md | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-overview.md b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-overview.md index 94c471fbd7..587366afe0 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-overview.md +++ b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-overview.md @@ -29,8 +29,8 @@ Advanced hunting is a query-based threat-hunting tool that lets you explore up t You can use the same threat-hunting queries to build custom detection rules. These rules run automatically to check for and respond to various events and system states, including suspected breach activity and misconfigured machines. ## Get started with advanced hunting -Watch this video for a quick overview of advanced hunting and a short tutorial that will get you started fast. - +Watch this video for a quick overview of advanced hunting and a short tutorial that will get you started fast. +
>[!VIDEO https://www.microsoft.com/en-us/videoplayer/embed/RE4bGqo] You can also go through each of the following steps to ramp up your advanced hunting knowledge. diff --git a/windows/security/threat-protection/microsoft-defender-atp/threat-analytics.md b/windows/security/threat-protection/microsoft-defender-atp/threat-analytics.md index d3d5a49d80..8709092d9c 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/threat-analytics.md +++ b/windows/security/threat-protection/microsoft-defender-atp/threat-analytics.md @@ -26,8 +26,8 @@ Cyberthreats are emerging more frequently and prevalently. It is critical for or Threat analytics is a set of reports published by Microsoft security researchers as soon as emerging threats and outbreaks are identified. The reports help you assess the impact of threats to your environment and identify actions that can contain them. -Watch this short video to quickly understand how threat analytics can help you track the latest threats and stop them. - +Watch this short video to quickly understand how threat analytics can help you track the latest threats and stop them. +
>[!VIDEO https://www.microsoft.com/en-us/videoplayer/embed/RE4bw1f] ## View the threat analytics dashboard From ee87de19b0bd2c72205a3ee7c473c4cd810e032d Mon Sep 17 00:00:00 2001 From: Dulce Montemayor Date: Tue, 11 Feb 2020 15:18:37 -0800 Subject: [PATCH 058/112] Added MDATP API video ref --- .../microsoft-defender-atp/management-apis.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/windows/security/threat-protection/microsoft-defender-atp/management-apis.md b/windows/security/threat-protection/microsoft-defender-atp/management-apis.md index f42404e0ac..e25d5e8634 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/management-apis.md +++ b/windows/security/threat-protection/microsoft-defender-atp/management-apis.md @@ -54,6 +54,9 @@ The Microsoft Defender ATP APIs can be grouped into three: Microsoft Defender ATP offers a layered API model exposing data and capabilities in a structured, clear and easy to use model, exposed through a standard Azure AD-based authentication and authorization model allowing access in context of users or SaaS applications. The API model was designed to expose entities and capabilities in a consistent form. +Watch this video for a quick overview of Microsoft Defender ATP's APIs. +[!VIDEO https://www.microsoft.com/en-us/videoplayer/embed/RE4d73M] + The **Investigation API** exposes the richness of Microsoft Defender ATP - exposing calculated or 'profiled' entities (for example, machine, user, and file) and discrete events (for example, process creation and file creation) which typically describes a behavior related to an entity, enabling access to data via investigation interfaces allowing a query-based access to data. For more information see, [Supported APIs](exposed-apis-list.md). The **Response API** exposes the ability to take actions in the service and on devices, enabling customers to ingest indicators, manage settings, alert status, as well as take response actions on devices programmatically such as isolate machines from the network, quarantine files, and others. From f87e7a9505b72ead1f10b5bcc72386f0b1b99a28 Mon Sep 17 00:00:00 2001 From: Dulce Montemayor Date: Tue, 11 Feb 2020 15:19:11 -0800 Subject: [PATCH 059/112] Update management-apis.md --- .../threat-protection/microsoft-defender-atp/management-apis.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/management-apis.md b/windows/security/threat-protection/microsoft-defender-atp/management-apis.md index e25d5e8634..2634614f1b 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/management-apis.md +++ b/windows/security/threat-protection/microsoft-defender-atp/management-apis.md @@ -55,7 +55,7 @@ The Microsoft Defender ATP APIs can be grouped into three: Microsoft Defender ATP offers a layered API model exposing data and capabilities in a structured, clear and easy to use model, exposed through a standard Azure AD-based authentication and authorization model allowing access in context of users or SaaS applications. The API model was designed to expose entities and capabilities in a consistent form. Watch this video for a quick overview of Microsoft Defender ATP's APIs. -[!VIDEO https://www.microsoft.com/en-us/videoplayer/embed/RE4d73M] +>[!VIDEO https://www.microsoft.com/en-us/videoplayer/embed/RE4d73M] The **Investigation API** exposes the richness of Microsoft Defender ATP - exposing calculated or 'profiled' entities (for example, machine, user, and file) and discrete events (for example, process creation and file creation) which typically describes a behavior related to an entity, enabling access to data via investigation interfaces allowing a query-based access to data. For more information see, [Supported APIs](exposed-apis-list.md). From f8b45a50cecf90a87865b6955d434e5e86937e0c Mon Sep 17 00:00:00 2001 From: Dulce Montemayor Date: Tue, 11 Feb 2020 15:21:44 -0800 Subject: [PATCH 060/112] Added API video link --- .../threat-protection/microsoft-defender-atp/apis-intro.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/windows/security/threat-protection/microsoft-defender-atp/apis-intro.md b/windows/security/threat-protection/microsoft-defender-atp/apis-intro.md index 589b46db48..1c6f356099 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/apis-intro.md +++ b/windows/security/threat-protection/microsoft-defender-atp/apis-intro.md @@ -26,6 +26,9 @@ ms.topic: conceptual Microsoft Defender ATP exposes much of its data and actions through a set of programmatic APIs. Those APIs will enable you to automate workflows and innovate based on Microsoft Defender ATP capabilities. The API access requires OAuth2.0 authentication. For more information, see [OAuth 2.0 Authorization Code Flow](https://docs.microsoft.com/azure/active-directory/develop/active-directory-v2-protocols-oauth-code). +Watch this video for a quick overview of Microsoft Defender ATP's APIs. +>[!VIDEO https://www.microsoft.com/en-us/videoplayer/embed/RE4d73M] + In general, you’ll need to take the following steps to use the APIs: - Create an AAD application - Get an access token using this application From e8284a4eec8dc60530252a3ac318b0f9616b3778 Mon Sep 17 00:00:00 2001 From: Gary Moore Date: Tue, 11 Feb 2020 15:22:00 -0800 Subject: [PATCH 061/112] Acrolinx: Corrected 3 spelling errors --- windows/client-management/mdm/dmclient-csp.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/windows/client-management/mdm/dmclient-csp.md b/windows/client-management/mdm/dmclient-csp.md index d1203b326a..b4183451fc 100644 --- a/windows/client-management/mdm/dmclient-csp.md +++ b/windows/client-management/mdm/dmclient-csp.md @@ -132,7 +132,7 @@ Optional. The character string that allows the user experience to include a cust Supported operations are Get, Replace, and Delete. **Provider/*ProviderID*/RequireMessageSigning** -Boolean type. Primarly used for SSL bridging mode where firewalls and proxies are deployed and where device client identity is required. When enabled, every SyncML message from the device will carry an additional HTTP header named MDM-Signature. This header contains BASE64-encoded Cryptographic Message Syntax using a Detached Signature of the complete SyncML message SHA-2 (inclusive of the SyncHdr and SyncBody). Signing is performed using the private key of the management session certificate that was enrolled as part of the enrollment process. The device public key and PKCS9 UTC signing time stamp are included as part of the authenticated attributes in the signature. +Boolean type. Primarily used for SSL bridging mode where firewalls and proxies are deployed and where device client identity is required. When enabled, every SyncML message from the device will carry an additional HTTP header named MDM-Signature. This header contains BASE64-encoded Cryptographic Message Syntax using a Detached Signature of the complete SyncML message SHA-2 (inclusive of the SyncHdr and SyncBody). Signing is performed using the private key of the management session certificate that was enrolled as part of the enrollment process. The device public key and PKCS9 UTC signing time stamp are included as part of the authenticated attributes in the signature. Default value is false, where the device management client does not include authentication information in the management session HTTP header. Optionally set to true, where the client authentication information is provided in the management session HTTP header. @@ -255,7 +255,7 @@ Optional. Added in Windows 10, version 1703. Specify the Discovery server URL o Supported operations are Add, Delete, Get, and Replace. Value type is string. **Provider/*ProviderID*/NumberOfDaysAfterLostContactToUnenroll** -Optional. Number of days after last sucessful sync to unenroll. +Optional. Number of days after last successful sync to unenroll. Supported operations are Add, Delete, Get, and Replace. Value type is integer. @@ -552,7 +552,7 @@ Optional. Boolean value that allows the IT admin to require the device to start Supported operations are Add, Get, and Replace. **Provider/*ProviderID*/Push** -Optional. Not configurable during WAP Provisioining XML. If removed, DM sessions triggered by Push will no longer be supported. +Optional. Not configurable during WAP Provisioning XML. If removed, DM sessions triggered by Push will no longer be supported. Supported operations are Add and Delete. From 111a7fdb8ab9f6baaf5e1be95d48450e8930bf39 Mon Sep 17 00:00:00 2001 From: Dulce Montemayor Date: Tue, 11 Feb 2020 15:22:34 -0800 Subject: [PATCH 062/112] Update next-gen-threat-and-vuln-mgt.md --- .../microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md b/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md index 12272ac0e8..972fd91c1d 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md +++ b/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md @@ -28,7 +28,7 @@ Effectively identifying, assessing, and remediating endpoint weaknesses is pivot It helps organizations discover vulnerabilities and misconfigurations in real-time, based on sensors, without the need of agents or periodic scans. It prioritizes vulnerabilities based on the threat landscape, detections in your organization, sensitive information on vulnerable devices, and business context. Watch this video for a quick overview of Threat & Vulnerability Management. -[!VIDEO https://www.microsoft.com/en-us/videoplayer/embed/RE4mLsn] +>[!VIDEO https://www.microsoft.com/en-us/videoplayer/embed/RE4mLsn] ## Next-generation capabilities Threat & Vulnerability Management is built-in, real-time, cloud-powered, fully integrated with Microsoft endpoint security stack, the Microsoft Intelligent Security Graph, and the application analytics knowledgebase. From 81c6d7cd103a1c7fa8fa07ebdc1658da915e23dd Mon Sep 17 00:00:00 2001 From: Gary Moore Date: Tue, 11 Feb 2020 15:23:34 -0800 Subject: [PATCH 063/112] Capitalized "azure" --- ...roll-a-windows-10-device-automatically-using-group-policy.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/client-management/mdm/enroll-a-windows-10-device-automatically-using-group-policy.md b/windows/client-management/mdm/enroll-a-windows-10-device-automatically-using-group-policy.md index ee0d0066a0..4ced3aefe8 100644 --- a/windows/client-management/mdm/enroll-a-windows-10-device-automatically-using-group-policy.md +++ b/windows/client-management/mdm/enroll-a-windows-10-device-automatically-using-group-policy.md @@ -66,7 +66,7 @@ The following steps demonstrate required settings using the Intune service: Additionally, verify that the SSO State section displays **AzureAdPrt** as **YES**. - ![Auto-enrollment azure AD prt verification](images/auto-enrollment-azureadprt-verification.png) + ![Auto-enrollment Azure AD prt verification](images/auto-enrollment-azureadprt-verification.png) This information can also be found on the Azure AD device list. From 2343f446ad755b56842cb614f8c1b64fe7feaab0 Mon Sep 17 00:00:00 2001 From: Dulce Montemayor Date: Tue, 11 Feb 2020 15:27:05 -0800 Subject: [PATCH 064/112] Update next-gen-threat-and-vuln-mgt.md --- .../microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md b/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md index 972fd91c1d..21237ae67a 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md +++ b/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md @@ -27,7 +27,8 @@ Effectively identifying, assessing, and remediating endpoint weaknesses is pivot It helps organizations discover vulnerabilities and misconfigurations in real-time, based on sensors, without the need of agents or periodic scans. It prioritizes vulnerabilities based on the threat landscape, detections in your organization, sensitive information on vulnerable devices, and business context. -Watch this video for a quick overview of Threat & Vulnerability Management. +Watch this video for a quick overview of Threat & Vulnerability Management. +
>[!VIDEO https://www.microsoft.com/en-us/videoplayer/embed/RE4mLsn] ## Next-generation capabilities From 89b4c225751d3cdafd7efe4a871345d4105184b7 Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Tue, 11 Feb 2020 15:27:16 -0800 Subject: [PATCH 065/112] Update prevent-changes-to-security-settings-with-tamper-protection.md --- ...t-changes-to-security-settings-with-tamper-protection.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/windows/security/threat-protection/windows-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md b/windows/security/threat-protection/windows-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md index b5d731b602..3dd89a2653 100644 --- a/windows/security/threat-protection/windows-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md +++ b/windows/security/threat-protection/windows-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md @@ -91,7 +91,7 @@ You must have appropriate [permissions](../microsoft-defender-atp/assign-portal- - Your organization must have [Microsoft Defender ATP E5](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp) (this is included in [Microsoft 365 E5](https://docs.microsoft.com/microsoft-365/enterprise/microsoft-365-overview)). - Your organization uses [Intune to manage devices](https://docs.microsoft.com/intune/fundamentals/what-is-device-management). ([Intune licenses](https://docs.microsoft.com/intune/fundamentals/licenses) are required; this is included in Microsoft 365 E5.) - - Your Windows machines must be running Windows OS [1709](https://docs.microsoft.com/windows/release-information/status-windows-10-1709), [1803](https://docs.microsoft.com/windows/release-information/status-windows-10-1803), [1809](https://docs.microsoft.com/windows/release-information/status-windows-10-1809-and-windows-server-2019) or later. (See [Windows 10 release information](https://docs.microsoft.com/windows/release-information/) for more details about releases.) + - Your Windows machines must be running Windows 10 OS [1709](https://docs.microsoft.com/windows/release-information/status-windows-10-1709), [1803](https://docs.microsoft.com/windows/release-information/status-windows-10-1803), [1809](https://docs.microsoft.com/windows/release-information/status-windows-10-1809-and-windows-server-2019) or later. (See [Windows 10 release information](https://docs.microsoft.com/windows/release-information/) for more details about releases.) - You must be using Windows security with [security intelligence](https://www.microsoft.com/wdsi/definitions) updated to version 1.287.60.0 (or above). - Your machines must be using anti-malware platform version 4.18.1906.3 (or above) and anti-malware engine version 1.1.15500.X (or above). ([Manage Windows Defender Antivirus updates and apply baselines](manage-updates-baselines-windows-defender-antivirus.md).) @@ -119,7 +119,7 @@ Here's what you see in the Windows Security app: ### Are you using Windows OS 1709, 1803, or 1809? -If you are using Windows OS [1709](https://docs.microsoft.com/windows/release-information/status-windows-10-1709), [1803](https://docs.microsoft.com/windows/release-information/status-windows-10-1803), or [1809](https://docs.microsoft.com/windows/release-information/status-windows-10-1809-and-windows-server-2019), you won't see **Tamper Protection** in the Windows Security app. In this case, you can use PowerShell to determine whether tamper protection is enabled. +If you are using Windows 10 OS [1709](https://docs.microsoft.com/windows/release-information/status-windows-10-1709), [1803](https://docs.microsoft.com/windows/release-information/status-windows-10-1803), or [1809](https://docs.microsoft.com/windows/release-information/status-windows-10-1809-and-windows-server-2019), you won't see **Tamper Protection** in the Windows Security app. In this case, you can use PowerShell to determine whether tamper protection is enabled. #### Use PowerShell to determine whether tamper protection is turned on @@ -155,7 +155,7 @@ To learn more about Threat & Vulnerability Management, see [Threat & Vulnerabili ### To which Windows OS versions is configuring tamper protection is applicable? -Windows OS [1709](https://docs.microsoft.com/windows/release-information/status-windows-10-1709), [1803](https://docs.microsoft.com/windows/release-information/status-windows-10-1803), [1809](https://docs.microsoft.com/windows/release-information/status-windows-10-1809-and-windows-server-2019), or later together with [Microsoft Defender Advanced Threat Protection E5](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp). +Windows 10 OS [1709](https://docs.microsoft.com/windows/release-information/status-windows-10-1709), [1803](https://docs.microsoft.com/windows/release-information/status-windows-10-1803), [1809](https://docs.microsoft.com/windows/release-information/status-windows-10-1809-and-windows-server-2019), or later together with [Microsoft Defender Advanced Threat Protection E5](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp). ### Is configuring tamper protection in Intune supported on servers? From 6299241f5f2a5023a5a5ed83ef41d3ba0903ca32 Mon Sep 17 00:00:00 2001 From: Dulce Montemayor Date: Tue, 11 Feb 2020 15:27:40 -0800 Subject: [PATCH 066/112] Update next-gen-threat-and-vuln-mgt.md --- .../microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md b/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md index 21237ae67a..09dea1ee83 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md +++ b/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md @@ -28,7 +28,7 @@ Effectively identifying, assessing, and remediating endpoint weaknesses is pivot It helps organizations discover vulnerabilities and misconfigurations in real-time, based on sensors, without the need of agents or periodic scans. It prioritizes vulnerabilities based on the threat landscape, detections in your organization, sensitive information on vulnerable devices, and business context. Watch this video for a quick overview of Threat & Vulnerability Management. -
+ >[!VIDEO https://www.microsoft.com/en-us/videoplayer/embed/RE4mLsn] ## Next-generation capabilities From 1b1b898839bf8a53c0810d6a0b5b12be15f43e0c Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Tue, 11 Feb 2020 16:17:43 -0800 Subject: [PATCH 067/112] Update reqs-wd-app-guard.md --- .../windows-defender-application-guard/reqs-wd-app-guard.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/windows/security/threat-protection/windows-defender-application-guard/reqs-wd-app-guard.md b/windows/security/threat-protection/windows-defender-application-guard/reqs-wd-app-guard.md index 33b3e98451..5c81b7eb36 100644 --- a/windows/security/threat-protection/windows-defender-application-guard/reqs-wd-app-guard.md +++ b/windows/security/threat-protection/windows-defender-application-guard/reqs-wd-app-guard.md @@ -8,7 +8,7 @@ ms.pagetype: security ms.localizationpriority: medium author: denisebmsft ms.author: deniseb -ms.date: 11/09/2017 +ms.date: 02/11/2020 ms.reviewer: manager: dansimp ms.custom: asr @@ -42,4 +42,4 @@ Your environment needs the following software to run Windows Defender Applicatio |Operating system|Windows 10 Enterprise edition, version 1709 or higher
Windows 10 Professional edition, version 1803 or higher
Windows 10 Professional for Workstations edition, version 1803 or higher
Windows 10 Professional Education edition version 1803 or higher
Windows 10 Education edition, version 1903 or higher
Professional editions are only supported for non-managed devices; Intune or any other 3rd party mobile device management (MDM) solutions are not supported with WDAG for Professional editions. | |Browser|Microsoft Edge and Internet Explorer| |Management system
(only for managed devices)|[Microsoft Intune](https://docs.microsoft.com/intune/)

**-OR-**

[Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/configmgr/)

**-OR-**

[Group Policy](https://technet.microsoft.com/library/cc753298(v=ws.11).aspx)

**-OR-**

Your current company-wide 3rd party mobile device management (MDM) solution. For info about 3rd party MDM solutions, see the documentation that came with your product.| -|Windows Defender Exploit Protection settings|The following settings should be configured or verified in the **Windows Security** app under **App & browser control** > **Exploit Protection** > **System Settings**.

**Control Flow Guard (CFG)** must be set to "Use default (On)" or "Off by default". If set to "On by default", Windows Defender Application Guard will not launch.

**Randomize memory allocations (Bottom-up ASLR)** must be set to "Use default (On)" or "Off by default". If set to "On by default", the `Vmmem` process will have high CPU utilization while a Windows Defender Application Guard window is open.| +|Windows Defender Exploit Protection settings|The following settings should be configured or verified in the **Windows Security** app under **App & browser control** > **Exploit protection** > **Exploit protection settings** > **System Settings**.

**Control flow guard (CFG)** must be set to **Use default (On)** or **Off by default**. If set to **On by default**, [Windows Defender Application Guard](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-application-guard) will not launch.

**Randomize memory allocations (Bottom-up ASLR)** must be set to **Use default (On)** or **Off by default**. If set to "On by default", the `Vmmem` process will have high CPU utilization while a Windows Defender Application Guard window is open.| From b7fb5242b49de26d6e77b9502ee4e0ceccdf5b13 Mon Sep 17 00:00:00 2001 From: Thomas Date: Tue, 11 Feb 2020 17:21:42 -0800 Subject: [PATCH 068/112] Update usmt-identify-users.md Trying to resolve issue where the note is not rendering properly --- windows/deployment/usmt/usmt-identify-users.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/deployment/usmt/usmt-identify-users.md b/windows/deployment/usmt/usmt-identify-users.md index ba68d36951..6f39e5eebe 100644 --- a/windows/deployment/usmt/usmt-identify-users.md +++ b/windows/deployment/usmt/usmt-identify-users.md @@ -46,7 +46,7 @@ USMT provides several options to migrate multiple users on a single computer. Th - [Specifying users.](#bkmk-8) You can specify which users to migrate with the **/all**, **/ui**, **/uel**, and **/ue** options with both the ScanState and LoadState command-line tools. - >[!IMPORTANT]   + >[!IMPORTANT] >The **/uel** option excludes users based on the **LastModified** date of the Ntuser.dat file. The **/uel** option is not valid in offline migrations. - [Moving users to another domain.](#bkmk-8) You can move user accounts to another domain using the **/md** option with the LoadState command-line tool. From 05e01cf792e134f30312403e571380a3ce4793a1 Mon Sep 17 00:00:00 2001 From: lomayor Date: Tue, 11 Feb 2020 17:54:48 -0800 Subject: [PATCH 069/112] break --- .../microsoft-defender-atp/advanced-hunting-overview.md | 2 +- .../microsoft-defender-atp/threat-analytics.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-overview.md b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-overview.md index 587366afe0..e1afb98f0b 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-overview.md +++ b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-overview.md @@ -30,7 +30,7 @@ You can use the same threat-hunting queries to build custom detection rules. The ## Get started with advanced hunting Watch this video for a quick overview of advanced hunting and a short tutorial that will get you started fast. -
+

>[!VIDEO https://www.microsoft.com/en-us/videoplayer/embed/RE4bGqo] You can also go through each of the following steps to ramp up your advanced hunting knowledge. diff --git a/windows/security/threat-protection/microsoft-defender-atp/threat-analytics.md b/windows/security/threat-protection/microsoft-defender-atp/threat-analytics.md index 8709092d9c..680d1d2df2 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/threat-analytics.md +++ b/windows/security/threat-protection/microsoft-defender-atp/threat-analytics.md @@ -27,7 +27,7 @@ Cyberthreats are emerging more frequently and prevalently. It is critical for or Threat analytics is a set of reports published by Microsoft security researchers as soon as emerging threats and outbreaks are identified. The reports help you assess the impact of threats to your environment and identify actions that can contain them. Watch this short video to quickly understand how threat analytics can help you track the latest threats and stop them. -
+

>[!VIDEO https://www.microsoft.com/en-us/videoplayer/embed/RE4bw1f] ## View the threat analytics dashboard From 921ea7c83aaaf7a83b2dbf533ea003d329d85e22 Mon Sep 17 00:00:00 2001 From: lomayor Date: Tue, 11 Feb 2020 18:57:42 -0800 Subject: [PATCH 070/112] breaks --- .../microsoft-defender-atp/advanced-hunting-overview.md | 3 ++- .../microsoft-defender-atp/threat-analytics.md | 3 ++- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-overview.md b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-overview.md index e1afb98f0b..5e5df96421 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-overview.md +++ b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-overview.md @@ -31,7 +31,8 @@ You can use the same threat-hunting queries to build custom detection rules. The ## Get started with advanced hunting Watch this video for a quick overview of advanced hunting and a short tutorial that will get you started fast.

->[!VIDEO https://www.microsoft.com/en-us/videoplayer/embed/RE4bGqo] + +> [!VIDEO https://www.microsoft.com/en-us/videoplayer/embed/RE4bGqo] You can also go through each of the following steps to ramp up your advanced hunting knowledge. diff --git a/windows/security/threat-protection/microsoft-defender-atp/threat-analytics.md b/windows/security/threat-protection/microsoft-defender-atp/threat-analytics.md index 680d1d2df2..2ade5dcf42 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/threat-analytics.md +++ b/windows/security/threat-protection/microsoft-defender-atp/threat-analytics.md @@ -28,7 +28,8 @@ Threat analytics is a set of reports published by Microsoft security researchers Watch this short video to quickly understand how threat analytics can help you track the latest threats and stop them.

->[!VIDEO https://www.microsoft.com/en-us/videoplayer/embed/RE4bw1f] + +> [!VIDEO https://www.microsoft.com/en-us/videoplayer/embed/RE4bw1f] ## View the threat analytics dashboard From 5caf324852b49486a3f78677bb4fee8d28917440 Mon Sep 17 00:00:00 2001 From: MaratMussabekov <48041687+MaratMussabekov@users.noreply.github.com> Date: Wed, 12 Feb 2020 13:05:26 +0500 Subject: [PATCH 071/112] Update enlightened-microsoft-apps-and-wip.md --- .../enlightened-microsoft-apps-and-wip.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/windows/security/information-protection/windows-information-protection/enlightened-microsoft-apps-and-wip.md b/windows/security/information-protection/windows-information-protection/enlightened-microsoft-apps-and-wip.md index aaf98a84f7..8879dec483 100644 --- a/windows/security/information-protection/windows-information-protection/enlightened-microsoft-apps-and-wip.md +++ b/windows/security/information-protection/windows-information-protection/enlightened-microsoft-apps-and-wip.md @@ -73,8 +73,8 @@ Microsoft has made a concerted effort to enlighten several of our more popular a - Microsoft Remote Desktop ->[!NOTE] ->Microsoft Visio and Microsoft Project are not enlightended apps and need to be exempted from WIP policy. If they are allowed, there is a risk of data loss. For example, if a device is workplace-joined and managed and the user leaves the company, metadata files that the apps rely on remain encrypted and the apps stop functioining. +> [!NOTE] +> Microsoft Visio, Microsoft Office Access and Microsoft Project are not enlightended apps and need to be exempted from WIP policy. If they are allowed, there is a risk of data loss. For example, if a device is workplace-joined and managed and the user leaves the company, metadata files that the apps rely on remain encrypted and the apps stop functioining. ## List of WIP-work only apps from Microsoft Microsoft still has apps that are unenlightened, but which have been tested and deemed safe for use in an enterprise with WIP and MAM solutions. From f26e378cfc3e6e792914b599a1e6ec6de01a9f83 Mon Sep 17 00:00:00 2001 From: Manuel Hauch Date: Wed, 12 Feb 2020 10:23:24 +0100 Subject: [PATCH 072/112] Remove Windows Server 2016 There is no Windows Server 2016, version 1803. It only exists Windows Server 2016 and Windows Server, Version 1803. Since 2016 doesn't come with Exploit Protection remove it to reduce confusion. --- .../microsoft-defender-atp/exploit-protection.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/exploit-protection.md b/windows/security/threat-protection/microsoft-defender-atp/exploit-protection.md index c0073ce75e..c3858eade6 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/exploit-protection.md +++ b/windows/security/threat-protection/microsoft-defender-atp/exploit-protection.md @@ -24,7 +24,7 @@ ms.custom: asr - [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559) -Exploit protection automatically applies a number of exploit mitigation techniques to operating system processes and apps. Exploit protection is supported beginning with Windows 10, version 1709 and Windows Server 2016, version 1803. +Exploit protection automatically applies a number of exploit mitigation techniques to operating system processes and apps. Exploit protection is supported beginning with Windows 10, version 1709 and Windows Server, version 1803. > [!TIP] > You can visit the Windows Defender Testground website at [demo.wd.microsoft.com](https://demo.wd.microsoft.com?ocid=cx-wddocs-testground) to confirm the feature is working and see how it works. From 6cb823e00216a746e5af3ea7cfa5f4e84d2b4c6d Mon Sep 17 00:00:00 2001 From: Manuel Hauch Date: Wed, 12 Feb 2020 10:25:34 +0100 Subject: [PATCH 073/112] Update exploit-protection.md Again remove 2016 for clarification. --- .../microsoft-defender-atp/exploit-protection.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/exploit-protection.md b/windows/security/threat-protection/microsoft-defender-atp/exploit-protection.md index c0073ce75e..d09f11e9d2 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/exploit-protection.md +++ b/windows/security/threat-protection/microsoft-defender-atp/exploit-protection.md @@ -93,7 +93,7 @@ Win32K | 260 | Untrusted Font ## Mitigation comparison -The mitigations available in EMET are included natively in Windows 10 (starting with version 1709) and Windows Server 2016 (starting with version 1803), under [Exploit protection](exploit-protection.md). +The mitigations available in EMET are included natively in Windows 10 (starting with version 1709) and Windows Server (starting with version 1803), under [Exploit protection](exploit-protection.md). The table in this section indicates the availability and support of native mitigations between EMET and exploit protection. From f58b879ea896f40dac9add5958d5f73d662588ef Mon Sep 17 00:00:00 2001 From: MaratMussabekov <48041687+MaratMussabekov@users.noreply.github.com> Date: Wed, 12 Feb 2020 14:47:00 +0500 Subject: [PATCH 074/112] Update interactive-logon-smart-card-removal-behavior.md --- .../interactive-logon-smart-card-removal-behavior.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/windows/security/threat-protection/security-policy-settings/interactive-logon-smart-card-removal-behavior.md b/windows/security/threat-protection/security-policy-settings/interactive-logon-smart-card-removal-behavior.md index c9c8515fe5..a20693d19b 100644 --- a/windows/security/threat-protection/security-policy-settings/interactive-logon-smart-card-removal-behavior.md +++ b/windows/security/threat-protection/security-policy-settings/interactive-logon-smart-card-removal-behavior.md @@ -32,6 +32,9 @@ If smart cards are used for authentication, the device should automatically lock If you select **Force Logoff** in the property sheet for this policy setting, the user is automatically logged off when the smart card is removed. Users will have to reinsert their smart cards and reenter their PINs when they return to their workstations. +> [!NOTE] +> This policy depends on **Smart Card Removal Policy** service. The service must be running for the policy to take effect, so it is recommended to set the startup type of the service to **Automatic**. + ### Possible values - No Action From a557c146d1c48ba3fbd9d50e95a51cbcf443d28e Mon Sep 17 00:00:00 2001 From: VARADHARAJAN K <3296790+RAJU2529@users.noreply.github.com> Date: Wed, 12 Feb 2020 20:39:54 +0530 Subject: [PATCH 075/112] i updated the sentences for the enabling of PUA as per the user request #5970 @BR77BE i updated content by removing and added sentences --- ...potentially-unwanted-apps-windows-defender-antivirus.md | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/windows/security/threat-protection/windows-defender-antivirus/detect-block-potentially-unwanted-apps-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/detect-block-potentially-unwanted-apps-windows-defender-antivirus.md index fc883cd71d..7639442d84 100644 --- a/windows/security/threat-protection/windows-defender-antivirus/detect-block-potentially-unwanted-apps-windows-defender-antivirus.md +++ b/windows/security/threat-protection/windows-defender-antivirus/detect-block-potentially-unwanted-apps-windows-defender-antivirus.md @@ -45,11 +45,12 @@ The next major version of Microsoft Edge, which is Chromium-based, blocks potent #### Enable PUA protection in Chromium-based Microsoft Edge -Although potentially unwanted application protection in Microsoft Edge (Chromium-based) is turned off by default, it can easily be turned on from within the browser. +Although potentially unwanted application protection in Microsoft Edge (Chromium-based) version 80.0.361.50 is turned off by default, it can easily be turned on from within the browser. -1. From the tool bar, select **Settings and more** > **Settings**. +1. From the three dots, select **Settings**. 2. Select **Privacy and services**. -3. Under the **Services** section, you can toggle **Potentially unwanted app blocking** on or off. +3. Under the **Services** section, you can toggle **Block potentially unwanted apps**. +4. Slide **ON**. > [!TIP] > If you are running Microsoft Edge (Chromium-based), you can safely explore the URL-blocking feature of PUA protection by testing it out on one of our Windows Defender SmartScreen [demo pages](https://demo.smartscreen.msft.net/). From b972cc41447245110410a979e0f3f13ec91dc82b Mon Sep 17 00:00:00 2001 From: amirsc3 <42802974+amirsc3@users.noreply.github.com> Date: Wed, 12 Feb 2020 18:34:33 +0200 Subject: [PATCH 076/112] Update troubleshoot-onboarding-error-messages.md Typo in document --- .../troubleshoot-onboarding-error-messages.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-onboarding-error-messages.md b/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-onboarding-error-messages.md index e49cc30afe..56a0d71130 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-onboarding-error-messages.md +++ b/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-onboarding-error-messages.md @@ -73,7 +73,7 @@ You'll need to whitelist the `securitycenter.windows.com` and all sub-domains un ## Portal communication issues -If you encounter issues with accessing the portal, missing data, or restricted access to portions of the portal, you'll need to verify that the following URLs are whitelisted and open for communciation. +If you encounter issues with accessing the portal, missing data, or restricted access to portions of the portal, you'll need to verify that the following URLs are whitelisted and open for communication. - `*.blob.core.windows.net crl.microsoft.com` @@ -89,4 +89,4 @@ crl.microsoft.com` ## Related topics -- [Validate licensing provisioning and complete setup for Microsoft Defender ATP](licensing.md) \ No newline at end of file +- [Validate licensing provisioning and complete setup for Microsoft Defender ATP](licensing.md) From fe247eb5e61ad81db495d85cb7dec03a548433ce Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Wed, 12 Feb 2020 09:06:35 -0800 Subject: [PATCH 077/112] Update detect-block-potentially-unwanted-apps-windows-defender-antivirus.md --- ...tentially-unwanted-apps-windows-defender-antivirus.md | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/windows/security/threat-protection/windows-defender-antivirus/detect-block-potentially-unwanted-apps-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/detect-block-potentially-unwanted-apps-windows-defender-antivirus.md index 7639442d84..3fb436099a 100644 --- a/windows/security/threat-protection/windows-defender-antivirus/detect-block-potentially-unwanted-apps-windows-defender-antivirus.md +++ b/windows/security/threat-protection/windows-defender-antivirus/detect-block-potentially-unwanted-apps-windows-defender-antivirus.md @@ -13,7 +13,7 @@ author: denisebmsft ms.author: deniseb ms.custom: nextgen audience: ITPro -ms.date: 01/06/2020 +ms.date: 02/12/2020 ms.reviewer: manager: dansimp --- @@ -45,12 +45,11 @@ The next major version of Microsoft Edge, which is Chromium-based, blocks potent #### Enable PUA protection in Chromium-based Microsoft Edge -Although potentially unwanted application protection in Microsoft Edge (Chromium-based) version 80.0.361.50 is turned off by default, it can easily be turned on from within the browser. +Although potentially unwanted application protection in Microsoft Edge (Chromium-based, version 80.0.361.50) is turned off by default, it can easily be turned on from within the browser. -1. From the three dots, select **Settings**. +1. Select the ellipses, and then choose **Settings**. 2. Select **Privacy and services**. -3. Under the **Services** section, you can toggle **Block potentially unwanted apps**. -4. Slide **ON**. +3. Under the **Services** section, turn on **Block potentially unwanted apps**. > [!TIP] > If you are running Microsoft Edge (Chromium-based), you can safely explore the URL-blocking feature of PUA protection by testing it out on one of our Windows Defender SmartScreen [demo pages](https://demo.smartscreen.msft.net/). From d444b5ea81aff753af679c39190d7caf071a7d3f Mon Sep 17 00:00:00 2001 From: Tina Burden Date: Wed, 12 Feb 2020 10:01:43 -0800 Subject: [PATCH 078/112] pencil edit --- windows/deployment/usmt/usmt-identify-users.md | 1 + 1 file changed, 1 insertion(+) diff --git a/windows/deployment/usmt/usmt-identify-users.md b/windows/deployment/usmt/usmt-identify-users.md index 9de4030607..95fd442bb7 100644 --- a/windows/deployment/usmt/usmt-identify-users.md +++ b/windows/deployment/usmt/usmt-identify-users.md @@ -11,6 +11,7 @@ ms.sitesec: library audience: itpro author: greg-lindsay ms.topic: article +ms.localizationpriority: medium --- # Identify Users From 61ba7451d698681a0d306da36c2b2b59c52b86b2 Mon Sep 17 00:00:00 2001 From: Tina Burden Date: Wed, 12 Feb 2020 10:10:15 -0800 Subject: [PATCH 079/112] pencil edit --- windows/deployment/usmt/usmt-identify-users.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/windows/deployment/usmt/usmt-identify-users.md b/windows/deployment/usmt/usmt-identify-users.md index 95fd442bb7..dbd1036415 100644 --- a/windows/deployment/usmt/usmt-identify-users.md +++ b/windows/deployment/usmt/usmt-identify-users.md @@ -47,8 +47,8 @@ USMT provides several options to migrate multiple users on a single computer. Th - [Specifying users.](#bkmk-8) You can specify which users to migrate with the **/all**, **/ui**, **/uel**, and **/ue** options with both the ScanState and LoadState command-line tools. - >[!IMPORTANT]   - >The **/uel** option excludes users based on the **LastModified** date of the Ntuser.dat file. The **/uel** option is not valid in offline migrations. + >[!IMPORTANT]   + >The **/uel** option excludes users based on the **LastModified** date of the Ntuser.dat file. The **/uel** option is not valid in offline migrations. - [Moving users to another domain.](#bkmk-8) You can move user accounts to another domain using the **/md** option with the LoadState command-line tool. From fa1b8000c82aa0dace3b08a0b59f29ceea13a4fd Mon Sep 17 00:00:00 2001 From: Tina Burden Date: Wed, 12 Feb 2020 10:19:30 -0800 Subject: [PATCH 080/112] pencil edit --- windows/deployment/usmt/usmt-identify-users.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/windows/deployment/usmt/usmt-identify-users.md b/windows/deployment/usmt/usmt-identify-users.md index dbd1036415..95fd442bb7 100644 --- a/windows/deployment/usmt/usmt-identify-users.md +++ b/windows/deployment/usmt/usmt-identify-users.md @@ -47,8 +47,8 @@ USMT provides several options to migrate multiple users on a single computer. Th - [Specifying users.](#bkmk-8) You can specify which users to migrate with the **/all**, **/ui**, **/uel**, and **/ue** options with both the ScanState and LoadState command-line tools. - >[!IMPORTANT]   - >The **/uel** option excludes users based on the **LastModified** date of the Ntuser.dat file. The **/uel** option is not valid in offline migrations. + >[!IMPORTANT]   + >The **/uel** option excludes users based on the **LastModified** date of the Ntuser.dat file. The **/uel** option is not valid in offline migrations. - [Moving users to another domain.](#bkmk-8) You can move user accounts to another domain using the **/md** option with the LoadState command-line tool. From ae8c76618128a69a1a4414eb97379ca7fd63d053 Mon Sep 17 00:00:00 2001 From: Thomas Raya Date: Wed, 12 Feb 2020 10:46:33 -0800 Subject: [PATCH 081/112] remove extra spaces extra spaces to the right of the note in line 50 are causing the note to not render properly. --- windows/deployment/usmt/usmt-identify-users.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/deployment/usmt/usmt-identify-users.md b/windows/deployment/usmt/usmt-identify-users.md index 95fd442bb7..b58c711dbf 100644 --- a/windows/deployment/usmt/usmt-identify-users.md +++ b/windows/deployment/usmt/usmt-identify-users.md @@ -47,7 +47,7 @@ USMT provides several options to migrate multiple users on a single computer. Th - [Specifying users.](#bkmk-8) You can specify which users to migrate with the **/all**, **/ui**, **/uel**, and **/ue** options with both the ScanState and LoadState command-line tools. - >[!IMPORTANT]   + >[!IMPORTANT] >The **/uel** option excludes users based on the **LastModified** date of the Ntuser.dat file. The **/uel** option is not valid in offline migrations. - [Moving users to another domain.](#bkmk-8) You can move user accounts to another domain using the **/md** option with the LoadState command-line tool. From f6f97495c50d254b3ce3d44bba66e73b1a247d6e Mon Sep 17 00:00:00 2001 From: Daniel Simpson Date: Wed, 12 Feb 2020 12:11:41 -0800 Subject: [PATCH 082/112] deprecating Cortana at work --- .../configuration/cortana-at-work/cortana-at-work-powerbi.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/windows/configuration/cortana-at-work/cortana-at-work-powerbi.md b/windows/configuration/cortana-at-work/cortana-at-work-powerbi.md index 8ca269aefe..8ac11aab48 100644 --- a/windows/configuration/cortana-at-work/cortana-at-work-powerbi.md +++ b/windows/configuration/cortana-at-work/cortana-at-work-powerbi.md @@ -18,6 +18,9 @@ manager: dansimp - Windows 10, version 1703 - Windows 10 Mobile, version 1703 +>[IMPORTANT] +>Cortana for Power BI is deprecated and will not be available in future releases. This topic is provided as a reference for previous versions only. + Integration between Cortana and Power BI shows how Cortana can work with custom business analytics solutions to enable you to get answers directly from your key business data, including introducing new features that let you create custom Cortana “answers” using the full capabilities of Power BI Desktop. >[!Note] From 935c2927ebd46ab92086b98d689624fcd5e41559 Mon Sep 17 00:00:00 2001 From: Daniel Simpson Date: Wed, 12 Feb 2020 12:35:17 -0800 Subject: [PATCH 083/112] fix note bug --- .../configuration/cortana-at-work/cortana-at-work-powerbi.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/configuration/cortana-at-work/cortana-at-work-powerbi.md b/windows/configuration/cortana-at-work/cortana-at-work-powerbi.md index 8ac11aab48..2673b1c378 100644 --- a/windows/configuration/cortana-at-work/cortana-at-work-powerbi.md +++ b/windows/configuration/cortana-at-work/cortana-at-work-powerbi.md @@ -18,7 +18,7 @@ manager: dansimp - Windows 10, version 1703 - Windows 10 Mobile, version 1703 ->[IMPORTANT] +>[!IMPORTANT] >Cortana for Power BI is deprecated and will not be available in future releases. This topic is provided as a reference for previous versions only. Integration between Cortana and Power BI shows how Cortana can work with custom business analytics solutions to enable you to get answers directly from your key business data, including introducing new features that let you create custom Cortana “answers” using the full capabilities of Power BI Desktop. From 377edbf4a083322728339a60ed41f679945ac1ad Mon Sep 17 00:00:00 2001 From: Beth Levin Date: Wed, 12 Feb 2020 12:44:29 -0800 Subject: [PATCH 084/112] added sentence --- .../microsoft-defender-atp/web-content-filtering.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/web-content-filtering.md b/windows/security/threat-protection/microsoft-defender-atp/web-content-filtering.md index 5a60f9e9ae..14439573d7 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/web-content-filtering.md +++ b/windows/security/threat-protection/microsoft-defender-atp/web-content-filtering.md @@ -26,7 +26,7 @@ ms.topic: article Web content filtering is part of [Web protection](web-protection-overview.md) in Microsoft Defender ATP. It enables your organization to track and regulate access to websites based on their content categories. Many of these websites, while not malicious, might be problematic due to compliance regulations, bandwidth usage, or other concerns. -You can configure policies across your machine groups to block certain categories, effectively preventing users within specified machine groups from accessing URLs within that category. If a category is not blocked, all your users will be able to access the URLs without disruption. However, web content filtering will continue to gather access statistics that you can use to understand web usage and inform future policy decisions. +You can configure policies across your machine groups to block certain categories, effectively preventing users within specified machine groups from accessing URLs within that category. If a category is not blocked, all your users will be able to access the URLs without disruption. However, web content filtering will continue to gather access statistics that you can use to understand web usage and inform future policy decisions. If an element on the page you’re viewing is making calls to a resource which is blocked, you will see a block notification. Web content filtering is available on most major web browsers, with blocks performed by SmartScreen (Edge) and Network Protection (Internet Explorer, Chrome, Firefox, and all other browsers). See the prerequisites section for more information about browser support. From 1acffcf1844c0586f8bf44ffbde9911852e46829 Mon Sep 17 00:00:00 2001 From: Gary Moore Date: Wed, 12 Feb 2020 13:28:31 -0800 Subject: [PATCH 085/112] Changes to try to fix indentation Also, labeled code blocks --- ...nfiguration-manager-to-manage-devices-with-semm.md | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/devices/surface/use-system-center-configuration-manager-to-manage-devices-with-semm.md b/devices/surface/use-system-center-configuration-manager-to-manage-devices-with-semm.md index fd310cf7c7..d05bd975ad 100644 --- a/devices/surface/use-system-center-configuration-manager-to-manage-devices-with-semm.md +++ b/devices/surface/use-system-center-configuration-manager-to-manage-devices-with-semm.md @@ -75,7 +75,6 @@ To create a new application and deploy it to a collection that contains your Sur * **Import Information** – The Create Application Wizard will parse the .msi file and read the **Application Name** and **Product Code**. SurfaceUEFIManagerSetup.msi should be listed as the only file under the line **Content Files**, as shown in Figure 1. Select **Next** to proceed. - ![Information from Surface UEFI Manager setup is automatically parsed](images/config-mgr-semm-fig1.png "Information from Surface UEFI Manager setup is automatically parsed") *Figure 1. Information from Microsoft Surface UEFI Manager setup is automatically parsed* @@ -107,7 +106,7 @@ The sample scripts include examples of how to set Surface UEFI settings and how The first region of the script that you need to modify is the portion that specifies and loads the SEMM certificate, and also indicates SurfaceUEFIManager version, and the names for the SEMM configuration package and SEMM reset package. The certificate name and SurfaceUEFIManager version are specified on lines 56 through 73 in the ConfigureSEMM.ps1 script. - ``` + ```powershell 56 $WorkingDirPath = split-path -parent $MyInvocation.MyCommand.Definition 57 $packageRoot = "$WorkingDirPath\Config" 58 $certName = "FabrikamSEMMSample.pfx" @@ -137,7 +136,7 @@ On line 73, replace the value of the **$password** variable, from **1234** to th > [!Note] > The last two characters of the certificate thumbprint are required to enroll a device in SEMM. This script will display these digits to the user, which allows the user or technician to record these digits before the system reboots to enroll the device in SEMM. The script uses the following code, found on lines 150-155, to accomplish this. -``` +```powershell 150 # Device owners will need the last two characters of the thumbprint to accept SEMM ownership. 151 # For convenience we get the thumbprint here and present to the user. 152 $pw = ConvertTo-SecureString $password -AsPlainText -Force @@ -163,7 +162,7 @@ Administrators with access to the certificate file (.pfx) can read the thumbprin The first region of the script where you will specify the configuration for Surface UEFI is the **Configure Permissions** region. This region begins at line 210 in the sample script with the comment **# Configure Permissions** and continues to line 247. The following code fragment first sets permissions to all Surface UEFI settings so that they may be modified by SEMM only, then adds explicit permissions to allow the local user to modify the Surface UEFI password, TPM, and front and rear cameras. -``` +```powershell 210 # Configure Permissions 211 foreach ($uefiV2 IN $surfaceDevices.Values) { 212 if ($uefiV2.SurfaceUefiFamily -eq $Device.Model) { @@ -215,7 +214,7 @@ You can find information about the available settings names and IDs for Surface The second region of the script where you will specify the configuration for Surface UEFI is the **Configure Settings** region of the ConfigureSEMM.ps1 script, which configures whether each setting is enabled or disabled. The sample script includes instructions to set all settings to their default values. The script then provides explicit instructions to disable IPv6 for PXE Boot and to leave the Surface UEFI Administrator password unchanged. You can find this region beginning with the **# Configure Settings** comment at line 291 through line 335 in the sample script. The region appears as follows. -``` +```powershell 291 # Configure Settings 292 foreach ($uefiV2 IN $surfaceDevices.Values) { 293 if ($uefiV2.SurfaceUefiFamily -eq $Device.Model) { @@ -277,7 +276,7 @@ To identify enrolled systems for Configuration Manager, the ConfigureSEMM.ps1 sc The following code fragment, found on lines 380-477, is used to write these registry keys. -``` +```powershell 380 # For Endpoint Configuration Manager or other management solutions that wish to know what version is applied, tattoo the LSV and current DateTime (in UTC) to the registry: 381 $UTCDate = (Get-Date).ToUniversalTime().ToString() 382 $certIssuer = $certPrint.Issuer From 6e3a4b1002811cdf86ef6ae6e6d83e015ca27a07 Mon Sep 17 00:00:00 2001 From: Gary Moore Date: Wed, 12 Feb 2020 13:35:12 -0800 Subject: [PATCH 086/112] Added missing end punctuation --- .../credential-guard/credential-guard-requirements.md | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/windows/security/identity-protection/credential-guard/credential-guard-requirements.md b/windows/security/identity-protection/credential-guard/credential-guard-requirements.md index 3fb77b5244..5aef81711f 100644 --- a/windows/security/identity-protection/credential-guard/credential-guard-requirements.md +++ b/windows/security/identity-protection/credential-guard/credential-guard-requirements.md @@ -48,9 +48,9 @@ Credential Guard can protect secrets in a Hyper-V virtual machine, just as it wo - The Hyper-V host must have an IOMMU, and run at least Windows Server 2016 or Windows 10 version 1607. - The Hyper-V virtual machine must be Generation 2, have an enabled virtual TPM, and be running at least Windows Server 2016 or Windows 10. -For information about other host platforms, see [Enabling Windows Server 2016 and Hyper-V virtualization based security features on other platforms](https://blogs.technet.microsoft.com/windowsserver/2016/09/29/enabling-windows-server-2016-and-hyper-v-virtualization-based-security-features-on-other-platforms/) +For information about other host platforms, see [Enabling Windows Server 2016 and Hyper-V virtualization based security features on other platforms](https://blogs.technet.microsoft.com/windowsserver/2016/09/29/enabling-windows-server-2016-and-hyper-v-virtualization-based-security-features-on-other-platforms/). -For information about Windows Defender Remote Credential Guard hardware and software requirements, see [Windows Defender Remote Credential Guard requirements](https://docs.microsoft.com/windows/access-protection/remote-credential-guard#hardware-and-software-requirements) +For information about Windows Defender Remote Credential Guard hardware and software requirements, see [Windows Defender Remote Credential Guard requirements](https://docs.microsoft.com/windows/access-protection/remote-credential-guard#hardware-and-software-requirements). ## Application requirements @@ -85,8 +85,9 @@ Computers that meet additional qualifications can provide additional protections The following tables describe baseline protections, plus protections for improved security that are associated with hardware and firmware options available in 2015, 2016, and 2017. > [!NOTE] -> Beginning with Windows 10, version 1607, Trusted Platform Module (TPM 2.0) must be enabled by default on new shipping computers.
-> If you are an OEM, see [PC OEM requirements for Windows Defender Device Guard and Windows Defender Credential Guard](https://msdn.microsoft.com/library/windows/hardware/mt767514.aspx).
+> Beginning with Windows 10, version 1607, Trusted Platform Module (TPM 2.0) must be enabled by default on new shipping computers. +> +> If you are an OEM, see [PC OEM requirements for Windows Defender Device Guard and Windows Defender Credential Guard](https://msdn.microsoft.com/library/windows/hardware/mt767514.aspx). ### Baseline protections From cc88b4b1550fe0f85f43672ec547f9b55529c971 Mon Sep 17 00:00:00 2001 From: Gary Moore Date: Wed, 12 Feb 2020 13:40:41 -0800 Subject: [PATCH 087/112] Added end punctuation and a space --- .../hello-for-business/hello-faq.md | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/windows/security/identity-protection/hello-for-business/hello-faq.md b/windows/security/identity-protection/hello-for-business/hello-faq.md index f7dcaffc22..07be2bbf3d 100644 --- a/windows/security/identity-protection/hello-for-business/hello-faq.md +++ b/windows/security/identity-protection/hello-for-business/hello-faq.md @@ -51,7 +51,7 @@ It is currently possible to set a convenience PIN on Azure Active Directory Join No. Windows 10 currently only supports one Windows Hello for Business camera and does not fluidly switch to an external camera when the computer is docked with the lid closed. The product group is aware of this and is investigating this topic further. ## What is the password-less strategy? -Watch Principal Program Manager Karanbir Singh's Ignite 2017 presentation **Microsoft's guide for going password-less** +Watch Principal Program Manager Karanbir Singh's Ignite 2017 presentation **Microsoft's guide for going password-less**. [Microsoft's password-less strategy](hello-videos.md#microsofts-passwordless-strategy) @@ -93,7 +93,7 @@ The **key trust** model authenticates to Active Directory using a raw key. Wind The **certificate trust** model authenticates to Active Directory using a certificate. Because this authentication uses a certificate, domain controllers running previous versions of Windows Server can authenticate the user. Therefore, you need to issue certificates to your end users, but you do not need Windows Server 2016 domain controllers. The certificate used in certificate trust uses the TPM protected private key to request a certificate from your enterprise's issuing certificate authority. ## Do I need Windows Server 2016 domain controllers? -There are many deployment options from which to choose. Some of those options require an adequate number of Windows Server 2016 domain controllers in the site where you have deployed Windows Hello for Business. There are other deployment options that use existing Windows Server 2008 R2 or later domain controllers. Choose the deployment option that best suits your environment +There are many deployment options from which to choose. Some of those options require an adequate number of Windows Server 2016 domain controllers in the site where you have deployed Windows Hello for Business. There are other deployment options that use existing Windows Server 2008 R2 or later domain controllers. Choose the deployment option that best suits your environment. ## What attributes are synchronized by Azure AD Connect with Windows Hello for Business? Review [Azure AD Connect sync: Attributes synchronized to Azure Active Directory](https://docs.microsoft.com/azure/active-directory/connect/active-directory-aadconnectsync-attributes-synchronized) for a list of attributes that are sync based on scenarios. The base scenarios that include Windows Hello for Business are [Windows 10](https://docs.microsoft.com/azure/active-directory/connect/active-directory-aadconnectsync-attributes-synchronized#windows-10) scenario and the [Device writeback](https://docs.microsoft.com/azure/active-directory/connect/active-directory-aadconnectsync-attributes-synchronized#device-writeback) scenario. Your environment may include additional attributes. @@ -111,7 +111,7 @@ Starting in Windows 10, version 1709, you can use multi-factor unlock to require Windows Hello represents the biometric framework provided in Windows 10. Windows Hello enables users to use biometrics to sign into their devices by securely storing their user name and password and releasing it for authentication when the user successfully identifies themselves using biometrics. Windows Hello for Business uses asymmetric keys protected by the device's security module that requires a user gesture (PIN or biometrics) to authenticate. ## Why can't I enroll biometrics for my local built-in Administrator? -Windows 10 does not allow the local administrator to enroll biometric gestures(face or fingerprint). +Windows 10 does not allow the local administrator to enroll biometric gestures (face or fingerprint). ## I have extended Active Directory to Azure Active Directory. Can I use the on-premises deployment model? No. If your organization is federated or using on-line services, such as Azure AD Connect, Office 365, or OneDrive, then you must use a hybrid deployment model. On-premises deployments are exclusive to organization who need more time before moving to the cloud and exclusively use Active Directory. @@ -144,7 +144,7 @@ The smart card emulation feature of Windows Hello for Business verifies the PIN No. The movement away from passwords is accomplished by gradually reducing the use of the password. In the occurrence where you cannot authenticate with biometrics, you need a fall back mechanism that is not a password. The PIN is the fall back mechanism. Disabling or hiding the PIN credential provider disabled the use of biometrics. ## How are keys protected? -Wherever possible, Windows Hello for Business takes advantage of trusted platform module (TPM) 2.0 hardware to generate and protect keys. However, Windows Hello and Windows Hello for Business does not require a TPM. Administrators can choose to allow key operations in software +Wherever possible, Windows Hello for Business takes advantage of trusted platform module (TPM) 2.0 hardware to generate and protect keys. However, Windows Hello and Windows Hello for Business does not require a TPM. Administrators can choose to allow key operations in software. Whenever possible, Microsoft strongly recommends the use of TPM hardware. The TPM protects against a variety of known and potential attacks, including PIN brute-force attacks. The TPM provides an additional layer of protection after an account lockout, too. When the TPM has locked the key material, the user will have to reset the PIN (which means he or she will have to use MFA to re-authenticate to the IDP before the IDP allows him or her to re-register). @@ -155,7 +155,7 @@ Yes. You can use the on-premises Windows Hello for Business deployment and comb Yes, if you are federated hybrid deployment, you can use any third-party that provides an Active Directory Federation Services (AD FS) multi-factor authentication adapter. A list of third-party MFA adapters can be found [here](https://docs.microsoft.com/windows-server/identity/ad-fs/operations/configure-additional-authentication-methods-for-ad-fs#microsoft-and-third-party-additional-authentication-methods). ## Does Windows Hello for Business work with third party federation servers? -Windows Hello for Business can work with any third-party federation servers that support the protocols used during provisioning experience. Interested third-parties can inquiry at [whfbfeedback@microsoft.com](mailto:whfbfeedback@microsoft.com?subject=collaboration) +Windows Hello for Business can work with any third-party federation servers that support the protocols used during provisioning experience. Interested third-parties can inquiry at [whfbfeedback@microsoft.com](mailto:whfbfeedback@microsoft.com?subject=collaboration). | Protocol | Description | | :---: | :--- | @@ -165,5 +165,5 @@ Windows Hello for Business can work with any third-party federation servers that | [[MS-OIDCE]: OpenID Connect 1.0 Protocol Extensions](https://msdn.microsoft.com/library/mt766592.aspx) | Specifies the OpenID Connect 1.0 Protocol Extensions. These extensions define additional claims to carry information about the end user, including the user principal name, a locally unique identifier, a time for password expiration, and a URL for password change. These extensions also define additional provider meta-data that enable the discovery of the issuer of access tokens and give additional information about provider capabilities. | ## Does Windows Hello for Business work with Mac and Linux clients? -Windows Hello for Business is a feature of Windows 10. At this time, Microsoft is not developing clients for other platforms. However, Microsoft is open to third parties who are interested in moving these platforms away from passwords. Interested third parties can get more information by emailing [whfbfeedback@microsoft.com](mailto:whfbfeedback@microsoft.com?subject=collaboration) +Windows Hello for Business is a feature of Windows 10. At this time, Microsoft is not developing clients for other platforms. However, Microsoft is open to third parties who are interested in moving these platforms away from passwords. Interested third parties can get more information by emailing [whfbfeedback@microsoft.com](mailto:whfbfeedback@microsoft.com?subject=collaboration). From 73a73ed73b2f46a7fcc5c71465eb0e1dfdee1a35 Mon Sep 17 00:00:00 2001 From: Gary Moore Date: Wed, 12 Feb 2020 13:57:54 -0800 Subject: [PATCH 088/112] Changing the spacing to try to get Figure 1 to be indented --- ...ter-configuration-manager-to-manage-devices-with-semm.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/devices/surface/use-system-center-configuration-manager-to-manage-devices-with-semm.md b/devices/surface/use-system-center-configuration-manager-to-manage-devices-with-semm.md index d05bd975ad..ff4453524b 100644 --- a/devices/surface/use-system-center-configuration-manager-to-manage-devices-with-semm.md +++ b/devices/surface/use-system-center-configuration-manager-to-manage-devices-with-semm.md @@ -75,9 +75,9 @@ To create a new application and deploy it to a collection that contains your Sur * **Import Information** – The Create Application Wizard will parse the .msi file and read the **Application Name** and **Product Code**. SurfaceUEFIManagerSetup.msi should be listed as the only file under the line **Content Files**, as shown in Figure 1. Select **Next** to proceed. - ![Information from Surface UEFI Manager setup is automatically parsed](images/config-mgr-semm-fig1.png "Information from Surface UEFI Manager setup is automatically parsed") - - *Figure 1. Information from Microsoft Surface UEFI Manager setup is automatically parsed* + ![Information from Surface UEFI Manager setup is automatically parsed](images/config-mgr-semm-fig1.png "Information from Surface UEFI Manager setup is automatically parsed") + + *Figure 1. Information from Microsoft Surface UEFI Manager setup is automatically parsed* * **General Information** – You can modify the name of the application and information about the publisher and version, or add comments on this page. The installation command for Microsoft Surface UEFI Manager is displayed in the Installation Program field. The default installation behavior of Install for system will allow Microsoft Surface UEFI Manager to install the required assemblies for SEMM even if a user is not logged on to the Surface device. Select **Next** to proceed. * **Summary** – The information that was parsed in the **Import Information** step and your selections from the **General Information** step is displayed on this page. Select **Next** to confirm your selections and create the application. From abef2c300f627534c4e48470341ed630eb70d34b Mon Sep 17 00:00:00 2001 From: Gary Moore Date: Wed, 12 Feb 2020 14:08:14 -0800 Subject: [PATCH 089/112] Inserted blank line between "To connect your account to Windows" and Step a. These were run together in a single paragraph before this change. --- windows/configuration/cortana-at-work/cortana-at-work-powerbi.md | 1 + 1 file changed, 1 insertion(+) diff --git a/windows/configuration/cortana-at-work/cortana-at-work-powerbi.md b/windows/configuration/cortana-at-work/cortana-at-work-powerbi.md index 2673b1c378..1239cdfc7a 100644 --- a/windows/configuration/cortana-at-work/cortana-at-work-powerbi.md +++ b/windows/configuration/cortana-at-work/cortana-at-work-powerbi.md @@ -38,6 +38,7 @@ To use this walkthrough, you’ll need: - **Azure Active Directory (Azure AD)/Work or School account**. You can use the account that you created for Office 365, or you can create a new one while you’re establishing your Power BI account. If you choose to use Azure AD, you must connect your Azure AD account to your Windows account. **To connect your account to Windows** + a. Open **Windows Settings**, click **Accounts**, click **Access work or school**, and then in the **Connect to work or school** section, click **Connect**. b. Follow the instructions to add your Azure Active Directory (Azure AD) account to Windows. From 5ea1674764967cb083c5a04581e05f174c22204e Mon Sep 17 00:00:00 2001 From: Gary Moore Date: Wed, 12 Feb 2020 14:41:10 -0800 Subject: [PATCH 090/112] Trying more indentation in source of Figure 1 --- ...enter-configuration-manager-to-manage-devices-with-semm.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/devices/surface/use-system-center-configuration-manager-to-manage-devices-with-semm.md b/devices/surface/use-system-center-configuration-manager-to-manage-devices-with-semm.md index ff4453524b..1ac8eb8aa2 100644 --- a/devices/surface/use-system-center-configuration-manager-to-manage-devices-with-semm.md +++ b/devices/surface/use-system-center-configuration-manager-to-manage-devices-with-semm.md @@ -75,9 +75,9 @@ To create a new application and deploy it to a collection that contains your Sur * **Import Information** – The Create Application Wizard will parse the .msi file and read the **Application Name** and **Product Code**. SurfaceUEFIManagerSetup.msi should be listed as the only file under the line **Content Files**, as shown in Figure 1. Select **Next** to proceed. - ![Information from Surface UEFI Manager setup is automatically parsed](images/config-mgr-semm-fig1.png "Information from Surface UEFI Manager setup is automatically parsed") + ![Information from Surface UEFI Manager setup is automatically parsed](images/config-mgr-semm-fig1.png "Information from Surface UEFI Manager setup is automatically parsed") - *Figure 1. Information from Microsoft Surface UEFI Manager setup is automatically parsed* + *Figure 1. Information from Microsoft Surface UEFI Manager setup is automatically parsed* * **General Information** – You can modify the name of the application and information about the publisher and version, or add comments on this page. The installation command for Microsoft Surface UEFI Manager is displayed in the Installation Program field. The default installation behavior of Install for system will allow Microsoft Surface UEFI Manager to install the required assemblies for SEMM even if a user is not logged on to the Surface device. Select **Next** to proceed. * **Summary** – The information that was parsed in the **Import Information** step and your selections from the **General Information** step is displayed on this page. Select **Next** to confirm your selections and create the application. From 0d82b2f4180e710434ec10fde9d75b5e38dc552e Mon Sep 17 00:00:00 2001 From: Daniel Simpson Date: Wed, 12 Feb 2020 15:19:42 -0800 Subject: [PATCH 091/112] Update network-protection.md --- .../microsoft-defender-atp/network-protection.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/network-protection.md b/windows/security/threat-protection/microsoft-defender-atp/network-protection.md index 92abdc1744..64488a550e 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/network-protection.md +++ b/windows/security/threat-protection/microsoft-defender-atp/network-protection.md @@ -31,7 +31,7 @@ Network protection expands the scope of [Windows Defender SmartScreen](../window Network protection is supported beginning with Windows 10, version 1709. -More details on how to enable network protection: [Enable network protection](enable-network-protection.md) | Use Group Policy, PowerShell, or MDM CSPs to enable and manage network protection in your network. +For more details about how to enable network protection, see [Enable network protection](enable-network-protection.md). Use Group Policy, PowerShell, or MDM CSPs to enable and manage network protection in your network. > [!TIP] > You can visit the Windows Defender Testground website at [demo.wd.microsoft.com](https://demo.wd.microsoft.com?ocid=cx-wddocs-testground) to confirm the feature is working and see how it works. From d8ab722b14415fa741561f6269cff80f5def67af Mon Sep 17 00:00:00 2001 From: Karl Wester-Ebbinghaus <45657752+Karl-WE@users.noreply.github.com> Date: Thu, 13 Feb 2020 00:38:11 +0100 Subject: [PATCH 092/112] Update install-vamt.md outdated information on ADK download and missing reference that using an external full SQL Server works very well, too. Users should be advised to minimize the amount of localDB / Express as they do not get patched most of all times via WU / WSUS / MEM etc. --- .../deployment/volume-activation/install-vamt.md | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) diff --git a/windows/deployment/volume-activation/install-vamt.md b/windows/deployment/volume-activation/install-vamt.md index 9a229185cc..86f5ade189 100644 --- a/windows/deployment/volume-activation/install-vamt.md +++ b/windows/deployment/volume-activation/install-vamt.md @@ -9,7 +9,8 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: activation -audience: itpro author: greg-lindsay +audience: itpro +author: greg-lindsay ms.localizationpriority: medium ms.date: 03/11/2019 ms.topic: article @@ -34,8 +35,9 @@ You install VAMT as part of the Windows Assessment and Deployment Kit (ADK) for - [Windows Server with Desktop Experience](https://docs.microsoft.com/windows-server/get-started/getting-started-with-server-with-desktop-experience), with internet access and all updates applied - [Windows 10, version 1809 ADK](https://go.microsoft.com/fwlink/?linkid=2026036) - [SQL Server 2017 Express](https://www.microsoft.com/sql-server/sql-server-editions-express) +- alternatively any full SQL instance e.g. SQL Server 2014 or newer incl. CU / SP -### Install SQL Server 2017 Express +### Install SQL Server 2017 Express / alternatively use any Full SQL instance e.g. SQL Server 2014 or newer 1. Download and open the [SQL Server 2017 Express](https://www.microsoft.com/sql-server/sql-server-editions-express) package. 2. Select **Basic**. @@ -46,20 +48,23 @@ You install VAMT as part of the Windows Assessment and Deployment Kit (ADK) for ### Install VAMT using the ADK -1. Download and open the [Windows 10, version 1809 ADK](https://go.microsoft.com/fwlink/?linkid=2026036) package. +1. Download and open the [Windows 10, version 1903 ADK](https://go.microsoft.com/fwlink/?linkid=2086042) package. +Reminder: There won't be new ADK release for 1909. 2. Enter an install location or use the default path, and then select **Next**. 3. Select a privacy setting, and then select **Next**. 4. Accept the license terms. 5. On the **Select the features you want to install** page, select **Volume Activation Management Tool (VAMT)**, and then select **Install**. (You can select additional features to install as well.) 6. On the completion page, select **Close**. -### Configure VAMT to connect to SQL Server 2017 Express +### Configure VAMT to connect to SQL Server 2017 Express or full SQL Server 1. Open **Volume Active Management Tool 3.1** from the Start menu. -2. Enter the server instance name and a name for the database, select **Connect**, and then select **Yes** to create the database. See the following image for an example. +2. Enter the server instance name (for a remote SQL use the FQDN) and a name for the database, select **Connect**, and then select **Yes** to create the database. See the following image for an example for SQL. ![Server name is .\SQLEXPRESS and database name is VAMT](images/vamt-db.png) +for remote SQL Server use +servername.yourdomain.com From 749f1874204e9c222a792695ffe542cacfd34c66 Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Wed, 12 Feb 2020 15:55:57 -0800 Subject: [PATCH 093/112] Update configure-block-at-first-sight-windows-defender-antivirus.md --- ...lock-at-first-sight-windows-defender-antivirus.md | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/windows/security/threat-protection/windows-defender-antivirus/configure-block-at-first-sight-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/configure-block-at-first-sight-windows-defender-antivirus.md index c5ea9149b8..af838d196f 100644 --- a/windows/security/threat-protection/windows-defender-antivirus/configure-block-at-first-sight-windows-defender-antivirus.md +++ b/windows/security/threat-protection/windows-defender-antivirus/configure-block-at-first-sight-windows-defender-antivirus.md @@ -50,7 +50,7 @@ Block at first sight requires a number of settings to be configured correctly or ### Confirm block at first sight is enabled with Intune -1. In Intune, navigate to **Device configuration - Profiles > *Profile name* > Device restrictions > Windows Defender Antivirus**. +1. In Intune, navigate to **Device configuration - Profiles** > *Profile name* > **Device restrictions** > **Windows Defender Antivirus**. > [!NOTE] > The profile you select must be a Device Restriction profile type, not an Endpoint Protection profile type. @@ -119,19 +119,19 @@ If you had to change any of the settings, you should re-deploy the Group Policy ### Confirm block at first sight is enabled with the Windows Security app -You can confirm that block at first sight is enabled in Windows Settings. +You can confirm that block at first sight is enabled in your Windows security settings. -Block at first sight is automatically enabled as long as **Cloud-based protection** and **Automatic sample submission** are both turned on. +Block at first sight is automatically enabled as long as **Cloud-delivered protection** and **Automatic sample submission** are both turned on. ### Confirm Block at First Sight is enabled on individual clients -1. Open the Windows Security app by clicking the shield icon in the task bar. +1. Open the Windows Security app. -2. Click the **Virus & threat protection** tile (or the shield icon on the left menu bar) and then click **Manage Settings** under **Virus & threat protection settings**: +2. Select **Virus & threat protection**, and then, under **Virus & threat protection settings**, select **Manage Settings**. ![Screenshot of the Virus & threat protection settings label in the Windows Security app](images/defender/wdav-protection-settings-wdsc.png) -3. Confirm that **Cloud-based Protection** and **Automatic sample submission** are switched to **On**. +3. Confirm that **Cloud-delivered protection** and **Automatic sample submission** are both turned on. > [!NOTE] > If the prerequisite settings are configured and deployed using Group Policy, the settings described in this section will be greyed-out and unavailable for use on individual endpoints. Changes made through a Group Policy Object must first be deployed to individual endpoints before the setting will be updated in Windows Settings. From 7699c929067a1205dd447c3a7a50b79c601c9d25 Mon Sep 17 00:00:00 2001 From: John Liu <49762389+ShenLanJohn@users.noreply.github.com> Date: Wed, 12 Feb 2020 17:07:20 -0800 Subject: [PATCH 094/112] CAT Auto Pulish for Windows Release Messages - CAT_AutoPublish_20200212154746 (#2053) Co-authored-by: Direesh Kumar Kandakatla --- ...sues-windows-7-and-windows-server-2008-r2-sp1.yml | 12 +++++++++++- ...issues-windows-8.1-and-windows-server-2012-r2.yml | 2 +- .../resolved-issues-windows-server-2008-sp2.yml | 12 +++++++++++- .../resolved-issues-windows-server-2012.yml | 2 +- ...atus-windows-7-and-windows-server-2008-r2-sp1.yml | 10 ++++++++++ .../status-windows-server-2008-sp2.yml | 10 ++++++++++ 6 files changed, 44 insertions(+), 4 deletions(-) diff --git a/windows/release-information/resolved-issues-windows-7-and-windows-server-2008-r2-sp1.yml b/windows/release-information/resolved-issues-windows-7-and-windows-server-2008-r2-sp1.yml index 76a98fa268..cf77e81898 100644 --- a/windows/release-information/resolved-issues-windows-7-and-windows-server-2008-r2-sp1.yml +++ b/windows/release-information/resolved-issues-windows-7-and-windows-server-2008-r2-sp1.yml @@ -32,6 +32,7 @@ sections: - type: markdown text: " + @@ -50,6 +51,15 @@ sections:
" +- title: February 2020 +- items: + - type: markdown + text: " +
SummaryOriginating updateStatusDate resolved
After installing an update and restarting, you might receive an error
You might receive the error, “Failure to configure Windows updates. Reverting Changes.” or \"Failed\" in Update History.

See details >		February 11, 2020
KB4537820		Resolved
February 12, 2020
03:47 PM PT
Custom wallpaper displays as black
Using a custom image set to \"Stretch\" might not display as expected.

See details >		January 14, 2020
KB4534310		Resolved
KB4539601		February 07, 2020
10:00 AM PT
MSRT might fail to install and be re-offered from Windows Update or WSUS
The November 2019 update for Windows Malicious Software Removal Tool (MSRT) might fail to install from WU/WSUS.

See details >
Resolved
January 23, 2020
02:08 PM PT
Intermittent issues when printing
The print spooler service may intermittently have issues completing a print job and results print job failure.

See details >		September 24, 2019
KB4516048		Resolved
KB4519976		October 08, 2019
10:00 AM PT
+ +
DetailsOriginating updateStatusHistory
After installing an update and restarting, you might receive an error
After installing KB4537820 and restarting your device, you might receive the error, “Failure to configure Windows updates. Reverting Changes. Do not turn off your computer,” and the update might show as Failed in Update History.

Affected platforms:
  • Client: Windows 7 SP1
  • Server: Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This is expected in the following circumstances:
  • If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see KB4497181.
  • If you do not have an ESU MAK add-on key installed and activated. 
If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this blog post. For information on the prerequisites, see the \"How to get this update\" section of this article.

Back to top		February 11, 2020
KB4537820		Resolved
Resolved:
February 12, 2020
03:47 PM PT

Opened:
February 12, 2020
03:47 PM PT
+ " + - title: January 2020 - items: - type: markdown @@ -73,7 +83,7 @@ sections: - type: markdown text: " - +
DetailsOriginating updateStatusHistory
Intermittent issues when printing
Applications and printer drivers that leverage the Windows Javascript engine (jscript.dll) for processing print jobs might experience one or more of the following symptoms:
  • Applications interacting with the V4 printer driver might close or error when printing. Issues might only be encountered when printing but might also be encountered at any time the app is running, depending on when the app interacts with the print driver.
  • The printer spooler service (spoolsv.exe) might close or error in jscript.dll with exception code 0xc0000005 causing the print jobs to stop processing. Only part of the print job might print and the rest might be canceled or error.
Note This issue also affects the Internet Explorer Cumulative Update KB4522007, release September 23, 2019.

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4519976. If you are using Security Only updates, see KB4519974 for resolving KB for your platform.

Back to top		September 24, 2019
KB4516048		Resolved
KB4519976		Resolved:
October 08, 2019
10:00 AM PT

Opened:
September 30, 2019
06:26 PM PT
Intermittent issues when printing
Applications and printer drivers that leverage the Windows Javascript engine (jscript.dll) for processing print jobs might experience one or more of the following symptoms:
  • Applications interacting with the V4 printer driver might close or error when printing. Issues might only be encountered when printing but might also be encountered at any time the app is running, depending on when the app interacts with the print driver.
  • The printer spooler service (spoolsv.exe) might close or error in jscript.dll with exception code 0xc0000005 causing the print jobs to stop processing. Only part of the print job might print and the rest might be canceled or error.
Note This issue also affects the Internet Explorer Cumulative Update KB4522007, release September 23, 2019.

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4519976. If you are using Security Only updates, see KB4519974 for resolving KB for your platform.

Back to top		September 24, 2019
KB4516048		Resolved
KB4519976		Resolved:
October 08, 2019
10:00 AM PT

Opened:
September 30, 2019
06:26 PM PT
You may receive an error when opening or using the Toshiba Qosmio AV Center
After installing KB4512506, you may receive an error when opening or using the Toshiba Qosmio AV Center. You may also receive an error in Event Log related to cryptnet.dll.

Affected platforms:
  • Client: Windows 7 SP1
Resolution: This issue was resolved in KB4516048.

Back to top		August 13, 2019
KB4512506		Resolved
KB4516048		Resolved:
September 24, 2019
10:00 AM PT

Opened:
September 10, 2019
09:48 AM PT
" diff --git a/windows/release-information/resolved-issues-windows-8.1-and-windows-server-2012-r2.yml b/windows/release-information/resolved-issues-windows-8.1-and-windows-server-2012-r2.yml index 14837c1dae..3ad99d98ca 100644 --- a/windows/release-information/resolved-issues-windows-8.1-and-windows-server-2012-r2.yml +++ b/windows/release-information/resolved-issues-windows-8.1-and-windows-server-2012-r2.yml @@ -62,7 +62,7 @@ sections: - type: markdown text: " - +
DetailsOriginating updateStatusHistory
Intermittent issues when printing
Applications and printer drivers that leverage the Windows Javascript engine (jscript.dll) for processing print jobs might experience one or more of the following symptoms:
  • Applications interacting with the V4 printer driver might close or error when printing. Issues might only be encountered when printing but might also be encountered at any time the app is running, depending on when the app interacts with the print driver.
  • The printer spooler service (spoolsv.exe) might close or error in jscript.dll with exception code 0xc0000005 causing the print jobs to stop processing. Only part of the print job might print and the rest might be canceled or error.
Note This issue also affects the Internet Explorer Cumulative Update KB4522007, release September 23, 2019.

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4520005. If you are using Security Only updates, see KB4519974 for resolving KB for your platform.

Back to top		September 24, 2019
KB4516041		Resolved
KB4520005		Resolved:
October 08, 2019
10:00 AM PT

Opened:
September 30, 2019
06:26 PM PT
Intermittent issues when printing
Applications and printer drivers that leverage the Windows Javascript engine (jscript.dll) for processing print jobs might experience one or more of the following symptoms:
  • Applications interacting with the V4 printer driver might close or error when printing. Issues might only be encountered when printing but might also be encountered at any time the app is running, depending on when the app interacts with the print driver.
  • The printer spooler service (spoolsv.exe) might close or error in jscript.dll with exception code 0xc0000005 causing the print jobs to stop processing. Only part of the print job might print and the rest might be canceled or error.
Note This issue also affects the Internet Explorer Cumulative Update KB4522007, release September 23, 2019.

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4520005. If you are using Security Only updates, see KB4519974 for resolving KB for your platform.

Back to top		September 24, 2019
KB4516041		Resolved
KB4520005		Resolved:
October 08, 2019
10:00 AM PT

Opened:
September 30, 2019
06:26 PM PT
Windows RT 8.1 devices may have issues opening Internet Explorer 11
On Windows 8.1 RT devices, Internet Explorer 11 may not open and you may receive the error, \"C:\\Program Files\\Internet Explorer\\iexplore.exe: A certificate was explicitly revoked by its issuer.\"


Affected platforms:
  • Client: Windows RT 8.1
Resolution: This issue was resolved in KB4516041.

Back to top		September 10, 2019
KB4516067		Resolved
KB4516041		Resolved:
September 24, 2019
10:00 AM PT

Opened:
September 13, 2019
05:25 PM PT
" diff --git a/windows/release-information/resolved-issues-windows-server-2008-sp2.yml b/windows/release-information/resolved-issues-windows-server-2008-sp2.yml index 475eb994f9..81e984e8c7 100644 --- a/windows/release-information/resolved-issues-windows-server-2008-sp2.yml +++ b/windows/release-information/resolved-issues-windows-server-2008-sp2.yml @@ -32,6 +32,7 @@ sections: - type: markdown text: " + @@ -47,6 +48,15 @@ sections:
" +- title: February 2020 +- items: + - type: markdown + text: " +
SummaryOriginating updateStatusDate resolved
After installing an update and restarting, you might receive an error
You might receive the error, “Failure to configure Windows updates. Reverting Changes.” or \"Failed\" in Update History.

See details >		February 11, 2020
KB4537810		Resolved
February 12, 2020
03:47 PM PT
MSRT might fail to install and be re-offered from Windows Update or WSUS
The November 2019 update for Windows Malicious Software Removal Tool (MSRT) might fail to install from WU/WSUS.

See details >
Resolved
January 23, 2020
02:08 PM PT
Issues manually installing updates by double-clicking the .msu file
You may encounter issues manually installing updates by double-clicking the .msu file and may receive an error.

See details >		September 10, 2019
KB4474419		Resolved
KB4474419		September 23, 2019
10:00 AM PT
Intermittent issues when printing
The print spooler service may intermittently have issues completing a print job and results print job failure.

See details >		September 24, 2019
KB4516030		Resolved
KB4520002		October 08, 2019
10:00 AM PT
+ +
DetailsOriginating updateStatusHistory
After installing an update and restarting, you might receive an error
After installing KB4537810 and restarting your device, you might receive the error, “Failure to configure Windows updates. Reverting Changes. Do not turn off your computer,” and the update might show as Failed in Update History.

Affected platforms:
  • Client: Windows 7 SP1
  • Server: Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This is expected in the following circumstances:
  • If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see KB4497181.
  • If you do not have an ESU MAK add-on key installed and activated. 
If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this blog post. For information on the prerequisites, see the \"How to get this update\" section of this article.

Back to top		February 11, 2020
KB4537810		Resolved
Resolved:
February 12, 2020
03:47 PM PT

Opened:
February 12, 2020
03:47 PM PT
+ " + - title: November 2019 - items: - type: markdown @@ -62,7 +72,7 @@ sections: text: " - +
DetailsOriginating updateStatusHistory
Issues manually installing updates by double-clicking the .msu file
After installing the SHA-2 update (KB4474419) released on September 10, 2019, you may encounter issues manually installing updates by double-clicking on the .msu file and may receive the error, \"Installer encountered an error: 0x80073afc. The resource loader failed to find MUI file.\"

Affected platforms:
  • Server: Windows Server 2008 SP2
Workaround: Open a command prompt and use the following command (replacing <msu location> with the actual location and filename of the update): wusa.exe <msu location> /quiet

Resolution: This issue is resolved in KB4474419 released October 8, 2019. It will install automatically from Windows Update and Windows Server Update Services (WSUS). If you need to install this update manually, you will need to use the workaround above.

Note If you previously installed KB4474419 released September 23, 2019, then you already have the latest version of this update and do not need to reinstall.

Back to top		September 10, 2019
KB4474419		Resolved
KB4474419		Resolved:
September 23, 2019
10:00 AM PT

Opened:
September 20, 2019
04:57 PM PT
Intermittent issues when printing
Applications and printer drivers that leverage the Windows Javascript engine (jscript.dll) for processing print jobs might experience one or more of the following symptoms:
  • Applications interacting with the V4 printer driver might close or error when printing. Issues might only be encountered when printing but might also be encountered at any time the app is running, depending on when the app interacts with the print driver.
  • The printer spooler service (spoolsv.exe) might close or error in jscript.dll with exception code 0xc0000005 causing the print jobs to stop processing. Only part of the print job might print and the rest might be canceled or error.
Note This issue also affects the Internet Explorer Cumulative Update KB4522007, release September 23, 2019.

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4520002. If you are using Security Only updates, see KB4519974 for resolving KB for your platform.

Back to top		September 24, 2019
KB4516030		Resolved
KB4520002		Resolved:
October 08, 2019
10:00 AM PT

Opened:
September 30, 2019
06:26 PM PT
Intermittent issues when printing
Applications and printer drivers that leverage the Windows Javascript engine (jscript.dll) for processing print jobs might experience one or more of the following symptoms:
  • Applications interacting with the V4 printer driver might close or error when printing. Issues might only be encountered when printing but might also be encountered at any time the app is running, depending on when the app interacts with the print driver.
  • The printer spooler service (spoolsv.exe) might close or error in jscript.dll with exception code 0xc0000005 causing the print jobs to stop processing. Only part of the print job might print and the rest might be canceled or error.
Note This issue also affects the Internet Explorer Cumulative Update KB4522007, release September 23, 2019.

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4520002. If you are using Security Only updates, see KB4519974 for resolving KB for your platform.

Back to top		September 24, 2019
KB4516030		Resolved
KB4520002		Resolved:
October 08, 2019
10:00 AM PT

Opened:
September 30, 2019
06:26 PM PT
" diff --git a/windows/release-information/resolved-issues-windows-server-2012.yml b/windows/release-information/resolved-issues-windows-server-2012.yml index fe6611a3e4..a3edb4121f 100644 --- a/windows/release-information/resolved-issues-windows-server-2012.yml +++ b/windows/release-information/resolved-issues-windows-server-2012.yml @@ -60,7 +60,7 @@ sections: - type: markdown text: " - +
DetailsOriginating updateStatusHistory
Intermittent issues when printing
Applications and printer drivers that leverage the Windows Javascript engine (jscript.dll) for processing print jobs might experience one or more of the following symptoms:
  • Applications interacting with the V4 printer driver might close or error when printing. Issues might only be encountered when printing but might also be encountered at any time the app is running, depending on when the app interacts with the print driver.
  • The printer spooler service (spoolsv.exe) might close or error in jscript.dll with exception code 0xc0000005 causing the print jobs to stop processing. Only part of the print job might print and the rest might be canceled or error.
Note This issue also affects the Internet Explorer Cumulative Update KB4522007, release September 23, 2019.

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4520007. If you are using Security Only updates, see KB4519974 for resolving KB for your platform.

Back to top		September 24, 2019
KB4516069		Resolved
KB4520007		Resolved:
October 08, 2019
10:00 AM PT

Opened:
September 30, 2019
06:26 PM PT
Intermittent issues when printing
Applications and printer drivers that leverage the Windows Javascript engine (jscript.dll) for processing print jobs might experience one or more of the following symptoms:
  • Applications interacting with the V4 printer driver might close or error when printing. Issues might only be encountered when printing but might also be encountered at any time the app is running, depending on when the app interacts with the print driver.
  • The printer spooler service (spoolsv.exe) might close or error in jscript.dll with exception code 0xc0000005 causing the print jobs to stop processing. Only part of the print job might print and the rest might be canceled or error.
Note This issue also affects the Internet Explorer Cumulative Update KB4522007, release September 23, 2019.

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4520007. If you are using Security Only updates, see KB4519974 for resolving KB for your platform.

Back to top		September 24, 2019
KB4516069		Resolved
KB4520007		Resolved:
October 08, 2019
10:00 AM PT

Opened:
September 30, 2019
06:26 PM PT
" diff --git a/windows/release-information/status-windows-7-and-windows-server-2008-r2-sp1.yml b/windows/release-information/status-windows-7-and-windows-server-2008-r2-sp1.yml index 594303eec5..133fd7bacf 100644 --- a/windows/release-information/status-windows-7-and-windows-server-2008-r2-sp1.yml +++ b/windows/release-information/status-windows-7-and-windows-server-2008-r2-sp1.yml @@ -60,6 +60,7 @@ sections: - type: markdown text: "
This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.

+ @@ -74,6 +75,15 @@ sections:
" +- title: February 2020 +- items: + - type: markdown + text: " +
SummaryOriginating updateStatusLast updated
After installing an update and restarting, you might receive an error
You might receive the error, “Failure to configure Windows updates. Reverting Changes.” or \"Failed\" in Update History.

See details >		February 11, 2020
KB4537820		Resolved
February 12, 2020
03:47 PM PT
Custom wallpaper displays as black
Using a custom image set to \"Stretch\" might not display as expected.

See details >		January 14, 2020
KB4534310		Resolved
KB4539601		February 07, 2020
10:00 AM PT
MSRT might fail to install and be re-offered from Windows Update or WSUS
The November 2019 update for Windows Malicious Software Removal Tool (MSRT) might fail to install from WU/WSUS.

See details >
Resolved
January 23, 2020
02:08 PM PT
TLS connections might fail or timeout
Transport Layer Security (TLS) connections might fail or timeout when connecting or attempting a resumption.

See details >		October 08, 2019
KB4519976		Mitigated External
November 05, 2019
03:36 PM PT
+ +
DetailsOriginating updateStatusHistory
After installing an update and restarting, you might receive an error
After installing KB4537820 and restarting your device, you might receive the error, “Failure to configure Windows updates. Reverting Changes. Do not turn off your computer,” and the update might show as Failed in Update History.

Affected platforms:
  • Client: Windows 7 SP1
  • Server: Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This is expected in the following circumstances:
  • If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see KB4497181.
  • If you do not have an ESU MAK add-on key installed and activated. 
If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this blog post. For information on the prerequisites, see the \"How to get this update\" section of this article.

Back to top		February 11, 2020
KB4537820		Resolved
Resolved:
February 12, 2020
03:47 PM PT

Opened:
February 12, 2020
03:47 PM PT
+ " + - title: January 2020 - items: - type: markdown diff --git a/windows/release-information/status-windows-server-2008-sp2.yml b/windows/release-information/status-windows-server-2008-sp2.yml index 122a392439..afe60f1877 100644 --- a/windows/release-information/status-windows-server-2008-sp2.yml +++ b/windows/release-information/status-windows-server-2008-sp2.yml @@ -60,6 +60,7 @@ sections: - type: markdown text: "
This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.

+
SummaryOriginating updateStatusLast updated
After installing an update and restarting, you might receive an error
You might receive the error, “Failure to configure Windows updates. Reverting Changes.” or \"Failed\" in Update History.

See details >		February 11, 2020
KB4537810		Resolved
February 12, 2020
03:47 PM PT
MSRT might fail to install and be re-offered from Windows Update or WSUS
The November 2019 update for Windows Malicious Software Removal Tool (MSRT) might fail to install from WU/WSUS.

See details >
Resolved
January 23, 2020
02:08 PM PT
TLS connections might fail or timeout
Transport Layer Security (TLS) connections might fail or timeout when connecting or attempting a resumption.

See details >		October 08, 2019
KB4520002		Mitigated External
November 05, 2019
03:36 PM PT
@@ -72,6 +73,15 @@ sections:
" +- title: February 2020 +- items: + - type: markdown + text: " + + +
DetailsOriginating updateStatusHistory
After installing an update and restarting, you might receive an error
After installing KB4537810 and restarting your device, you might receive the error, “Failure to configure Windows updates. Reverting Changes. Do not turn off your computer,” and the update might show as Failed in Update History.

Affected platforms:
  • Client: Windows 7 SP1
  • Server: Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This is expected in the following circumstances:
  • If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see KB4497181.
  • If you do not have an ESU MAK add-on key installed and activated. 
If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this blog post. For information on the prerequisites, see the \"How to get this update\" section of this article.

Back to top		February 11, 2020
KB4537810		Resolved
Resolved:
February 12, 2020
03:47 PM PT

Opened:
February 12, 2020
03:47 PM PT
+ " + - title: November 2019 - items: - type: markdown From cef33a867cb3620d814ea69f220cfa7d19264643 Mon Sep 17 00:00:00 2001 From: John Liu <49762389+ShenLanJohn@users.noreply.github.com> Date: Wed, 12 Feb 2020 17:27:24 -0800 Subject: [PATCH 095/112] CAT Auto Pulish for Windows Release Messages - CAT_AutoPublish_20200212154746 (#2053) (#2054) Co-authored-by: Direesh Kumar Kandakatla Co-authored-by: Direesh Kumar Kandakatla --- ...sues-windows-7-and-windows-server-2008-r2-sp1.yml | 12 +++++++++++- ...issues-windows-8.1-and-windows-server-2012-r2.yml | 2 +- .../resolved-issues-windows-server-2008-sp2.yml | 12 +++++++++++- .../resolved-issues-windows-server-2012.yml | 2 +- ...atus-windows-7-and-windows-server-2008-r2-sp1.yml | 10 ++++++++++ .../status-windows-server-2008-sp2.yml | 10 ++++++++++ 6 files changed, 44 insertions(+), 4 deletions(-) diff --git a/windows/release-information/resolved-issues-windows-7-and-windows-server-2008-r2-sp1.yml b/windows/release-information/resolved-issues-windows-7-and-windows-server-2008-r2-sp1.yml index 76a98fa268..cf77e81898 100644 --- a/windows/release-information/resolved-issues-windows-7-and-windows-server-2008-r2-sp1.yml +++ b/windows/release-information/resolved-issues-windows-7-and-windows-server-2008-r2-sp1.yml @@ -32,6 +32,7 @@ sections: - type: markdown text: " + @@ -50,6 +51,15 @@ sections:
" +- title: February 2020 +- items: + - type: markdown + text: " +
SummaryOriginating updateStatusDate resolved
After installing an update and restarting, you might receive an error
You might receive the error, “Failure to configure Windows updates. Reverting Changes.” or \"Failed\" in Update History.

See details >		February 11, 2020
KB4537820		Resolved
February 12, 2020
03:47 PM PT
Custom wallpaper displays as black
Using a custom image set to \"Stretch\" might not display as expected.

See details >		January 14, 2020
KB4534310		Resolved
KB4539601		February 07, 2020
10:00 AM PT
MSRT might fail to install and be re-offered from Windows Update or WSUS
The November 2019 update for Windows Malicious Software Removal Tool (MSRT) might fail to install from WU/WSUS.

See details >
Resolved
January 23, 2020
02:08 PM PT
Intermittent issues when printing
The print spooler service may intermittently have issues completing a print job and results print job failure.

See details >		September 24, 2019
KB4516048		Resolved
KB4519976		October 08, 2019
10:00 AM PT
+ +
DetailsOriginating updateStatusHistory
After installing an update and restarting, you might receive an error
After installing KB4537820 and restarting your device, you might receive the error, “Failure to configure Windows updates. Reverting Changes. Do not turn off your computer,” and the update might show as Failed in Update History.

Affected platforms:
  • Client: Windows 7 SP1
  • Server: Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This is expected in the following circumstances:
  • If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see KB4497181.
  • If you do not have an ESU MAK add-on key installed and activated. 
If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this blog post. For information on the prerequisites, see the \"How to get this update\" section of this article.

Back to top		February 11, 2020
KB4537820		Resolved
Resolved:
February 12, 2020
03:47 PM PT

Opened:
February 12, 2020
03:47 PM PT
+ " + - title: January 2020 - items: - type: markdown @@ -73,7 +83,7 @@ sections: - type: markdown text: " - +
DetailsOriginating updateStatusHistory
Intermittent issues when printing
Applications and printer drivers that leverage the Windows Javascript engine (jscript.dll) for processing print jobs might experience one or more of the following symptoms:
  • Applications interacting with the V4 printer driver might close or error when printing. Issues might only be encountered when printing but might also be encountered at any time the app is running, depending on when the app interacts with the print driver.
  • The printer spooler service (spoolsv.exe) might close or error in jscript.dll with exception code 0xc0000005 causing the print jobs to stop processing. Only part of the print job might print and the rest might be canceled or error.
Note This issue also affects the Internet Explorer Cumulative Update KB4522007, release September 23, 2019.

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4519976. If you are using Security Only updates, see KB4519974 for resolving KB for your platform.

Back to top		September 24, 2019
KB4516048		Resolved
KB4519976		Resolved:
October 08, 2019
10:00 AM PT

Opened:
September 30, 2019
06:26 PM PT
Intermittent issues when printing
Applications and printer drivers that leverage the Windows Javascript engine (jscript.dll) for processing print jobs might experience one or more of the following symptoms:
  • Applications interacting with the V4 printer driver might close or error when printing. Issues might only be encountered when printing but might also be encountered at any time the app is running, depending on when the app interacts with the print driver.
  • The printer spooler service (spoolsv.exe) might close or error in jscript.dll with exception code 0xc0000005 causing the print jobs to stop processing. Only part of the print job might print and the rest might be canceled or error.
Note This issue also affects the Internet Explorer Cumulative Update KB4522007, release September 23, 2019.

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4519976. If you are using Security Only updates, see KB4519974 for resolving KB for your platform.

Back to top		September 24, 2019
KB4516048		Resolved
KB4519976		Resolved:
October 08, 2019
10:00 AM PT

Opened:
September 30, 2019
06:26 PM PT
You may receive an error when opening or using the Toshiba Qosmio AV Center
After installing KB4512506, you may receive an error when opening or using the Toshiba Qosmio AV Center. You may also receive an error in Event Log related to cryptnet.dll.

Affected platforms:
  • Client: Windows 7 SP1
Resolution: This issue was resolved in KB4516048.

Back to top		August 13, 2019
KB4512506		Resolved
KB4516048		Resolved:
September 24, 2019
10:00 AM PT

Opened:
September 10, 2019
09:48 AM PT
" diff --git a/windows/release-information/resolved-issues-windows-8.1-and-windows-server-2012-r2.yml b/windows/release-information/resolved-issues-windows-8.1-and-windows-server-2012-r2.yml index 14837c1dae..3ad99d98ca 100644 --- a/windows/release-information/resolved-issues-windows-8.1-and-windows-server-2012-r2.yml +++ b/windows/release-information/resolved-issues-windows-8.1-and-windows-server-2012-r2.yml @@ -62,7 +62,7 @@ sections: - type: markdown text: " - +
DetailsOriginating updateStatusHistory
Intermittent issues when printing
Applications and printer drivers that leverage the Windows Javascript engine (jscript.dll) for processing print jobs might experience one or more of the following symptoms:
  • Applications interacting with the V4 printer driver might close or error when printing. Issues might only be encountered when printing but might also be encountered at any time the app is running, depending on when the app interacts with the print driver.
  • The printer spooler service (spoolsv.exe) might close or error in jscript.dll with exception code 0xc0000005 causing the print jobs to stop processing. Only part of the print job might print and the rest might be canceled or error.
Note This issue also affects the Internet Explorer Cumulative Update KB4522007, release September 23, 2019.

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4520005. If you are using Security Only updates, see KB4519974 for resolving KB for your platform.

Back to top		September 24, 2019
KB4516041		Resolved
KB4520005		Resolved:
October 08, 2019
10:00 AM PT

Opened:
September 30, 2019
06:26 PM PT
Intermittent issues when printing
Applications and printer drivers that leverage the Windows Javascript engine (jscript.dll) for processing print jobs might experience one or more of the following symptoms:
  • Applications interacting with the V4 printer driver might close or error when printing. Issues might only be encountered when printing but might also be encountered at any time the app is running, depending on when the app interacts with the print driver.
  • The printer spooler service (spoolsv.exe) might close or error in jscript.dll with exception code 0xc0000005 causing the print jobs to stop processing. Only part of the print job might print and the rest might be canceled or error.
Note This issue also affects the Internet Explorer Cumulative Update KB4522007, release September 23, 2019.

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4520005. If you are using Security Only updates, see KB4519974 for resolving KB for your platform.

Back to top		September 24, 2019
KB4516041		Resolved
KB4520005		Resolved:
October 08, 2019
10:00 AM PT

Opened:
September 30, 2019
06:26 PM PT
Windows RT 8.1 devices may have issues opening Internet Explorer 11
On Windows 8.1 RT devices, Internet Explorer 11 may not open and you may receive the error, \"C:\\Program Files\\Internet Explorer\\iexplore.exe: A certificate was explicitly revoked by its issuer.\"


Affected platforms:
  • Client: Windows RT 8.1
Resolution: This issue was resolved in KB4516041.

Back to top		September 10, 2019
KB4516067		Resolved
KB4516041		Resolved:
September 24, 2019
10:00 AM PT

Opened:
September 13, 2019
05:25 PM PT
" diff --git a/windows/release-information/resolved-issues-windows-server-2008-sp2.yml b/windows/release-information/resolved-issues-windows-server-2008-sp2.yml index 475eb994f9..81e984e8c7 100644 --- a/windows/release-information/resolved-issues-windows-server-2008-sp2.yml +++ b/windows/release-information/resolved-issues-windows-server-2008-sp2.yml @@ -32,6 +32,7 @@ sections: - type: markdown text: " + @@ -47,6 +48,15 @@ sections:
" +- title: February 2020 +- items: + - type: markdown + text: " +
SummaryOriginating updateStatusDate resolved
After installing an update and restarting, you might receive an error
You might receive the error, “Failure to configure Windows updates. Reverting Changes.” or \"Failed\" in Update History.

See details >		February 11, 2020
KB4537810		Resolved
February 12, 2020
03:47 PM PT
MSRT might fail to install and be re-offered from Windows Update or WSUS
The November 2019 update for Windows Malicious Software Removal Tool (MSRT) might fail to install from WU/WSUS.

See details >
Resolved
January 23, 2020
02:08 PM PT
Issues manually installing updates by double-clicking the .msu file
You may encounter issues manually installing updates by double-clicking the .msu file and may receive an error.

See details >		September 10, 2019
KB4474419		Resolved
KB4474419		September 23, 2019
10:00 AM PT
Intermittent issues when printing
The print spooler service may intermittently have issues completing a print job and results print job failure.

See details >		September 24, 2019
KB4516030		Resolved
KB4520002		October 08, 2019
10:00 AM PT
+ +
DetailsOriginating updateStatusHistory
After installing an update and restarting, you might receive an error
After installing KB4537810 and restarting your device, you might receive the error, “Failure to configure Windows updates. Reverting Changes. Do not turn off your computer,” and the update might show as Failed in Update History.

Affected platforms:
  • Client: Windows 7 SP1
  • Server: Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This is expected in the following circumstances:
  • If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see KB4497181.
  • If you do not have an ESU MAK add-on key installed and activated. 
If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this blog post. For information on the prerequisites, see the \"How to get this update\" section of this article.

Back to top		February 11, 2020
KB4537810		Resolved
Resolved:
February 12, 2020
03:47 PM PT

Opened:
February 12, 2020
03:47 PM PT
+ " + - title: November 2019 - items: - type: markdown @@ -62,7 +72,7 @@ sections: text: " - +
DetailsOriginating updateStatusHistory
Issues manually installing updates by double-clicking the .msu file
After installing the SHA-2 update (KB4474419) released on September 10, 2019, you may encounter issues manually installing updates by double-clicking on the .msu file and may receive the error, \"Installer encountered an error: 0x80073afc. The resource loader failed to find MUI file.\"

Affected platforms:
  • Server: Windows Server 2008 SP2
Workaround: Open a command prompt and use the following command (replacing <msu location> with the actual location and filename of the update): wusa.exe <msu location> /quiet

Resolution: This issue is resolved in KB4474419 released October 8, 2019. It will install automatically from Windows Update and Windows Server Update Services (WSUS). If you need to install this update manually, you will need to use the workaround above.

Note If you previously installed KB4474419 released September 23, 2019, then you already have the latest version of this update and do not need to reinstall.

Back to top		September 10, 2019
KB4474419		Resolved
KB4474419		Resolved:
September 23, 2019
10:00 AM PT

Opened:
September 20, 2019
04:57 PM PT
Intermittent issues when printing
Applications and printer drivers that leverage the Windows Javascript engine (jscript.dll) for processing print jobs might experience one or more of the following symptoms:
  • Applications interacting with the V4 printer driver might close or error when printing. Issues might only be encountered when printing but might also be encountered at any time the app is running, depending on when the app interacts with the print driver.
  • The printer spooler service (spoolsv.exe) might close or error in jscript.dll with exception code 0xc0000005 causing the print jobs to stop processing. Only part of the print job might print and the rest might be canceled or error.
Note This issue also affects the Internet Explorer Cumulative Update KB4522007, release September 23, 2019.

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4520002. If you are using Security Only updates, see KB4519974 for resolving KB for your platform.

Back to top		September 24, 2019
KB4516030		Resolved
KB4520002		Resolved:
October 08, 2019
10:00 AM PT

Opened:
September 30, 2019
06:26 PM PT
Intermittent issues when printing
Applications and printer drivers that leverage the Windows Javascript engine (jscript.dll) for processing print jobs might experience one or more of the following symptoms:
  • Applications interacting with the V4 printer driver might close or error when printing. Issues might only be encountered when printing but might also be encountered at any time the app is running, depending on when the app interacts with the print driver.
  • The printer spooler service (spoolsv.exe) might close or error in jscript.dll with exception code 0xc0000005 causing the print jobs to stop processing. Only part of the print job might print and the rest might be canceled or error.
Note This issue also affects the Internet Explorer Cumulative Update KB4522007, release September 23, 2019.

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4520002. If you are using Security Only updates, see KB4519974 for resolving KB for your platform.

Back to top		September 24, 2019
KB4516030		Resolved
KB4520002		Resolved:
October 08, 2019
10:00 AM PT

Opened:
September 30, 2019
06:26 PM PT
" diff --git a/windows/release-information/resolved-issues-windows-server-2012.yml b/windows/release-information/resolved-issues-windows-server-2012.yml index fe6611a3e4..a3edb4121f 100644 --- a/windows/release-information/resolved-issues-windows-server-2012.yml +++ b/windows/release-information/resolved-issues-windows-server-2012.yml @@ -60,7 +60,7 @@ sections: - type: markdown text: " - +
DetailsOriginating updateStatusHistory
Intermittent issues when printing
Applications and printer drivers that leverage the Windows Javascript engine (jscript.dll) for processing print jobs might experience one or more of the following symptoms:
  • Applications interacting with the V4 printer driver might close or error when printing. Issues might only be encountered when printing but might also be encountered at any time the app is running, depending on when the app interacts with the print driver.
  • The printer spooler service (spoolsv.exe) might close or error in jscript.dll with exception code 0xc0000005 causing the print jobs to stop processing. Only part of the print job might print and the rest might be canceled or error.
Note This issue also affects the Internet Explorer Cumulative Update KB4522007, release September 23, 2019.

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4520007. If you are using Security Only updates, see KB4519974 for resolving KB for your platform.

Back to top		September 24, 2019
KB4516069		Resolved
KB4520007		Resolved:
October 08, 2019
10:00 AM PT

Opened:
September 30, 2019
06:26 PM PT
Intermittent issues when printing
Applications and printer drivers that leverage the Windows Javascript engine (jscript.dll) for processing print jobs might experience one or more of the following symptoms:
  • Applications interacting with the V4 printer driver might close or error when printing. Issues might only be encountered when printing but might also be encountered at any time the app is running, depending on when the app interacts with the print driver.
  • The printer spooler service (spoolsv.exe) might close or error in jscript.dll with exception code 0xc0000005 causing the print jobs to stop processing. Only part of the print job might print and the rest might be canceled or error.
Note This issue also affects the Internet Explorer Cumulative Update KB4522007, release September 23, 2019.

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4520007. If you are using Security Only updates, see KB4519974 for resolving KB for your platform.

Back to top		September 24, 2019
KB4516069		Resolved
KB4520007		Resolved:
October 08, 2019
10:00 AM PT

Opened:
September 30, 2019
06:26 PM PT
" diff --git a/windows/release-information/status-windows-7-and-windows-server-2008-r2-sp1.yml b/windows/release-information/status-windows-7-and-windows-server-2008-r2-sp1.yml index 594303eec5..133fd7bacf 100644 --- a/windows/release-information/status-windows-7-and-windows-server-2008-r2-sp1.yml +++ b/windows/release-information/status-windows-7-and-windows-server-2008-r2-sp1.yml @@ -60,6 +60,7 @@ sections: - type: markdown text: "
This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.

+ @@ -74,6 +75,15 @@ sections:
" +- title: February 2020 +- items: + - type: markdown + text: " +
SummaryOriginating updateStatusLast updated
After installing an update and restarting, you might receive an error
You might receive the error, “Failure to configure Windows updates. Reverting Changes.” or \"Failed\" in Update History.

See details >		February 11, 2020
KB4537820		Resolved
February 12, 2020
03:47 PM PT
Custom wallpaper displays as black
Using a custom image set to \"Stretch\" might not display as expected.

See details >		January 14, 2020
KB4534310		Resolved
KB4539601		February 07, 2020
10:00 AM PT
MSRT might fail to install and be re-offered from Windows Update or WSUS
The November 2019 update for Windows Malicious Software Removal Tool (MSRT) might fail to install from WU/WSUS.

See details >
Resolved
January 23, 2020
02:08 PM PT
TLS connections might fail or timeout
Transport Layer Security (TLS) connections might fail or timeout when connecting or attempting a resumption.

See details >		October 08, 2019
KB4519976		Mitigated External
November 05, 2019
03:36 PM PT
+ +
DetailsOriginating updateStatusHistory
After installing an update and restarting, you might receive an error
After installing KB4537820 and restarting your device, you might receive the error, “Failure to configure Windows updates. Reverting Changes. Do not turn off your computer,” and the update might show as Failed in Update History.

Affected platforms:
  • Client: Windows 7 SP1
  • Server: Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This is expected in the following circumstances:
  • If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see KB4497181.
  • If you do not have an ESU MAK add-on key installed and activated. 
If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this blog post. For information on the prerequisites, see the \"How to get this update\" section of this article.

Back to top		February 11, 2020
KB4537820		Resolved
Resolved:
February 12, 2020
03:47 PM PT

Opened:
February 12, 2020
03:47 PM PT
+ " + - title: January 2020 - items: - type: markdown diff --git a/windows/release-information/status-windows-server-2008-sp2.yml b/windows/release-information/status-windows-server-2008-sp2.yml index 122a392439..afe60f1877 100644 --- a/windows/release-information/status-windows-server-2008-sp2.yml +++ b/windows/release-information/status-windows-server-2008-sp2.yml @@ -60,6 +60,7 @@ sections: - type: markdown text: "
This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.

+
SummaryOriginating updateStatusLast updated
After installing an update and restarting, you might receive an error
You might receive the error, “Failure to configure Windows updates. Reverting Changes.” or \"Failed\" in Update History.

See details >		February 11, 2020
KB4537810		Resolved
February 12, 2020
03:47 PM PT
MSRT might fail to install and be re-offered from Windows Update or WSUS
The November 2019 update for Windows Malicious Software Removal Tool (MSRT) might fail to install from WU/WSUS.

See details >
Resolved
January 23, 2020
02:08 PM PT
TLS connections might fail or timeout
Transport Layer Security (TLS) connections might fail or timeout when connecting or attempting a resumption.

See details >		October 08, 2019
KB4520002		Mitigated External
November 05, 2019
03:36 PM PT
@@ -72,6 +73,15 @@ sections:
" +- title: February 2020 +- items: + - type: markdown + text: " + + +
DetailsOriginating updateStatusHistory
After installing an update and restarting, you might receive an error
After installing KB4537810 and restarting your device, you might receive the error, “Failure to configure Windows updates. Reverting Changes. Do not turn off your computer,” and the update might show as Failed in Update History.

Affected platforms:
  • Client: Windows 7 SP1
  • Server: Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This is expected in the following circumstances:
  • If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see KB4497181.
  • If you do not have an ESU MAK add-on key installed and activated. 
If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this blog post. For information on the prerequisites, see the \"How to get this update\" section of this article.

Back to top		February 11, 2020
KB4537810		Resolved
Resolved:
February 12, 2020
03:47 PM PT

Opened:
February 12, 2020
03:47 PM PT
+ " + - title: November 2019 - items: - type: markdown From d575aa834c31b03b43b6ce12f6736af5e2251003 Mon Sep 17 00:00:00 2001 From: Ashley Date: Thu, 13 Feb 2020 10:21:45 +0000 Subject: [PATCH 096/112] Fix typo in 'firmware' --- devices/surface/surface-dock-firmware-update.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/devices/surface/surface-dock-firmware-update.md b/devices/surface/surface-dock-firmware-update.md index ad38fb9081..aac758fa29 100644 --- a/devices/surface/surface-dock-firmware-update.md +++ b/devices/surface/surface-dock-firmware-update.md @@ -21,7 +21,7 @@ Microsoft Surface Dock Firmware Update supersedes the earlier Microsoft Surface > [!IMPORTANT] >Microsoft periodically releases new versions of Surface Dock Firmware Update. The MSI file is not self-updating. If you have deployed the MSI to Surface devices and a new version of the firmware is released, you will need to deploy the new version. -## Monitor the Surface Dock Firmare Update +## Monitor the Surface Dock Firmware Update This section is optional and provides an overview of how to monitor installation of the firmware update. When you are ready to install the update, see [Install the Surface Dock Firmware Update](#install-the-surface-dock-firmware-update) below. For more detailed information about monitoring the update process, see the following sections in this article: - [How to verify completion of firmware update](#how-to-verify-completion-of-the-firmware-update) From c08f3ac58b346138263c595139363ec2eae49412 Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Thu, 13 Feb 2020 09:56:58 -0800 Subject: [PATCH 097/112] Update configure-local-policy-overrides-windows-defender-antivirus.md https://github.com/MicrosoftDocs/windows-itpro-docs/issues/5597 --- ...e-local-policy-overrides-windows-defender-antivirus.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/windows/security/threat-protection/windows-defender-antivirus/configure-local-policy-overrides-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/configure-local-policy-overrides-windows-defender-antivirus.md index fa061b9284..59f19f11c9 100644 --- a/windows/security/threat-protection/windows-defender-antivirus/configure-local-policy-overrides-windows-defender-antivirus.md +++ b/windows/security/threat-protection/windows-defender-antivirus/configure-local-policy-overrides-windows-defender-antivirus.md @@ -12,7 +12,7 @@ ms.localizationpriority: medium author: denisebmsft ms.author: deniseb ms.custom: nextgen -ms.date: 09/03/2018 +ms.date: 02/13/2020 ms.reviewer: manager: dansimp --- @@ -47,7 +47,7 @@ To configure these settings: 5. Deploy the Group Policy Object as usual. -Location | Setting | Configuration topic +Location | Setting | Article ---|---|---|--- MAPS | Configure local setting override for reporting to Microsoft MAPS | [Enable cloud-delivered protection](enable-cloud-protection-windows-defender-antivirus.md) Quarantine | Configure local setting override for the removal of items from Quarantine folder | [Configure remediation for scans](configure-remediation-windows-defender-antivirus.md) @@ -67,13 +67,13 @@ Scan | Configure local setting override for the scan type to use for a scheduled ## Configure how locally and globally defined threat remediation and exclusions lists are merged -You can also configure how locally defined lists are combined or merged with globally defined lists. This setting applies to [exclusion lists](configure-exclusions-windows-defender-antivirus.md) and [specified remediation lists](configure-remediation-windows-defender-antivirus.md). +You can also configure how locally defined lists are combined or merged with globally defined lists. This setting applies to [exclusion lists](configure-exclusions-windows-defender-antivirus.md), [specified remediation lists](configure-remediation-windows-defender-antivirus.md), and [attack surface reduction](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/attack-surface-reduction). By default, lists that have been configured in local group policy and the Windows Security app are merged with lists that are defined by the appropriate Group Policy Object that you have deployed on your network. Where there are conflicts, the globally-defined list takes precedence. You can disable this setting to ensure that only globally-defined lists (such as those from any deployed GPOs) are used. -**Use Group Policy to disable local list merging:** +### Use Group Policy to disable local list merging 1. On your Group Policy management computer, open the [Group Policy Management Console](https://technet.microsoft.com/library/cc731212.aspx), right-click the Group Policy Object you want to configure and click **Edit**. From c9e64100a631876bfe00f214834d9ba7204150e1 Mon Sep 17 00:00:00 2001 From: jaimeo Date: Thu, 13 Feb 2020 12:39:53 -0800 Subject: [PATCH 098/112] rewording note about 30-month support window --- windows/deployment/update/waas-overview.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/deployment/update/waas-overview.md b/windows/deployment/update/waas-overview.md index 812e47c937..cd447823e3 100644 --- a/windows/deployment/update/waas-overview.md +++ b/windows/deployment/update/waas-overview.md @@ -118,7 +118,7 @@ When Microsoft officially releases a feature update for Windows 10, it is made a Organizations are expected to initiate targeted deployment on Semi-Annual Channel releases. All customers, independent software vendors (ISVs), and partners should use this time for testing and piloting within their environments. After 2-4 months, we will transition to broad deployment and encourage customers and partners to expand and accelerate the deployment of the release. For customers using Windows Update for Business, the Semi-Annual Channel provides three months of additional total deployment time before being required to update to the next release. > [!NOTE] -> All releases of Windows 10 have 18 months of servicing for all editions--these updates provide security and feature updates for the release. Customers running Enterprise and Education editions have an additional 12 months of servicing for specific Windows 10 releases, for a total of 30 months from initial release. These versions include Enterprise and Education editions for Windows 10, versions 1607 and later. Starting in October 2018, all Semi-Annual Channel releases in the September/October timeframe will also have the additional 12 months of servicing for a total of 30 months from the initial release. The Semi-Annual Channel versions released in March/April timeframe will continue to have an 18-month lifecycle. +> All releases of Windows 10 have **18 months of servicing for all editions**--these updates provide security and feature updates for the release. However, fall releases of the **Enterprise and Education editions** will have an **additional 12 months of servicing for specific Windows 10 releases, for a total of 30 months from initial release**. This extended servicing window applies to Enterprise and Education editions starting with Windows 10, version 1607. > > > [!NOTE] From 77154dfab60f08a30c48cad270b7bf93eaf25679 Mon Sep 17 00:00:00 2001 From: John Kaiser <35939694+CoveMiner@users.noreply.github.com> Date: Thu, 13 Feb 2020 14:40:12 -0800 Subject: [PATCH 099/112] Update windows-autopilot-and-surface-devices.md --- devices/surface/windows-autopilot-and-surface-devices.md | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/devices/surface/windows-autopilot-and-surface-devices.md b/devices/surface/windows-autopilot-and-surface-devices.md index 2ad84a094e..3de0dd3ef5 100644 --- a/devices/surface/windows-autopilot-and-surface-devices.md +++ b/devices/surface/windows-autopilot-and-surface-devices.md @@ -13,7 +13,7 @@ ms.author: dansimp ms.topic: article ms.localizationpriority: medium ms.audience: itpro -ms.date: 02/06/2020 +ms.date: 02/13/2020 --- # Windows Autopilot and Surface devices @@ -36,6 +36,13 @@ Broad deployment of Surface devices through Windows Autopilot, including enrollm These Windows versions support a 4,000-byte (4k) hash value that uniquely identifies devices for Windows Autopilot, which is necessary for deployments at scale. All new Surface devices, including Surface Pro 7, Surface Pro X, and Surface Laptop 3, ship with Windows 10 Version 1903 or later. +## Exchange experience on Surface devices in need of repair + +When receiving an exchange service order directly from a customer, Microsoft automatically checks for Windows Autopilot service enrollment and then deregisters the device from the customer’s tenant. Upon shipping back to the customer, Microsoft ensures the replacement device is enrolled into Windows Autopilot. + +> [!NOTE] +> When customers use a Partner to return devices, the Partner is responsible for managing the exchange process including deregistering and enrolling devices into Windows Autopilot. + ## Surface partners enabled for Windows Autopilot Select Surface partners can enroll Surface devices in Windows Autopilot for you at the time of purchase. They can also ship enrolled devices directly to your users. The devices can be configured entirely through a zero-touch process by using Windows Autopilot, Azure AD, and mobile device management. From 5571c2ddfe852324fbb55b005097d481b8fa74f7 Mon Sep 17 00:00:00 2001 From: John Kaiser <35939694+CoveMiner@users.noreply.github.com> Date: Thu, 13 Feb 2020 14:57:20 -0800 Subject: [PATCH 100/112] Update windows-autopilot-and-surface-devices.md --- devices/surface/windows-autopilot-and-surface-devices.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/devices/surface/windows-autopilot-and-surface-devices.md b/devices/surface/windows-autopilot-and-surface-devices.md index 3de0dd3ef5..add490a9a7 100644 --- a/devices/surface/windows-autopilot-and-surface-devices.md +++ b/devices/surface/windows-autopilot-and-surface-devices.md @@ -36,9 +36,9 @@ Broad deployment of Surface devices through Windows Autopilot, including enrollm These Windows versions support a 4,000-byte (4k) hash value that uniquely identifies devices for Windows Autopilot, which is necessary for deployments at scale. All new Surface devices, including Surface Pro 7, Surface Pro X, and Surface Laptop 3, ship with Windows 10 Version 1903 or later. -## Exchange experience on Surface devices in need of repair +## Exchange experience on Surface devices in need of repair or replacement -When receiving an exchange service order directly from a customer, Microsoft automatically checks for Windows Autopilot service enrollment and then deregisters the device from the customer’s tenant. Upon shipping back to the customer, Microsoft ensures the replacement device is enrolled into Windows Autopilot. +Microsoft automatically checks every Surface for Autopilot enrollment and will deregister the device from the customer’s tenant. Microsoft ensures the replacement device is enrolled into Windows Autopilot once a replacement is shipped back to the customer. This service is available on all device exchange service orders directly with Microsoft. > [!NOTE] > When customers use a Partner to return devices, the Partner is responsible for managing the exchange process including deregistering and enrolling devices into Windows Autopilot. From 64abfb29cf40c3dcee8268ba64df4d8dbe0e8f93 Mon Sep 17 00:00:00 2001 From: John Liu <49762389+ShenLanJohn@users.noreply.github.com> Date: Thu, 13 Feb 2020 17:07:00 -0800 Subject: [PATCH 101/112] CAT Auto Pulish for Windows Release Messages - CAT_AutoPublish_20200213163023 (#2059) Co-authored-by: Direesh Kumar Kandakatla --- .../release-information/resolved-issues-windows-10-1607.yml | 5 ----- .../release-information/resolved-issues-windows-10-1709.yml | 3 --- .../release-information/resolved-issues-windows-10-1803.yml | 3 --- ...solved-issues-windows-10-1809-and-windows-server-2019.yml | 3 --- ...olved-issues-windows-7-and-windows-server-2008-r2-sp1.yml | 4 ++-- .../resolved-issues-windows-server-2008-sp2.yml | 4 ++-- .../status-windows-7-and-windows-server-2008-r2-sp1.yml | 4 ++-- .../release-information/status-windows-server-2008-sp2.yml | 4 ++-- windows/release-information/windows-message-center.yml | 4 +--- 9 files changed, 9 insertions(+), 25 deletions(-) diff --git a/windows/release-information/resolved-issues-windows-10-1607.yml b/windows/release-information/resolved-issues-windows-10-1607.yml index 343f302b6c..cabf372d2e 100644 --- a/windows/release-information/resolved-issues-windows-10-1607.yml +++ b/windows/release-information/resolved-issues-windows-10-1607.yml @@ -36,10 +36,8 @@ sections:
Intermittent issues when printing
The print spooler service may intermittently have issues completing a print job and results print job failure.

See details >OS Build 14393.3206

September 23, 2019
KB4522010Resolved
KB4519998October 08, 2019
10:00 AM PT
IME may become unresponsive or have High CPU usage
Some Input Method Editor (IME) including ChsIME.EXE and ChtIME.EXE, may become unresponsive or may have high CPU usage.

See details >OS Build 14393.3204

September 10, 2019
KB4516044Resolved
September 17, 2019
04:47 PM PT
Apps and scripts using the NetQueryDisplayInformation API may fail with error
Applications and scripts that call NetQueryDisplayInformation may fail to return results after the first page of data.

See details >OS Build 14393.3053

June 18, 2019
KB4503294Resolved
KB4516044September 10, 2019
10:00 AM PT -
Domain connected devices that use MIT Kerberos realms will not start up
Devices may not start after updating when connected to a domain that is configured to use MIT Kerberos realms.

See details >OS Build 14393.3115

July 16, 2019
KB4507459Resolved
KB4512517August 13, 2019
10:00 AM PT
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using PXE images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"

See details >OS Build 14393.3025

June 11, 2019
KB4503267Resolved
KB4512495August 17, 2019
02:00 PM PT
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
Applications made using VB6, macros using VBA, and VBScript may stop responding and you may receive an error.

See details >OS Build 14393.3144

August 13, 2019
KB4512517Resolved
KB4512495August 17, 2019
02:00 PM PT -
Internet Explorer 11 and apps using the WebBrowser control may fail to render
JavaScript may fail to render as expected in IE11 and in apps using JavaScript or the WebBrowser control.

See details >OS Build 14393.3085

July 09, 2019
KB4507460Resolved
KB4512517August 13, 2019
10:00 AM PT " @@ -75,10 +73,7 @@ sections: - type: markdown text: " - -
DetailsOriginating updateStatusHistory
Domain connected devices that use MIT Kerberos realms will not start up
Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after installation of KB4507459. Devices that are domain controllers or domain members are both affected.

To safeguard your update experience, we have applied a compatibility hold on devices configured to use MIT Kerberos realm from being offered Windows 10, version 1903 or Windows Server, version 1903.

Note If you are not sure if your device is affected, contact your administrator. Advanced users can check for “Define interoperable Kerberos v5 realm settings” policy under Computer Configuration -> Policies -> Administrative Templates > System -> Kerberos or check if this registry key exists:
HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\Kerberos\\MitRealms
-

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016
Resolution: This issue was resolved in KB4512517 and the safeguard hold has been removed. Please note, it can take up to 48 hours before you can update to offered Windows 10, version 1903 or Windows Server, version 1903.

Back to top		OS Build 14393.3115

July 16, 2019
KB4507459		Resolved
KB4512517		Resolved:
August 13, 2019
10:00 AM PT

Opened:
July 25, 2019
06:10 PM PT
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) or System Center Configuration Manager (SCCM) may fail to start with the error \"Status: 0xc0000001, Info: A required device isn't connected or can't be accessed\" after installing KB4503267 on a WDS server.

Affected platforms:
  • Server: Windows Server 2008 SP2; Windows Server 2008 R2 SP1; Windows Server 2012; Windows Server 2012 R2; Windows Server 2016; Windows Server, version 1803; Windows Server 2019; Windows Server, version 1809; Windows Server, version 1903
Resolution: This issue was resolved in KB4512495.

Back to top		OS Build 14393.3025

June 11, 2019
KB4503267		Resolved
KB4512495		Resolved:
August 17, 2019
02:00 PM PT

Opened:
July 10, 2019
02:51 PM PT
Internet Explorer 11 and apps using the WebBrowser control may fail to render
Internet Explorer 11 may fail to render some JavaScript after installing KB4507460. You may also have issues with apps using JavaScript or the WebBrowser control, such as the present PowerPoint feature of Skype Meeting Broadcast.

Affected platforms:
  • Client: Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
  • Server: Windows Server 2016
Resolution: This issue was resolved in KB4512517.

Back to top		OS Build 14393.3085

July 09, 2019
KB4507460		Resolved
KB4512517		Resolved:
August 13, 2019
10:00 AM PT

Opened:
July 26, 2019
04:58 PM PT
" diff --git a/windows/release-information/resolved-issues-windows-10-1709.yml b/windows/release-information/resolved-issues-windows-10-1709.yml index 3141761298..669db319e1 100644 --- a/windows/release-information/resolved-issues-windows-10-1709.yml +++ b/windows/release-information/resolved-issues-windows-10-1709.yml @@ -35,7 +35,6 @@ sections:
Unable to create local users in Chinese, Japanese and Korean during device setup
You might be unable to create users in Chinese, Japanese and Korean using Input Method Editor (IME) during OOBE.

See details >OS Build 16299.1387

September 10, 2019
KB4516066Resolved
KB4534318January 23, 2020
02:00 PM PT
Intermittent issues when printing
The print spooler service may intermittently have issues completing a print job and results print job failure.

See details >OS Build 16299.1392

September 23, 2019
KB4522012Resolved
KB4520004October 08, 2019
10:00 AM PT
IME may become unresponsive or have High CPU usage
Some Input Method Editor (IME) including ChsIME.EXE and ChtIME.EXE, may become unresponsive or may have high CPU usage.

See details >OS Build 16299.1387

September 10, 2019
KB4516066Resolved
September 19, 2019
04:08 PM PT -
Domain connected devices that use MIT Kerberos realms will not start up
Devices may not start after updating when connected to a domain that is configured to use MIT Kerberos realms.

See details >OS Build 16299.1296

July 16, 2019
KB4507465Resolved
KB4512516August 13, 2019
10:00 AM PT
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using PXE images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"

See details >OS Build 16299.1217

June 11, 2019
KB4503284Resolved
KB4512494August 16, 2019
02:00 PM PT
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
Applications made using VB6, macros using VBA, and VBScript may stop responding and you may receive an error.

See details >OS Build 16299.1331

August 13, 2019
KB4512516Resolved
KB4512494August 16, 2019
02:00 PM PT @@ -81,8 +80,6 @@ sections: - type: markdown text: " -
DetailsOriginating updateStatusHistory
Domain connected devices that use MIT Kerberos realms will not start up
Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after installation of KB4507465. Devices that are domain controllers or domain members are both affected.

To safeguard your update experience, we have applied a compatibility hold on devices configured to use MIT Kerberos realm from being offered Windows 10, version 1903 or Windows Server, version 1903.

Note If you are not sure if your device is affected, contact your administrator. Advanced users can check for “Define interoperable Kerberos v5 realm settings” policy under Computer Configuration -> Policies -> Administrative Templates > System -> Kerberos or check if this registry key exists:
HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\Kerberos\\MitRealms
-

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016
Resolution: This issue was resolved in KB4512516 and the safeguard hold has been removed. Please note, it can take up to 48 hours before you can update to offered Windows 10, version 1903 or Windows Server, version 1903.

Back to top		OS Build 16299.1296

July 16, 2019
KB4507465		Resolved
KB4512516		Resolved:
August 13, 2019
10:00 AM PT

Opened:
July 25, 2019
06:10 PM PT
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) or System Center Configuration Manager (SCCM) may fail to start with the error \"Status: 0xc0000001, Info: A required device isn't connected or can't be accessed\" after installing KB4503284 on a WDS server.

Affected platforms:
  • Server: Windows Server 2008 SP2; Windows Server 2008 R2 SP1; Windows Server 2012; Windows Server 2012 R2; Windows Server 2016; Windows Server, version 1803; Windows Server 2019; Windows Server, version 1809; Windows Server, version 1903
Resolution: This issue was resolved in KB4512494.

Back to top		OS Build 16299.1217

June 11, 2019
KB4503284		Resolved
KB4512494		Resolved:
August 16, 2019
02:00 PM PT

Opened:
July 10, 2019
02:51 PM PT
" diff --git a/windows/release-information/resolved-issues-windows-10-1803.yml b/windows/release-information/resolved-issues-windows-10-1803.yml index 37a0f56eab..c5f045f610 100644 --- a/windows/release-information/resolved-issues-windows-10-1803.yml +++ b/windows/release-information/resolved-issues-windows-10-1803.yml @@ -37,7 +37,6 @@ sections:
Startup to a black screen after installing updates
Your device may startup to a black screen during the first logon after installing updates.

See details >OS Build 17134.829

June 11, 2019
KB4503286Resolved
KB4519978October 15, 2019
10:00 AM PT
Intermittent issues when printing
The print spooler service may intermittently have issues completing a print job and results print job failure.

See details >OS Build 17134.1009

September 23, 2019
KB4522014Resolved
KB4520008October 08, 2019
10:00 AM PT
IME may become unresponsive or have High CPU usage
Some Input Method Editor (IME) including ChsIME.EXE and ChtIME.EXE, may become unresponsive or may have high CPU usage.

See details >OS Build 17134.1006

September 10, 2019
KB4516058Resolved
September 19, 2019
04:08 PM PT -
Domain connected devices that use MIT Kerberos realms will not start up
Devices may not start after updating when connected to a domain that is configured to use MIT Kerberos realms.

See details >OS Build 17134.915

July 16, 2019
KB4507466Resolved
KB4512501August 13, 2019
10:00 AM PT
Notification issue: \"Your device is missing important security and quality fixes.\"
Some users may have incorrectly received the notification \"Your device is missing important security and quality fixes.\"

See details >N/A

Resolved
September 03, 2019
12:32 PM PT
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using PXE images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"

See details >OS Build 17134.829

June 11, 2019
KB4503286Resolved
KB4512509August 19, 2019
02:00 PM PT
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
Applications made using VB6, macros using VBA, and VBScript may stop responding and you may receive an error.

See details >OS Build 17134.950

August 13, 2019
KB4512501Resolved
KB4512509August 19, 2019
02:00 PM PT @@ -86,8 +85,6 @@ sections: - type: markdown text: " -
DetailsOriginating updateStatusHistory
Domain connected devices that use MIT Kerberos realms will not start up
Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after installation of KB4507466. Devices that are domain controllers or domain members are both affected.

To safeguard your update experience, we have applied a compatibility hold on devices configured to use MIT Kerberos realm from being offered Windows 10, version 1903 or Windows Server, version 1903.

Note If you are not sure if your device is affected, contact your administrator. Advanced users can check for “Define interoperable Kerberos v5 realm settings” policy under Computer Configuration -> Policies -> Administrative Templates > System -> Kerberos or check if this registry key exists:
HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\Kerberos\\MitRealms
-

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016
Resolution: This issue was resolved in KB4512501 and the safeguard hold has been removed. Please note, it can take up to 48 hours before you can update to offered Windows 10, version 1903 or Windows Server, version 1903.

Back to top		OS Build 17134.915

July 16, 2019
KB4507466		Resolved
KB4512501		Resolved:
August 13, 2019
10:00 AM PT

Opened:
July 25, 2019
06:10 PM PT
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) or System Center Configuration Manager (SCCM) may fail to start with the error \"Status: 0xc0000001, Info: A required device isn't connected or can't be accessed\" after installing KB4503286 on a WDS server.

Affected platforms:
  • Server: Windows Server 2008 SP2; Windows Server 2008 R2 SP1; Windows Server 2012; Windows Server 2012 R2; Windows Server 2016; Windows Server, version 1803; Windows Server 2019; Windows Server, version 1809; Windows Server, version 1903
Resolution: This issue was resolved in KB4512509.

Back to top		OS Build 17134.829

June 11, 2019
KB4503286		Resolved
KB4512509		Resolved:
August 19, 2019
02:00 PM PT

Opened:
July 10, 2019
02:51 PM PT
" diff --git a/windows/release-information/resolved-issues-windows-10-1809-and-windows-server-2019.yml b/windows/release-information/resolved-issues-windows-10-1809-and-windows-server-2019.yml index fe9b47b46b..727b436221 100644 --- a/windows/release-information/resolved-issues-windows-10-1809-and-windows-server-2019.yml +++ b/windows/release-information/resolved-issues-windows-10-1809-and-windows-server-2019.yml @@ -39,7 +39,6 @@ sections:
Intermittent issues when printing
The print spooler service may intermittently have issues completing a print job and results print job failure.

See details >OS Build 17763.740

September 23, 2019
KB4522015Resolved
KB4519338October 08, 2019
10:00 AM PT
Apps and scripts using the NetQueryDisplayInformation API may fail with error
Applications and scripts that call NetQueryDisplayInformation may fail to return results after the first page of data.

See details >OS Build 17763.55

October 09, 2018
KB4464330Resolved
KB4516077September 24, 2019
10:00 AM PT
IME may become unresponsive or have High CPU usage
Some Input Method Editor (IME) including ChsIME.EXE and ChtIME.EXE, may become unresponsive or may have high CPU usage.

See details >OS Build 17763.737

September 10, 2019
KB4512578Resolved
September 19, 2019
04:08 PM PT -
Domain connected devices that use MIT Kerberos realms will not start up
Devices may not start after updating when connected to a domain that is configured to use MIT Kerberos realms.

See details >OS Build 17763.652

July 22, 2019
KB4505658Resolved
KB4511553August 13, 2019
10:00 AM PT
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using PXE images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"

See details >OS Build 17763.557

June 11, 2019
KB4503327Resolved
KB4512534August 17, 2019
02:00 PM PT
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
Applications made using VB6, macros using VBA, and VBScript may stop responding and you may receive an error.

See details >OS Build 17763.678

August 13, 2019
KB4511553Resolved
KB4512534August 17, 2019
02:00 PM PT @@ -88,8 +87,6 @@ sections: - type: markdown text: " -
DetailsOriginating updateStatusHistory
Domain connected devices that use MIT Kerberos realms will not start up
Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after installation of KB4505658. Devices that are domain controllers or domain members are both affected.

To safeguard your update experience, we have applied a compatibility hold on devices configured to use MIT Kerberos realm from being offered Windows 10, version 1903 or Windows Server, version 1903.

Note If you are not sure if your device is affected, contact your administrator. Advanced users can check for “Define interoperable Kerberos v5 realm settings” policy under Computer Configuration -> Policies -> Administrative Templates > System -> Kerberos or check if this registry key exists:
HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\Kerberos\\MitRealms
-

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016
Resolution: This issue was resolved in KB4511553 and the safeguard hold has been removed. Please note, it can take up to 48 hours before you can update to offered Windows 10, version 1903 or Windows Server, version 1903.

Back to top		OS Build 17763.652

July 22, 2019
KB4505658		Resolved
KB4511553		Resolved:
August 13, 2019
10:00 AM PT

Opened:
July 25, 2019
06:10 PM PT
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) or System Center Configuration Manager (SCCM) may fail to start with the error \"Status: 0xc0000001, Info: A required device isn't connected or can't be accessed\" after installing KB4503327 on a WDS server.

Affected platforms:
  • Server: Windows Server 2008 SP2; Windows Server 2008 R2 SP1; Windows Server 2012; Windows Server 2012 R2; Windows Server 2016; Windows Server, version 1803; Windows Server 2019; Windows Server, version 1809; Windows Server, version 1903
Resolution: This issue was resolved in KB4512534.

Back to top		OS Build 17763.557

June 11, 2019
KB4503327		Resolved
KB4512534		Resolved:
August 17, 2019
02:00 PM PT

Opened:
July 10, 2019
02:51 PM PT
" diff --git a/windows/release-information/resolved-issues-windows-7-and-windows-server-2008-r2-sp1.yml b/windows/release-information/resolved-issues-windows-7-and-windows-server-2008-r2-sp1.yml index cf77e81898..8ae49f0e18 100644 --- a/windows/release-information/resolved-issues-windows-7-and-windows-server-2008-r2-sp1.yml +++ b/windows/release-information/resolved-issues-windows-7-and-windows-server-2008-r2-sp1.yml @@ -32,7 +32,7 @@ sections: - type: markdown text: " - + @@ -56,7 +56,7 @@ sections: - type: markdown text: "
SummaryOriginating updateStatusDate resolved
After installing an update and restarting, you might receive an error
You might receive the error, “Failure to configure Windows updates. Reverting Changes.” or \"Failed\" in Update History.

See details >		February 11, 2020
KB4537820		Resolved
February 12, 2020
03:47 PM PT
After installing an update and restarting, you might receive an error
You might receive the error, “Failure to configure Windows updates. Reverting Changes.” or \"Failed\" in Update History.

See details >		February 11, 2020
KB4537820		Resolved
February 12, 2020
05:37 PM PT
Custom wallpaper displays as black
Using a custom image set to \"Stretch\" might not display as expected.

See details >		January 14, 2020
KB4534310		Resolved
KB4539601		February 07, 2020
10:00 AM PT
MSRT might fail to install and be re-offered from Windows Update or WSUS
The November 2019 update for Windows Malicious Software Removal Tool (MSRT) might fail to install from WU/WSUS.

See details >
Resolved
January 23, 2020
02:08 PM PT
Intermittent issues when printing
The print spooler service may intermittently have issues completing a print job and results print job failure.

See details >		September 24, 2019
KB4516048		Resolved
KB4519976		October 08, 2019
10:00 AM PT
- +
DetailsOriginating updateStatusHistory
After installing an update and restarting, you might receive an error
After installing KB4537820 and restarting your device, you might receive the error, “Failure to configure Windows updates. Reverting Changes. Do not turn off your computer,” and the update might show as Failed in Update History.

Affected platforms:
  • Client: Windows 7 SP1
  • Server: Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This is expected in the following circumstances:
  • If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see KB4497181.
  • If you do not have an ESU MAK add-on key installed and activated. 
If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this blog post. For information on the prerequisites, see the \"How to get this update\" section of this article.

Back to top		February 11, 2020
KB4537820		Resolved
Resolved:
February 12, 2020
03:47 PM PT

Opened:
February 12, 2020
03:47 PM PT
After installing an update and restarting, you might receive an error
After installing KB4537820 and restarting your device, you might receive the error, “Failure to configure Windows updates. Reverting Changes. Do not turn off your computer,” and the update might show as Failed in Update History.

Affected platforms:
  • Client: Windows 7 SP1
  • Server: Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This is expected in the following circumstances:
  • If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see KB4497181.
  • If you do not have an ESU MAK add-on key installed and activated. 
If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this blog post. For information on the prerequisites, see the \"How to get this update\" section of this article.

Back to top		February 11, 2020
KB4537820		Resolved
Resolved:
February 12, 2020
05:37 PM PT

Opened:
February 12, 2020
03:47 PM PT
" diff --git a/windows/release-information/resolved-issues-windows-server-2008-sp2.yml b/windows/release-information/resolved-issues-windows-server-2008-sp2.yml index 81e984e8c7..a86f0270a1 100644 --- a/windows/release-information/resolved-issues-windows-server-2008-sp2.yml +++ b/windows/release-information/resolved-issues-windows-server-2008-sp2.yml @@ -32,7 +32,7 @@ sections: - type: markdown text: " - + @@ -53,7 +53,7 @@ sections: - type: markdown text: "
SummaryOriginating updateStatusDate resolved
After installing an update and restarting, you might receive an error
You might receive the error, “Failure to configure Windows updates. Reverting Changes.” or \"Failed\" in Update History.

See details >		February 11, 2020
KB4537810		Resolved
February 12, 2020
03:47 PM PT
After installing an update and restarting, you might receive an error
You might receive the error, “Failure to configure Windows updates. Reverting Changes.” or \"Failed\" in Update History.

See details >		February 11, 2020
KB4537810		Resolved
February 12, 2020
05:37 PM PT
MSRT might fail to install and be re-offered from Windows Update or WSUS
The November 2019 update for Windows Malicious Software Removal Tool (MSRT) might fail to install from WU/WSUS.

See details >
Resolved
January 23, 2020
02:08 PM PT
Issues manually installing updates by double-clicking the .msu file
You may encounter issues manually installing updates by double-clicking the .msu file and may receive an error.

See details >		September 10, 2019
KB4474419		Resolved
KB4474419		September 23, 2019
10:00 AM PT
Intermittent issues when printing
The print spooler service may intermittently have issues completing a print job and results print job failure.

See details >		September 24, 2019
KB4516030		Resolved
KB4520002		October 08, 2019
10:00 AM PT
- +
DetailsOriginating updateStatusHistory
After installing an update and restarting, you might receive an error
After installing KB4537810 and restarting your device, you might receive the error, “Failure to configure Windows updates. Reverting Changes. Do not turn off your computer,” and the update might show as Failed in Update History.

Affected platforms:
  • Client: Windows 7 SP1
  • Server: Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This is expected in the following circumstances:
  • If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see KB4497181.
  • If you do not have an ESU MAK add-on key installed and activated. 
If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this blog post. For information on the prerequisites, see the \"How to get this update\" section of this article.

Back to top		February 11, 2020
KB4537810		Resolved
Resolved:
February 12, 2020
03:47 PM PT

Opened:
February 12, 2020
03:47 PM PT
After installing an update and restarting, you might receive an error
After installing KB4537810 and restarting your device, you might receive the error, “Failure to configure Windows updates. Reverting Changes. Do not turn off your computer,” and the update might show as Failed in Update History.

Affected platforms:
  • Client: Windows 7 SP1
  • Server: Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This is expected in the following circumstances:
  • If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see KB4497181.
  • If you do not have an ESU MAK add-on key installed and activated. 
If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this blog post. For information on the prerequisites, see the \"How to get this update\" section of this article.

Back to top		February 11, 2020
KB4537810		Resolved
Resolved:
February 12, 2020
05:37 PM PT

Opened:
February 12, 2020
03:47 PM PT
" diff --git a/windows/release-information/status-windows-7-and-windows-server-2008-r2-sp1.yml b/windows/release-information/status-windows-7-and-windows-server-2008-r2-sp1.yml index 133fd7bacf..d47c63c516 100644 --- a/windows/release-information/status-windows-7-and-windows-server-2008-r2-sp1.yml +++ b/windows/release-information/status-windows-7-and-windows-server-2008-r2-sp1.yml @@ -60,7 +60,7 @@ sections: - type: markdown text: "
This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.

- + @@ -80,7 +80,7 @@ sections: - type: markdown text: "
SummaryOriginating updateStatusLast updated
After installing an update and restarting, you might receive an error
You might receive the error, “Failure to configure Windows updates. Reverting Changes.” or \"Failed\" in Update History.

See details >		February 11, 2020
KB4537820		Resolved
February 12, 2020
03:47 PM PT
After installing an update and restarting, you might receive an error
You might receive the error, “Failure to configure Windows updates. Reverting Changes.” or \"Failed\" in Update History.

See details >		February 11, 2020
KB4537820		Resolved
February 12, 2020
05:37 PM PT
Custom wallpaper displays as black
Using a custom image set to \"Stretch\" might not display as expected.

See details >		January 14, 2020
KB4534310		Resolved
KB4539601		February 07, 2020
10:00 AM PT
MSRT might fail to install and be re-offered from Windows Update or WSUS
The November 2019 update for Windows Malicious Software Removal Tool (MSRT) might fail to install from WU/WSUS.

See details >
Resolved
January 23, 2020
02:08 PM PT
TLS connections might fail or timeout
Transport Layer Security (TLS) connections might fail or timeout when connecting or attempting a resumption.

See details >		October 08, 2019
KB4519976		Mitigated External
November 05, 2019
03:36 PM PT
- +
DetailsOriginating updateStatusHistory
After installing an update and restarting, you might receive an error
After installing KB4537820 and restarting your device, you might receive the error, “Failure to configure Windows updates. Reverting Changes. Do not turn off your computer,” and the update might show as Failed in Update History.

Affected platforms:
  • Client: Windows 7 SP1
  • Server: Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This is expected in the following circumstances:
  • If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see KB4497181.
  • If you do not have an ESU MAK add-on key installed and activated. 
If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this blog post. For information on the prerequisites, see the \"How to get this update\" section of this article.

Back to top		February 11, 2020
KB4537820		Resolved
Resolved:
February 12, 2020
03:47 PM PT

Opened:
February 12, 2020
03:47 PM PT
After installing an update and restarting, you might receive an error
After installing KB4537820 and restarting your device, you might receive the error, “Failure to configure Windows updates. Reverting Changes. Do not turn off your computer,” and the update might show as Failed in Update History.

Affected platforms:
  • Client: Windows 7 SP1
  • Server: Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This is expected in the following circumstances:
  • If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see KB4497181.
  • If you do not have an ESU MAK add-on key installed and activated. 
If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this blog post. For information on the prerequisites, see the \"How to get this update\" section of this article.

Back to top		February 11, 2020
KB4537820		Resolved
Resolved:
February 12, 2020
05:37 PM PT

Opened:
February 12, 2020
03:47 PM PT
" diff --git a/windows/release-information/status-windows-server-2008-sp2.yml b/windows/release-information/status-windows-server-2008-sp2.yml index afe60f1877..44b16a1a5e 100644 --- a/windows/release-information/status-windows-server-2008-sp2.yml +++ b/windows/release-information/status-windows-server-2008-sp2.yml @@ -60,7 +60,7 @@ sections: - type: markdown text: "
This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.

- +
SummaryOriginating updateStatusLast updated
After installing an update and restarting, you might receive an error
You might receive the error, “Failure to configure Windows updates. Reverting Changes.” or \"Failed\" in Update History.

See details >		February 11, 2020
KB4537810		Resolved
February 12, 2020
03:47 PM PT
After installing an update and restarting, you might receive an error
You might receive the error, “Failure to configure Windows updates. Reverting Changes.” or \"Failed\" in Update History.

See details >		February 11, 2020
KB4537810		Resolved
February 12, 2020
05:37 PM PT
MSRT might fail to install and be re-offered from Windows Update or WSUS
The November 2019 update for Windows Malicious Software Removal Tool (MSRT) might fail to install from WU/WSUS.

See details >
Resolved
January 23, 2020
02:08 PM PT
TLS connections might fail or timeout
Transport Layer Security (TLS) connections might fail or timeout when connecting or attempting a resumption.

See details >		October 08, 2019
KB4520002		Mitigated External
November 05, 2019
03:36 PM PT
@@ -78,7 +78,7 @@ sections: - type: markdown text: " - +
DetailsOriginating updateStatusHistory
After installing an update and restarting, you might receive an error
After installing KB4537810 and restarting your device, you might receive the error, “Failure to configure Windows updates. Reverting Changes. Do not turn off your computer,” and the update might show as Failed in Update History.

Affected platforms:
  • Client: Windows 7 SP1
  • Server: Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This is expected in the following circumstances:
  • If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see KB4497181.
  • If you do not have an ESU MAK add-on key installed and activated. 
If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this blog post. For information on the prerequisites, see the \"How to get this update\" section of this article.

Back to top		February 11, 2020
KB4537810		Resolved
Resolved:
February 12, 2020
03:47 PM PT

Opened:
February 12, 2020
03:47 PM PT
After installing an update and restarting, you might receive an error
After installing KB4537810 and restarting your device, you might receive the error, “Failure to configure Windows updates. Reverting Changes. Do not turn off your computer,” and the update might show as Failed in Update History.

Affected platforms:
  • Client: Windows 7 SP1
  • Server: Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This is expected in the following circumstances:
  • If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see KB4497181.
  • If you do not have an ESU MAK add-on key installed and activated. 
If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this blog post. For information on the prerequisites, see the \"How to get this update\" section of this article.

Back to top		February 11, 2020
KB4537810		Resolved
Resolved:
February 12, 2020
05:37 PM PT

Opened:
February 12, 2020
03:47 PM PT
" diff --git a/windows/release-information/windows-message-center.yml b/windows/release-information/windows-message-center.yml index 1177033b2d..2bc18cf098 100644 --- a/windows/release-information/windows-message-center.yml +++ b/windows/release-information/windows-message-center.yml @@ -50,6 +50,7 @@ sections: text: " + @@ -83,10 +84,7 @@ sections: - - -
MessageDate
Compatibility issue with some Windows Server container images
If you are encountering issues with Windows Server container images, please see KB4542617.
February 13, 2020
03:21 PM PT
Take action: February 2020 security update available for all supported versions of Windows
The February 2020 security update release, referred to as our “B” release, is now available for Windows 10, version 1909 and all supported versions of Windows. We recommend that you install these updates promptly. For more information on the different types of monthly quality updates, see our Windows 10 update servicing cadence primer. To be informed about the latest updates and releases, follow us on Twitter @WindowsUpdate.
February 11, 2020
08:00 AM PT
Take action: ESU security updates available for Windows 7 SP1, Windows Server 2008 R2 SP1 and Windows Server 2008 SP2
Windows 7 SP1, Windows Server 2008 R2 SP1, and Windows Server 2008 SP2 reached end of support on January 14, 2020. For customers who have purchased Extended Security Updates (ESU), the first monthly ESU security updates are now available. If your organization has not yet been able to complete your transition to Windows 10, Windows Server 2016, or Windows Server 2019 and want to continue to receive security updates for your current version of Windows, you will need to purchase Extended Security Updates. For information on how to do so, please see How to get Extended Security Updates for eligible Windows devices, Windows 7 ESU frequently ask questions, and Windows Server 2008 R2 SP1 and Windows Server 2008 SP2 ESU frequently asked questions.

We recommend ESU customers review the applicable KB article below for prerequisites and other important information you will need to deploy these updates.

The following updates were released today for Windows Server 2008 SP2:
The following updates were released today for Windows 7 SP1 and Windows Server 2008 R2 SP1:
February 11, 2020
08:00 AM PT
Resolved: Windows Search shows blank box
We are aware of a temporary server-side issue causing Windows search to show a blank box. This issue has been resolved for most users and in some cases, you might need to restart your device. We are working diligently to fully resolve the issue and will provide an update once resolved. 

This issue was resolved at 12:00 PM PST. If you are still experiencing issues, please restart your device. In rare cases, you may need to manually end the SearchUI.exe or SearchApp.exe process via Task Manager. (To locate these processes, select CTRL + Shift + Esc then select the Details tab.)
February 05, 2020
12:00 PM PT
Take action: SHA-2 code signing support guidance for Windows 7 SP1 and Windows Server 2008 RS2 SP1
Windows 7 SP1 and Windows Server 2008 R2 SP1 update signatures are now SHA-2 based signatures and requires that SHA-2 support to be installed. For important customer guidance on installation and troubleshooting tips, please read the knowledge base article 2019 SHA-2 Code Signing Support requirement for Windows and WSUS.
August 23, 2019
03:35 PM PT
Take action: Windows 10, version 1703 (the Windows 10 Creators Update) reaches end of life on October 9, 2019
The Enterprise and Education editions of Windows 10, version 1703 (the Windows 10 Creators Update) will reach end of life on October 9, 2019. The Home, Pro, Pro for Workstations, and IoT Core editions reached end of service on October 8, 2018.

There is no extended support available for any edition of Windows 10, version 1703. Therefore, it will no longer be supported after October 9, 2019 and will not receive monthly security and quality updates containing protections from the latest security threats.

To continue receiving security and quality updates, Microsoft recommends that you update your devices to the latest version of Windows 10. For more information on end of service dates and currently supported versions of Windows 10, see the Windows lifecycle fact sheet.
August 23, 2019
02:17 PM PT
Resolved: Delays starting Internet Explorer 11
On August 16, 2019 at 7:16 AM a server required for downloading the Internet Explorer 11 (IE11) startup page, went down. As a result of the server outage, IE 11 became unresponsive for some customers who had not yet installed the August 2019 security updates. Customers who had the August 2019 security update installed were not affected. In order to ensure your devices remain in a serviced and secure state, we recommend you install the latest monthly update.

This issue was resolved on the server side at 1:00 pm PST. 
August 16, 2019
04:00 PM PT
August 2019 security update now available for Windows 10, version 1903 and all supported versions of Windows
The August 2019 security update release, referred to as our “B” release, is now available for Windows 10, version 1903 and all supported versions of Windows. A “B” release is the primary, regular update event for each month and is the only regular release that contains security fixes. As a result, we recommend that you install these updates promptly. For more information on the different types of monthly quality updates, see our Windows 10 update servicing cadence primer. To be informed about the latest updates and releases, follow us on Twitter @WindowsUpdate.
August 13, 2019
10:00 AM PT
Advisory: Bluetooth encryption key size vulnerability disclosed (CVE-2019-9506)
On August 13, 2019, Microsoft released security updates to address a Bluetooth key length encryption vulnerability. To exploit this vulnerability, an attacker would need specialized hardware and would be limited by the signal range of the Bluetooth devices in use. For more information about this industry-wide issue, see CVE-2019-9506 | Bluetooth Encryption Key Size Vulnerability in the Microsoft Security Update Guide and important guidance for IT pros in KB4514157. (Note: we are documenting this vulnerability together with guidance for IT admins as part of a coordinated industry disclosure effort.)
August 13, 2019
10:00 AM PT
Advisory: Windows Advanced Local Procedure Call Elevation of Privilege vulnerability disclosed (CVE-2019-1162)
On August 13, 2019, Google Project Zero (GPZ) disclosed an Elevation of Privilege (EoP) vulnerability in how Windows handles calls to Advanced Local Procedure Call (ALPC) that affects Windows operating systems, versions 8.1 and higher. An attacker must already have code execution on the target system to leverage these vulnerabilities. Microsoft released security updates on August 13, 2019 that partially address this issue. Other items disclosed by GPZ require more time to address and we are working to release a resolution in mid-September. For more information, see CVE-2019-1162 | Windows ALPC Elevation of Privilege Vulnerability
August 13, 2019
10:00 AM PT
Take action: Windows 10, version 1803 (the April 2018 Update) reaches end of service on November 12, 2019
Windows 10, version 1803 (the April 2018 Update) will reach end of service on November 12, 2019 for Home and Pro editions. We will begin updating devices running Windows 10, version 1803 to Windows 10, version 1903 (the May 2019 Update) starting July 16, 2019 to help ensure that these devices remain in a serviced and secure state. For more information, see the Windows 10, version 1903 section of the Windows release health dashboard.
August 13, 2019
10:00 AM PT
Windows 10, version 1903 rollout begins
The Windows 10 May 2019 Update (Windows 10, version 1903) is available today to commercial customers via Windows Server Update Services (WSUS), Windows Update for Business, and the Volume Licensing Service Center (VLSC)—and to end users who manually select “Check for updates.” We are slowly throttling up availability while we carefully monitor data and feedback.		May 21, 2019
10:00 AM PT
" From 3c6a26a6a2464bb5b42a9ee5e90c7cbf7cca7f57 Mon Sep 17 00:00:00 2001 From: John Liu <49762389+ShenLanJohn@users.noreply.github.com> Date: Thu, 13 Feb 2020 17:27:20 -0800 Subject: [PATCH 102/112] CAT Auto Pulish for Windows Release Messages - CAT_AutoPublish_20200213163023 (#2059) (#2060) Co-authored-by: Direesh Kumar Kandakatla Co-authored-by: Direesh Kumar Kandakatla --- .../release-information/resolved-issues-windows-10-1607.yml | 5 ----- .../release-information/resolved-issues-windows-10-1709.yml | 3 --- .../release-information/resolved-issues-windows-10-1803.yml | 3 --- ...solved-issues-windows-10-1809-and-windows-server-2019.yml | 3 --- ...olved-issues-windows-7-and-windows-server-2008-r2-sp1.yml | 4 ++-- .../resolved-issues-windows-server-2008-sp2.yml | 4 ++-- .../status-windows-7-and-windows-server-2008-r2-sp1.yml | 4 ++-- .../release-information/status-windows-server-2008-sp2.yml | 4 ++-- windows/release-information/windows-message-center.yml | 4 +--- 9 files changed, 9 insertions(+), 25 deletions(-) diff --git a/windows/release-information/resolved-issues-windows-10-1607.yml b/windows/release-information/resolved-issues-windows-10-1607.yml index 343f302b6c..cabf372d2e 100644 --- a/windows/release-information/resolved-issues-windows-10-1607.yml +++ b/windows/release-information/resolved-issues-windows-10-1607.yml @@ -36,10 +36,8 @@ sections:
Intermittent issues when printing
The print spooler service may intermittently have issues completing a print job and results print job failure.

See details >OS Build 14393.3206

September 23, 2019
KB4522010Resolved
KB4519998October 08, 2019
10:00 AM PT
IME may become unresponsive or have High CPU usage
Some Input Method Editor (IME) including ChsIME.EXE and ChtIME.EXE, may become unresponsive or may have high CPU usage.

See details >OS Build 14393.3204

September 10, 2019
KB4516044Resolved
September 17, 2019
04:47 PM PT
Apps and scripts using the NetQueryDisplayInformation API may fail with error
Applications and scripts that call NetQueryDisplayInformation may fail to return results after the first page of data.

See details >OS Build 14393.3053

June 18, 2019
KB4503294Resolved
KB4516044September 10, 2019
10:00 AM PT -
Domain connected devices that use MIT Kerberos realms will not start up
Devices may not start after updating when connected to a domain that is configured to use MIT Kerberos realms.

See details >OS Build 14393.3115

July 16, 2019
KB4507459Resolved
KB4512517August 13, 2019
10:00 AM PT
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using PXE images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"

See details >OS Build 14393.3025

June 11, 2019
KB4503267Resolved
KB4512495August 17, 2019
02:00 PM PT
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
Applications made using VB6, macros using VBA, and VBScript may stop responding and you may receive an error.

See details >OS Build 14393.3144

August 13, 2019
KB4512517Resolved
KB4512495August 17, 2019
02:00 PM PT -
Internet Explorer 11 and apps using the WebBrowser control may fail to render
JavaScript may fail to render as expected in IE11 and in apps using JavaScript or the WebBrowser control.

See details >OS Build 14393.3085

July 09, 2019
KB4507460Resolved
KB4512517August 13, 2019
10:00 AM PT " @@ -75,10 +73,7 @@ sections: - type: markdown text: " - -
DetailsOriginating updateStatusHistory
Domain connected devices that use MIT Kerberos realms will not start up
Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after installation of KB4507459. Devices that are domain controllers or domain members are both affected.

To safeguard your update experience, we have applied a compatibility hold on devices configured to use MIT Kerberos realm from being offered Windows 10, version 1903 or Windows Server, version 1903.

Note If you are not sure if your device is affected, contact your administrator. Advanced users can check for “Define interoperable Kerberos v5 realm settings” policy under Computer Configuration -> Policies -> Administrative Templates > System -> Kerberos or check if this registry key exists:
HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\Kerberos\\MitRealms
-

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016
Resolution: This issue was resolved in KB4512517 and the safeguard hold has been removed. Please note, it can take up to 48 hours before you can update to offered Windows 10, version 1903 or Windows Server, version 1903.

Back to top		OS Build 14393.3115

July 16, 2019
KB4507459		Resolved
KB4512517		Resolved:
August 13, 2019
10:00 AM PT

Opened:
July 25, 2019
06:10 PM PT
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) or System Center Configuration Manager (SCCM) may fail to start with the error \"Status: 0xc0000001, Info: A required device isn't connected or can't be accessed\" after installing KB4503267 on a WDS server.

Affected platforms:
  • Server: Windows Server 2008 SP2; Windows Server 2008 R2 SP1; Windows Server 2012; Windows Server 2012 R2; Windows Server 2016; Windows Server, version 1803; Windows Server 2019; Windows Server, version 1809; Windows Server, version 1903
Resolution: This issue was resolved in KB4512495.

Back to top		OS Build 14393.3025

June 11, 2019
KB4503267		Resolved
KB4512495		Resolved:
August 17, 2019
02:00 PM PT

Opened:
July 10, 2019
02:51 PM PT
Internet Explorer 11 and apps using the WebBrowser control may fail to render
Internet Explorer 11 may fail to render some JavaScript after installing KB4507460. You may also have issues with apps using JavaScript or the WebBrowser control, such as the present PowerPoint feature of Skype Meeting Broadcast.

Affected platforms:
  • Client: Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
  • Server: Windows Server 2016
Resolution: This issue was resolved in KB4512517.

Back to top		OS Build 14393.3085

July 09, 2019
KB4507460		Resolved
KB4512517		Resolved:
August 13, 2019
10:00 AM PT

Opened:
July 26, 2019
04:58 PM PT
" diff --git a/windows/release-information/resolved-issues-windows-10-1709.yml b/windows/release-information/resolved-issues-windows-10-1709.yml index 3141761298..669db319e1 100644 --- a/windows/release-information/resolved-issues-windows-10-1709.yml +++ b/windows/release-information/resolved-issues-windows-10-1709.yml @@ -35,7 +35,6 @@ sections:
Unable to create local users in Chinese, Japanese and Korean during device setup
You might be unable to create users in Chinese, Japanese and Korean using Input Method Editor (IME) during OOBE.

See details >OS Build 16299.1387

September 10, 2019
KB4516066Resolved
KB4534318January 23, 2020
02:00 PM PT
Intermittent issues when printing
The print spooler service may intermittently have issues completing a print job and results print job failure.

See details >OS Build 16299.1392

September 23, 2019
KB4522012Resolved
KB4520004October 08, 2019
10:00 AM PT
IME may become unresponsive or have High CPU usage
Some Input Method Editor (IME) including ChsIME.EXE and ChtIME.EXE, may become unresponsive or may have high CPU usage.

See details >OS Build 16299.1387

September 10, 2019
KB4516066Resolved
September 19, 2019
04:08 PM PT -
Domain connected devices that use MIT Kerberos realms will not start up
Devices may not start after updating when connected to a domain that is configured to use MIT Kerberos realms.

See details >OS Build 16299.1296

July 16, 2019
KB4507465Resolved
KB4512516August 13, 2019
10:00 AM PT
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using PXE images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"

See details >OS Build 16299.1217

June 11, 2019
KB4503284Resolved
KB4512494August 16, 2019
02:00 PM PT
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
Applications made using VB6, macros using VBA, and VBScript may stop responding and you may receive an error.

See details >OS Build 16299.1331

August 13, 2019
KB4512516Resolved
KB4512494August 16, 2019
02:00 PM PT @@ -81,8 +80,6 @@ sections: - type: markdown text: " -
DetailsOriginating updateStatusHistory
Domain connected devices that use MIT Kerberos realms will not start up
Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after installation of KB4507465. Devices that are domain controllers or domain members are both affected.

To safeguard your update experience, we have applied a compatibility hold on devices configured to use MIT Kerberos realm from being offered Windows 10, version 1903 or Windows Server, version 1903.

Note If you are not sure if your device is affected, contact your administrator. Advanced users can check for “Define interoperable Kerberos v5 realm settings” policy under Computer Configuration -> Policies -> Administrative Templates > System -> Kerberos or check if this registry key exists:
HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\Kerberos\\MitRealms
-

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016
Resolution: This issue was resolved in KB4512516 and the safeguard hold has been removed. Please note, it can take up to 48 hours before you can update to offered Windows 10, version 1903 or Windows Server, version 1903.

Back to top		OS Build 16299.1296

July 16, 2019
KB4507465		Resolved
KB4512516		Resolved:
August 13, 2019
10:00 AM PT

Opened:
July 25, 2019
06:10 PM PT
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) or System Center Configuration Manager (SCCM) may fail to start with the error \"Status: 0xc0000001, Info: A required device isn't connected or can't be accessed\" after installing KB4503284 on a WDS server.

Affected platforms:
  • Server: Windows Server 2008 SP2; Windows Server 2008 R2 SP1; Windows Server 2012; Windows Server 2012 R2; Windows Server 2016; Windows Server, version 1803; Windows Server 2019; Windows Server, version 1809; Windows Server, version 1903
Resolution: This issue was resolved in KB4512494.

Back to top		OS Build 16299.1217

June 11, 2019
KB4503284		Resolved
KB4512494		Resolved:
August 16, 2019
02:00 PM PT

Opened:
July 10, 2019
02:51 PM PT
" diff --git a/windows/release-information/resolved-issues-windows-10-1803.yml b/windows/release-information/resolved-issues-windows-10-1803.yml index 37a0f56eab..c5f045f610 100644 --- a/windows/release-information/resolved-issues-windows-10-1803.yml +++ b/windows/release-information/resolved-issues-windows-10-1803.yml @@ -37,7 +37,6 @@ sections:
Startup to a black screen after installing updates
Your device may startup to a black screen during the first logon after installing updates.

See details >OS Build 17134.829

June 11, 2019
KB4503286Resolved
KB4519978October 15, 2019
10:00 AM PT
Intermittent issues when printing
The print spooler service may intermittently have issues completing a print job and results print job failure.

See details >OS Build 17134.1009

September 23, 2019
KB4522014Resolved
KB4520008October 08, 2019
10:00 AM PT
IME may become unresponsive or have High CPU usage
Some Input Method Editor (IME) including ChsIME.EXE and ChtIME.EXE, may become unresponsive or may have high CPU usage.

See details >OS Build 17134.1006

September 10, 2019
KB4516058Resolved
September 19, 2019
04:08 PM PT -
Domain connected devices that use MIT Kerberos realms will not start up
Devices may not start after updating when connected to a domain that is configured to use MIT Kerberos realms.

See details >OS Build 17134.915

July 16, 2019
KB4507466Resolved
KB4512501August 13, 2019
10:00 AM PT
Notification issue: \"Your device is missing important security and quality fixes.\"
Some users may have incorrectly received the notification \"Your device is missing important security and quality fixes.\"

See details >N/A

Resolved
September 03, 2019
12:32 PM PT
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using PXE images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"

See details >OS Build 17134.829

June 11, 2019
KB4503286Resolved
KB4512509August 19, 2019
02:00 PM PT
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
Applications made using VB6, macros using VBA, and VBScript may stop responding and you may receive an error.

See details >OS Build 17134.950

August 13, 2019
KB4512501Resolved
KB4512509August 19, 2019
02:00 PM PT @@ -86,8 +85,6 @@ sections: - type: markdown text: " -
DetailsOriginating updateStatusHistory
Domain connected devices that use MIT Kerberos realms will not start up
Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after installation of KB4507466. Devices that are domain controllers or domain members are both affected.

To safeguard your update experience, we have applied a compatibility hold on devices configured to use MIT Kerberos realm from being offered Windows 10, version 1903 or Windows Server, version 1903.

Note If you are not sure if your device is affected, contact your administrator. Advanced users can check for “Define interoperable Kerberos v5 realm settings” policy under Computer Configuration -> Policies -> Administrative Templates > System -> Kerberos or check if this registry key exists:
HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\Kerberos\\MitRealms
-

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016
Resolution: This issue was resolved in KB4512501 and the safeguard hold has been removed. Please note, it can take up to 48 hours before you can update to offered Windows 10, version 1903 or Windows Server, version 1903.

Back to top		OS Build 17134.915

July 16, 2019
KB4507466		Resolved
KB4512501		Resolved:
August 13, 2019
10:00 AM PT

Opened:
July 25, 2019
06:10 PM PT
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) or System Center Configuration Manager (SCCM) may fail to start with the error \"Status: 0xc0000001, Info: A required device isn't connected or can't be accessed\" after installing KB4503286 on a WDS server.

Affected platforms:
  • Server: Windows Server 2008 SP2; Windows Server 2008 R2 SP1; Windows Server 2012; Windows Server 2012 R2; Windows Server 2016; Windows Server, version 1803; Windows Server 2019; Windows Server, version 1809; Windows Server, version 1903
Resolution: This issue was resolved in KB4512509.

Back to top		OS Build 17134.829

June 11, 2019
KB4503286		Resolved
KB4512509		Resolved:
August 19, 2019
02:00 PM PT

Opened:
July 10, 2019
02:51 PM PT
" diff --git a/windows/release-information/resolved-issues-windows-10-1809-and-windows-server-2019.yml b/windows/release-information/resolved-issues-windows-10-1809-and-windows-server-2019.yml index fe9b47b46b..727b436221 100644 --- a/windows/release-information/resolved-issues-windows-10-1809-and-windows-server-2019.yml +++ b/windows/release-information/resolved-issues-windows-10-1809-and-windows-server-2019.yml @@ -39,7 +39,6 @@ sections:
Intermittent issues when printing
The print spooler service may intermittently have issues completing a print job and results print job failure.

See details >OS Build 17763.740

September 23, 2019
KB4522015Resolved
KB4519338October 08, 2019
10:00 AM PT
Apps and scripts using the NetQueryDisplayInformation API may fail with error
Applications and scripts that call NetQueryDisplayInformation may fail to return results after the first page of data.

See details >OS Build 17763.55

October 09, 2018
KB4464330Resolved
KB4516077September 24, 2019
10:00 AM PT
IME may become unresponsive or have High CPU usage
Some Input Method Editor (IME) including ChsIME.EXE and ChtIME.EXE, may become unresponsive or may have high CPU usage.

See details >OS Build 17763.737

September 10, 2019
KB4512578Resolved
September 19, 2019
04:08 PM PT -
Domain connected devices that use MIT Kerberos realms will not start up
Devices may not start after updating when connected to a domain that is configured to use MIT Kerberos realms.

See details >OS Build 17763.652

July 22, 2019
KB4505658Resolved
KB4511553August 13, 2019
10:00 AM PT
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using PXE images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"

See details >OS Build 17763.557

June 11, 2019
KB4503327Resolved
KB4512534August 17, 2019
02:00 PM PT
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
Applications made using VB6, macros using VBA, and VBScript may stop responding and you may receive an error.

See details >OS Build 17763.678

August 13, 2019
KB4511553Resolved
KB4512534August 17, 2019
02:00 PM PT @@ -88,8 +87,6 @@ sections: - type: markdown text: " -
DetailsOriginating updateStatusHistory
Domain connected devices that use MIT Kerberos realms will not start up
Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after installation of KB4505658. Devices that are domain controllers or domain members are both affected.

To safeguard your update experience, we have applied a compatibility hold on devices configured to use MIT Kerberos realm from being offered Windows 10, version 1903 or Windows Server, version 1903.

Note If you are not sure if your device is affected, contact your administrator. Advanced users can check for “Define interoperable Kerberos v5 realm settings” policy under Computer Configuration -> Policies -> Administrative Templates > System -> Kerberos or check if this registry key exists:
HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\Kerberos\\MitRealms
-

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016
Resolution: This issue was resolved in KB4511553 and the safeguard hold has been removed. Please note, it can take up to 48 hours before you can update to offered Windows 10, version 1903 or Windows Server, version 1903.

Back to top		OS Build 17763.652

July 22, 2019
KB4505658		Resolved
KB4511553		Resolved:
August 13, 2019
10:00 AM PT

Opened:
July 25, 2019
06:10 PM PT
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) or System Center Configuration Manager (SCCM) may fail to start with the error \"Status: 0xc0000001, Info: A required device isn't connected or can't be accessed\" after installing KB4503327 on a WDS server.

Affected platforms:
  • Server: Windows Server 2008 SP2; Windows Server 2008 R2 SP1; Windows Server 2012; Windows Server 2012 R2; Windows Server 2016; Windows Server, version 1803; Windows Server 2019; Windows Server, version 1809; Windows Server, version 1903
Resolution: This issue was resolved in KB4512534.

Back to top		OS Build 17763.557

June 11, 2019
KB4503327		Resolved
KB4512534		Resolved:
August 17, 2019
02:00 PM PT

Opened:
July 10, 2019
02:51 PM PT
" diff --git a/windows/release-information/resolved-issues-windows-7-and-windows-server-2008-r2-sp1.yml b/windows/release-information/resolved-issues-windows-7-and-windows-server-2008-r2-sp1.yml index cf77e81898..8ae49f0e18 100644 --- a/windows/release-information/resolved-issues-windows-7-and-windows-server-2008-r2-sp1.yml +++ b/windows/release-information/resolved-issues-windows-7-and-windows-server-2008-r2-sp1.yml @@ -32,7 +32,7 @@ sections: - type: markdown text: " - + @@ -56,7 +56,7 @@ sections: - type: markdown text: "
SummaryOriginating updateStatusDate resolved
After installing an update and restarting, you might receive an error
You might receive the error, “Failure to configure Windows updates. Reverting Changes.” or \"Failed\" in Update History.

See details >		February 11, 2020
KB4537820		Resolved
February 12, 2020
03:47 PM PT
After installing an update and restarting, you might receive an error
You might receive the error, “Failure to configure Windows updates. Reverting Changes.” or \"Failed\" in Update History.

See details >		February 11, 2020
KB4537820		Resolved
February 12, 2020
05:37 PM PT
Custom wallpaper displays as black
Using a custom image set to \"Stretch\" might not display as expected.

See details >		January 14, 2020
KB4534310		Resolved
KB4539601		February 07, 2020
10:00 AM PT
MSRT might fail to install and be re-offered from Windows Update or WSUS
The November 2019 update for Windows Malicious Software Removal Tool (MSRT) might fail to install from WU/WSUS.

See details >
Resolved
January 23, 2020
02:08 PM PT
Intermittent issues when printing
The print spooler service may intermittently have issues completing a print job and results print job failure.

See details >		September 24, 2019
KB4516048		Resolved
KB4519976		October 08, 2019
10:00 AM PT
- +
DetailsOriginating updateStatusHistory
After installing an update and restarting, you might receive an error
After installing KB4537820 and restarting your device, you might receive the error, “Failure to configure Windows updates. Reverting Changes. Do not turn off your computer,” and the update might show as Failed in Update History.

Affected platforms:
  • Client: Windows 7 SP1
  • Server: Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This is expected in the following circumstances:
  • If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see KB4497181.
  • If you do not have an ESU MAK add-on key installed and activated. 
If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this blog post. For information on the prerequisites, see the \"How to get this update\" section of this article.

Back to top		February 11, 2020
KB4537820		Resolved
Resolved:
February 12, 2020
03:47 PM PT

Opened:
February 12, 2020
03:47 PM PT
After installing an update and restarting, you might receive an error
After installing KB4537820 and restarting your device, you might receive the error, “Failure to configure Windows updates. Reverting Changes. Do not turn off your computer,” and the update might show as Failed in Update History.

Affected platforms:
  • Client: Windows 7 SP1
  • Server: Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This is expected in the following circumstances:
  • If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see KB4497181.
  • If you do not have an ESU MAK add-on key installed and activated. 
If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this blog post. For information on the prerequisites, see the \"How to get this update\" section of this article.

Back to top		February 11, 2020
KB4537820		Resolved
Resolved:
February 12, 2020
05:37 PM PT

Opened:
February 12, 2020
03:47 PM PT
" diff --git a/windows/release-information/resolved-issues-windows-server-2008-sp2.yml b/windows/release-information/resolved-issues-windows-server-2008-sp2.yml index 81e984e8c7..a86f0270a1 100644 --- a/windows/release-information/resolved-issues-windows-server-2008-sp2.yml +++ b/windows/release-information/resolved-issues-windows-server-2008-sp2.yml @@ -32,7 +32,7 @@ sections: - type: markdown text: " - + @@ -53,7 +53,7 @@ sections: - type: markdown text: "
SummaryOriginating updateStatusDate resolved
After installing an update and restarting, you might receive an error
You might receive the error, “Failure to configure Windows updates. Reverting Changes.” or \"Failed\" in Update History.

See details >		February 11, 2020
KB4537810		Resolved
February 12, 2020
03:47 PM PT
After installing an update and restarting, you might receive an error
You might receive the error, “Failure to configure Windows updates. Reverting Changes.” or \"Failed\" in Update History.

See details >		February 11, 2020
KB4537810		Resolved
February 12, 2020
05:37 PM PT
MSRT might fail to install and be re-offered from Windows Update or WSUS
The November 2019 update for Windows Malicious Software Removal Tool (MSRT) might fail to install from WU/WSUS.

See details >
Resolved
January 23, 2020
02:08 PM PT
Issues manually installing updates by double-clicking the .msu file
You may encounter issues manually installing updates by double-clicking the .msu file and may receive an error.

See details >		September 10, 2019
KB4474419		Resolved
KB4474419		September 23, 2019
10:00 AM PT
Intermittent issues when printing
The print spooler service may intermittently have issues completing a print job and results print job failure.

See details >		September 24, 2019
KB4516030		Resolved
KB4520002		October 08, 2019
10:00 AM PT
- +
DetailsOriginating updateStatusHistory
After installing an update and restarting, you might receive an error
After installing KB4537810 and restarting your device, you might receive the error, “Failure to configure Windows updates. Reverting Changes. Do not turn off your computer,” and the update might show as Failed in Update History.

Affected platforms:
  • Client: Windows 7 SP1
  • Server: Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This is expected in the following circumstances:
  • If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see KB4497181.
  • If you do not have an ESU MAK add-on key installed and activated. 
If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this blog post. For information on the prerequisites, see the \"How to get this update\" section of this article.

Back to top		February 11, 2020
KB4537810		Resolved
Resolved:
February 12, 2020
03:47 PM PT

Opened:
February 12, 2020
03:47 PM PT
After installing an update and restarting, you might receive an error
After installing KB4537810 and restarting your device, you might receive the error, “Failure to configure Windows updates. Reverting Changes. Do not turn off your computer,” and the update might show as Failed in Update History.

Affected platforms:
  • Client: Windows 7 SP1
  • Server: Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This is expected in the following circumstances:
  • If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see KB4497181.
  • If you do not have an ESU MAK add-on key installed and activated. 
If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this blog post. For information on the prerequisites, see the \"How to get this update\" section of this article.

Back to top		February 11, 2020
KB4537810		Resolved
Resolved:
February 12, 2020
05:37 PM PT

Opened:
February 12, 2020
03:47 PM PT
" diff --git a/windows/release-information/status-windows-7-and-windows-server-2008-r2-sp1.yml b/windows/release-information/status-windows-7-and-windows-server-2008-r2-sp1.yml index 133fd7bacf..d47c63c516 100644 --- a/windows/release-information/status-windows-7-and-windows-server-2008-r2-sp1.yml +++ b/windows/release-information/status-windows-7-and-windows-server-2008-r2-sp1.yml @@ -60,7 +60,7 @@ sections: - type: markdown text: "
This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.

- + @@ -80,7 +80,7 @@ sections: - type: markdown text: "
SummaryOriginating updateStatusLast updated
After installing an update and restarting, you might receive an error
You might receive the error, “Failure to configure Windows updates. Reverting Changes.” or \"Failed\" in Update History.

See details >		February 11, 2020
KB4537820		Resolved
February 12, 2020
03:47 PM PT
After installing an update and restarting, you might receive an error
You might receive the error, “Failure to configure Windows updates. Reverting Changes.” or \"Failed\" in Update History.

See details >		February 11, 2020
KB4537820		Resolved
February 12, 2020
05:37 PM PT
Custom wallpaper displays as black
Using a custom image set to \"Stretch\" might not display as expected.

See details >		January 14, 2020
KB4534310		Resolved
KB4539601		February 07, 2020
10:00 AM PT
MSRT might fail to install and be re-offered from Windows Update or WSUS
The November 2019 update for Windows Malicious Software Removal Tool (MSRT) might fail to install from WU/WSUS.

See details >
Resolved
January 23, 2020
02:08 PM PT
TLS connections might fail or timeout
Transport Layer Security (TLS) connections might fail or timeout when connecting or attempting a resumption.

See details >		October 08, 2019
KB4519976		Mitigated External
November 05, 2019
03:36 PM PT
- +
DetailsOriginating updateStatusHistory
After installing an update and restarting, you might receive an error
After installing KB4537820 and restarting your device, you might receive the error, “Failure to configure Windows updates. Reverting Changes. Do not turn off your computer,” and the update might show as Failed in Update History.

Affected platforms:
  • Client: Windows 7 SP1
  • Server: Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This is expected in the following circumstances:
  • If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see KB4497181.
  • If you do not have an ESU MAK add-on key installed and activated. 
If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this blog post. For information on the prerequisites, see the \"How to get this update\" section of this article.

Back to top		February 11, 2020
KB4537820		Resolved
Resolved:
February 12, 2020
03:47 PM PT

Opened:
February 12, 2020
03:47 PM PT
After installing an update and restarting, you might receive an error
After installing KB4537820 and restarting your device, you might receive the error, “Failure to configure Windows updates. Reverting Changes. Do not turn off your computer,” and the update might show as Failed in Update History.

Affected platforms:
  • Client: Windows 7 SP1
  • Server: Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This is expected in the following circumstances:
  • If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see KB4497181.
  • If you do not have an ESU MAK add-on key installed and activated. 
If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this blog post. For information on the prerequisites, see the \"How to get this update\" section of this article.

Back to top		February 11, 2020
KB4537820		Resolved
Resolved:
February 12, 2020
05:37 PM PT

Opened:
February 12, 2020
03:47 PM PT
" diff --git a/windows/release-information/status-windows-server-2008-sp2.yml b/windows/release-information/status-windows-server-2008-sp2.yml index afe60f1877..44b16a1a5e 100644 --- a/windows/release-information/status-windows-server-2008-sp2.yml +++ b/windows/release-information/status-windows-server-2008-sp2.yml @@ -60,7 +60,7 @@ sections: - type: markdown text: "
This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.

- +
SummaryOriginating updateStatusLast updated
After installing an update and restarting, you might receive an error
You might receive the error, “Failure to configure Windows updates. Reverting Changes.” or \"Failed\" in Update History.

See details >		February 11, 2020
KB4537810		Resolved
February 12, 2020
03:47 PM PT
After installing an update and restarting, you might receive an error
You might receive the error, “Failure to configure Windows updates. Reverting Changes.” or \"Failed\" in Update History.

See details >		February 11, 2020
KB4537810		Resolved
February 12, 2020
05:37 PM PT
MSRT might fail to install and be re-offered from Windows Update or WSUS
The November 2019 update for Windows Malicious Software Removal Tool (MSRT) might fail to install from WU/WSUS.

See details >
Resolved
January 23, 2020
02:08 PM PT
TLS connections might fail or timeout
Transport Layer Security (TLS) connections might fail or timeout when connecting or attempting a resumption.

See details >		October 08, 2019
KB4520002		Mitigated External
November 05, 2019
03:36 PM PT
@@ -78,7 +78,7 @@ sections: - type: markdown text: " - +
DetailsOriginating updateStatusHistory
After installing an update and restarting, you might receive an error
After installing KB4537810 and restarting your device, you might receive the error, “Failure to configure Windows updates. Reverting Changes. Do not turn off your computer,” and the update might show as Failed in Update History.

Affected platforms:
  • Client: Windows 7 SP1
  • Server: Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This is expected in the following circumstances:
  • If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see KB4497181.
  • If you do not have an ESU MAK add-on key installed and activated. 
If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this blog post. For information on the prerequisites, see the \"How to get this update\" section of this article.

Back to top		February 11, 2020
KB4537810		Resolved
Resolved:
February 12, 2020
03:47 PM PT

Opened:
February 12, 2020
03:47 PM PT
After installing an update and restarting, you might receive an error
After installing KB4537810 and restarting your device, you might receive the error, “Failure to configure Windows updates. Reverting Changes. Do not turn off your computer,” and the update might show as Failed in Update History.

Affected platforms:
  • Client: Windows 7 SP1
  • Server: Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This is expected in the following circumstances:
  • If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see KB4497181.
  • If you do not have an ESU MAK add-on key installed and activated. 
If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this blog post. For information on the prerequisites, see the \"How to get this update\" section of this article.

Back to top		February 11, 2020
KB4537810		Resolved
Resolved:
February 12, 2020
05:37 PM PT

Opened:
February 12, 2020
03:47 PM PT
" diff --git a/windows/release-information/windows-message-center.yml b/windows/release-information/windows-message-center.yml index 1177033b2d..2bc18cf098 100644 --- a/windows/release-information/windows-message-center.yml +++ b/windows/release-information/windows-message-center.yml @@ -50,6 +50,7 @@ sections: text: " + @@ -83,10 +84,7 @@ sections: - - -
MessageDate
Compatibility issue with some Windows Server container images
If you are encountering issues with Windows Server container images, please see KB4542617.
February 13, 2020
03:21 PM PT
Take action: February 2020 security update available for all supported versions of Windows
The February 2020 security update release, referred to as our “B” release, is now available for Windows 10, version 1909 and all supported versions of Windows. We recommend that you install these updates promptly. For more information on the different types of monthly quality updates, see our Windows 10 update servicing cadence primer. To be informed about the latest updates and releases, follow us on Twitter @WindowsUpdate.
February 11, 2020
08:00 AM PT
Take action: ESU security updates available for Windows 7 SP1, Windows Server 2008 R2 SP1 and Windows Server 2008 SP2
Windows 7 SP1, Windows Server 2008 R2 SP1, and Windows Server 2008 SP2 reached end of support on January 14, 2020. For customers who have purchased Extended Security Updates (ESU), the first monthly ESU security updates are now available. If your organization has not yet been able to complete your transition to Windows 10, Windows Server 2016, or Windows Server 2019 and want to continue to receive security updates for your current version of Windows, you will need to purchase Extended Security Updates. For information on how to do so, please see How to get Extended Security Updates for eligible Windows devices, Windows 7 ESU frequently ask questions, and Windows Server 2008 R2 SP1 and Windows Server 2008 SP2 ESU frequently asked questions.

We recommend ESU customers review the applicable KB article below for prerequisites and other important information you will need to deploy these updates.

The following updates were released today for Windows Server 2008 SP2:
The following updates were released today for Windows 7 SP1 and Windows Server 2008 R2 SP1:
February 11, 2020
08:00 AM PT
Resolved: Windows Search shows blank box
We are aware of a temporary server-side issue causing Windows search to show a blank box. This issue has been resolved for most users and in some cases, you might need to restart your device. We are working diligently to fully resolve the issue and will provide an update once resolved. 

This issue was resolved at 12:00 PM PST. If you are still experiencing issues, please restart your device. In rare cases, you may need to manually end the SearchUI.exe or SearchApp.exe process via Task Manager. (To locate these processes, select CTRL + Shift + Esc then select the Details tab.)
February 05, 2020
12:00 PM PT
Take action: SHA-2 code signing support guidance for Windows 7 SP1 and Windows Server 2008 RS2 SP1
Windows 7 SP1 and Windows Server 2008 R2 SP1 update signatures are now SHA-2 based signatures and requires that SHA-2 support to be installed. For important customer guidance on installation and troubleshooting tips, please read the knowledge base article 2019 SHA-2 Code Signing Support requirement for Windows and WSUS.
August 23, 2019
03:35 PM PT
Take action: Windows 10, version 1703 (the Windows 10 Creators Update) reaches end of life on October 9, 2019
The Enterprise and Education editions of Windows 10, version 1703 (the Windows 10 Creators Update) will reach end of life on October 9, 2019. The Home, Pro, Pro for Workstations, and IoT Core editions reached end of service on October 8, 2018.

There is no extended support available for any edition of Windows 10, version 1703. Therefore, it will no longer be supported after October 9, 2019 and will not receive monthly security and quality updates containing protections from the latest security threats.

To continue receiving security and quality updates, Microsoft recommends that you update your devices to the latest version of Windows 10. For more information on end of service dates and currently supported versions of Windows 10, see the Windows lifecycle fact sheet.
August 23, 2019
02:17 PM PT
Resolved: Delays starting Internet Explorer 11
On August 16, 2019 at 7:16 AM a server required for downloading the Internet Explorer 11 (IE11) startup page, went down. As a result of the server outage, IE 11 became unresponsive for some customers who had not yet installed the August 2019 security updates. Customers who had the August 2019 security update installed were not affected. In order to ensure your devices remain in a serviced and secure state, we recommend you install the latest monthly update.

This issue was resolved on the server side at 1:00 pm PST. 
August 16, 2019
04:00 PM PT
August 2019 security update now available for Windows 10, version 1903 and all supported versions of Windows
The August 2019 security update release, referred to as our “B” release, is now available for Windows 10, version 1903 and all supported versions of Windows. A “B” release is the primary, regular update event for each month and is the only regular release that contains security fixes. As a result, we recommend that you install these updates promptly. For more information on the different types of monthly quality updates, see our Windows 10 update servicing cadence primer. To be informed about the latest updates and releases, follow us on Twitter @WindowsUpdate.
August 13, 2019
10:00 AM PT
Advisory: Bluetooth encryption key size vulnerability disclosed (CVE-2019-9506)
On August 13, 2019, Microsoft released security updates to address a Bluetooth key length encryption vulnerability. To exploit this vulnerability, an attacker would need specialized hardware and would be limited by the signal range of the Bluetooth devices in use. For more information about this industry-wide issue, see CVE-2019-9506 | Bluetooth Encryption Key Size Vulnerability in the Microsoft Security Update Guide and important guidance for IT pros in KB4514157. (Note: we are documenting this vulnerability together with guidance for IT admins as part of a coordinated industry disclosure effort.)
August 13, 2019
10:00 AM PT
Advisory: Windows Advanced Local Procedure Call Elevation of Privilege vulnerability disclosed (CVE-2019-1162)
On August 13, 2019, Google Project Zero (GPZ) disclosed an Elevation of Privilege (EoP) vulnerability in how Windows handles calls to Advanced Local Procedure Call (ALPC) that affects Windows operating systems, versions 8.1 and higher. An attacker must already have code execution on the target system to leverage these vulnerabilities. Microsoft released security updates on August 13, 2019 that partially address this issue. Other items disclosed by GPZ require more time to address and we are working to release a resolution in mid-September. For more information, see CVE-2019-1162 | Windows ALPC Elevation of Privilege Vulnerability
August 13, 2019
10:00 AM PT
Take action: Windows 10, version 1803 (the April 2018 Update) reaches end of service on November 12, 2019
Windows 10, version 1803 (the April 2018 Update) will reach end of service on November 12, 2019 for Home and Pro editions. We will begin updating devices running Windows 10, version 1803 to Windows 10, version 1903 (the May 2019 Update) starting July 16, 2019 to help ensure that these devices remain in a serviced and secure state. For more information, see the Windows 10, version 1903 section of the Windows release health dashboard.
August 13, 2019
10:00 AM PT
Windows 10, version 1903 rollout begins
The Windows 10 May 2019 Update (Windows 10, version 1903) is available today to commercial customers via Windows Server Update Services (WSUS), Windows Update for Business, and the Volume Licensing Service Center (VLSC)—and to end users who manually select “Check for updates.” We are slowly throttling up availability while we carefully monitor data and feedback.		May 21, 2019
10:00 AM PT
" From 1a30e39d415d7147c3fa55dad8673d1086427a37 Mon Sep 17 00:00:00 2001 From: lomayor Date: Fri, 14 Feb 2020 13:08:01 -0800 Subject: [PATCH 103/112] Update advanced-hunting-tvm-softwareinventory-table.md --- .../advanced-hunting-tvm-softwareinventory-table.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-tvm-softwareinventory-table.md b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-tvm-softwareinventory-table.md index 5323e67ad0..0dcf6e3af5 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-tvm-softwareinventory-table.md +++ b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-tvm-softwareinventory-table.md @@ -40,7 +40,7 @@ For information on other tables in the advanced hunting schema, see [the advance | `OSPlatform` | string | Platform of the operating system running on the machine. This indicates specific operating systems, including variations within the same family, such as Windows 10 and Windows 7. | | `OSVersion` | string | Version of the operating system running on the machine | | `OSArchitecture` | string | Architecture of the operating system running on the machine | -| `SoftwareVendor` | string | Severity level assigned to the security vulnerability based on the CVSS score and dynamic factors influenced by the threat landscape | +| `SoftwareVendor` | string | Name of the software vendor | | `SoftwareName` | string | Name of the software product | | `SoftwareVersion` | string | Version number of the software product | | `CveId` | string | Unique identifier assigned to the security vulnerability under the Common Vulnerabilities and Exposures (CVE) system | From 9361ee3332dc2ab77980257b1a19b1390889cf21 Mon Sep 17 00:00:00 2001 From: John Kaiser <35939694+CoveMiner@users.noreply.github.com> Date: Fri, 14 Feb 2020 13:59:07 -0800 Subject: [PATCH 104/112] Update windows-autopilot-and-surface-devices.md Updates link --- devices/surface/windows-autopilot-and-surface-devices.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/devices/surface/windows-autopilot-and-surface-devices.md b/devices/surface/windows-autopilot-and-surface-devices.md index add490a9a7..26885dc588 100644 --- a/devices/surface/windows-autopilot-and-surface-devices.md +++ b/devices/surface/windows-autopilot-and-surface-devices.md @@ -51,7 +51,7 @@ Surface partners that are enabled for Windows Autopilot include: - [ALSO](https://www.also.com/ec/cms5/de_1010/1010_anbieter/microsoft/windows-autopilot/index.jsp) - [Atea](https://www.atea.com/) -- [Bechtle](https://www.bechtle.com/backend/cms/marken/microsoft/microsoft-windows-autopilot) +- [Bechtle](https://www.bechtle.com/marken/microsoft/microsoft-windows-autopilot) - [Cancom](https://www.cancom.de/) - [CDW](https://www.cdw.com/) - [Computacenter](https://www.computacenter.com/uk) From 229067a1fb79b40b3d4f23d3439b4782f8f563ec Mon Sep 17 00:00:00 2001 From: John Kaiser <35939694+CoveMiner@users.noreply.github.com> Date: Fri, 14 Feb 2020 13:59:42 -0800 Subject: [PATCH 105/112] Update windows-autopilot-and-surface-devices.md Updates link --- devices/surface/windows-autopilot-and-surface-devices.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/devices/surface/windows-autopilot-and-surface-devices.md b/devices/surface/windows-autopilot-and-surface-devices.md index 26885dc588..1fbdba19cf 100644 --- a/devices/surface/windows-autopilot-and-surface-devices.md +++ b/devices/surface/windows-autopilot-and-surface-devices.md @@ -13,7 +13,7 @@ ms.author: dansimp ms.topic: article ms.localizationpriority: medium ms.audience: itpro -ms.date: 02/13/2020 +ms.date: 02/14/2020 --- # Windows Autopilot and Surface devices From c63997c6c4bc953ba572cc7c078859c74665097c Mon Sep 17 00:00:00 2001 From: martyav Date: Fri, 14 Feb 2020 17:11:20 -0500 Subject: [PATCH 106/112] links changed + linting I altered the links to point directly to the page they were being redirected to I also did a light copyedit, including linting text editor warnings away --- ...owershell-cmdlets-windows-defender-antivirus.md | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/windows/security/threat-protection/windows-defender-antivirus/use-powershell-cmdlets-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/use-powershell-cmdlets-windows-defender-antivirus.md index 80c59d0658..fc575f7bf8 100644 --- a/windows/security/threat-protection/windows-defender-antivirus/use-powershell-cmdlets-windows-defender-antivirus.md +++ b/windows/security/threat-protection/windows-defender-antivirus/use-powershell-cmdlets-windows-defender-antivirus.md @@ -23,26 +23,25 @@ manager: dansimp - [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559) -You can use PowerShell to perform various functions in Windows Defender. Similar to the command prompt or command line, PowerShell is a task-based command-line shell and scripting language designed especially for system administration, and you can read more about it at the [PowerShell hub on MSDN](https://msdn.microsoft.com/powershell/mt173057.aspx). +You can use PowerShell to perform various functions in Windows Defender. Similar to the command prompt or command line, PowerShell is a task-based command-line shell and scripting language designed especially for system administration. You can read more about it at the [PowerShell hub on MSDN](https://docs.microsoft.com/previous-versions/msdn10/mt173057(v=msdn.10)). -For a list of the cmdlets and their functions and available parameters, see the [Defender cmdlets](https://technet.microsoft.com/library/dn433280.aspx) topic. +For a list of the cmdlets and their functions and available parameters, see the [Defender cmdlets](https://docs.microsoft.com/powershell/module/defender) topic. -PowerShell cmdlets are most useful in Windows Server environments that don't rely on a graphical user interface (GUI) to configure software. +PowerShell cmdlets are most useful in Windows Server environments that don't rely on a graphical user interface (GUI) to configure software. > [!NOTE] > PowerShell cmdlets should not be used as a replacement for a full network policy management infrastructure, such as [Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/configmgr), [Group Policy Management Console](https://technet.microsoft.com/library/cc731212.aspx), or [Windows Defender Antivirus Group Policy ADMX templates](https://support.microsoft.com/kb/927367). -Changes made with PowerShell will affect local settings on the endpoint where the changes are deployed or made. This means that deployments of policy with Group Policy, Microsoft Endpoint Configuration Manager, or Microsoft Intune can overwrite changes made with PowerShell. +Changes made with PowerShell will affect local settings on the endpoint where the changes are deployed or made. This means that deployments of policy with Group Policy, Microsoft Endpoint Configuration Manager, or Microsoft Intune can overwrite changes made with PowerShell. You can [configure which settings can be overridden locally with local policy overrides](configure-local-policy-overrides-windows-defender-antivirus.md). PowerShell is typically installed under the folder _%SystemRoot%\system32\WindowsPowerShell_. - ## Use Windows Defender Antivirus PowerShell cmdlets -1. Click **Start**, type **powershell**, and press **Enter**. -2. Click **Windows PowerShell** to open the interface. +1. On the Windows taskbar, select **Start**, type **powershell**, and press **Enter**. +2. Select **Windows PowerShell** to open the interface. 3. Enter the command and parameters. > [!NOTE] @@ -53,6 +52,7 @@ To open online help for any of the cmdlets type the following: ```PowerShell Get-Help -Online ``` + Omit the `-online` parameter to get locally cached help. ## Related topics From 1a3974c4e5373de6b282e661a011d144c6d371a1 Mon Sep 17 00:00:00 2001 From: martyav Date: Fri, 14 Feb 2020 17:50:36 -0500 Subject: [PATCH 107/112] updated instructions --- .../use-powershell-cmdlets-windows-defender-antivirus.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/windows/security/threat-protection/windows-defender-antivirus/use-powershell-cmdlets-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/use-powershell-cmdlets-windows-defender-antivirus.md index fc575f7bf8..8631d5a627 100644 --- a/windows/security/threat-protection/windows-defender-antivirus/use-powershell-cmdlets-windows-defender-antivirus.md +++ b/windows/security/threat-protection/windows-defender-antivirus/use-powershell-cmdlets-windows-defender-antivirus.md @@ -40,9 +40,9 @@ PowerShell is typically installed under the folder _%SystemRoot%\system32\Window ## Use Windows Defender Antivirus PowerShell cmdlets -1. On the Windows taskbar, select **Start**, type **powershell**, and press **Enter**. -2. Select **Windows PowerShell** to open the interface. -3. Enter the command and parameters. +1. In the Windows search bar, type **powershell**. +2. Select **Windows PowerShell** from the results to open the interface. +3. Enter the PowerShell command and any parameters. > [!NOTE] > You may need to open an administrator-level version of PowerShell. Right-click the item in the Start menu, click **Run as administrator** and click **Yes** at the permissions prompt. From dd3b5c24fa9b821cb7bf4393d22363e218a38e39 Mon Sep 17 00:00:00 2001 From: ManikaDhiman Date: Fri, 14 Feb 2020 16:27:34 -0800 Subject: [PATCH 108/112] Added missing Security policies to Policy index --- .../policy-configuration-service-provider.md | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/windows/client-management/mdm/policy-configuration-service-provider.md b/windows/client-management/mdm/policy-configuration-service-provider.md index 6e8652ff9c..7c7c9321d0 100644 --- a/windows/client-management/mdm/policy-configuration-service-provider.md +++ b/windows/client-management/mdm/policy-configuration-service-provider.md @@ -3328,6 +3328,23 @@ The following diagram shows the Policy configuration service provider in tree fo
Storage/AllowDiskHealthModelUpdates
+
+ Storage/AllowStorageSenseGlobal +
+
+ Storage/AllowStorageSenseTemporaryFilesCleanup +
+
+ Storage/ConfigStorageSenseCloudContentDehydrationThreshold +
+
+ Storage/ConfigStorageSenseDownloadsCleanupThreshold +
+
+ Storage/ConfigStorageSenseGlobalCadence +
+
+ Storage/ConfigStorageSenseRecycleBinCleanupThreshold
Storage/EnhancedStorageDevices
From 05621390194d824aa75958cb040d5f173dad850d Mon Sep 17 00:00:00 2001 From: John Liu <49762389+ShenLanJohn@users.noreply.github.com> Date: Sat, 15 Feb 2020 00:51:42 -0800 Subject: [PATCH 109/112] CAT Auto Pulish for Windows Release Messages - CAT_AutoPublish_20200215000333 (#2070) Co-authored-by: Direesh Kumar Kandakatla --- ...sues-windows-7-and-windows-server-2008-r2-sp1.yml | 10 ---------- ...issues-windows-8.1-and-windows-server-2012-r2.yml | 10 ---------- .../release-information/status-windows-10-1507.yml | 10 ++++++++++ ...tatus-windows-10-1607-and-windows-server-2016.yml | 12 ++++++++++++ .../release-information/status-windows-10-1709.yml | 12 ++++++++++++ .../release-information/status-windows-10-1803.yml | 12 ++++++++++++ ...tatus-windows-10-1809-and-windows-server-2019.yml | 12 ++++++++++++ .../release-information/status-windows-10-1903.yml | 12 ++++++++++++ .../release-information/status-windows-10-1909.yml | 12 ++++++++++++ ...status-windows-8.1-and-windows-server-2012-r2.yml | 10 ++++++++++ .../status-windows-server-2012.yml | 10 ++++++++++ 11 files changed, 102 insertions(+), 20 deletions(-) diff --git a/windows/release-information/resolved-issues-windows-7-and-windows-server-2008-r2-sp1.yml b/windows/release-information/resolved-issues-windows-7-and-windows-server-2008-r2-sp1.yml index 8ae49f0e18..1a52dc5fb6 100644 --- a/windows/release-information/resolved-issues-windows-7-and-windows-server-2008-r2-sp1.yml +++ b/windows/release-information/resolved-issues-windows-7-and-windows-server-2008-r2-sp1.yml @@ -40,7 +40,6 @@ sections:
Windows updates that are SHA-2 signed may not be offered for Symantec and Norton AV
Windows updates that are SHA-2 signed are not available with Symantec or Norton antivirus program installed

See details >August 13, 2019
KB4512506Resolved External
August 27, 2019
02:29 PM PT
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using PXE images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"

See details >June 11, 2019
KB4503292Resolved
KB4512514August 17, 2019
02:00 PM PT
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
Applications made using VB6, macros using VBA, and VBScript may stop responding and you may receive an error.

See details >August 13, 2019
KB4512506Resolved
KB4517297August 16, 2019
02:00 PM PT -
System may be unresponsive after restart with certain McAfee antivirus products
Devices running certain McAfee Endpoint security applications may be slow or unresponsive at startup.

See details >April 09, 2019
KB4493472Resolved External
August 13, 2019
06:59 PM PT " @@ -106,12 +105,3 @@ sections:
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) or System Center Configuration Manager (SCCM) may fail to start with the error \"Status: 0xc0000001, Info: A required device isn't connected or can't be accessed\" after installing KB4503292 on a WDS server.

Affected platforms:
  • Server: Windows Server 2008 SP2; Windows Server 2008 R2 SP1; Windows Server 2012; Windows Server 2012 R2; Windows Server 2016; Windows Server, version 1803; Windows Server 2019; Windows Server, version 1809; Windows Server, version 1903
Resolution: This issue was resolved in KB4512514.

Back to topJune 11, 2019
KB4503292Resolved
KB4512514Resolved:
August 17, 2019
02:00 PM PT

Opened:
July 10, 2019
02:51 PM PT " - -- title: April 2019 -- items: - - type: markdown - text: " - - -
DetailsOriginating updateStatusHistory
System may be unresponsive after restart with certain McAfee antivirus products
Microsoft and McAfee have identified an issue on devices with McAfee Endpoint Security (ENS) Threat Prevention 10.x or McAfee Host Intrusion Prevention (Host IPS) 8.0 or McAfee VirusScan Enterprise (VSE) 8.8 installed. It may cause the system to have slow startup or become unresponsive at restart after installing this update. 

Affected platforms:
  • Client: Windows 8.1; Windows 7 SP1
  • Server: Windows Server 2012 R2; Windows Server 2008 R2 SP1
Resolution: This issue has been resolved. McAfee has released an automatic update to address this issue. Guidance for McAfee customers can be found in the following McAfee support articles: 

Back to top		April 09, 2019
KB4493472		Resolved External
Last updated:
August 13, 2019
06:59 PM PT

Opened:
April 09, 2019
10:00 AM PT
- " diff --git a/windows/release-information/resolved-issues-windows-8.1-and-windows-server-2012-r2.yml b/windows/release-information/resolved-issues-windows-8.1-and-windows-server-2012-r2.yml index 3ad99d98ca..44809071a4 100644 --- a/windows/release-information/resolved-issues-windows-8.1-and-windows-server-2012-r2.yml +++ b/windows/release-information/resolved-issues-windows-8.1-and-windows-server-2012-r2.yml @@ -37,7 +37,6 @@ sections:
Windows RT 8.1 devices may have issues opening Internet Explorer 11
On Windows RT 8.1 devices, Internet Explorer 11 may not open and you may receive an error.

See details >September 10, 2019
KB4516067Resolved
KB4516041September 24, 2019
10:00 AM PT
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using PXE images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"

See details >June 11, 2019
KB4503276Resolved
KB4512478August 17, 2019
02:00 PM PT
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
Applications made using VB6, macros using VBA, and VBScript may stop responding and you may receive an error.

See details >August 13, 2019
KB4512488Resolved
KB4517298August 16, 2019
02:00 PM PT -
System may be unresponsive after restart with certain McAfee antivirus products
Devices running certain McAfee Endpoint security applications may be slow or unresponsive at startup.

See details >April 09, 2019
KB4493446Resolved External
August 13, 2019
06:59 PM PT " @@ -84,12 +83,3 @@ sections:
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) or System Center Configuration Manager (SCCM) may fail to start with the error \"Status: 0xc0000001, Info: A required device isn't connected or can't be accessed\" after installing KB4503276 on a WDS server.

Affected platforms:
  • Server: Windows Server 2008 SP2; Windows Server 2008 R2 SP1; Windows Server 2012; Windows Server 2012 R2; Windows Server 2016; Windows Server, version 1803; Windows Server 2019; Windows Server, version 1809; Windows Server, version 1903
Resolution: This issue was resolved in KB4512478.

Back to topJune 11, 2019
KB4503276Resolved
KB4512478Resolved:
August 17, 2019
02:00 PM PT

Opened:
July 10, 2019
02:51 PM PT " - -- title: April 2019 -- items: - - type: markdown - text: " - - -
DetailsOriginating updateStatusHistory
System may be unresponsive after restart with certain McAfee antivirus products
Microsoft and McAfee have identified an issue on devices with McAfee Endpoint Security (ENS) Threat Prevention 10.x or McAfee Host Intrusion Prevention (Host IPS) 8.0 or McAfee VirusScan Enterprise (VSE) 8.8 installed. It may cause the system to have slow startup or become unresponsive at restart after installing this update. 

Affected platforms:
  • Client: Windows 8.1; Windows 7 SP1
  • Server: Windows Server 2012 R2; Windows Server 2008 R2 SP1
Resolution: This issue has been resolved. McAfee has released an automatic update to address this issue. Guidance for McAfee customers can be found in the following McAfee support articles:  

Back to top		April 09, 2019
KB4493446		Resolved External
Last updated:
August 13, 2019
06:59 PM PT

Opened:
April 09, 2019
10:00 AM PT
- " diff --git a/windows/release-information/status-windows-10-1507.yml b/windows/release-information/status-windows-10-1507.yml index df76e08bd1..3846d88d01 100644 --- a/windows/release-information/status-windows-10-1507.yml +++ b/windows/release-information/status-windows-10-1507.yml @@ -60,6 +60,7 @@ sections: - type: markdown text: "
This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.

+
SummaryOriginating updateStatusLast updated
You might encounter issues with KB4502496
You might encounter issues trying to install or after installing KB4502496

See details >		N/A
February 11, 2019
KB4502496		Mitigated
February 15, 2020
12:02 AM PT
TLS connections might fail or timeout
Transport Layer Security (TLS) connections might fail or timeout when connecting or attempting a resumption.

See details >		OS Build 10240.18368

October 08, 2019
KB4520011		Mitigated External
November 05, 2019
03:36 PM PT
Certain operations performed on a Cluster Shared Volume may fail
Operations performed on files or folders on a CSV may fail with the error: STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5).

See details >		OS Build 10240.18094

January 08, 2019
KB4480962		Mitigated
April 25, 2019
02:00 PM PT
@@ -72,6 +73,15 @@ sections:
" +- title: February 2020 +- items: + - type: markdown + text: " + + +
DetailsOriginating updateStatusHistory
You might encounter issues with KB4502496
You might encounter issues trying to install or after installing KB4502496.

Affected platforms:
  • Client: Windows 10, version 1909; Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1
  • Server: Windows Server, version 1909; Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Workaround: To help a sub-set of affected devices, the standalone security update (KB4502496) has been removed and will not re-offered from Windows Update, Windows Server Update Services (WSUS) or Microsoft Update Catalog. Note This does not affect any other update, including Latest Cumulative Updates (LCUs), Monthly Rollups or Security Only updates.

If this update is installed and you are experiencing issues, you can uninstall this update.
  1. Select the start button or Windows Desktop Search and type update history and select View your Update history.
  2. On the Settings/View update history dialog window, Select Uninstall Updates.
  3. On the Installed Updates dialog window, find and select KB4502496 and select the Uninstall button.
  4. Restart your device.
 
Next steps: We are working on an improved version of this update in coordination with our partners and will release it in a future update.

Back to top		N/A
February 11, 2019
KB4502496		Mitigated
Last updated:
February 15, 2020
12:02 AM PT

Opened:
February 15, 2020
12:02 AM PT
+ " + - title: November 2019 - items: - type: markdown diff --git a/windows/release-information/status-windows-10-1607-and-windows-server-2016.yml b/windows/release-information/status-windows-10-1607-and-windows-server-2016.yml index 349276ccd7..0fcc5e9d8c 100644 --- a/windows/release-information/status-windows-10-1607-and-windows-server-2016.yml +++ b/windows/release-information/status-windows-10-1607-and-windows-server-2016.yml @@ -60,6 +60,8 @@ sections: - type: markdown text: "
This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.

+ + @@ -74,6 +76,16 @@ sections:
" +- title: February 2020 +- items: + - type: markdown + text: " +
SummaryOriginating updateStatusLast updated
“Reset this PC” feature might fail
“Reset this PC” feature is also called “Push Button Reset” or PBR.

See details >		N/A
February 11, 2019
KB4524244		Mitigated
February 15, 2020
12:02 AM PT
You might encounter issues with KB4524244
You might encounter issues trying to install or after installing KB4524244

See details >		N/A
February 11, 2019
KB4524244		Mitigated
February 15, 2020
12:02 AM PT
Windows may not start on certain Lenovo and Fujitsu laptops with less than 8GB of RAM
Windows may fail to start on certain Lenovo and Fujitsu laptops that have less than 8 GB of RAM.

See details >		OS Build 14393.2608

November 13, 2018
KB4467691		Resolved External
January 23, 2020
02:08 PM PT
TLS connections might fail or timeout
Transport Layer Security (TLS) connections might fail or timeout when connecting or attempting a resumption.

See details >		OS Build 14393.3274

October 08, 2019
KB4519998		Mitigated External
November 05, 2019
03:36 PM PT
Certain operations performed on a Cluster Shared Volume may fail
Operations performed on files or folders on a CSV may fail with the error: STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5).

See details >		OS Build 14393.2724

January 08, 2019
KB4480961		Mitigated
April 25, 2019
02:00 PM PT
+ + +
DetailsOriginating updateStatusHistory
“Reset this PC” feature might fail
Using the “Reset this PC” feature, also called “Push Button Reset” or PBR, might fail. You might restart into recovery with “Choose an option” at the top of the screen with various options or you might restart to your desktop and receive the error “There was a problem resetting your PC”.

Affected platforms:
  • Client: Windows 10, version 1909; Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
  • Server: Windows Server, version 1909; Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016
Workaround: The standalone security update, KB4524244 has been removed and will not re-offered from Windows Update, Windows Server Update Services (WSUS) or Microsoft Update Catalog. Note This does not affect any other update, including Latest Cumulative Update (LCU), Monthly Rollup or Security Only update.

If you have installed this update and are experiencing this issue, the following steps should allow you to reset your device:
  1. Select the start button or Windows Desktop Search and type update history and select View your Update history.
  2. On the Settings/View update history dialog window, Select Uninstall Updates.
  3. On the Installed Updates dialog window, find and select KB4524244 and select the Uninstall button.
  4. Restart your device.
  5. Upon restart use the “Reset this PC” feature and you should not encounter this issue.

Next steps: We are working on an improved version of this update in coordination with our partners and will release it in a future update.

Back to top		N/A
February 11, 2019
KB4524244		Mitigated
Last updated:
February 15, 2020
12:02 AM PT

Opened:
February 15, 2020
12:02 AM PT
You might encounter issues with KB4524244
You might encounter issues trying to install or after installing KB4524244.

Affected platforms:
  • Client: Windows 10, version 1909; Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1
  • Server: Windows Server, version 1909; Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Workaround: To help a sub-set of affected devices, the standalone security update (KB4524244) has been removed and will not re-offered from Windows Update, Windows Server Update Services (WSUS) or Microsoft Update Catalog. Note This does not affect any other update, including Latest Cumulative Updates (LCUs), Monthly Rollups or Security Only updates.

If this update is installed and you are experiencing issues, you can uninstall this update.
  1. Select the start button or Windows Desktop Search and type update history and select View your Update history.
  2. On the Settings/View update history dialog window, Select Uninstall Updates.
  3. On the Installed Updates dialog window, find and select KB4524244 and select the Uninstall button.
  4. Restart your device.
 
Next steps: We are working on an improved version of this update in coordination with our partners and will release it in a future update.

Back to top		N/A
February 11, 2019
KB4524244		Mitigated
Last updated:
February 15, 2020
12:02 AM PT

Opened:
February 15, 2020
12:02 AM PT
+ " + - title: November 2019 - items: - type: markdown diff --git a/windows/release-information/status-windows-10-1709.yml b/windows/release-information/status-windows-10-1709.yml index 68f5967f84..bb6904a30e 100644 --- a/windows/release-information/status-windows-10-1709.yml +++ b/windows/release-information/status-windows-10-1709.yml @@ -60,6 +60,8 @@ sections: - type: markdown text: "
This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.

+ + @@ -73,6 +75,16 @@ sections:
" +- title: February 2020 +- items: + - type: markdown + text: " +
SummaryOriginating updateStatusLast updated
“Reset this PC” feature might fail
“Reset this PC” feature is also called “Push Button Reset” or PBR.

See details >		N/A
February 11, 2019
KB4524244		Mitigated
February 15, 2020
12:02 AM PT
You might encounter issues with KB4524244
You might encounter issues trying to install or after installing KB4524244

See details >		N/A
February 11, 2019
KB4524244		Mitigated
February 15, 2020
12:02 AM PT
Unable to create local users in Chinese, Japanese and Korean during device setup
You might be unable to create users in Chinese, Japanese and Korean using Input Method Editor (IME) during OOBE.

See details >		OS Build 16299.1387

September 10, 2019
KB4516066		Resolved
KB4534318		January 23, 2020
02:00 PM PT
TLS connections might fail or timeout
Transport Layer Security (TLS) connections might fail or timeout when connecting or attempting a resumption.

See details >		OS Build 16299.1451

October 08, 2019
KB4520004		Mitigated External
November 05, 2019
03:36 PM PT
Certain operations performed on a Cluster Shared Volume may fail
Operations performed on files or folders on a CSV may fail with the error: STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5).

See details >		OS Build 16299.904

January 08, 2019
KB4480978		Mitigated
April 25, 2019
02:00 PM PT
+ + +
DetailsOriginating updateStatusHistory
“Reset this PC” feature might fail
Using the “Reset this PC” feature, also called “Push Button Reset” or PBR, might fail. You might restart into recovery with “Choose an option” at the top of the screen with various options or you might restart to your desktop and receive the error “There was a problem resetting your PC”.

Affected platforms:
  • Client: Windows 10, version 1909; Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
  • Server: Windows Server, version 1909; Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016
Workaround: The standalone security update, KB4524244 has been removed and will not re-offered from Windows Update, Windows Server Update Services (WSUS) or Microsoft Update Catalog. Note This does not affect any other update, including Latest Cumulative Update (LCU), Monthly Rollup or Security Only update.

If you have installed this update and are experiencing this issue, the following steps should allow you to reset your device:
  1. Select the start button or Windows Desktop Search and type update history and select View your Update history.
  2. On the Settings/View update history dialog window, Select Uninstall Updates.
  3. On the Installed Updates dialog window, find and select KB4524244 and select the Uninstall button.
  4. Restart your device.
  5. Upon restart use the “Reset this PC” feature and you should not encounter this issue.

Next steps: We are working on an improved version of this update in coordination with our partners and will release it in a future update.

Back to top		N/A
February 11, 2019
KB4524244		Mitigated
Last updated:
February 15, 2020
12:02 AM PT

Opened:
February 15, 2020
12:02 AM PT
You might encounter issues with KB4524244
You might encounter issues trying to install or after installing KB4524244.

Affected platforms:
  • Client: Windows 10, version 1909; Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1
  • Server: Windows Server, version 1909; Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Workaround: To help a sub-set of affected devices, the standalone security update (KB4524244) has been removed and will not re-offered from Windows Update, Windows Server Update Services (WSUS) or Microsoft Update Catalog. Note This does not affect any other update, including Latest Cumulative Updates (LCUs), Monthly Rollups or Security Only updates.

If this update is installed and you are experiencing issues, you can uninstall this update.
  1. Select the start button or Windows Desktop Search and type update history and select View your Update history.
  2. On the Settings/View update history dialog window, Select Uninstall Updates.
  3. On the Installed Updates dialog window, find and select KB4524244 and select the Uninstall button.
  4. Restart your device.
 
Next steps: We are working on an improved version of this update in coordination with our partners and will release it in a future update.

Back to top		N/A
February 11, 2019
KB4524244		Mitigated
Last updated:
February 15, 2020
12:02 AM PT

Opened:
February 15, 2020
12:02 AM PT
+ " + - title: November 2019 - items: - type: markdown diff --git a/windows/release-information/status-windows-10-1803.yml b/windows/release-information/status-windows-10-1803.yml index d5408f495b..42a74822e9 100644 --- a/windows/release-information/status-windows-10-1803.yml +++ b/windows/release-information/status-windows-10-1803.yml @@ -64,6 +64,8 @@ sections: - type: markdown text: "
This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.

+ + @@ -77,6 +79,16 @@ sections:
" +- title: February 2020 +- items: + - type: markdown + text: " +
SummaryOriginating updateStatusLast updated
“Reset this PC” feature might fail
“Reset this PC” feature is also called “Push Button Reset” or PBR.

See details >		N/A
February 11, 2019
KB4524244		Mitigated
February 15, 2020
12:02 AM PT
You might encounter issues with KB4524244
You might encounter issues trying to install or after installing KB4524244

See details >		N/A
February 11, 2019
KB4524244		Mitigated
February 15, 2020
12:02 AM PT
Unable to create local users in Chinese, Japanese and Korean during device setup
You might be unable to create users in Chinese, Japanese and Korean using Input Method Editor (IME) during OOBE.

See details >		OS Build 17134.1006

September 10, 2019
KB4516058		Resolved
KB4534308		January 23, 2020
02:00 PM PT
TLS connections might fail or timeout
Transport Layer Security (TLS) connections might fail or timeout when connecting or attempting a resumption.

See details >		OS Build 17134.1069

October 08, 2019
KB4520008		Mitigated External
November 05, 2019
03:36 PM PT
Certain operations performed on a Cluster Shared Volume may fail
Operations performed on files or folders on a CSV may fail with the error: STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5).

See details >		OS Build 17134.523

January 08, 2019
KB4480966		Mitigated
April 25, 2019
02:00 PM PT
+ + +
DetailsOriginating updateStatusHistory
“Reset this PC” feature might fail
Using the “Reset this PC” feature, also called “Push Button Reset” or PBR, might fail. You might restart into recovery with “Choose an option” at the top of the screen with various options or you might restart to your desktop and receive the error “There was a problem resetting your PC”.

Affected platforms:
  • Client: Windows 10, version 1909; Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
  • Server: Windows Server, version 1909; Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016
Workaround: The standalone security update, KB4524244 has been removed and will not re-offered from Windows Update, Windows Server Update Services (WSUS) or Microsoft Update Catalog. Note This does not affect any other update, including Latest Cumulative Update (LCU), Monthly Rollup or Security Only update.

If you have installed this update and are experiencing this issue, the following steps should allow you to reset your device:
  1. Select the start button or Windows Desktop Search and type update history and select View your Update history.
  2. On the Settings/View update history dialog window, Select Uninstall Updates.
  3. On the Installed Updates dialog window, find and select KB4524244 and select the Uninstall button.
  4. Restart your device.
  5. Upon restart use the “Reset this PC” feature and you should not encounter this issue.

Next steps: We are working on an improved version of this update in coordination with our partners and will release it in a future update.

Back to top		N/A
February 11, 2019
KB4524244		Mitigated
Last updated:
February 15, 2020
12:02 AM PT

Opened:
February 15, 2020
12:02 AM PT
You might encounter issues with KB4524244
You might encounter issues trying to install or after installing KB4524244.

Affected platforms:
  • Client: Windows 10, version 1909; Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1
  • Server: Windows Server, version 1909; Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Workaround: To help a sub-set of affected devices, the standalone security update (KB4524244) has been removed and will not re-offered from Windows Update, Windows Server Update Services (WSUS) or Microsoft Update Catalog. Note This does not affect any other update, including Latest Cumulative Updates (LCUs), Monthly Rollups or Security Only updates.

If this update is installed and you are experiencing issues, you can uninstall this update.
  1. Select the start button or Windows Desktop Search and type update history and select View your Update history.
  2. On the Settings/View update history dialog window, Select Uninstall Updates.
  3. On the Installed Updates dialog window, find and select KB4524244 and select the Uninstall button.
  4. Restart your device.
 
Next steps: We are working on an improved version of this update in coordination with our partners and will release it in a future update.

Back to top		N/A
February 11, 2019
KB4524244		Mitigated
Last updated:
February 15, 2020
12:02 AM PT

Opened:
February 15, 2020
12:02 AM PT
+ " + - title: November 2019 - items: - type: markdown diff --git a/windows/release-information/status-windows-10-1809-and-windows-server-2019.yml b/windows/release-information/status-windows-10-1809-and-windows-server-2019.yml index 7beb2e9c30..a6c69b9a7e 100644 --- a/windows/release-information/status-windows-10-1809-and-windows-server-2019.yml +++ b/windows/release-information/status-windows-10-1809-and-windows-server-2019.yml @@ -64,6 +64,8 @@ sections: - type: markdown text: "
This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.

+ + @@ -78,6 +80,16 @@ sections:
" +- title: February 2020 +- items: + - type: markdown + text: " +
SummaryOriginating updateStatusLast updated
“Reset this PC” feature might fail
“Reset this PC” feature is also called “Push Button Reset” or PBR.

See details >		N/A
February 11, 2019
KB4524244		Mitigated
February 15, 2020
12:02 AM PT
You might encounter issues with KB4524244
You might encounter issues trying to install or after installing KB4524244

See details >		N/A
February 11, 2019
KB4524244		Mitigated
February 15, 2020
12:02 AM PT
Unable to create local users in Chinese, Japanese and Korean during device setup
You might be unable to create users in Chinese, Japanese and Korean using Input Method Editor (IME) during OOBE.

See details >		OS Build 17763.737

September 10, 2019
KB4512578		Resolved
KB4534321		January 23, 2020
02:00 PM PT
TLS connections might fail or timeout
Transport Layer Security (TLS) connections might fail or timeout when connecting or attempting a resumption.

See details >		OS Build 17763.805

October 08, 2019
KB4519338		Mitigated External
November 05, 2019
03:36 PM PT
Devices with some Asian language packs installed may receive an error
Devices with Asian language packs installed may receive the error, \"0x800f0982 - PSFX_E_MATCHING_COMPONENT_NOT_FOUND.\"

See details >		OS Build 17763.437

April 09, 2019
KB4493509		Mitigated
May 03, 2019
10:59 AM PT
+ + +
DetailsOriginating updateStatusHistory
“Reset this PC” feature might fail
Using the “Reset this PC” feature, also called “Push Button Reset” or PBR, might fail. You might restart into recovery with “Choose an option” at the top of the screen with various options or you might restart to your desktop and receive the error “There was a problem resetting your PC”.

Affected platforms:
  • Client: Windows 10, version 1909; Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
  • Server: Windows Server, version 1909; Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016
Workaround: The standalone security update, KB4524244 has been removed and will not re-offered from Windows Update, Windows Server Update Services (WSUS) or Microsoft Update Catalog. Note This does not affect any other update, including Latest Cumulative Update (LCU), Monthly Rollup or Security Only update.

If you have installed this update and are experiencing this issue, the following steps should allow you to reset your device:
  1. Select the start button or Windows Desktop Search and type update history and select View your Update history.
  2. On the Settings/View update history dialog window, Select Uninstall Updates.
  3. On the Installed Updates dialog window, find and select KB4524244 and select the Uninstall button.
  4. Restart your device.
  5. Upon restart use the “Reset this PC” feature and you should not encounter this issue.

Next steps: We are working on an improved version of this update in coordination with our partners and will release it in a future update.

Back to top		N/A
February 11, 2019
KB4524244		Mitigated
Last updated:
February 15, 2020
12:02 AM PT

Opened:
February 15, 2020
12:02 AM PT
You might encounter issues with KB4524244
You might encounter issues trying to install or after installing KB4524244.

Affected platforms:
  • Client: Windows 10, version 1909; Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1
  • Server: Windows Server, version 1909; Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Workaround: To help a sub-set of affected devices, the standalone security update (KB4524244) has been removed and will not re-offered from Windows Update, Windows Server Update Services (WSUS) or Microsoft Update Catalog. Note This does not affect any other update, including Latest Cumulative Updates (LCUs), Monthly Rollups or Security Only updates.

If this update is installed and you are experiencing issues, you can uninstall this update.
  1. Select the start button or Windows Desktop Search and type update history and select View your Update history.
  2. On the Settings/View update history dialog window, Select Uninstall Updates.
  3. On the Installed Updates dialog window, find and select KB4524244 and select the Uninstall button.
  4. Restart your device.
 
Next steps: We are working on an improved version of this update in coordination with our partners and will release it in a future update.

Back to top		N/A
February 11, 2019
KB4524244		Mitigated
Last updated:
February 15, 2020
12:02 AM PT

Opened:
February 15, 2020
12:02 AM PT
+ " + - title: November 2019 - items: - type: markdown diff --git a/windows/release-information/status-windows-10-1903.yml b/windows/release-information/status-windows-10-1903.yml index c37a9ca547..cb7133af96 100644 --- a/windows/release-information/status-windows-10-1903.yml +++ b/windows/release-information/status-windows-10-1903.yml @@ -64,6 +64,8 @@ sections: - type: markdown text: "
This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.

+ +
SummaryOriginating updateStatusLast updated
“Reset this PC” feature might fail
“Reset this PC” feature is also called “Push Button Reset” or PBR.

See details >		N/A
February 11, 2019
KB4524244		Mitigated
February 15, 2020
12:02 AM PT
You might encounter issues with KB4524244
You might encounter issues trying to install or after installing KB4524244

See details >		N/A
February 11, 2019
KB4524244		Mitigated
February 15, 2020
12:02 AM PT
Issues with some older versions of Avast and AVG anti-virus products
Microsoft and Avast has identified compatibility issues with some versions of Avast and AVG Antivirus.

See details >		N/A

Mitigated External
November 25, 2019
05:25 PM PT
TLS connections might fail or timeout
Transport Layer Security (TLS) connections might fail or timeout when connecting or attempting a resumption.

See details >		OS Build 18362.418

October 08, 2019
KB4517389		Mitigated External
November 05, 2019
03:36 PM PT
@@ -76,6 +78,16 @@ sections:
" +- title: February 2020 +- items: + - type: markdown + text: " + + + +
DetailsOriginating updateStatusHistory
“Reset this PC” feature might fail
Using the “Reset this PC” feature, also called “Push Button Reset” or PBR, might fail. You might restart into recovery with “Choose an option” at the top of the screen with various options or you might restart to your desktop and receive the error “There was a problem resetting your PC”.

Affected platforms:
  • Client: Windows 10, version 1909; Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
  • Server: Windows Server, version 1909; Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016
Workaround: The standalone security update, KB4524244 has been removed and will not re-offered from Windows Update, Windows Server Update Services (WSUS) or Microsoft Update Catalog. Note This does not affect any other update, including Latest Cumulative Update (LCU), Monthly Rollup or Security Only update.

If you have installed this update and are experiencing this issue, the following steps should allow you to reset your device:
  1. Select the start button or Windows Desktop Search and type update history and select View your Update history.
  2. On the Settings/View update history dialog window, Select Uninstall Updates.
  3. On the Installed Updates dialog window, find and select KB4524244 and select the Uninstall button.
  4. Restart your device.
  5. Upon restart use the “Reset this PC” feature and you should not encounter this issue.

Next steps: We are working on an improved version of this update in coordination with our partners and will release it in a future update.

Back to top		N/A
February 11, 2019
KB4524244		Mitigated
Last updated:
February 15, 2020
12:02 AM PT

Opened:
February 15, 2020
12:02 AM PT
You might encounter issues with KB4524244
You might encounter issues trying to install or after installing KB4524244.

Affected platforms:
  • Client: Windows 10, version 1909; Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1
  • Server: Windows Server, version 1909; Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Workaround: To help a sub-set of affected devices, the standalone security update (KB4524244) has been removed and will not re-offered from Windows Update, Windows Server Update Services (WSUS) or Microsoft Update Catalog. Note This does not affect any other update, including Latest Cumulative Updates (LCUs), Monthly Rollups or Security Only updates.

If this update is installed and you are experiencing issues, you can uninstall this update.
  1. Select the start button or Windows Desktop Search and type update history and select View your Update history.
  2. On the Settings/View update history dialog window, Select Uninstall Updates.
  3. On the Installed Updates dialog window, find and select KB4524244 and select the Uninstall button.
  4. Restart your device.
 
Next steps: We are working on an improved version of this update in coordination with our partners and will release it in a future update.

Back to top		N/A
February 11, 2019
KB4524244		Mitigated
Last updated:
February 15, 2020
12:02 AM PT

Opened:
February 15, 2020
12:02 AM PT
+ " + - title: November 2019 - items: - type: markdown diff --git a/windows/release-information/status-windows-10-1909.yml b/windows/release-information/status-windows-10-1909.yml index 5d5aa24d52..631a1ea8d9 100644 --- a/windows/release-information/status-windows-10-1909.yml +++ b/windows/release-information/status-windows-10-1909.yml @@ -64,6 +64,8 @@ sections: - type: markdown text: "
This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.

+ +
SummaryOriginating updateStatusLast updated
“Reset this PC” feature might fail
“Reset this PC” feature is also called “Push Button Reset” or PBR.

See details >		N/A
February 11, 2019
KB4524244		Mitigated
February 15, 2020
12:02 AM PT
You might encounter issues with KB4524244
You might encounter issues trying to install or after installing KB4524244

See details >		N/A
February 11, 2019
KB4524244		Mitigated
February 15, 2020
12:02 AM PT
Issues with some older versions of Avast and AVG anti-virus products
Microsoft and Avast has identified compatibility issues with some versions of Avast and AVG Antivirus.

See details >		N/A

Mitigated External
November 25, 2019
05:25 PM PT
" @@ -75,6 +77,16 @@ sections:
" +- title: February 2020 +- items: + - type: markdown + text: " + + + +
DetailsOriginating updateStatusHistory
“Reset this PC” feature might fail
Using the “Reset this PC” feature, also called “Push Button Reset” or PBR, might fail. You might restart into recovery with “Choose an option” at the top of the screen with various options or you might restart to your desktop and receive the error “There was a problem resetting your PC”.

Affected platforms:
  • Client: Windows 10, version 1909; Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
  • Server: Windows Server, version 1909; Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016
Workaround: The standalone security update, KB4524244 has been removed and will not re-offered from Windows Update, Windows Server Update Services (WSUS) or Microsoft Update Catalog. Note This does not affect any other update, including Latest Cumulative Update (LCU), Monthly Rollup or Security Only update.

If you have installed this update and are experiencing this issue, the following steps should allow you to reset your device:
  1. Select the start button or Windows Desktop Search and type update history and select View your Update history.
  2. On the Settings/View update history dialog window, Select Uninstall Updates.
  3. On the Installed Updates dialog window, find and select KB4524244 and select the Uninstall button.
  4. Restart your device.
  5. Upon restart use the “Reset this PC” feature and you should not encounter this issue.

Next steps: We are working on an improved version of this update in coordination with our partners and will release it in a future update.

Back to top		N/A
February 11, 2019
KB4524244		Mitigated
Last updated:
February 15, 2020
12:02 AM PT

Opened:
February 15, 2020
12:02 AM PT
You might encounter issues with KB4524244
You might encounter issues trying to install or after installing KB4524244.

Affected platforms:
  • Client: Windows 10, version 1909; Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1
  • Server: Windows Server, version 1909; Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Workaround: To help a sub-set of affected devices, the standalone security update (KB4524244) has been removed and will not re-offered from Windows Update, Windows Server Update Services (WSUS) or Microsoft Update Catalog. Note This does not affect any other update, including Latest Cumulative Updates (LCUs), Monthly Rollups or Security Only updates.

If this update is installed and you are experiencing issues, you can uninstall this update.
  1. Select the start button or Windows Desktop Search and type update history and select View your Update history.
  2. On the Settings/View update history dialog window, Select Uninstall Updates.
  3. On the Installed Updates dialog window, find and select KB4524244 and select the Uninstall button.
  4. Restart your device.
 
Next steps: We are working on an improved version of this update in coordination with our partners and will release it in a future update.

Back to top		N/A
February 11, 2019
KB4524244		Mitigated
Last updated:
February 15, 2020
12:02 AM PT

Opened:
February 15, 2020
12:02 AM PT
+ " + - title: November 2019 - items: - type: markdown diff --git a/windows/release-information/status-windows-8.1-and-windows-server-2012-r2.yml b/windows/release-information/status-windows-8.1-and-windows-server-2012-r2.yml index 596f76e9d2..8a62e5b48c 100644 --- a/windows/release-information/status-windows-8.1-and-windows-server-2012-r2.yml +++ b/windows/release-information/status-windows-8.1-and-windows-server-2012-r2.yml @@ -60,6 +60,7 @@ sections: - type: markdown text: "
This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.

+ @@ -73,6 +74,15 @@ sections:
" +- title: February 2020 +- items: + - type: markdown + text: " +
SummaryOriginating updateStatusLast updated
You might encounter issues with KB4502496
You might encounter issues trying to install or after installing KB4502496

See details >		February 11, 2020
KB4502496		Mitigated
February 15, 2020
12:02 AM PT
TLS connections might fail or timeout
Transport Layer Security (TLS) connections might fail or timeout when connecting or attempting a resumption.

See details >		October 08, 2019
KB4520005		Mitigated External
November 05, 2019
03:36 PM PT
Japanese IME doesn't show the new Japanese Era name as a text input option
With previous dictionary updates installed, the Japanese IME doesn't show the new Japanese Era name as an input option.

See details >		April 25, 2019
KB4493443		Mitigated
May 15, 2019
05:53 PM PT
Certain operations performed on a Cluster Shared Volume may fail
Operations performed on files or folders on a CSV may fail with the error: STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5).

See details >		January 08, 2019
KB4480963		Mitigated
April 25, 2019
02:00 PM PT
+ +
DetailsOriginating updateStatusHistory
You might encounter issues with KB4502496
You might encounter issues trying to install or after installing KB4502496.

Affected platforms:
  • Client: Windows 10, version 1909; Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1
  • Server: Windows Server, version 1909; Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Workaround: To help a sub-set of affected devices, the standalone security update (KB4502496) has been removed and will not re-offered from Windows Update, Windows Server Update Services (WSUS) or Microsoft Update Catalog. Note This does not affect any other update, including Latest Cumulative Updates (LCUs), Monthly Rollups or Security Only updates.

If this update is installed and you are experiencing issues, you can uninstall this update.
  1. Select the start button or Windows Desktop Search and type update history and select View your Update history.
  2. On the Settings/View update history dialog window, Select Uninstall Updates.
  3. On the Installed Updates dialog window, find and select KB4502496 and select the Uninstall button.
  4. Restart your device.
 
Next steps: We are working on an improved version of this update in coordination with our partners and will release it in a future update.

Back to top		February 11, 2020
KB4502496		Mitigated
Last updated:
February 15, 2020
12:02 AM PT

Opened:
February 15, 2020
12:02 AM PT
+ " + - title: November 2019 - items: - type: markdown diff --git a/windows/release-information/status-windows-server-2012.yml b/windows/release-information/status-windows-server-2012.yml index c83ea0923f..95f21c394f 100644 --- a/windows/release-information/status-windows-server-2012.yml +++ b/windows/release-information/status-windows-server-2012.yml @@ -60,6 +60,7 @@ sections: - type: markdown text: "
This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.

+ @@ -73,6 +74,15 @@ sections:
" +- title: February 2020 +- items: + - type: markdown + text: " +
SummaryOriginating updateStatusLast updated
You might encounter issues with KB4502496
You might encounter issues trying to install or after installing KB4502496

See details >		February 11, 2020
KB4502496		Mitigated
February 15, 2020
12:02 AM PT
TLS connections might fail or timeout
Transport Layer Security (TLS) connections might fail or timeout when connecting or attempting a resumption.

See details >		October 08, 2019
KB4520007		Mitigated External
November 05, 2019
03:36 PM PT
Japanese IME doesn't show the new Japanese Era name as a text input option
With previous dictionary updates installed, the Japanese IME doesn't show the new Japanese Era name as an input option.

See details >		April 25, 2019
KB4493462		Mitigated
May 15, 2019
05:53 PM PT
Certain operations performed on a Cluster Shared Volume may fail
Operations performed on files or folders on a CSV may fail with the error: STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5).

See details >		January 08, 2019
KB4480975		Mitigated
April 25, 2019
02:00 PM PT
+ +
DetailsOriginating updateStatusHistory
You might encounter issues with KB4502496
You might encounter issues trying to install or after installing KB4502496.

Affected platforms:
  • Client: Windows 10, version 1909; Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1
  • Server: Windows Server, version 1909; Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Workaround: To help a sub-set of affected devices, the standalone security update (KB4502496) has been removed and will not re-offered from Windows Update, Windows Server Update Services (WSUS) or Microsoft Update Catalog. Note This does not affect any other update, including Latest Cumulative Updates (LCUs), Monthly Rollups or Security Only updates.

If this update is installed and you are experiencing issues, you can uninstall this update.
  1. Select the start button or Windows Desktop Search and type update history and select View your Update history.
  2. On the Settings/View update history dialog window, Select Uninstall Updates.
  3. On the Installed Updates dialog window, find and select KB4502496 and select the Uninstall button.
  4. Restart your device.
 
Next steps: We are working on an improved version of this update in coordination with our partners and will release it in a future update.

Back to top		February 11, 2020
KB4502496		Mitigated
Last updated:
February 15, 2020
12:02 AM PT

Opened:
February 15, 2020
12:02 AM PT
+ " + - title: November 2019 - items: - type: markdown From ba8f42467c062970020f82267ae03e028db7b184 Mon Sep 17 00:00:00 2001 From: John Liu <49762389+ShenLanJohn@users.noreply.github.com> Date: Sat, 15 Feb 2020 01:12:39 -0800 Subject: [PATCH 110/112] CAT Auto Pulish for Windows Release Messages - 20200215010221 (#2071) * Update windows-autopilot-and-surface-devices.md Updates link * Update windows-autopilot-and-surface-devices.md Updates link * links changed + linting I altered the links to point directly to the page they were being redirected to I also did a light copyedit, including linting text editor warnings away * updated instructions * CAT Auto Pulish for Windows Release Messages - CAT_AutoPublish_20200215000333 (#2070) Co-authored-by: Direesh Kumar Kandakatla Co-authored-by: John Kaiser <35939694+CoveMiner@users.noreply.github.com> Co-authored-by: Marty Hernandez Avedon Co-authored-by: Denise Vangel-MSFT Co-authored-by: Gary Moore Co-authored-by: Direesh Kumar Kandakatla --- .../windows-autopilot-and-surface-devices.md | 4 ++-- ...-windows-7-and-windows-server-2008-r2-sp1.yml | 10 ---------- ...es-windows-8.1-and-windows-server-2012-r2.yml | 10 ---------- .../status-windows-10-1507.yml | 10 ++++++++++ ...s-windows-10-1607-and-windows-server-2016.yml | 12 ++++++++++++ .../status-windows-10-1709.yml | 12 ++++++++++++ .../status-windows-10-1803.yml | 12 ++++++++++++ ...s-windows-10-1809-and-windows-server-2019.yml | 12 ++++++++++++ .../status-windows-10-1903.yml | 12 ++++++++++++ .../status-windows-10-1909.yml | 12 ++++++++++++ ...us-windows-8.1-and-windows-server-2012-r2.yml | 10 ++++++++++ .../status-windows-server-2012.yml | 10 ++++++++++ ...ershell-cmdlets-windows-defender-antivirus.md | 16 ++++++++-------- 13 files changed, 112 insertions(+), 30 deletions(-) diff --git a/devices/surface/windows-autopilot-and-surface-devices.md b/devices/surface/windows-autopilot-and-surface-devices.md index add490a9a7..1fbdba19cf 100644 --- a/devices/surface/windows-autopilot-and-surface-devices.md +++ b/devices/surface/windows-autopilot-and-surface-devices.md @@ -13,7 +13,7 @@ ms.author: dansimp ms.topic: article ms.localizationpriority: medium ms.audience: itpro -ms.date: 02/13/2020 +ms.date: 02/14/2020 --- # Windows Autopilot and Surface devices @@ -51,7 +51,7 @@ Surface partners that are enabled for Windows Autopilot include: - [ALSO](https://www.also.com/ec/cms5/de_1010/1010_anbieter/microsoft/windows-autopilot/index.jsp) - [Atea](https://www.atea.com/) -- [Bechtle](https://www.bechtle.com/backend/cms/marken/microsoft/microsoft-windows-autopilot) +- [Bechtle](https://www.bechtle.com/marken/microsoft/microsoft-windows-autopilot) - [Cancom](https://www.cancom.de/) - [CDW](https://www.cdw.com/) - [Computacenter](https://www.computacenter.com/uk) diff --git a/windows/release-information/resolved-issues-windows-7-and-windows-server-2008-r2-sp1.yml b/windows/release-information/resolved-issues-windows-7-and-windows-server-2008-r2-sp1.yml index 8ae49f0e18..1a52dc5fb6 100644 --- a/windows/release-information/resolved-issues-windows-7-and-windows-server-2008-r2-sp1.yml +++ b/windows/release-information/resolved-issues-windows-7-and-windows-server-2008-r2-sp1.yml @@ -40,7 +40,6 @@ sections:
Windows updates that are SHA-2 signed may not be offered for Symantec and Norton AV
Windows updates that are SHA-2 signed are not available with Symantec or Norton antivirus program installed

See details >August 13, 2019
KB4512506Resolved External
August 27, 2019
02:29 PM PT
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using PXE images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"

See details >June 11, 2019
KB4503292Resolved
KB4512514August 17, 2019
02:00 PM PT
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
Applications made using VB6, macros using VBA, and VBScript may stop responding and you may receive an error.

See details >August 13, 2019
KB4512506Resolved
KB4517297August 16, 2019
02:00 PM PT -
System may be unresponsive after restart with certain McAfee antivirus products
Devices running certain McAfee Endpoint security applications may be slow or unresponsive at startup.

See details >April 09, 2019
KB4493472Resolved External
August 13, 2019
06:59 PM PT " @@ -106,12 +105,3 @@ sections:
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) or System Center Configuration Manager (SCCM) may fail to start with the error \"Status: 0xc0000001, Info: A required device isn't connected or can't be accessed\" after installing KB4503292 on a WDS server.

Affected platforms:
  • Server: Windows Server 2008 SP2; Windows Server 2008 R2 SP1; Windows Server 2012; Windows Server 2012 R2; Windows Server 2016; Windows Server, version 1803; Windows Server 2019; Windows Server, version 1809; Windows Server, version 1903
Resolution: This issue was resolved in KB4512514.

Back to topJune 11, 2019
KB4503292Resolved
KB4512514Resolved:
August 17, 2019
02:00 PM PT

Opened:
July 10, 2019
02:51 PM PT " - -- title: April 2019 -- items: - - type: markdown - text: " - - -
DetailsOriginating updateStatusHistory
System may be unresponsive after restart with certain McAfee antivirus products
Microsoft and McAfee have identified an issue on devices with McAfee Endpoint Security (ENS) Threat Prevention 10.x or McAfee Host Intrusion Prevention (Host IPS) 8.0 or McAfee VirusScan Enterprise (VSE) 8.8 installed. It may cause the system to have slow startup or become unresponsive at restart after installing this update. 

Affected platforms:
  • Client: Windows 8.1; Windows 7 SP1
  • Server: Windows Server 2012 R2; Windows Server 2008 R2 SP1
Resolution: This issue has been resolved. McAfee has released an automatic update to address this issue. Guidance for McAfee customers can be found in the following McAfee support articles: 

Back to top		April 09, 2019
KB4493472		Resolved External
Last updated:
August 13, 2019
06:59 PM PT

Opened:
April 09, 2019
10:00 AM PT
- " diff --git a/windows/release-information/resolved-issues-windows-8.1-and-windows-server-2012-r2.yml b/windows/release-information/resolved-issues-windows-8.1-and-windows-server-2012-r2.yml index 3ad99d98ca..44809071a4 100644 --- a/windows/release-information/resolved-issues-windows-8.1-and-windows-server-2012-r2.yml +++ b/windows/release-information/resolved-issues-windows-8.1-and-windows-server-2012-r2.yml @@ -37,7 +37,6 @@ sections:
Windows RT 8.1 devices may have issues opening Internet Explorer 11
On Windows RT 8.1 devices, Internet Explorer 11 may not open and you may receive an error.

See details >September 10, 2019
KB4516067Resolved
KB4516041September 24, 2019
10:00 AM PT
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using PXE images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"

See details >June 11, 2019
KB4503276Resolved
KB4512478August 17, 2019
02:00 PM PT
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
Applications made using VB6, macros using VBA, and VBScript may stop responding and you may receive an error.

See details >August 13, 2019
KB4512488Resolved
KB4517298August 16, 2019
02:00 PM PT -
System may be unresponsive after restart with certain McAfee antivirus products
Devices running certain McAfee Endpoint security applications may be slow or unresponsive at startup.

See details >April 09, 2019
KB4493446Resolved External
August 13, 2019
06:59 PM PT " @@ -84,12 +83,3 @@ sections:
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) or System Center Configuration Manager (SCCM) may fail to start with the error \"Status: 0xc0000001, Info: A required device isn't connected or can't be accessed\" after installing KB4503276 on a WDS server.

Affected platforms:
  • Server: Windows Server 2008 SP2; Windows Server 2008 R2 SP1; Windows Server 2012; Windows Server 2012 R2; Windows Server 2016; Windows Server, version 1803; Windows Server 2019; Windows Server, version 1809; Windows Server, version 1903
Resolution: This issue was resolved in KB4512478.

Back to topJune 11, 2019
KB4503276Resolved
KB4512478Resolved:
August 17, 2019
02:00 PM PT

Opened:
July 10, 2019
02:51 PM PT " - -- title: April 2019 -- items: - - type: markdown - text: " - - -
DetailsOriginating updateStatusHistory
System may be unresponsive after restart with certain McAfee antivirus products
Microsoft and McAfee have identified an issue on devices with McAfee Endpoint Security (ENS) Threat Prevention 10.x or McAfee Host Intrusion Prevention (Host IPS) 8.0 or McAfee VirusScan Enterprise (VSE) 8.8 installed. It may cause the system to have slow startup or become unresponsive at restart after installing this update. 

Affected platforms:
  • Client: Windows 8.1; Windows 7 SP1
  • Server: Windows Server 2012 R2; Windows Server 2008 R2 SP1
Resolution: This issue has been resolved. McAfee has released an automatic update to address this issue. Guidance for McAfee customers can be found in the following McAfee support articles:  

Back to top		April 09, 2019
KB4493446		Resolved External
Last updated:
August 13, 2019
06:59 PM PT

Opened:
April 09, 2019
10:00 AM PT
- " diff --git a/windows/release-information/status-windows-10-1507.yml b/windows/release-information/status-windows-10-1507.yml index df76e08bd1..3846d88d01 100644 --- a/windows/release-information/status-windows-10-1507.yml +++ b/windows/release-information/status-windows-10-1507.yml @@ -60,6 +60,7 @@ sections: - type: markdown text: "
This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.

+
SummaryOriginating updateStatusLast updated
You might encounter issues with KB4502496
You might encounter issues trying to install or after installing KB4502496

See details >		N/A
February 11, 2019
KB4502496		Mitigated
February 15, 2020
12:02 AM PT
TLS connections might fail or timeout
Transport Layer Security (TLS) connections might fail or timeout when connecting or attempting a resumption.

See details >		OS Build 10240.18368

October 08, 2019
KB4520011		Mitigated External
November 05, 2019
03:36 PM PT
Certain operations performed on a Cluster Shared Volume may fail
Operations performed on files or folders on a CSV may fail with the error: STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5).

See details >		OS Build 10240.18094

January 08, 2019
KB4480962		Mitigated
April 25, 2019
02:00 PM PT
@@ -72,6 +73,15 @@ sections:
" +- title: February 2020 +- items: + - type: markdown + text: " + + +
DetailsOriginating updateStatusHistory
You might encounter issues with KB4502496
You might encounter issues trying to install or after installing KB4502496.

Affected platforms:
  • Client: Windows 10, version 1909; Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1
  • Server: Windows Server, version 1909; Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Workaround: To help a sub-set of affected devices, the standalone security update (KB4502496) has been removed and will not re-offered from Windows Update, Windows Server Update Services (WSUS) or Microsoft Update Catalog. Note This does not affect any other update, including Latest Cumulative Updates (LCUs), Monthly Rollups or Security Only updates.

If this update is installed and you are experiencing issues, you can uninstall this update.
  1. Select the start button or Windows Desktop Search and type update history and select View your Update history.
  2. On the Settings/View update history dialog window, Select Uninstall Updates.
  3. On the Installed Updates dialog window, find and select KB4502496 and select the Uninstall button.
  4. Restart your device.
 
Next steps: We are working on an improved version of this update in coordination with our partners and will release it in a future update.

Back to top		N/A
February 11, 2019
KB4502496		Mitigated
Last updated:
February 15, 2020
12:02 AM PT

Opened:
February 15, 2020
12:02 AM PT
+ " + - title: November 2019 - items: - type: markdown diff --git a/windows/release-information/status-windows-10-1607-and-windows-server-2016.yml b/windows/release-information/status-windows-10-1607-and-windows-server-2016.yml index 349276ccd7..0fcc5e9d8c 100644 --- a/windows/release-information/status-windows-10-1607-and-windows-server-2016.yml +++ b/windows/release-information/status-windows-10-1607-and-windows-server-2016.yml @@ -60,6 +60,8 @@ sections: - type: markdown text: "
This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.

+ + @@ -74,6 +76,16 @@ sections:
" +- title: February 2020 +- items: + - type: markdown + text: " +
SummaryOriginating updateStatusLast updated
“Reset this PC” feature might fail
“Reset this PC” feature is also called “Push Button Reset” or PBR.

See details >		N/A
February 11, 2019
KB4524244		Mitigated
February 15, 2020
12:02 AM PT
You might encounter issues with KB4524244
You might encounter issues trying to install or after installing KB4524244

See details >		N/A
February 11, 2019
KB4524244		Mitigated
February 15, 2020
12:02 AM PT
Windows may not start on certain Lenovo and Fujitsu laptops with less than 8GB of RAM
Windows may fail to start on certain Lenovo and Fujitsu laptops that have less than 8 GB of RAM.

See details >		OS Build 14393.2608

November 13, 2018
KB4467691		Resolved External
January 23, 2020
02:08 PM PT
TLS connections might fail or timeout
Transport Layer Security (TLS) connections might fail or timeout when connecting or attempting a resumption.

See details >		OS Build 14393.3274

October 08, 2019
KB4519998		Mitigated External
November 05, 2019
03:36 PM PT
Certain operations performed on a Cluster Shared Volume may fail
Operations performed on files or folders on a CSV may fail with the error: STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5).

See details >		OS Build 14393.2724

January 08, 2019
KB4480961		Mitigated
April 25, 2019
02:00 PM PT
+ + +
DetailsOriginating updateStatusHistory
“Reset this PC” feature might fail
Using the “Reset this PC” feature, also called “Push Button Reset” or PBR, might fail. You might restart into recovery with “Choose an option” at the top of the screen with various options or you might restart to your desktop and receive the error “There was a problem resetting your PC”.

Affected platforms:
  • Client: Windows 10, version 1909; Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
  • Server: Windows Server, version 1909; Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016
Workaround: The standalone security update, KB4524244 has been removed and will not re-offered from Windows Update, Windows Server Update Services (WSUS) or Microsoft Update Catalog. Note This does not affect any other update, including Latest Cumulative Update (LCU), Monthly Rollup or Security Only update.

If you have installed this update and are experiencing this issue, the following steps should allow you to reset your device:
  1. Select the start button or Windows Desktop Search and type update history and select View your Update history.
  2. On the Settings/View update history dialog window, Select Uninstall Updates.
  3. On the Installed Updates dialog window, find and select KB4524244 and select the Uninstall button.
  4. Restart your device.
  5. Upon restart use the “Reset this PC” feature and you should not encounter this issue.

Next steps: We are working on an improved version of this update in coordination with our partners and will release it in a future update.

Back to top		N/A
February 11, 2019
KB4524244		Mitigated
Last updated:
February 15, 2020
12:02 AM PT

Opened:
February 15, 2020
12:02 AM PT
You might encounter issues with KB4524244
You might encounter issues trying to install or after installing KB4524244.

Affected platforms:
  • Client: Windows 10, version 1909; Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1
  • Server: Windows Server, version 1909; Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Workaround: To help a sub-set of affected devices, the standalone security update (KB4524244) has been removed and will not re-offered from Windows Update, Windows Server Update Services (WSUS) or Microsoft Update Catalog. Note This does not affect any other update, including Latest Cumulative Updates (LCUs), Monthly Rollups or Security Only updates.

If this update is installed and you are experiencing issues, you can uninstall this update.
  1. Select the start button or Windows Desktop Search and type update history and select View your Update history.
  2. On the Settings/View update history dialog window, Select Uninstall Updates.
  3. On the Installed Updates dialog window, find and select KB4524244 and select the Uninstall button.
  4. Restart your device.
 
Next steps: We are working on an improved version of this update in coordination with our partners and will release it in a future update.

Back to top		N/A
February 11, 2019
KB4524244		Mitigated
Last updated:
February 15, 2020
12:02 AM PT

Opened:
February 15, 2020
12:02 AM PT
+ " + - title: November 2019 - items: - type: markdown diff --git a/windows/release-information/status-windows-10-1709.yml b/windows/release-information/status-windows-10-1709.yml index 68f5967f84..bb6904a30e 100644 --- a/windows/release-information/status-windows-10-1709.yml +++ b/windows/release-information/status-windows-10-1709.yml @@ -60,6 +60,8 @@ sections: - type: markdown text: "
This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.

+ + @@ -73,6 +75,16 @@ sections:
" +- title: February 2020 +- items: + - type: markdown + text: " +
SummaryOriginating updateStatusLast updated
“Reset this PC” feature might fail
“Reset this PC” feature is also called “Push Button Reset” or PBR.

See details >		N/A
February 11, 2019
KB4524244		Mitigated
February 15, 2020
12:02 AM PT
You might encounter issues with KB4524244
You might encounter issues trying to install or after installing KB4524244

See details >		N/A
February 11, 2019
KB4524244		Mitigated
February 15, 2020
12:02 AM PT
Unable to create local users in Chinese, Japanese and Korean during device setup
You might be unable to create users in Chinese, Japanese and Korean using Input Method Editor (IME) during OOBE.

See details >		OS Build 16299.1387

September 10, 2019
KB4516066		Resolved
KB4534318		January 23, 2020
02:00 PM PT
TLS connections might fail or timeout
Transport Layer Security (TLS) connections might fail or timeout when connecting or attempting a resumption.

See details >		OS Build 16299.1451

October 08, 2019
KB4520004		Mitigated External
November 05, 2019
03:36 PM PT
Certain operations performed on a Cluster Shared Volume may fail
Operations performed on files or folders on a CSV may fail with the error: STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5).

See details >		OS Build 16299.904

January 08, 2019
KB4480978		Mitigated
April 25, 2019
02:00 PM PT
+ + +
DetailsOriginating updateStatusHistory
“Reset this PC” feature might fail
Using the “Reset this PC” feature, also called “Push Button Reset” or PBR, might fail. You might restart into recovery with “Choose an option” at the top of the screen with various options or you might restart to your desktop and receive the error “There was a problem resetting your PC”.

Affected platforms:
  • Client: Windows 10, version 1909; Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
  • Server: Windows Server, version 1909; Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016
Workaround: The standalone security update, KB4524244 has been removed and will not re-offered from Windows Update, Windows Server Update Services (WSUS) or Microsoft Update Catalog. Note This does not affect any other update, including Latest Cumulative Update (LCU), Monthly Rollup or Security Only update.

If you have installed this update and are experiencing this issue, the following steps should allow you to reset your device:
  1. Select the start button or Windows Desktop Search and type update history and select View your Update history.
  2. On the Settings/View update history dialog window, Select Uninstall Updates.
  3. On the Installed Updates dialog window, find and select KB4524244 and select the Uninstall button.
  4. Restart your device.
  5. Upon restart use the “Reset this PC” feature and you should not encounter this issue.

Next steps: We are working on an improved version of this update in coordination with our partners and will release it in a future update.

Back to top		N/A
February 11, 2019
KB4524244		Mitigated
Last updated:
February 15, 2020
12:02 AM PT

Opened:
February 15, 2020
12:02 AM PT
You might encounter issues with KB4524244
You might encounter issues trying to install or after installing KB4524244.

Affected platforms:
  • Client: Windows 10, version 1909; Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1
  • Server: Windows Server, version 1909; Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Workaround: To help a sub-set of affected devices, the standalone security update (KB4524244) has been removed and will not re-offered from Windows Update, Windows Server Update Services (WSUS) or Microsoft Update Catalog. Note This does not affect any other update, including Latest Cumulative Updates (LCUs), Monthly Rollups or Security Only updates.

If this update is installed and you are experiencing issues, you can uninstall this update.
  1. Select the start button or Windows Desktop Search and type update history and select View your Update history.
  2. On the Settings/View update history dialog window, Select Uninstall Updates.
  3. On the Installed Updates dialog window, find and select KB4524244 and select the Uninstall button.
  4. Restart your device.
 
Next steps: We are working on an improved version of this update in coordination with our partners and will release it in a future update.

Back to top		N/A
February 11, 2019
KB4524244		Mitigated
Last updated:
February 15, 2020
12:02 AM PT

Opened:
February 15, 2020
12:02 AM PT
+ " + - title: November 2019 - items: - type: markdown diff --git a/windows/release-information/status-windows-10-1803.yml b/windows/release-information/status-windows-10-1803.yml index d5408f495b..42a74822e9 100644 --- a/windows/release-information/status-windows-10-1803.yml +++ b/windows/release-information/status-windows-10-1803.yml @@ -64,6 +64,8 @@ sections: - type: markdown text: "
This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.

+ + @@ -77,6 +79,16 @@ sections:
" +- title: February 2020 +- items: + - type: markdown + text: " +
SummaryOriginating updateStatusLast updated
“Reset this PC” feature might fail
“Reset this PC” feature is also called “Push Button Reset” or PBR.

See details >		N/A
February 11, 2019
KB4524244		Mitigated
February 15, 2020
12:02 AM PT
You might encounter issues with KB4524244
You might encounter issues trying to install or after installing KB4524244

See details >		N/A
February 11, 2019
KB4524244		Mitigated
February 15, 2020
12:02 AM PT
Unable to create local users in Chinese, Japanese and Korean during device setup
You might be unable to create users in Chinese, Japanese and Korean using Input Method Editor (IME) during OOBE.

See details >		OS Build 17134.1006

September 10, 2019
KB4516058		Resolved
KB4534308		January 23, 2020
02:00 PM PT
TLS connections might fail or timeout
Transport Layer Security (TLS) connections might fail or timeout when connecting or attempting a resumption.

See details >		OS Build 17134.1069

October 08, 2019
KB4520008		Mitigated External
November 05, 2019
03:36 PM PT
Certain operations performed on a Cluster Shared Volume may fail
Operations performed on files or folders on a CSV may fail with the error: STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5).

See details >		OS Build 17134.523

January 08, 2019
KB4480966		Mitigated
April 25, 2019
02:00 PM PT
+ + +
DetailsOriginating updateStatusHistory
“Reset this PC” feature might fail
Using the “Reset this PC” feature, also called “Push Button Reset” or PBR, might fail. You might restart into recovery with “Choose an option” at the top of the screen with various options or you might restart to your desktop and receive the error “There was a problem resetting your PC”.

Affected platforms:
  • Client: Windows 10, version 1909; Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
  • Server: Windows Server, version 1909; Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016
Workaround: The standalone security update, KB4524244 has been removed and will not re-offered from Windows Update, Windows Server Update Services (WSUS) or Microsoft Update Catalog. Note This does not affect any other update, including Latest Cumulative Update (LCU), Monthly Rollup or Security Only update.

If you have installed this update and are experiencing this issue, the following steps should allow you to reset your device:
  1. Select the start button or Windows Desktop Search and type update history and select View your Update history.
  2. On the Settings/View update history dialog window, Select Uninstall Updates.
  3. On the Installed Updates dialog window, find and select KB4524244 and select the Uninstall button.
  4. Restart your device.
  5. Upon restart use the “Reset this PC” feature and you should not encounter this issue.

Next steps: We are working on an improved version of this update in coordination with our partners and will release it in a future update.

Back to top		N/A
February 11, 2019
KB4524244		Mitigated
Last updated:
February 15, 2020
12:02 AM PT

Opened:
February 15, 2020
12:02 AM PT
You might encounter issues with KB4524244
You might encounter issues trying to install or after installing KB4524244.

Affected platforms:
  • Client: Windows 10, version 1909; Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1
  • Server: Windows Server, version 1909; Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Workaround: To help a sub-set of affected devices, the standalone security update (KB4524244) has been removed and will not re-offered from Windows Update, Windows Server Update Services (WSUS) or Microsoft Update Catalog. Note This does not affect any other update, including Latest Cumulative Updates (LCUs), Monthly Rollups or Security Only updates.

If this update is installed and you are experiencing issues, you can uninstall this update.
  1. Select the start button or Windows Desktop Search and type update history and select View your Update history.
  2. On the Settings/View update history dialog window, Select Uninstall Updates.
  3. On the Installed Updates dialog window, find and select KB4524244 and select the Uninstall button.
  4. Restart your device.
 
Next steps: We are working on an improved version of this update in coordination with our partners and will release it in a future update.

Back to top		N/A
February 11, 2019
KB4524244		Mitigated
Last updated:
February 15, 2020
12:02 AM PT

Opened:
February 15, 2020
12:02 AM PT
+ " + - title: November 2019 - items: - type: markdown diff --git a/windows/release-information/status-windows-10-1809-and-windows-server-2019.yml b/windows/release-information/status-windows-10-1809-and-windows-server-2019.yml index 7beb2e9c30..a6c69b9a7e 100644 --- a/windows/release-information/status-windows-10-1809-and-windows-server-2019.yml +++ b/windows/release-information/status-windows-10-1809-and-windows-server-2019.yml @@ -64,6 +64,8 @@ sections: - type: markdown text: "
This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.

+ + @@ -78,6 +80,16 @@ sections:
" +- title: February 2020 +- items: + - type: markdown + text: " +
SummaryOriginating updateStatusLast updated
“Reset this PC” feature might fail
“Reset this PC” feature is also called “Push Button Reset” or PBR.

See details >		N/A
February 11, 2019
KB4524244		Mitigated
February 15, 2020
12:02 AM PT
You might encounter issues with KB4524244
You might encounter issues trying to install or after installing KB4524244

See details >		N/A
February 11, 2019
KB4524244		Mitigated
February 15, 2020
12:02 AM PT
Unable to create local users in Chinese, Japanese and Korean during device setup
You might be unable to create users in Chinese, Japanese and Korean using Input Method Editor (IME) during OOBE.

See details >		OS Build 17763.737

September 10, 2019
KB4512578		Resolved
KB4534321		January 23, 2020
02:00 PM PT
TLS connections might fail or timeout
Transport Layer Security (TLS) connections might fail or timeout when connecting or attempting a resumption.

See details >		OS Build 17763.805

October 08, 2019
KB4519338		Mitigated External
November 05, 2019
03:36 PM PT
Devices with some Asian language packs installed may receive an error
Devices with Asian language packs installed may receive the error, \"0x800f0982 - PSFX_E_MATCHING_COMPONENT_NOT_FOUND.\"

See details >		OS Build 17763.437

April 09, 2019
KB4493509		Mitigated
May 03, 2019
10:59 AM PT
+ + +
DetailsOriginating updateStatusHistory
“Reset this PC” feature might fail
Using the “Reset this PC” feature, also called “Push Button Reset” or PBR, might fail. You might restart into recovery with “Choose an option” at the top of the screen with various options or you might restart to your desktop and receive the error “There was a problem resetting your PC”.

Affected platforms:
  • Client: Windows 10, version 1909; Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
  • Server: Windows Server, version 1909; Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016
Workaround: The standalone security update, KB4524244 has been removed and will not re-offered from Windows Update, Windows Server Update Services (WSUS) or Microsoft Update Catalog. Note This does not affect any other update, including Latest Cumulative Update (LCU), Monthly Rollup or Security Only update.

If you have installed this update and are experiencing this issue, the following steps should allow you to reset your device:
  1. Select the start button or Windows Desktop Search and type update history and select View your Update history.
  2. On the Settings/View update history dialog window, Select Uninstall Updates.
  3. On the Installed Updates dialog window, find and select KB4524244 and select the Uninstall button.
  4. Restart your device.
  5. Upon restart use the “Reset this PC” feature and you should not encounter this issue.

Next steps: We are working on an improved version of this update in coordination with our partners and will release it in a future update.

Back to top		N/A
February 11, 2019
KB4524244		Mitigated
Last updated:
February 15, 2020
12:02 AM PT

Opened:
February 15, 2020
12:02 AM PT
You might encounter issues with KB4524244
You might encounter issues trying to install or after installing KB4524244.

Affected platforms:
  • Client: Windows 10, version 1909; Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1
  • Server: Windows Server, version 1909; Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Workaround: To help a sub-set of affected devices, the standalone security update (KB4524244) has been removed and will not re-offered from Windows Update, Windows Server Update Services (WSUS) or Microsoft Update Catalog. Note This does not affect any other update, including Latest Cumulative Updates (LCUs), Monthly Rollups or Security Only updates.

If this update is installed and you are experiencing issues, you can uninstall this update.
  1. Select the start button or Windows Desktop Search and type update history and select View your Update history.
  2. On the Settings/View update history dialog window, Select Uninstall Updates.
  3. On the Installed Updates dialog window, find and select KB4524244 and select the Uninstall button.
  4. Restart your device.
 
Next steps: We are working on an improved version of this update in coordination with our partners and will release it in a future update.

Back to top		N/A
February 11, 2019
KB4524244		Mitigated
Last updated:
February 15, 2020
12:02 AM PT

Opened:
February 15, 2020
12:02 AM PT
+ " + - title: November 2019 - items: - type: markdown diff --git a/windows/release-information/status-windows-10-1903.yml b/windows/release-information/status-windows-10-1903.yml index c37a9ca547..cb7133af96 100644 --- a/windows/release-information/status-windows-10-1903.yml +++ b/windows/release-information/status-windows-10-1903.yml @@ -64,6 +64,8 @@ sections: - type: markdown text: "
This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.

+ +
SummaryOriginating updateStatusLast updated
“Reset this PC” feature might fail
“Reset this PC” feature is also called “Push Button Reset” or PBR.

See details >		N/A
February 11, 2019
KB4524244		Mitigated
February 15, 2020
12:02 AM PT
You might encounter issues with KB4524244
You might encounter issues trying to install or after installing KB4524244

See details >		N/A
February 11, 2019
KB4524244		Mitigated
February 15, 2020
12:02 AM PT
Issues with some older versions of Avast and AVG anti-virus products
Microsoft and Avast has identified compatibility issues with some versions of Avast and AVG Antivirus.

See details >		N/A

Mitigated External
November 25, 2019
05:25 PM PT
TLS connections might fail or timeout
Transport Layer Security (TLS) connections might fail or timeout when connecting or attempting a resumption.

See details >		OS Build 18362.418

October 08, 2019
KB4517389		Mitigated External
November 05, 2019
03:36 PM PT
@@ -76,6 +78,16 @@ sections:
" +- title: February 2020 +- items: + - type: markdown + text: " + + + +
DetailsOriginating updateStatusHistory
“Reset this PC” feature might fail
Using the “Reset this PC” feature, also called “Push Button Reset” or PBR, might fail. You might restart into recovery with “Choose an option” at the top of the screen with various options or you might restart to your desktop and receive the error “There was a problem resetting your PC”.

Affected platforms:
  • Client: Windows 10, version 1909; Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
  • Server: Windows Server, version 1909; Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016
Workaround: The standalone security update, KB4524244 has been removed and will not re-offered from Windows Update, Windows Server Update Services (WSUS) or Microsoft Update Catalog. Note This does not affect any other update, including Latest Cumulative Update (LCU), Monthly Rollup or Security Only update.

If you have installed this update and are experiencing this issue, the following steps should allow you to reset your device:
  1. Select the start button or Windows Desktop Search and type update history and select View your Update history.
  2. On the Settings/View update history dialog window, Select Uninstall Updates.
  3. On the Installed Updates dialog window, find and select KB4524244 and select the Uninstall button.
  4. Restart your device.
  5. Upon restart use the “Reset this PC” feature and you should not encounter this issue.

Next steps: We are working on an improved version of this update in coordination with our partners and will release it in a future update.

Back to top		N/A
February 11, 2019
KB4524244		Mitigated
Last updated:
February 15, 2020
12:02 AM PT

Opened:
February 15, 2020
12:02 AM PT
You might encounter issues with KB4524244
You might encounter issues trying to install or after installing KB4524244.

Affected platforms:
  • Client: Windows 10, version 1909; Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1
  • Server: Windows Server, version 1909; Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Workaround: To help a sub-set of affected devices, the standalone security update (KB4524244) has been removed and will not re-offered from Windows Update, Windows Server Update Services (WSUS) or Microsoft Update Catalog. Note This does not affect any other update, including Latest Cumulative Updates (LCUs), Monthly Rollups or Security Only updates.

If this update is installed and you are experiencing issues, you can uninstall this update.
  1. Select the start button or Windows Desktop Search and type update history and select View your Update history.
  2. On the Settings/View update history dialog window, Select Uninstall Updates.
  3. On the Installed Updates dialog window, find and select KB4524244 and select the Uninstall button.
  4. Restart your device.
 
Next steps: We are working on an improved version of this update in coordination with our partners and will release it in a future update.

Back to top		N/A
February 11, 2019
KB4524244		Mitigated
Last updated:
February 15, 2020
12:02 AM PT

Opened:
February 15, 2020
12:02 AM PT
+ " + - title: November 2019 - items: - type: markdown diff --git a/windows/release-information/status-windows-10-1909.yml b/windows/release-information/status-windows-10-1909.yml index 5d5aa24d52..631a1ea8d9 100644 --- a/windows/release-information/status-windows-10-1909.yml +++ b/windows/release-information/status-windows-10-1909.yml @@ -64,6 +64,8 @@ sections: - type: markdown text: "
This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.

+ +
SummaryOriginating updateStatusLast updated
“Reset this PC” feature might fail
“Reset this PC” feature is also called “Push Button Reset” or PBR.

See details >		N/A
February 11, 2019
KB4524244		Mitigated
February 15, 2020
12:02 AM PT
You might encounter issues with KB4524244
You might encounter issues trying to install or after installing KB4524244

See details >		N/A
February 11, 2019
KB4524244		Mitigated
February 15, 2020
12:02 AM PT
Issues with some older versions of Avast and AVG anti-virus products
Microsoft and Avast has identified compatibility issues with some versions of Avast and AVG Antivirus.

See details >		N/A

Mitigated External
November 25, 2019
05:25 PM PT
" @@ -75,6 +77,16 @@ sections:
" +- title: February 2020 +- items: + - type: markdown + text: " + + + +
DetailsOriginating updateStatusHistory
“Reset this PC” feature might fail
Using the “Reset this PC” feature, also called “Push Button Reset” or PBR, might fail. You might restart into recovery with “Choose an option” at the top of the screen with various options or you might restart to your desktop and receive the error “There was a problem resetting your PC”.

Affected platforms:
  • Client: Windows 10, version 1909; Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
  • Server: Windows Server, version 1909; Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016
Workaround: The standalone security update, KB4524244 has been removed and will not re-offered from Windows Update, Windows Server Update Services (WSUS) or Microsoft Update Catalog. Note This does not affect any other update, including Latest Cumulative Update (LCU), Monthly Rollup or Security Only update.

If you have installed this update and are experiencing this issue, the following steps should allow you to reset your device:
  1. Select the start button or Windows Desktop Search and type update history and select View your Update history.
  2. On the Settings/View update history dialog window, Select Uninstall Updates.
  3. On the Installed Updates dialog window, find and select KB4524244 and select the Uninstall button.
  4. Restart your device.
  5. Upon restart use the “Reset this PC” feature and you should not encounter this issue.

Next steps: We are working on an improved version of this update in coordination with our partners and will release it in a future update.

Back to top		N/A
February 11, 2019
KB4524244		Mitigated
Last updated:
February 15, 2020
12:02 AM PT

Opened:
February 15, 2020
12:02 AM PT
You might encounter issues with KB4524244
You might encounter issues trying to install or after installing KB4524244.

Affected platforms:
  • Client: Windows 10, version 1909; Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1
  • Server: Windows Server, version 1909; Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Workaround: To help a sub-set of affected devices, the standalone security update (KB4524244) has been removed and will not re-offered from Windows Update, Windows Server Update Services (WSUS) or Microsoft Update Catalog. Note This does not affect any other update, including Latest Cumulative Updates (LCUs), Monthly Rollups or Security Only updates.

If this update is installed and you are experiencing issues, you can uninstall this update.
  1. Select the start button or Windows Desktop Search and type update history and select View your Update history.
  2. On the Settings/View update history dialog window, Select Uninstall Updates.
  3. On the Installed Updates dialog window, find and select KB4524244 and select the Uninstall button.
  4. Restart your device.
 
Next steps: We are working on an improved version of this update in coordination with our partners and will release it in a future update.

Back to top		N/A
February 11, 2019
KB4524244		Mitigated
Last updated:
February 15, 2020
12:02 AM PT

Opened:
February 15, 2020
12:02 AM PT
+ " + - title: November 2019 - items: - type: markdown diff --git a/windows/release-information/status-windows-8.1-and-windows-server-2012-r2.yml b/windows/release-information/status-windows-8.1-and-windows-server-2012-r2.yml index 596f76e9d2..8a62e5b48c 100644 --- a/windows/release-information/status-windows-8.1-and-windows-server-2012-r2.yml +++ b/windows/release-information/status-windows-8.1-and-windows-server-2012-r2.yml @@ -60,6 +60,7 @@ sections: - type: markdown text: "
This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.

+ @@ -73,6 +74,15 @@ sections:
" +- title: February 2020 +- items: + - type: markdown + text: " +
SummaryOriginating updateStatusLast updated
You might encounter issues with KB4502496
You might encounter issues trying to install or after installing KB4502496

See details >		February 11, 2020
KB4502496		Mitigated
February 15, 2020
12:02 AM PT
TLS connections might fail or timeout
Transport Layer Security (TLS) connections might fail or timeout when connecting or attempting a resumption.

See details >		October 08, 2019
KB4520005		Mitigated External
November 05, 2019
03:36 PM PT
Japanese IME doesn't show the new Japanese Era name as a text input option
With previous dictionary updates installed, the Japanese IME doesn't show the new Japanese Era name as an input option.

See details >		April 25, 2019
KB4493443		Mitigated
May 15, 2019
05:53 PM PT
Certain operations performed on a Cluster Shared Volume may fail
Operations performed on files or folders on a CSV may fail with the error: STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5).

See details >		January 08, 2019
KB4480963		Mitigated
April 25, 2019
02:00 PM PT
+ +
DetailsOriginating updateStatusHistory
You might encounter issues with KB4502496
You might encounter issues trying to install or after installing KB4502496.

Affected platforms:
  • Client: Windows 10, version 1909; Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1
  • Server: Windows Server, version 1909; Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Workaround: To help a sub-set of affected devices, the standalone security update (KB4502496) has been removed and will not re-offered from Windows Update, Windows Server Update Services (WSUS) or Microsoft Update Catalog. Note This does not affect any other update, including Latest Cumulative Updates (LCUs), Monthly Rollups or Security Only updates.

If this update is installed and you are experiencing issues, you can uninstall this update.
  1. Select the start button or Windows Desktop Search and type update history and select View your Update history.
  2. On the Settings/View update history dialog window, Select Uninstall Updates.
  3. On the Installed Updates dialog window, find and select KB4502496 and select the Uninstall button.
  4. Restart your device.
 
Next steps: We are working on an improved version of this update in coordination with our partners and will release it in a future update.

Back to top		February 11, 2020
KB4502496		Mitigated
Last updated:
February 15, 2020
12:02 AM PT

Opened:
February 15, 2020
12:02 AM PT
+ " + - title: November 2019 - items: - type: markdown diff --git a/windows/release-information/status-windows-server-2012.yml b/windows/release-information/status-windows-server-2012.yml index c83ea0923f..95f21c394f 100644 --- a/windows/release-information/status-windows-server-2012.yml +++ b/windows/release-information/status-windows-server-2012.yml @@ -60,6 +60,7 @@ sections: - type: markdown text: "
This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.

+ @@ -73,6 +74,15 @@ sections:
" +- title: February 2020 +- items: + - type: markdown + text: " +
SummaryOriginating updateStatusLast updated
You might encounter issues with KB4502496
You might encounter issues trying to install or after installing KB4502496

See details >		February 11, 2020
KB4502496		Mitigated
February 15, 2020
12:02 AM PT
TLS connections might fail or timeout
Transport Layer Security (TLS) connections might fail or timeout when connecting or attempting a resumption.

See details >		October 08, 2019
KB4520007		Mitigated External
November 05, 2019
03:36 PM PT
Japanese IME doesn't show the new Japanese Era name as a text input option
With previous dictionary updates installed, the Japanese IME doesn't show the new Japanese Era name as an input option.

See details >		April 25, 2019
KB4493462		Mitigated
May 15, 2019
05:53 PM PT
Certain operations performed on a Cluster Shared Volume may fail
Operations performed on files or folders on a CSV may fail with the error: STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5).

See details >		January 08, 2019
KB4480975		Mitigated
April 25, 2019
02:00 PM PT
+ +
DetailsOriginating updateStatusHistory
You might encounter issues with KB4502496
You might encounter issues trying to install or after installing KB4502496.

Affected platforms:
  • Client: Windows 10, version 1909; Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1
  • Server: Windows Server, version 1909; Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Workaround: To help a sub-set of affected devices, the standalone security update (KB4502496) has been removed and will not re-offered from Windows Update, Windows Server Update Services (WSUS) or Microsoft Update Catalog. Note This does not affect any other update, including Latest Cumulative Updates (LCUs), Monthly Rollups or Security Only updates.

If this update is installed and you are experiencing issues, you can uninstall this update.
  1. Select the start button or Windows Desktop Search and type update history and select View your Update history.
  2. On the Settings/View update history dialog window, Select Uninstall Updates.
  3. On the Installed Updates dialog window, find and select KB4502496 and select the Uninstall button.
  4. Restart your device.
 
Next steps: We are working on an improved version of this update in coordination with our partners and will release it in a future update.

Back to top		February 11, 2020
KB4502496		Mitigated
Last updated:
February 15, 2020
12:02 AM PT

Opened:
February 15, 2020
12:02 AM PT
+ " + - title: November 2019 - items: - type: markdown diff --git a/windows/security/threat-protection/windows-defender-antivirus/use-powershell-cmdlets-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/use-powershell-cmdlets-windows-defender-antivirus.md index 80c59d0658..8631d5a627 100644 --- a/windows/security/threat-protection/windows-defender-antivirus/use-powershell-cmdlets-windows-defender-antivirus.md +++ b/windows/security/threat-protection/windows-defender-antivirus/use-powershell-cmdlets-windows-defender-antivirus.md @@ -23,27 +23,26 @@ manager: dansimp - [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559) -You can use PowerShell to perform various functions in Windows Defender. Similar to the command prompt or command line, PowerShell is a task-based command-line shell and scripting language designed especially for system administration, and you can read more about it at the [PowerShell hub on MSDN](https://msdn.microsoft.com/powershell/mt173057.aspx). +You can use PowerShell to perform various functions in Windows Defender. Similar to the command prompt or command line, PowerShell is a task-based command-line shell and scripting language designed especially for system administration. You can read more about it at the [PowerShell hub on MSDN](https://docs.microsoft.com/previous-versions/msdn10/mt173057(v=msdn.10)). -For a list of the cmdlets and their functions and available parameters, see the [Defender cmdlets](https://technet.microsoft.com/library/dn433280.aspx) topic. +For a list of the cmdlets and their functions and available parameters, see the [Defender cmdlets](https://docs.microsoft.com/powershell/module/defender) topic. -PowerShell cmdlets are most useful in Windows Server environments that don't rely on a graphical user interface (GUI) to configure software. +PowerShell cmdlets are most useful in Windows Server environments that don't rely on a graphical user interface (GUI) to configure software. > [!NOTE] > PowerShell cmdlets should not be used as a replacement for a full network policy management infrastructure, such as [Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/configmgr), [Group Policy Management Console](https://technet.microsoft.com/library/cc731212.aspx), or [Windows Defender Antivirus Group Policy ADMX templates](https://support.microsoft.com/kb/927367). -Changes made with PowerShell will affect local settings on the endpoint where the changes are deployed or made. This means that deployments of policy with Group Policy, Microsoft Endpoint Configuration Manager, or Microsoft Intune can overwrite changes made with PowerShell. +Changes made with PowerShell will affect local settings on the endpoint where the changes are deployed or made. This means that deployments of policy with Group Policy, Microsoft Endpoint Configuration Manager, or Microsoft Intune can overwrite changes made with PowerShell. You can [configure which settings can be overridden locally with local policy overrides](configure-local-policy-overrides-windows-defender-antivirus.md). PowerShell is typically installed under the folder _%SystemRoot%\system32\WindowsPowerShell_. - ## Use Windows Defender Antivirus PowerShell cmdlets -1. Click **Start**, type **powershell**, and press **Enter**. -2. Click **Windows PowerShell** to open the interface. -3. Enter the command and parameters. +1. In the Windows search bar, type **powershell**. +2. Select **Windows PowerShell** from the results to open the interface. +3. Enter the PowerShell command and any parameters. > [!NOTE] > You may need to open an administrator-level version of PowerShell. Right-click the item in the Start menu, click **Run as administrator** and click **Yes** at the permissions prompt. @@ -53,6 +52,7 @@ To open online help for any of the cmdlets type the following: ```PowerShell Get-Help -Online ``` + Omit the `-online` parameter to get locally cached help. ## Related topics From ebb61c760520b00a343e1fe8e93f742bc25de554 Mon Sep 17 00:00:00 2001 From: erroltuparker Date: Mon, 17 Feb 2020 15:52:14 +1000 Subject: [PATCH 111/112] Fixed scripting issue Merge-CIPolicy command had a mistype causing the line to fail --- .../create-wdac-policy-for-lightly-managed-devices.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/windows-defender-application-control/create-wdac-policy-for-lightly-managed-devices.md b/windows/security/threat-protection/windows-defender-application-control/create-wdac-policy-for-lightly-managed-devices.md index 6fc44116aa..309ad25451 100644 --- a/windows/security/threat-protection/windows-defender-application-control/create-wdac-policy-for-lightly-managed-devices.md +++ b/windows/security/threat-protection/windows-defender-application-control/create-wdac-policy-for-lightly-managed-devices.md @@ -117,7 +117,7 @@ Alice follows these steps to complete this task: $PathRules += New-CIPolicyRule -FilePathRule "%windir%\*" $PathRules += New-CIPolicyRule -FilePathRule "%OSDrive%\Program Files\*" $PathRules += New-CIPolicyRule -FilePathRule "%OSDrive%\Program Files (x86)\*" - Merge-CIPolicy -OutputFilePath = $LamnaPolicy -PolicyPaths $LamnaPolicy -Rules $PathRules + Merge-CIPolicy -OutputFilePath $LamnaPolicy -PolicyPaths $LamnaPolicy -Rules $PathRules ``` 7. If appropriate, add additional signer or file rules to further customize the policy for your organization. From be53411407c09d761fbc5ae2e65983b97f844702 Mon Sep 17 00:00:00 2001 From: Gary Moore Date: Tue, 18 Feb 2020 17:28:38 -0800 Subject: [PATCH 112/112] Indented note, added a period --- .../create-wdac-policy-for-lightly-managed-devices.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/windows/security/threat-protection/windows-defender-application-control/create-wdac-policy-for-lightly-managed-devices.md b/windows/security/threat-protection/windows-defender-application-control/create-wdac-policy-for-lightly-managed-devices.md index 309ad25451..d25131d06d 100644 --- a/windows/security/threat-protection/windows-defender-application-control/create-wdac-policy-for-lightly-managed-devices.md +++ b/windows/security/threat-protection/windows-defender-application-control/create-wdac-policy-for-lightly-managed-devices.md @@ -43,8 +43,8 @@ Alice identifies the following key factors to arrive at the "circle-of-trust" fo - All clients are running Windows 10 version 1903 or above; - All clients are managed by Microsoft Endpoint Manager (MEM) either with Configuration Manager (MEMCM) standalone or hybrid mode with Intune; -> [!NOTE] -> Microsoft Endpoint Configuration Manager was previously known as System Center Configuration Manager (SCCM) + > [!NOTE] + > Microsoft Endpoint Configuration Manager was previously known as System Center Configuration Manager (SCCM). - Some, but not all, apps are deployed using MEMCM; - Most users are local administrators on their devices;