From dde6af9089d3dcc98f5d29dbd041e6a2a7d032af Mon Sep 17 00:00:00 2001
From: dianmsft <43798680+dianmsft@users.noreply.github.com>
Date: Wed, 20 Nov 2019 11:32:00 -0800
Subject: [PATCH 01/96] Update HostedInstall for EnterpriseModernAppManagement
 CSP

The value for deployment options are not listed.  There are also other parameters for install not listed for the HostedInstall command.
---
 .../mdm/enterprisemodernappmanagement-csp.md         | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/windows/client-management/mdm/enterprisemodernappmanagement-csp.md b/windows/client-management/mdm/enterprisemodernappmanagement-csp.md
index a24f114581..a0c133000c 100644
--- a/windows/client-management/mdm/enterprisemodernappmanagement-csp.md
+++ b/windows/client-management/mdm/enterprisemodernappmanagement-csp.md
@@ -492,6 +492,18 @@ Supported operation is Execute, Add, Delete, and Get.
 <a href="" id="appinstallation-packagefamilyname-hostedinstall"></a>**AppInstallation/*PackageFamilyName*/HostedInstall**  
 Required. Command to perform an install of an app package from a hosted location (this can be a local drive, a UNC, or https data source).
 
+DeploymentOptions:
+ForceApplicationShutdown
+DevelopmentMode 
+InstallAllResources
+ForceTargetApplicationShutdown 
+ForceUpdateToAnyVersion
+DeferRegistration="1" - If the app is in use at time of installation.  This stages the files for an app update and completes the registration of the app update after the app closes. Available latest insider flight of 20H1
+StageOnly="1"  - Stages the files for an app installation or update without installing the app. Available in 1803
+LicenseUri="\\server\license.lic" - option is deploying an offline license from the Microsoft Store for Business. Available in 1607 
+ValidateDependencies="1" - (need to check with dev on the actual functionality) . Available in the latest Insider flight of 20H1
+ExcludeAppFromLayoutModification="1" - (need to check with dev on the actual functionality). Available in 1809 
+
 Supported operation is Execute, Add, Delete, and Get.
 
 <a href="" id="appinstallation-packagefamilyname-lasterror"></a>**AppInstallation/*PackageFamilyName*/LastError**  

From 3a32414267ba3294490a4f70afc5c9ab1c633511 Mon Sep 17 00:00:00 2001
From: dianmsft <43798680+dianmsft@users.noreply.github.com>
Date: Wed, 20 Nov 2019 12:45:47 -0800
Subject: [PATCH 02/96] Update enterprisemodernappmanagement-csp.md

---
 .../client-management/mdm/enterprisemodernappmanagement-csp.md  | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/client-management/mdm/enterprisemodernappmanagement-csp.md b/windows/client-management/mdm/enterprisemodernappmanagement-csp.md
index a0c133000c..08d6a9c53b 100644
--- a/windows/client-management/mdm/enterprisemodernappmanagement-csp.md
+++ b/windows/client-management/mdm/enterprisemodernappmanagement-csp.md
@@ -501,7 +501,7 @@ ForceUpdateToAnyVersion
 DeferRegistration="1" - If the app is in use at time of installation.  This stages the files for an app update and completes the registration of the app update after the app closes. Available latest insider flight of 20H1
 StageOnly="1"  - Stages the files for an app installation or update without installing the app. Available in 1803
 LicenseUri="\\server\license.lic" - option is deploying an offline license from the Microsoft Store for Business. Available in 1607 
-ValidateDependencies="1" - (need to check with dev on the actual functionality) . Available in the latest Insider flight of 20H1
+ValidateDependencies="1" - ValidateDependencies is used at provisioning/staging time. If it is set to 1, deployment will perform the same dependency validation during staging that we would normally do at registration time, failing and rejecting the provision request if the dependencies are not present. Available in the latest Insider flight of 20H1
 ExcludeAppFromLayoutModification="1" - (need to check with dev on the actual functionality). Available in 1809 
 
 Supported operation is Execute, Add, Delete, and Get.

From b3f65549b8a03795c6119989a449c423e01004fe Mon Sep 17 00:00:00 2001
From: VLG17 <41186174+VLG17@users.noreply.github.com>
Date: Fri, 27 Dec 2019 15:41:37 +0200
Subject: [PATCH 03/96] add note about Office requirement

https://github.com/MicrosoftDocs/windows-itpro-docs/issues/5632
---
 .../threat-protection/microsoft-defender-atp/evaluation-lab.md | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/evaluation-lab.md b/windows/security/threat-protection/microsoft-defender-atp/evaluation-lab.md
index c7ae3aac79..c57aaa4f25 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/evaluation-lab.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/evaluation-lab.md
@@ -130,6 +130,9 @@ You can also use [Advanced hunting](advanced-hunting-query-language.md) to query
 >[!NOTE]
 >The connection to the test machines is done using RDP. Make sure that your firewall settings allow RDP connections.
 
+>[!NOTE]
+>Microsoft Office needs to be installed on the test machines for all the simulations to work.
+
 1. Connect to your machine and run an attack simulation by selecting **Connect**. 
 
     ![Image of the connect button for test machines](images/test-machine-table.png)

From 99465074cfc870e6c68d49a01359dfb10a5889e7 Mon Sep 17 00:00:00 2001
From: VLG17 <41186174+VLG17@users.noreply.github.com>
Date: Tue, 31 Dec 2019 10:29:56 +0200
Subject: [PATCH 04/96] Update
 windows/security/threat-protection/microsoft-defender-atp/evaluation-lab.md

Co-Authored-By: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com>
---
 .../threat-protection/microsoft-defender-atp/evaluation-lab.md | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/evaluation-lab.md b/windows/security/threat-protection/microsoft-defender-atp/evaluation-lab.md
index c57aaa4f25..7c12abf5ca 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/evaluation-lab.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/evaluation-lab.md
@@ -127,7 +127,7 @@ If you are looking for a pre-made simulation, you can use our ["Do It Yourself"
 
 You can also use [Advanced hunting](advanced-hunting-query-language.md) to query data and [Threat analytics](threat-analytics.md) to view reports about emerging threats.
 
->[!NOTE]
+> [!NOTE]
 >The connection to the test machines is done using RDP. Make sure that your firewall settings allow RDP connections.
 
 >[!NOTE]
@@ -182,4 +182,3 @@ Your feedback helps us get better in protecting your environment from advanced a
 Let us know what you think, by selecting **Provide feedback**.
 
 ![Image of provide feedback](images/send-us-feedback-eval-lab.png)
-

From 8223224f467e69c9af6f4c362535f29c6faabe07 Mon Sep 17 00:00:00 2001
From: VLG17 <41186174+VLG17@users.noreply.github.com>
Date: Tue, 31 Dec 2019 10:30:02 +0200
Subject: [PATCH 05/96] Update
 windows/security/threat-protection/microsoft-defender-atp/evaluation-lab.md

Co-Authored-By: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com>
---
 .../threat-protection/microsoft-defender-atp/evaluation-lab.md  | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/evaluation-lab.md b/windows/security/threat-protection/microsoft-defender-atp/evaluation-lab.md
index 7c12abf5ca..e72267221c 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/evaluation-lab.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/evaluation-lab.md
@@ -128,7 +128,7 @@ If you are looking for a pre-made simulation, you can use our ["Do It Yourself"
 You can also use [Advanced hunting](advanced-hunting-query-language.md) to query data and [Threat analytics](threat-analytics.md) to view reports about emerging threats.
 
 > [!NOTE]
->The connection to the test machines is done using RDP. Make sure that your firewall settings allow RDP connections.
+> The connection to the test machines is done using RDP. Make sure that your firewall settings allow RDP connections.
 
 >[!NOTE]
 >Microsoft Office needs to be installed on the test machines for all the simulations to work.

From 26c6318fe1c01bf7a2e9f849990e89b38d410f5c Mon Sep 17 00:00:00 2001
From: VLG17 <41186174+VLG17@users.noreply.github.com>
Date: Tue, 31 Dec 2019 10:30:07 +0200
Subject: [PATCH 06/96] Update
 windows/security/threat-protection/microsoft-defender-atp/evaluation-lab.md

Co-Authored-By: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com>
---
 .../threat-protection/microsoft-defender-atp/evaluation-lab.md  | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/evaluation-lab.md b/windows/security/threat-protection/microsoft-defender-atp/evaluation-lab.md
index e72267221c..243b2fe6a5 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/evaluation-lab.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/evaluation-lab.md
@@ -130,7 +130,7 @@ You can also use [Advanced hunting](advanced-hunting-query-language.md) to query
 > [!NOTE]
 > The connection to the test machines is done using RDP. Make sure that your firewall settings allow RDP connections.
 
->[!NOTE]
+> [!NOTE]
 >Microsoft Office needs to be installed on the test machines for all the simulations to work.
 
 1. Connect to your machine and run an attack simulation by selecting **Connect**. 

From 3468922d71fa68b13657fb729a2c37e4866fecf1 Mon Sep 17 00:00:00 2001
From: VLG17 <41186174+VLG17@users.noreply.github.com>
Date: Tue, 31 Dec 2019 10:30:13 +0200
Subject: [PATCH 07/96] Update
 windows/security/threat-protection/microsoft-defender-atp/evaluation-lab.md

Co-Authored-By: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com>
---
 .../threat-protection/microsoft-defender-atp/evaluation-lab.md  | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/evaluation-lab.md b/windows/security/threat-protection/microsoft-defender-atp/evaluation-lab.md
index 243b2fe6a5..925e7e0ce3 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/evaluation-lab.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/evaluation-lab.md
@@ -131,7 +131,7 @@ You can also use [Advanced hunting](advanced-hunting-query-language.md) to query
 > The connection to the test machines is done using RDP. Make sure that your firewall settings allow RDP connections.
 
 > [!NOTE]
->Microsoft Office needs to be installed on the test machines for all the simulations to work.
+> Microsoft Office needs to be installed on the test machines for all the simulations to work.
 
 1. Connect to your machine and run an attack simulation by selecting **Connect**. 
 

From c6d57cb3d14babe7249af004bec1af419728d7d5 Mon Sep 17 00:00:00 2001
From: isbrahm <43386070+isbrahm@users.noreply.github.com>
Date: Tue, 7 Jan 2020 15:21:52 -0800
Subject: [PATCH 08/96] Update recommended block list to explain not blocking
 1903 files

msxml3.dll, msxml6.dll, and jscript9.dll do not have to be blocked if using 1903, as the previous issue was fixed in this release
---
 .../microsoft-recommended-block-rules.md                     | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-block-rules.md b/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-block-rules.md
index fc2d28a1c6..044f402da2 100644
--- a/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-block-rules.md
+++ b/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-block-rules.md
@@ -160,9 +160,8 @@ Pick the correct version of each .dll for the Windows release you plan to suppor
   <Deny ID="ID_DENY_MS_BUILD" FriendlyName="Microsoft.Build.dll" FileName="Microsoft.Build.dll" MinimumFileVersion="65535.65535.65535.65535" /> 
   <Deny ID="ID_DENY_MS_BUILD_FMWK" FriendlyName="Microsoft.Build.Framework.dll" FileName="Microsoft.Build.Framework.dll" MinimumFileVersion="65535.65535.65535.65535" /> 
 
-  <!-- msxml3.dll pick correct version based on release you are supporting -->
-  <!-- msxml6.dll pick correct version based on release you are supporting -->     
-  <!-- jscript9.dll pick correct version based on release you are supporting -->
+  <!-- pick correct version of msxml3.dll, msxml6.dll, and jscript9.dll based on release you are supporting -->
+  <!-- the versions of these files in the 1903 release have this issue fixed, so they don’t need to be blocked -->
   <!-- RS1 Windows 1607
   <Deny  ID="ID_DENY_MSXML3"        FriendlyName="msxml3.dll"         FileName="msxml3.dll" MinimumFileVersion ="8.110.14393.2550"/>
   <Deny  ID="ID_DENY_MSXML6"        FriendlyName="msxml6.dll"         FileName="msxml6.dll" MinimumFileVersion ="6.30.14393.2550"/>

From 70e91d02b028f0cc9036acc3353609b34aa1f131 Mon Sep 17 00:00:00 2001
From: illfated <illfated@users.noreply.github.com>
Date: Wed, 15 Jan 2020 01:46:45 +0100
Subject: [PATCH 09/96] WDAC policy/Rule option 18: clarify ambiguity

Description:

According to the latest feedback from Air-Git in issue ticket #5462
(Option 18 is ambiguous), in the last part of the Rule option
Description, the wording is now precise, but not accurate.

An accurate statement is as follows:
"[...] for any FileRule that allows a file based on FilePath."

Thanks to Air-Git for the continued valuable feedback to MS Docs
articles in need of improvement and suggested solutions.

Proposed change:
- Adjust the end part of the sentence to be accurate.

issue ticket closure or reference:

Closes #5462
---
 .../select-types-of-rules-to-create.md                          | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/windows-defender-application-control/select-types-of-rules-to-create.md b/windows/security/threat-protection/windows-defender-application-control/select-types-of-rules-to-create.md
index 26bd6f527f..21ccdcbb4e 100644
--- a/windows/security/threat-protection/windows-defender-application-control/select-types-of-rules-to-create.md
+++ b/windows/security/threat-protection/windows-defender-application-control/select-types-of-rules-to-create.md
@@ -67,7 +67,7 @@ You can set several rule options within a WDAC policy. Table 1 describes each ru
 | **15 Enabled:Invalidate EAs on Reboot** | When the Intelligent Security Graph option (14) is used, WDAC sets an extended file attribute that indicates that the file was authorized to run. This option will cause WDAC to periodically re-validate the reputation for files that were authorized by the ISG.| 
 | **16 Enabled:Update Policy No Reboot** | Use this option to allow future WDAC policy updates to apply without requiring a system reboot. |
 | **17 Enabled:Allow Supplemental Policies** | Use this option on a base policy to allow supplemental policies to expand it. |
-| **18 Disabled:Runtime FilePath Rule Protection** | Disable default FilePath rule protection (apps and executables allowed based on file path rules must come from a file path that’s only writable by an administrator) for the path specified in the FilePathRule parameter of the New-CIPolicyRule cmdlet. |
+| **18 Disabled:Runtime FilePath Rule Protection** | Disable default FilePath rule protection (apps and executables allowed based on file path rules must come from a file path that’s only writable by an administrator) for any FileRule that allows a file based on FilePath. |
 | **19 Enabled:Dynamic Code Security** | Enables policy enforcement for .NET applications and dynamically-loaded libraries. |
 
 ## Windows Defender Application Control file rule levels

From d22bebd30ac19e93a2344853112e39f16c790367 Mon Sep 17 00:00:00 2001
From: illfated <illfated@users.noreply.github.com>
Date: Wed, 15 Jan 2020 04:14:58 +0100
Subject: [PATCH 10/96] Windows/Deployment: VAMT System Requirements

Description:

As per user feedback in issue ticket #5818 (Operating System
Requirements), it is desirable to allow for later versions of Windows
Server to be shown in the list of Operating Systems under "Minimum
system requirement".

There is also a visible defect in last row of the table, breaking the
last one and a half sentence over to the first column of the next row.

Thanks to laolive382 for posting this request and making me notice the
(ever so slightly) broken table.

Changes proposed:
- change "2008 R2, or Windows Server 2012" to
  "2008 R2, Windows Server 2012, or later"
- remove line break in the last row to restore the row structure
- add MarkDown spacing in the table for readability/editing

issue ticket closure or reference:

Closes #5818
---
 .../volume-activation/vamt-requirements.md    | 21 +++++++++----------
 1 file changed, 10 insertions(+), 11 deletions(-)

diff --git a/windows/deployment/volume-activation/vamt-requirements.md b/windows/deployment/volume-activation/vamt-requirements.md
index 264ebca94c..7cd74fcf79 100644
--- a/windows/deployment/volume-activation/vamt-requirements.md
+++ b/windows/deployment/volume-activation/vamt-requirements.md
@@ -31,17 +31,16 @@ The Volume Activation Management Tool (VAMT) can be used to perform activations
 
 The following table lists the system requirements for the VAMT host computer.
 
-|Item |Minimum system requirement |
-|-----|---------------------------|
-|Computer and Processor |1 GHz x86 or x64 processor |
-|Memory |1 GB RAM for x86 or 2 GB RAM for x64 |
-|Hard Disk |16 GB available hard disk space for x86 or 20 GB for x64 |
-|External Drive|Removable media (Optional) |
-|Display |1024x768 or higher resolution monitor |
-|Network |Connectivity to remote computers via Windows® Management Instrumentation (TCP/IP) and Microsoft® Activation Web Service on the Internet via HTTPS |
-|Operating System |Windows 7, Windows 8, Windows 8.1, Windows 10, Windows Server 2008 R2, or Windows Server 2012. |
-|Additional Requirements |<ul><li>Connection to a SQL Server database. For more info, see [Install VAMT](install-vamt.md).</li><li>PowerShell 3.0: For Windows 8, Windows 8.1, Windows 10, and Windows Server® 2012, PowerShell is included in the installation. For previous versions of Windows and 
-Windows Server, you must download PowerShell 3.0. To download PowerShell, go to [Download Windows PowerShell 3.0](https://go.microsoft.com/fwlink/p/?LinkId=218356).</li><li>If installing on Windows Server 2008 R2, you must also install .NET Framework 3.51.</li></ul> |
+| Item | Minimum system requirement |
+| ---- | ---------------------------|
+| Computer and Processor | 1 GHz x86 or x64 processor |
+| Memory | 1 GB RAM for x86 or 2 GB RAM for x64 |
+| Hard Disk | 16 GB available hard disk space for x86 or 20 GB for x64 |
+| External Drive | Removable media (Optional) |
+| Display | 1024x768 or higher resolution monitor |
+| Network |Connectivity to remote computers via Windows® Management Instrumentation (TCP/IP) and Microsoft® Activation Web Service on the Internet via HTTPS |
+| Operating System | Windows 7, Windows 8, Windows 8.1, Windows 10, Windows Server 2008 R2, Windows Server 2012, or later. |
+| Additional Requirements | <ul><li>Connection to a SQL Server database. For more info, see [Install VAMT](install-vamt.md).</li><li>PowerShell 3.0: For Windows 8, Windows 8.1, Windows 10, and Windows Server® 2012, PowerShell is included in the installation. For previous versions of Windows and Windows Server, you must download PowerShell 3.0. To download PowerShell, go to [Download Windows PowerShell 3.0](https://go.microsoft.com/fwlink/p/?LinkId=218356).</li><li>If installing on Windows Server 2008 R2, you must also install .NET Framework 3.51.</li></ul> |
 
 ## Related topics
 - [Install and Configure VAMT](install-configure-vamt.md)

From 9655ddbe762e84e22442f3b6c7fc362c8bce26fd Mon Sep 17 00:00:00 2001
From: illfated <illfated@users.noreply.github.com>
Date: Wed, 15 Jan 2020 18:32:41 +0100
Subject: [PATCH 11/96] =?UTF-8?q?Remove=20registered=20=C2=AE=20trade=20ma?=
 =?UTF-8?q?rk=20symbol?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

From @JohanFreelancer9:
> Copy Review - copy looks good. Although not really part of the PR,
> please remove trademark symbols.
---
 windows/deployment/volume-activation/vamt-requirements.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/windows/deployment/volume-activation/vamt-requirements.md b/windows/deployment/volume-activation/vamt-requirements.md
index 7cd74fcf79..e9c0da934f 100644
--- a/windows/deployment/volume-activation/vamt-requirements.md
+++ b/windows/deployment/volume-activation/vamt-requirements.md
@@ -38,9 +38,9 @@ The following table lists the system requirements for the VAMT host computer.
 | Hard Disk | 16 GB available hard disk space for x86 or 20 GB for x64 |
 | External Drive | Removable media (Optional) |
 | Display | 1024x768 or higher resolution monitor |
-| Network |Connectivity to remote computers via Windows® Management Instrumentation (TCP/IP) and Microsoft® Activation Web Service on the Internet via HTTPS |
+| Network | Connectivity to remote computers via Windows Management Instrumentation (TCP/IP) and Microsoft Activation Web Service on the Internet via HTTPS |
 | Operating System | Windows 7, Windows 8, Windows 8.1, Windows 10, Windows Server 2008 R2, Windows Server 2012, or later. |
-| Additional Requirements | <ul><li>Connection to a SQL Server database. For more info, see [Install VAMT](install-vamt.md).</li><li>PowerShell 3.0: For Windows 8, Windows 8.1, Windows 10, and Windows Server® 2012, PowerShell is included in the installation. For previous versions of Windows and Windows Server, you must download PowerShell 3.0. To download PowerShell, go to [Download Windows PowerShell 3.0](https://go.microsoft.com/fwlink/p/?LinkId=218356).</li><li>If installing on Windows Server 2008 R2, you must also install .NET Framework 3.51.</li></ul> |
+| Additional Requirements | <ul><li>Connection to a SQL Server database. For more info, see [Install VAMT](install-vamt.md).</li><li>PowerShell 3.0: For Windows 8, Windows 8.1, Windows 10, and Windows Server 2012, PowerShell is included in the installation. For previous versions of Windows and Windows Server, you must download PowerShell 3.0. To download PowerShell, go to [Download Windows PowerShell 3.0](https://go.microsoft.com/fwlink/p/?LinkId=218356).</li><li>If installing on Windows Server 2008 R2, you must also install .NET Framework 3.51.</li></ul> |
 
 ## Related topics
 - [Install and Configure VAMT](install-configure-vamt.md)

From 30be1081b7026692642f87638871d84969eb8bd3 Mon Sep 17 00:00:00 2001
From: John Liu <49762389+ShenLanJohn@users.noreply.github.com>
Date: Wed, 15 Jan 2020 11:39:37 -0800
Subject: [PATCH 12/96] CAT Auto Pulish for Windows Release Messages -
 20200115112209 (#1868)

* January 2020 update

* adding micarraygeometry and value

* removing locale from links

* CAT Auto Pulish for Windows Release Messages - CAT_AutoPublish_20200115103958 (#1865)

Co-authored-by: Direesh Kumar Kandakatla <direek@microsoft.com>

Co-authored-by: Brian Lich <brianlic-msft@users.noreply.github.com>
Co-authored-by: Dani Halfin <daniha@microsoft.com>
Co-authored-by: Direesh Kumar Kandakatla <direek@microsoft.com>
---
 ...ndows-diagnostic-events-and-fields-1703.md | 209 +++-
 ...ndows-diagnostic-events-and-fields-1709.md | 157 ++-
 ...ndows-diagnostic-events-and-fields-1803.md | 520 +++++++++-
 ...ndows-diagnostic-events-and-fields-1809.md | 932 +++++++++++++++---
 .../status-windows-10-1507.yml                |   8 +-
 ...indows-10-1607-and-windows-server-2016.yml |   8 +-
 .../status-windows-10-1709.yml                |   8 +-
 .../status-windows-10-1803.yml                |   8 +-
 ...indows-10-1809-and-windows-server-2019.yml |   8 +-
 .../status-windows-10-1903.yml                |   8 +-
 .../status-windows-10-1909.yml                |   8 +-
 ...ndows-7-and-windows-server-2008-r2-sp1.yml |   8 +-
 ...windows-8.1-and-windows-server-2012-r2.yml |   8 +-
 .../status-windows-server-2008-sp2.yml        |   8 +-
 .../status-windows-server-2012.yml            |   8 +-
 .../windows-message-center.yml                |   9 +-
 16 files changed, 1606 insertions(+), 309 deletions(-)

diff --git a/windows/privacy/basic-level-windows-diagnostic-events-and-fields-1703.md b/windows/privacy/basic-level-windows-diagnostic-events-and-fields-1703.md
index 555eb005b1..2119a4bb72 100644
--- a/windows/privacy/basic-level-windows-diagnostic-events-and-fields-1703.md
+++ b/windows/privacy/basic-level-windows-diagnostic-events-and-fields-1703.md
@@ -1,5 +1,5 @@
 ---
-description: Use this article to learn more about what Windows diagnostic data is gathered at the basic level. Specific to Windows 10, version 1703.
+description: Use this article to learn more about what Windows diagnostic data is gathered at the basic level.
 title: Windows 10, version 1703 basic diagnostic events and fields (Windows 10)
 keywords: privacy, telemetry
 ms.prod: w10
@@ -7,14 +7,14 @@ ms.mktglfcycl: manage
 ms.sitesec: library
 ms.pagetype: security
 localizationpriority: high
-author: dansimp
-ms.author: dansimp
+author: brianlic-msft
+ms.author: brianlic
 manager: dansimp
 ms.collection: M365-security-compliance
 ms.topic: article
 audience: ITPro
-ms.date: 04/19/2019
-ms.reviewer: 
+ms.date: 01/04/2020
+ms.reviewer:
 ---
 
 
@@ -33,8 +33,7 @@ Use this article to learn about diagnostic events, grouped by event area, and th
 
 You can learn more about Windows functional and diagnostic data through these articles:
 
-
-- [Windows 10, version 1903 basic diagnostic events and fields](basic-level-windows-diagnostic-events-and-fields-1903.md)
+- [Windows 10, version 1903 and Windows 10, version 1909 basic diagnostic events and fields](basic-level-windows-diagnostic-events-and-fields-1903.md)
 - [Windows 10, version 1809 basic diagnostic events and fields](basic-level-windows-diagnostic-events-and-fields-1809.md)
 - [Windows 10, version 1803 basic diagnostic events and fields](basic-level-windows-diagnostic-events-and-fields-1803.md)
 - [Windows 10, version 1709 basic diagnostic events and fields](basic-level-windows-diagnostic-events-and-fields-1709.md)
@@ -60,6 +59,7 @@ The following fields are available:
 - **DataSourceMatchingInfoPostUpgrade_RS3**  The total DataSourceMatchingInfoPostUpgrade objects targeting the next release of Windows on this device.
 - **DatasourceSystemBios_RS3**  The total DatasourceSystemBios objects targeting the next release of Windows on this device.
 - **DecisionApplicationFile_RS3**  The total DecisionApplicationFile objects targeting the next release of Windows on this device.
+- **DecisionDevicePnp_RS2**  The count of DataSourceMatchingInfoBlock objects present on this machine targeting the next release of Windows
 - **DecisionDevicePnp_RS3**  The total DecisionDevicePnp objects targeting the next release of Windows on this device.
 - **DecisionDriverPackage_RS3**  The total DecisionDriverPackage objects targeting the next release of Windows on this device.
 - **DecisionMatchingInfoBlock_RS3**  The total DecisionMatchingInfoBlock objects targeting the next release of Windows on this device.
@@ -77,7 +77,6 @@ The following fields are available:
 - **SystemWim**  The total number of objects of this type present on this device.
 - **SystemWindowsActivationStatus**  The count of DecisionSystemBios objects present on this machine targeting the next release of Windows
 - **SystemWlan**  The total number of objects of this type present on this device.
-- **Wmdrm_RS3**  The total Wmdrm objects targeting the next release of Windows on this device.
 
 
 ### Microsoft.Windows.Appraiser.General.DatasourceApplicationFileAdd
@@ -92,7 +91,7 @@ The following fields are available:
 - **HasCitData**  Indicates whether the file is present in CIT data.
 - **HasUpgradeExe**  Indicates whether the anti-virus app has an upgrade.exe file.
 - **IsAv**  Is the file an anti-virus reporting EXE?
-- **ResolveAttempted**  This will always be an empty string when sending telemetry.
+- **ResolveAttempted**  This will always be an empty string when sending diagnostic data.
 - **SdbEntries**  An array of fields that indicates the SDB entries that apply to this file.
 
 
@@ -190,7 +189,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DataSourceMatchingInfoBlockAdd
 
-This event sends blocking data about any compatibility blocking entries hit on the system that are not directly related to specific applications or devices, to help keep Windows up-to-date.
+This event sends blocking data about any compatibility blocking entries on the system that are not directly related to specific applications or devices, to help keep Windows up to date.
 
 The following fields are available:
 
@@ -221,7 +220,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DataSourceMatchingInfoPassiveAdd
 
-This event sends compatibility database information about non-blocking compatibility entries on the system that are not keyed by either applications or devices, to help keep Windows up-to-date.
+This event sends compatibility database information about non-blocking compatibility entries on the system that are not keyed by either applications or devices, to help keep Windows up to date.
 
 The following fields are available:
 
@@ -252,7 +251,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DataSourceMatchingInfoPostUpgradeAdd
 
-This event sends compatibility database information about entries requiring reinstallation after an upgrade on the system that are not keyed by either applications or devices, to help keep Windows up-to-date.
+This event sends compatibility database information about entries requiring reinstallation after an upgrade on the system that are not keyed by either applications or devices, to help keep Windows up to date.
 
 The following fields are available:
 
@@ -283,7 +282,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DatasourceSystemBiosAdd
 
-This event sends compatibility database information about the BIOS to help keep Windows up-to-date.
+This event sends compatibility database information about the BIOS to help keep Windows up to date.
 
 The following fields are available:
 
@@ -315,7 +314,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DecisionApplicationFileAdd
 
-This event sends compatibility decision data about a file to help keep Windows up-to-date.
+This event sends compatibility decision data about a file to help keep Windows up to date.
 
 The following fields are available:
 
@@ -364,7 +363,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DecisionDevicePnpAdd
 
-This event sends compatibility decision data about a PNP device to help keep Windows up to date.
+This event sends compatibility decision data about a Plug and Play (PNP) device to help keep Windows up to date.
 
 The following fields are available:
 
@@ -790,7 +789,7 @@ This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedevic
 
 The following fields are available:
 
-- **AppraiserVersion**  The version of the Appraiser file that is generating the events.
+- **AppraiserVersion**  The version of the Appraiser binary (executable) generating the events.
 
 
 ### Microsoft.Windows.Appraiser.General.InventoryUplevelDriverPackageAdd
@@ -856,7 +855,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.SystemMemoryAdd
 
-This event sends data on the amount of memory on the system and whether it meets requirements, to help keep Windows up-to-date.
+This event sends data on the amount of memory on the system and whether it meets requirements, to help keep Windows up to date.
 
 The following fields are available:
 
@@ -927,7 +926,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.SystemProcessorLahfSahfAdd
 
-This event sends data indicating whether the system supports the LahfSahf CPU requirement, to help keep Windows up-to-date.
+This event sends data indicating whether the system supports the LAHF & SAHF CPU requirement, to help keep Windows up to date.
 
 The following fields are available:
 
@@ -960,7 +959,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.SystemProcessorNxAdd
 
-This event sends data indicating whether the system supports the NX CPU requirement, to help keep Windows up-to-date.
+This event sends data indicating whether the system supports the NX CPU requirement, to help keep Windows up to date.
 
 The following fields are available:
 
@@ -1159,7 +1158,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.SystemWlanAdd
 
-This event sends data indicating whether the system has WLAN, and if so, whether it uses an emulated driver that could block an upgrade, to help keep Windows up-to-date.
+This event sends data indicating whether the system has WLAN, and if so, whether it uses an emulated driver that could block an upgrade, to help keep Windows up to date.
 
 The following fields are available:
 
@@ -1196,32 +1195,32 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.TelemetryRunHealth
 
-This event indicates the parameters and result of a telemetry (diagnostic) run. This allows the rest of the data sent over the course of the run to be properly contextualized and understood, which is then used to keep Windows up to date.
+This event indicates the parameters and result of a diagnostic data run. This allows the rest of the data sent over the course of the run to be properly contextualized and understood, which is then used to keep Windows up to date.
 
 The following fields are available:
 
 - **AppraiserBranch**  The source branch in which the version of Appraiser that is running was built.
-- **AppraiserDataVersion**  The version of the data files being used by the Appraiser telemetry run.
+- **AppraiserDataVersion**  The version of the data files being used by the Appraiser diagnostic data run.
 - **AppraiserProcess**  The name of the process that launched Appraiser.
 - **AppraiserVersion**  The file version (major, minor and build) of the Appraiser DLL, concatenated without dots.
 - **AuxFinal**  Obsolete, always set to false.
 - **AuxInitial**  Obsolete, indicates if Appraiser is writing data files to be read by the Get Windows 10 app.
 - **DeadlineDate**  A timestamp representing the deadline date, which is the time until which appraiser will wait to do a full scan.
-- **EnterpriseRun**  Indicates if the telemetry run is an enterprise run, which means appraiser was run from the command line with an extra enterprise parameter.
+- **EnterpriseRun**  Indicates whether the diagnostic data run is an enterprise run, which means appraiser was run from the command line with an extra enterprise parameter.
 - **FullSync**  Indicates if Appraiser is performing a full sync, which means that full set of events representing the state of the machine are sent. Otherwise, only the changes from the previous run are sent.
 - **InventoryFullSync**  Indicates if inventory is performing a full sync, which means that the full set of events representing the inventory of machine are sent.
 - **PCFP**  An ID for the system calculated by hashing hardware identifiers.
 - **PerfBackoff**  Indicates if the run was invoked with logic to stop running when a user is present. Helps to understand why a run may have a longer elapsed time than normal.
 - **PerfBackoffInsurance**  Indicates if appraiser is running without performance backoff because it has run with perf backoff and failed to complete several times in a row.
 - **RunAppraiser**  Indicates if Appraiser was set to run at all. If this if false, it is understood that data events will not be received from this device.
-- **RunDate**  The date that the telemetry run was stated, expressed as a filetime.
-- **RunGeneralTel**  Indicates if the generaltel.dll component was run. Generaltel collects additional telemetry on an infrequent schedule and only from machines at telemetry levels higher than Basic.
+- **RunDate**  The date that the diagnostic data run was stated, expressed as a filetime.
+- **RunGeneralTel**  Indicates if the generaltel.dll component was run. Generaltel collects additional diagnostic data on an infrequent schedule and only from machines at diagnostic data levels higher than Basic.
 - **RunOnline**  Indicates if appraiser was able to connect to Windows Update and theefore is making decisions using up-to-date driver coverage information.
-- **RunResult**  The hresult of the Appraiser telemetry run.
-- **SendingUtc**  Indicates if the Appraiser client is sending events during the current telemetry run.
+- **RunResult**  The hresult of the Appraiser diagnostic data run.
+- **SendingUtc**  Indicates whether the Appraiser client is sending events during the current diagnostic data run.
 - **StoreHandleIsNotNull**  Obsolete, always set to false
-- **TelementrySent**  Indicates if telemetry was successfully sent.
-- **ThrottlingUtc**  Indicates if the Appraiser client is throttling its output of CUET events to avoid being disabled. This increases runtime but also telemetry reliability.
+- **TelementrySent**  Indicates whether diagnostic data was successfully sent.
+- **ThrottlingUtc**  Indicates whether the Appraiser client is throttling its output of CUET events to avoid being disabled. This increases runtime but also diagnostic data reliability.
 - **Time**  The client time of the event.
 - **VerboseMode**  Indicates if appraiser ran in Verbose mode, which is a test-only mode with extra logging.
 - **WhyFullSyncWithoutTablePrefix**  Indicates the reason or reasons that a full sync was generated.
@@ -1444,6 +1443,7 @@ The following fields are available:
 - **LicenseStateReason**  Retrieves why (or how) a system is licensed or unlicensed.  The HRESULT may indicate an error code that indicates a key blocked error, or it may indicate that we are running an OS License granted by the MS store.
 - **OA3xOriginalProductKey**  Retrieves the License key stamped by the OEM to the machine.
 - **OSEdition**  Retrieves the version of the current OS.
+- **OSInstallDateTime**  Retrieves the date the OS was installed using ISO 8601 (Date part) == yyyy-mm-dd
 - **OSInstallType**  Retrieves a numeric description of what install was used on the device i.e. clean, upgrade, refresh, reset, etc
 - **OSOOBEDateTime**  Retrieves Out of Box Experience (OOBE) Date in Coordinated Universal Time (UTC).
 - **OSSKU**  Retrieves the Friendly Name of OS Edition.
@@ -1538,6 +1538,7 @@ The following fields are available:
 - **InternalPrimaryDisplayResolutionVertical**  Retrieves the number of pixels in the vertical direction of the internal display.
 - **InternalPrimaryDisplaySizePhysicalH**  Retrieves the physical horizontal length of the display in mm. Used for calculating the diagonal length in inches .
 - **InternalPrimaryDisplaySizePhysicalY**  Retrieves the physical vertical length of the display in mm. Used for calculating the diagonal length in inches
+- **InternalPrimaryDisplayType**  Represents the type of technology used in the monitor, such as Plasma, LED, LCOS, etc.
 - **NumberofExternalDisplays**  Retrieves the number of external displays connected to the machine
 - **NumberofInternalDisplays**  Retrieves the number of internal displays in a machine.
 - **VRAMDedicated**  Retrieves the video RAM in MB.
@@ -1720,7 +1721,7 @@ The following fields are available:
 - **mon**  Combined monitor and event sequence numbers in the format: monitor sequence : event sequence
 - **op**  Represents the ETW Op Code.
 - **raId**  Represents the ETW Related ActivityId. Logged via TraceLogging or directly via ETW.
-- **sqmId**  The Windows SQM ID.
+- **sqmId**  The Windows SQM (Software Quality Metrics—a precursor of Windows 10 Diagnostic Data collection) device identifier.
 - **stId**  Represents the Scenario Entry Point ID. This is a unique GUID for each event in a diagnostic scenario. This used to be Scenario Trigger ID.
 - **tickets**  An array of strings that refer back to a key in the X-Tickets http header that the client uploaded along with a batch of events.
 
@@ -1778,6 +1779,47 @@ This event provides information about the results of installing optional Windows
 
 
 
+### CbsServicingProvider.CbsQualityUpdateInstall
+
+This event reports on the performance and reliability results of installing Servicing content from Windows Update to keep Windows up to date.
+
+
+
+### CbsServicingProvider.CbsSelectableUpdateChangeV2
+
+This event reports the results of enabling or disabling optional Windows Content to keep Windows up to date.
+
+The following fields are available:
+
+- **applicableUpdateState**  Indicates the highest applicable state of the optional content.
+- **buildVersion**  The build version of the package being installed.
+- **clientId**  The name of the application requesting the optional content change.
+- **downloadSource**  Indicates if optional content was obtained from Windows Update or a locally accessible file.
+- **downloadtimeInSeconds**  Indicates if optional content was obtained from Windows Update or a locally accessible file.
+- **executionID**  A unique ID used to identify events associated with a single servicing operation and not reused for future operations.
+- **executionSequence**  A counter that tracks the number of servicing operations attempted on the device.
+- **firstMergedExecutionSequence**  The value of a pervious executionSequence counter that is being merged with the current operation, if applicable.
+- **firstMergedID**  A unique ID of a pervious servicing operation that is being merged with this operation, if applicable.
+- **hrDownloadResult**  The return code of the download operation.
+- **hrStatusUpdate**  The return code of the servicing operation.
+- **identityHash**  A pseudonymized (hashed) identifier for the Windows Package that is being installed or uninstalled.
+- **initiatedOffline**  Indicates whether the operation was performed against an offline Windows image file or a running instance of Windows.
+- **majorVersion**  The major version of the package being installed.
+- **minorVersion**  The minor version of the package being installed.
+- **packageArchitecture**  The architecture of the package being installed.
+- **packageLanguage**  The language of the package being installed.
+- **packageName**  The name of the package being installed.
+- **rebootRequired**  Indicates whether a reboot is required to complete the operation.
+- **revisionVersion**  The revision number of the package being installed.
+- **stackBuild**  The build number of the servicing stack binary performing the installation.
+- **stackMajorVersion**  The major version number of the servicing stack binary performing the installation.
+- **stackMinorVersion**  The minor version number of the servicing stack binary performing the installation.
+- **stackRevision**  The revision number of the servicing stack binary performing the installation.
+- **updateName**  The name of the optional Windows Operation System feature being enabled or disabled.
+- **updateStartState**  A value indicating the state of the optional content before the operation started.
+- **updateTargetState**  A value indicating the desired state of the optional content.
+
+
 ## Content Delivery Manager events
 
 ### Microsoft.Windows.ContentDeliveryManager.ProcessCreativeEvent
@@ -1864,7 +1906,7 @@ The following fields are available:
 
 ### TelClientSynthetic.ConnectivityHeartBeat_0
 
-This event sends data about the connectivity status of the Connected User Experience and Telemetry component that uploads telemetry events. If an unrestricted free network (such as Wi-Fi) is available, this event updates the last successful upload time. Otherwise, it checks whether a Connectivity Heartbeat event was fired in the past 24 hours, and if not, it fires an event. A Connectivity Heartbeat event also fires when a device recovers from costed network to free network.
+This event sends data about the connectivity status of the Connected User Experience and Telemetry component that uploads telemetry events. If an unrestricted free network (such as Wi-Fi) is available, this event updates the last successful upload time. Otherwise, it checks whether a Connectivity Heartbeat event was fired in the past 24 hours, and if not, it sends an event. A Connectivity Heartbeat event is also sent when a device recovers from costed network to free network.
 
 The following fields are available:
 
@@ -2597,6 +2639,45 @@ The following fields are available:
 - **InventoryVersion**  The version of the inventory file generating the events.
 
 
+### Microsoft.Windows.Inventory.General.AppHealthStaticAdd
+
+This event sends details collected for a specific application on the source device.
+
+The following fields are available:
+
+- **AhaVersion**  The binary version of the App Health Analyzer tool.
+- **ApplicationErrors**  The count of application errors from the event log.
+- **Bitness**  The architecture type of the application (16 Bit or 32 bit or 64 bit).
+- **device_level**  Various JRE/JAVA versions installed on a particular device.
+- **ExtendedProperties**  Attribute used for aggregating all other attributes under this event type.
+- **Jar**  Flag to determine if an app has a Java JAR file dependency.
+- **Jre**  Flag to determine if an app has JRE framework dependency.
+- **Jre_version**  JRE versions an app has declared framework dependency for.
+- **Name**  Name of the application.
+- **NonDPIAware**  Flag to determine if an app is non-DPI aware
+- **NumBinaries**  Count of all binaries (.sys,.dll,.ini) from application install location.
+- **RequiresAdmin**  Flag to determine if an app requests admin privileges for execution.
+- **RequiresAdminv2**  Additional flag to determine if an app requests admin privileges for execution.
+- **RequiresUIAccess**  Flag to determine if an app is based on UI features for accessibility.
+- **VB6**  Flag to determine if an app is based on VB6 framework.
+- **VB6v2**  Additional flag to determine if an app is based on VB6 framework.
+- **Version**  Version of the application.
+- **VersionCheck**  Flag to determine if an app has a static dependency on OS version.
+- **VersionCheckv2**  Additional flag to determine if an app has a static dependency on OS version.
+
+
+### Microsoft.Windows.Inventory.General.AppHealthStaticStartSync
+
+This event indicates the beginning of a series of AppHealthStaticAdd events.
+
+The following fields are available:
+
+- **AllowTelemetry**  Indicates the presence of the 'allowtelemetry' command line argument.
+- **CommandLineArgs**  Command line arguments passed when launching the App Health Analyzer executable.
+- **Enhanced**  Indicates the presence of the 'enhanced' command line argument.
+- **StartTime**  UTC date and time at which this event was sent.
+
+
 ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousOfficeAddInAdd
 
 Invalid variant - Provides data on the installed Office Add-ins
@@ -2724,6 +2805,15 @@ This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedevic
 The following fields are available:
 
 - **IndicatorValue**  The indicator value.
+- **Value**  Describes an operating system indicator that may be relevant for the device upgrade.
+
+
+### Microsoft.Windows.Inventory.Indicators.InventoryMiscellaneousUexIndicatorEndSync
+
+This event indicates that a new set of InventoryMiscellaneousUexIndicatorAdd events has been sent.
+
+This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
+
 
 
 ### Microsoft.Windows.Inventory.Indicators.InventoryMiscellaneousUexIndicatorRemove
@@ -2814,6 +2904,20 @@ The following fields are available:
 - **UptimeDeltaMS**  Duration in last state in milliseconds.
 
 
+## Migration events
+
+### Microsoft.Windows.MigrationCore.MigObjectCountKFSys
+
+This event returns data about the count of the migration objects across various phases during feature update.
+
+
+
+### Microsoft.Windows.MigrationCore.MigObjectCountKFUsr
+
+This event returns data to track the count of the migration objects across various phases during feature update.
+
+
+
 ## OneDrive events
 
 ### Microsoft.OneDrive.Sync.Setup.APIOperation
@@ -4387,7 +4491,7 @@ The following fields are available:
 
 - **EndpointUrl**  The endpoint URL where the device obtains update metadata. This is used to distinguish between test, staging, and production environments.
 - **EventScenario**  The purpose of this event, such as scan started, scan succeeded, or scan failed.
-- **ExtendedStatusCode**  The secondary status code of the event.
+- **ExtendedStatusCode**  Secondary status code for certain scenarios where StatusCode was not specific enough.
 - **LeafCertId**  The integral ID from the FragmentSigning data for the certificate that failed.
 - **ListOfSHA256OfIntermediateCerData**  A semicolon delimited list of base64 encoding of hashes for the Base64CerData in the FragmentSigning data of an intermediate certificate.
 - **MetadataIntegrityMode**  The mode of the transport metadata integrity check. 0 = unknown; 1 = ignore; 2 = audit; 3 = enforce
@@ -4799,7 +4903,13 @@ The following fields are available:
 
 ### FacilitatorTelemetry.DCATDownload
 
-This event indicates whether devices received additional or critical supplemental content during an OS Upgrade, to help keep Windows up-to-date and secure.
+This event indicates whether devices received additional or critical supplemental content during an OS Upgrade, to help keep Windows up to date and secure.
+
+
+
+### FacilitatorTelemetry.DUDownload
+
+This event returns data about the download of supplemental packages critical to upgrading a device to the next version of Windows.
 
 
 
@@ -4811,7 +4921,7 @@ This event determines whether devices received additional or critical supplement
 
 ### Setup360Telemetry.Downlevel
 
-This event sends data indicating that the device has started the downlevel phase of the upgrade, to help keep Windows up-to-date and secure.
+This event sends data indicating that the device has started the downlevel phase of the upgrade, to help keep Windows up to date and secure.
 
 The following fields are available:
 
@@ -5127,6 +5237,7 @@ The following fields are available:
 - **CategoryId**  The Item Category ID.
 - **ClientAppId**  The identity of the app that initiated this operation.
 - **HResult**  The result code of the last action performed before this operation.
+- **IntentPFNs**  Intent Product Family Name
 - **IsBundle**  Is this a bundle?
 - **IsInteractive**  Was this requested by a user?
 - **IsMandatory**  Was this a mandatory update?
@@ -5137,6 +5248,7 @@ The following fields are available:
 - **PFN**  The product family name of the product being installed.
 - **ProductId**  The identity of the package or packages being installed.
 - **SystemAttemptNumber**  The total number of automatic attempts at installation before it was canceled.
+- **UpdateId**  Update ID (if this is an update)
 - **UserAttemptNumber**  The total number of user attempts at installation before it was canceled.
 - **WUContentId**  The Windows Update content ID.
 
@@ -5164,6 +5276,7 @@ The following fields are available:
 - **BundleId**  The identity of the Windows Insider build that is associated with this product.
 - **CategoryId**  The identity of the package or packages being installed.
 - **ClientAppId**  The identity of the app that initiated this operation.
+- **IntentPFNs**  Intent Product Family Name
 - **IsBundle**  Is this a bundle?
 - **IsInteractive**  Was this requested by a user?
 - **IsMandatory**  Is this a mandatory update?
@@ -5203,16 +5316,20 @@ The following fields are available:
 
 - **AggregatedPackageFullNames**  Includes a set of package full names for each app that is part of an atomic set.
 - **AttemptNumber**  The total number of attempts to acquire this product.
+- **BundleId**  The bundle ID
 - **CategoryId**  The identity of the package or packages being installed.
 - **ClientAppId**  The identity of the app that initiated this operation.
 - **HResult**  HResult code to show the result of the operation (success/failure).
+- **IntentPFNs**  Intent Product Family Name
 - **IsBundle**  Is this a bundle?
 - **IsInteractive**  Did the user initiate the installation?
 - **IsMandatory**  Is this a mandatory update?
 - **IsRemediation**  Is this repairing a previous installation?
 - **IsRestore**  Is this happening after a device restore?
 - **IsUpdate**  Is this an update?
+- **IsWin32**  Flag indicating if this is a Win32app.
 - **ParentBundledId**  The product's parent bundle ID.
+- **ParentBundleId**  The parent bundle ID (if it's part of a bundle).
 - **PFN**  Product Family Name of the product being installed.
 - **ProductId**  The Store Product ID for the product being installed.
 - **SystemAttemptNumber**  The number of attempts by the system to acquire this product.
@@ -5235,16 +5352,19 @@ The following fields are available:
 - **DownloadSize**  The total size of the download.
 - **ExtendedHResult**  Any extended HResult error codes.
 - **HResult**  The result code of the last action performed.
+- **IntentPFNs**  Intent Product Family Name
 - **IsBundle**  Is this a bundle?
 - **IsInteractive**  Is this initiated by the user?
 - **IsMandatory**  Is this a mandatory installation?
 - **IsRemediation**  Is this repairing a previous installation?
 - **IsRestore**  Is this a restore of a previously acquired product?
 - **IsUpdate**  Is this an update?
+- **IsWin32**  Flag indicating if this is a Win32 app (unused).
 - **ParentBundleId**  The parent bundle ID (if it's part of a bundle).
 - **PFN**  The Product Family Name of the app being download.
 - **ProductId**  The Store Product ID for the product being installed.
 - **SystemAttemptNumber**  The number of attempts by the system to download.
+- **UpdateId**  Update ID (if this is an update)
 - **UserAttemptNumber**  The number of attempts by the user to download.
 - **WUContentId**  The Windows Update content ID.
 
@@ -5280,16 +5400,19 @@ The following fields are available:
 - **ClientAppId**  The identity of the app that initiated this operation.
 - **ExtendedHResult**  The extended HResult error code.
 - **HResult**  The result code of the last action performed.
+- **IntentPFNs**  Intent Product Family Name
 - **IsBundle**  Is this a bundle?
 - **IsInteractive**  Is this an interactive installation?
 - **IsMandatory**  Is this a mandatory installation?
 - **IsRemediation**  Is this repairing a previous installation?
 - **IsRestore**  Is this automatically restoring a previously acquired product?
 - **IsUpdate**  Is this an update?
+- **IsWin32**  Flag indicating if this a Win32 app (unused).
 - **ParentBundleId**  The product ID of the parent (if this product is part of a bundle).
 - **PFN**  Product Family Name of the product being installed.
 - **ProductId**  The Store Product ID for the product being installed.
 - **SystemAttemptNumber**  The total number of system attempts.
+- **UpdateId**  Update ID (if this is an update)
 - **UserAttemptNumber**  The total number of user attempts.
 - **WUContentId**  The Windows Update content ID.
 
@@ -5319,16 +5442,19 @@ The following fields are available:
 - **CategoryId**  The identity of the package or packages being installed.
 - **ClientAppId**  The identity of the app that initiated this operation.
 - **HResult**  The result code of the last action performed.
+- **IntentPFNs**  The licensing identity of this package.
 - **IsBundle**  Is this a bundle?
 - **IsInteractive**  Is this user requested?
 - **IsMandatory**  Is this a mandatory update?
 - **IsRemediation**  Is this repairing a previous installation?
 - **IsRestore**  Is this restoring previously acquired content?
 - **IsUpdate**  Is this an update?
+- **IsWin32**  Flag indicating if this a Win32 app (unused).
 - **ParentBundleId**  The product ID of the parent (if this product is part of a bundle).
 - **PFN**  The name of the package or packages requested for install.
 - **ProductId**  The Store Product ID for the product being installed.
 - **SystemAttemptNumber**  The total number of system attempts.
+- **UpdateId**  Update ID (if this is an update)
 - **UserAttemptNumber**  The total number of user attempts.
 - **WUContentId**  The Windows Update content ID.
 
@@ -5345,6 +5471,7 @@ The following fields are available:
 - **CategoryId**  The identity of the package or packages being installed.
 - **ClientAppId**  The identity of the app that initiated this operation.
 - **HResult**  The result code of the last action performed.
+- **IntentPFNs**  The licensing identity of this package.
 - **IsBundle**  Is this a bundle?
 - **IsInteractive**  Is this user requested?
 - **IsMandatory**  Is this a mandatory update?
@@ -5414,6 +5541,7 @@ The following fields are available:
 - **BundleId**  The identity of the build associated with this product.
 - **CategoryId**  The identity of the package or packages being installed.
 - **ClientAppId**  The identity of the app that initiated this operation.
+- **IntentPFNs**  The licensing identity of this package.
 - **IsBundle**  Is this a bundle?
 - **IsInteractive**  Is this user requested?
 - **IsMandatory**  Is this a mandatory update?
@@ -5443,6 +5571,7 @@ The following fields are available:
 - **CategoryId**  The identity of the package or packages being installed.
 - **ClientAppId**  The identity of the app that initiated this operation.
 - **HResult**  The result code of the last action performed before this operation.
+- **IntentPFNs**  Intent Product Family Name
 - **IsBundle**  Is this a bundle?
 - **IsInteractive**  Is this user requested?
 - **IsMandatory**  Is this a mandatory update?
@@ -6260,6 +6389,12 @@ This event sends data specific to the FixupEditionId mitigation used for OS Upda
 
 ## Windows Update Reserve Manager events
 
+### Microsoft.Windows.UpdateReserveManager.CommitPendingHardReserveAdjustment
+
+This event is sent when the Update Reserve Manager commits a hard reserve adjustment that was pending.
+
+
+
 ### Microsoft.Windows.UpdateReserveManager.InitializeUpdateReserveManager
 
 This event returns data about the Update Reserve Manager, including whether it’s been initialized.
@@ -6272,6 +6407,12 @@ This event is sent when the Update Reserve Manager removes a pending hard reserv
 
 
 
+### Microsoft.Windows.UpdateReserveManager.UpdatePendingHardReserveAdjustment
+
+This event is sent when the Update Reserve Manager needs to adjust the size of the hard reserve after the option content is installed.
+
+
+
 ## Winlogon events
 
 ### Microsoft.Windows.Security.Winlogon.SetupCompleteLogon
diff --git a/windows/privacy/basic-level-windows-diagnostic-events-and-fields-1709.md b/windows/privacy/basic-level-windows-diagnostic-events-and-fields-1709.md
index 1cecae9cf2..8c6ee5c804 100644
--- a/windows/privacy/basic-level-windows-diagnostic-events-and-fields-1709.md
+++ b/windows/privacy/basic-level-windows-diagnostic-events-and-fields-1709.md
@@ -1,5 +1,5 @@
 ---
-description: Use this article to learn more about what Windows diagnostic data is gathered at the basic level. Specific to Windows 10, version 1709.
+description: Use this article to learn more about what Windows diagnostic data is gathered at the basic level.
 title: Windows 10, version 1709 basic diagnostic events and fields (Windows 10)
 keywords: privacy, telemetry
 ms.prod: w10
@@ -7,14 +7,14 @@ ms.mktglfcycl: manage
 ms.sitesec: library
 ms.pagetype: security
 localizationpriority: high
-author: dansimp
-ms.author: dansimp
+author: brianlic-msft
+ms.author: brianlic
 manager: dansimp
 ms.collection: M365-security-compliance
 ms.topic: article
 audience: ITPro
-ms.date: 04/19/2019
-ms.reviewer: 
+ms.date: 01/04/2020
+ms.reviewer:
 ---
 
 
@@ -33,8 +33,7 @@ Use this article to learn about diagnostic events, grouped by event area, and th
 
 You can learn more about Windows functional and diagnostic data through these articles:
 
-
-- [Windows 10, version 1903 basic diagnostic events and fields](basic-level-windows-diagnostic-events-and-fields-1903.md)
+- [Windows 10, version 1903 and Windows 10, version 1909 basic diagnostic events and fields](basic-level-windows-diagnostic-events-and-fields-1903.md)
 - [Windows 10, version 1809 basic diagnostic events and fields](basic-level-windows-diagnostic-events-and-fields-1809.md)
 - [Windows 10, version 1803 basic diagnostic events and fields](basic-level-windows-diagnostic-events-and-fields-1803.md)
 - [Windows 10, version 1703 basic diagnostic events and fields](basic-level-windows-diagnostic-events-and-fields-1703.md)
@@ -102,7 +101,7 @@ The following fields are available:
 - **HasCitData**  Indicates whether the file is present in CIT data.
 - **HasUpgradeExe**  Indicates whether the anti-virus app has an upgrade.exe file.
 - **IsAv**  Is the file an anti-virus reporting EXE?
-- **ResolveAttempted**  This will always be an empty string when sending telemetry.
+- **ResolveAttempted**  This will always be an empty string when sending diagnostic data.
 - **SdbEntries**  An array of fields that indicates the SDB entries that apply to this file.
 
 
@@ -201,7 +200,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DataSourceMatchingInfoBlockAdd
 
-This event sends blocking data about any compatibility blocking entries hit on the system that are not directly related to specific applications or devices, to help keep Windows up-to-date.
+This event sends blocking data about any compatibility blocking entries on the system that are not directly related to specific applications or devices, to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -234,7 +233,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DataSourceMatchingInfoPassiveAdd
 
-This event sends compatibility database information about non-blocking compatibility entries on the system that are not keyed by either applications or devices, to help keep Windows up-to-date.
+This event sends compatibility database information about non-blocking compatibility entries on the system that are not keyed by either applications or devices, to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -267,7 +266,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DataSourceMatchingInfoPostUpgradeAdd
 
-This event sends compatibility database information about entries requiring reinstallation after an upgrade on the system that are not keyed by either applications or devices, to help keep Windows up-to-date.
+This event sends compatibility database information about entries requiring reinstallation after an upgrade on the system that are not keyed by either applications or devices, to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -300,7 +299,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DatasourceSystemBiosAdd
 
-This event sends compatibility database information about the BIOS to help keep Windows up-to-date.
+This event sends compatibility database information about the BIOS to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -333,7 +332,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DecisionApplicationFileAdd
 
-This event sends compatibility decision data about a file to help keep Windows up-to-date.
+This event sends compatibility decision data about a file to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -347,7 +346,7 @@ The following fields are available:
 - **HasUxBlockOverride**  Does the file have a block that is overridden by a tag in the SDB?
 - **MigApplication**  Does the file have a MigXML from the SDB associated with it that applies to the current upgrade mode?
 - **MigRemoval**  Does the file have a MigXML from the SDB that will cause the app to be removed on upgrade?
-- **NeedsDismissAction**  Will the file cause an action that can be dimissed?
+- **NeedsDismissAction**  Will the file cause an action that can be dismissed?
 - **NeedsInstallPostUpgradeData**  After upgrade, the file will have a post-upgrade notification to install a replacement for the app.
 - **NeedsNotifyPostUpgradeData**  Does the file have a notification that should be shown after upgrade?
 - **NeedsReinstallPostUpgradeData**  After upgrade, this file will have a post-upgrade notification to reinstall the app.
@@ -384,7 +383,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DecisionDevicePnpAdd
 
-This event sends compatibility decision data about a PNP device to help keep Windows up to date.
+This event sends compatibility decision data about a Plug and Play (PNP) device to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -828,7 +827,7 @@ This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedevic
 
 The following fields are available:
 
-- **AppraiserVersion**  The version of the Appraiser file that is generating the events.
+- **AppraiserVersion**  The version of the Appraiser binary (executable) generating the events.
 
 
 ### Microsoft.Windows.Appraiser.General.InventoryUplevelDriverPackageAdd
@@ -895,7 +894,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.SystemMemoryAdd
 
-This event sends data on the amount of memory on the system and whether it meets requirements, to help keep Windows up-to-date.
+This event sends data on the amount of memory on the system and whether it meets requirements, to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -970,7 +969,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.SystemProcessorLahfSahfAdd
 
-This event sends data indicating whether the system supports the LahfSahf CPU requirement, to help keep Windows up-to-date.
+This event sends data indicating whether the system supports the LAHF & SAHF CPU requirement, to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1005,7 +1004,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.SystemProcessorNxAdd
 
-This event sends data indicating whether the system supports the NX CPU requirement, to help keep Windows up-to-date.
+This event sends data indicating whether the system supports the NX CPU requirement, to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1216,7 +1215,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.SystemWlanAdd
 
-This event sends data indicating whether the system has WLAN, and if so, whether it uses an emulated driver that could block an upgrade, to help keep Windows up-to-date.
+This event sends data indicating whether the system has WLAN, and if so, whether it uses an emulated driver that could block an upgrade, to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1255,7 +1254,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.TelemetryRunHealth
 
-This event indicates the parameters and result of a telemetry (diagnostic) run. This allows the rest of the data sent over the course of the run to be properly contextualized and understood, which is then used to keep Windows up to date.
+This event indicates the parameters and result of a diagnostic data run. This allows the rest of the data sent over the course of the run to be properly contextualized and understood, which is then used to keep Windows up to date.
 
 The following fields are available:
 
@@ -1266,21 +1265,21 @@ The following fields are available:
 - **AuxFinal**  Obsolete, always set to false.
 - **AuxInitial**  Obsolete, indicates if Appraiser is writing data files to be read by the Get Windows 10 app.
 - **DeadlineDate**  A timestamp representing the deadline date, which is the time until which appraiser will wait to do a full scan.
-- **EnterpriseRun**  Indicates if the telemetry run is an enterprise run, which means appraiser was run from the command line with an extra enterprise parameter.
+- **EnterpriseRun**  Indicates whether the diagnostic data run is an enterprise run, which means appraiser was run from the command line with an extra enterprise parameter.
 - **FullSync**  Indicates if Appraiser is performing a full sync, which means that full set of events representing the state of the machine are sent. Otherwise, only the changes from the previous run are sent.
 - **InventoryFullSync**  Indicates if inventory is performing a full sync, which means that the full set of events representing the inventory of machine are sent.
 - **PCFP**  An ID for the system calculated by hashing hardware identifiers.
 - **PerfBackoff**  Indicates if the run was invoked with logic to stop running when a user is present. Helps to understand why a run may have a longer elapsed time than normal.
 - **PerfBackoffInsurance**  Indicates if appraiser is running without performance backoff because it has run with perf backoff and failed to complete several times in a row.
 - **RunAppraiser**  Indicates if Appraiser was set to run at all. If this if false, it is understood that data events will not be received from this device.
-- **RunDate**  The date that the telemetry run was stated, expressed as a filetime.
-- **RunGeneralTel**  Indicates if the generaltel.dll component was run. Generaltel collects additional telemetry on an infrequent schedule and only from machines at telemetry levels higher than Basic.
+- **RunDate**  The date that the diagnostic data run was stated, expressed as a filetime.
+- **RunGeneralTel**  Indicates if the generaltel.dll component was run. Generaltel collects additional diagnostic data on an infrequent schedule and only from machines at diagnostic data levels higher than Basic.
 - **RunOnline**  Indicates if appraiser was able to connect to Windows Update and theefore is making decisions using up-to-date driver coverage information.
-- **RunResult**  The hresult of the Appraiser telemetry run.
-- **SendingUtc**  Indicates if the Appraiser client is sending events during the current telemetry run.
+- **RunResult**  The hresult of the Appraiser diagnostic data run.
+- **SendingUtc**  Indicates whether the Appraiser client is sending events during the current diagnostic data run.
 - **StoreHandleIsNotNull**  Obsolete, always set to false
-- **TelementrySent**  Indicates if telemetry was successfully sent.
-- **ThrottlingUtc**  Indicates if the Appraiser client is throttling its output of CUET events to avoid being disabled. This increases runtime but also telemetry reliability.
+- **TelementrySent**  Indicates whether diagnostic data was successfully sent.
+- **ThrottlingUtc**  Indicates whether the Appraiser client is throttling its output of CUET events to avoid being disabled. This increases runtime but also diagnostic data reliability.
 - **Time**  The client time of the event.
 - **VerboseMode**  Indicates if appraiser ran in Verbose mode, which is a test-only mode with extra logging.
 - **WhyFullSyncWithoutTablePrefix**  Indicates the reason or reasons that a full sync was generated.
@@ -1819,7 +1818,7 @@ The following fields are available:
 - **mon**  Combined monitor and event sequence numbers in the format: monitor sequence : event sequence
 - **op**  Represents the ETW Op Code.
 - **raId**  Represents the ETW Related ActivityId. Logged via TraceLogging or directly via ETW.
-- **sqmId**  The Windows SQM ID.
+- **sqmId**  The Windows SQM (Software Quality Metrics—a precursor of Windows 10 Diagnostic Data collection) device identifier.
 - **stId**  Represents the Scenario Entry Point ID. This is a unique GUID for each event in a diagnostic scenario. This used to be Scenario Trigger ID.
 - **tickets**  An array of strings that refer back to a key in the X-Tickets http header that the client uploaded along with a batch of events.
 
@@ -1914,6 +1913,12 @@ The following fields are available:
 - **pendingDecision**  Indicates the cause of reboot, if applicable.
 
 
+### CbsServicingProvider.CbsQualityUpdateInstall
+
+This event reports on the performance and reliability results of installing Servicing content from Windows Update to keep Windows up to date.
+
+
+
 ### CbsServicingProvider.CbsSelectableUpdateChangeV2
 
 This event reports the results of enabling or disabling optional Windows Content to keep Windows up to date.
@@ -1965,7 +1970,7 @@ Fired by UTC at startup to signal what data we are allowed to collect.
 
 ### TelClientSynthetic.ConnectivityHeartBeat_0
 
-This event sends data about the connectivity status of the Connected User Experience and Telemetry component that uploads telemetry events. If an unrestricted free network (such as Wi-Fi) is available, this event updates the last successful upload time. Otherwise, it checks whether a Connectivity Heartbeat event was fired in the past 24 hours, and if not, it fires an event. A Connectivity Heartbeat event also fires when a device recovers from costed network to free network.
+This event sends data about the connectivity status of the Connected User Experience and Telemetry component that uploads telemetry events. If an unrestricted free network (such as Wi-Fi) is available, this event updates the last successful upload time. Otherwise, it checks whether a Connectivity Heartbeat event was fired in the past 24 hours, and if not, it sends an event. A Connectivity Heartbeat event is also sent when a device recovers from costed network to free network.
 
 
 
@@ -2476,7 +2481,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.InventoryDevicePnpAdd
 
-This event represents the basic metadata about a plug and play (PNP) device and its associated driver.
+This event sends basic metadata about a PNP device and its associated driver to help keep Windows up to date. This information is used to assess if the PNP device and driver will remain compatible when upgrading Windows.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -2650,6 +2655,45 @@ The following fields are available:
 - **InventoryVersion**  The version of the inventory file generating the events.
 
 
+### Microsoft.Windows.Inventory.General.AppHealthStaticAdd
+
+This event sends details collected for a specific application on the source device.
+
+The following fields are available:
+
+- **AhaVersion**  The binary version of the App Health Analyzer tool.
+- **ApplicationErrors**  The count of application errors from the event log.
+- **Bitness**  The architecture type of the application (16 Bit or 32 bit or 64 bit).
+- **device_level**  Various JRE/JAVA versions installed on a particular device.
+- **ExtendedProperties**  Attribute used for aggregating all other attributes under this event type.
+- **Jar**  Flag to determine if an app has a Java JAR file dependency.
+- **Jre**  Flag to determine if an app has JRE framework dependency.
+- **Jre_version**  JRE versions an app has declared framework dependency for.
+- **Name**  Name of the application.
+- **NonDPIAware**  Flag to determine if an app is non-DPI aware
+- **NumBinaries**  Count of all binaries (.sys,.dll,.ini) from application install location.
+- **RequiresAdmin**  Flag to determine if an app requests admin privileges for execution.
+- **RequiresAdminv2**  Additional flag to determine if an app requests admin privileges for execution.
+- **RequiresUIAccess**  Flag to determine if an app is based on UI features for accessibility.
+- **VB6**  Flag to determine if an app is based on VB6 framework.
+- **VB6v2**  Additional flag to determine if an app is based on VB6 framework.
+- **Version**  Version of the application.
+- **VersionCheck**  Flag to determine if an app has a static dependency on OS version.
+- **VersionCheckv2**  Additional flag to determine if an app has a static dependency on OS version.
+
+
+### Microsoft.Windows.Inventory.General.AppHealthStaticStartSync
+
+This event indicates the beginning of a series of AppHealthStaticAdd events.
+
+The following fields are available:
+
+- **AllowTelemetry**  Indicates the presence of the 'allowtelemetry' command line argument.
+- **CommandLineArgs**  Command line arguments passed when launching the App Health Analyzer executable.
+- **Enhanced**  Indicates the presence of the 'enhanced' command line argument.
+- **StartTime**  UTC date and time at which this event was sent.
+
+
 ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousOfficeAddInAdd
 
 Invalid variant - Provides data on the installed Office Add-ins
@@ -2837,7 +2881,7 @@ This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedevic
 
 The following fields are available:
 
-- **BrowserFlags**  Browser flags for Office-related products
+- **BrowserFlags**  Browser flags for Office-related products.
 - **ExchangeProviderFlags**  Office Exchange provider policies
 - **InventoryVersion**  The version of the inventory binary generating the events.
 - **SharedComputerLicensing**  Office Shared Computer Licensing policies
@@ -3039,6 +3083,26 @@ The following fields are available:
 - **UserInputTime**  The amount of time the loader application spent waiting for user input.
 
 
+## Migration events
+
+### Microsoft.Windows.MigrationCore.MigObjectCountDLUsr
+
+This event returns data to track the count of the migration objects across various phases during feature update.
+
+
+
+### Microsoft.Windows.MigrationCore.MigObjectCountKFSys
+
+This event returns data about the count of the migration objects across various phases during feature update.
+
+
+
+### Microsoft.Windows.MigrationCore.MigObjectCountKFUsr
+
+This event returns data to track the count of the migration objects across various phases during feature update.
+
+
+
 ## OneDrive events
 
 ### Microsoft.OneDrive.Sync.Setup.APIOperation
@@ -4411,7 +4475,7 @@ The following fields are available:
 
 - **EndpointUrl**  The endpoint URL where the device obtains update metadata. This is used to distinguish between test, staging, and production environments.
 - **EventScenario**  The purpose of this event, such as scan started, scan succeeded, or scan failed.
-- **ExtendedStatusCode**  The secondary status code of the event.
+- **ExtendedStatusCode**  Secondary status code for certain scenarios where StatusCode was not specific enough.
 - **LeafCertId**  The integral ID from the FragmentSigning data for the certificate that failed.
 - **ListOfSHA256OfIntermediateCerData**  A semicolon delimited list of base64 encoding of hashes for the Base64CerData in the FragmentSigning data of an intermediate certificate.
 - **MetadataIntegrityMode**  The mode of the transport metadata integrity check. 0 = unknown; 1 = ignore; 2 = audit; 3 = enforce
@@ -5032,7 +5096,13 @@ The following fields are available:
 
 ### FacilitatorTelemetry.DCATDownload
 
-This event indicates whether devices received additional or critical supplemental content during an OS Upgrade, to help keep Windows up-to-date and secure.
+This event indicates whether devices received additional or critical supplemental content during an OS Upgrade, to help keep Windows up to date and secure.
+
+
+
+### FacilitatorTelemetry.DUDownload
+
+This event returns data about the download of supplemental packages critical to upgrading a device to the next version of Windows.
 
 
 
@@ -5044,7 +5114,7 @@ This event determines whether devices received additional or critical supplement
 
 ### Setup360Telemetry.Downlevel
 
-This event sends data indicating that the device has started the downlevel phase of the upgrade, to help keep Windows up-to-date and secure.
+This event sends data indicating that the device has started the downlevel phase of the upgrade, to help keep Windows up to date and secure.
 
 The following fields are available:
 
@@ -5274,7 +5344,7 @@ The following fields are available:
 - **ReportId**  With Windows Update, this is the updateID that is passed to Setup. In media setup, this is the GUID for the install.wim.
 - **Setup360Extended**  Detailed information about the phase/action when the potential failure occurred.
 - **Setup360Mode**  The phase of Setup360. Example: Predownload, Install, Finalize, Rollback.
-- **Setup360Result**  The result of Setup360. This is an HRESULT error code that can be used to diagnose errors.
+- **Setup360Result**  The result of Setup360. This is an HRESULT error code that can be used used to diagnose errors.
 - **Setup360Scenario**  The Setup360 flow type. Example: Boot, Media, Update, MCT.
 - **SetupVersionBuildNumber**  The build number of Setup360 (build number of target OS).
 - **State**  The exit state of a Setup360 run. Example: succeeded, failed, blocked, cancelled.
@@ -5293,6 +5363,18 @@ The following fields are available:
 - **m**  The WaaS (“Workspace as a Service”—cloud-based “workspace”) Assessment Error String.
 
 
+### Microsoft.Windows.WaaSMedic.RemediationFailed
+
+This event is sent when the WaaS Medic update stack remediation tool fails to apply a described resolution to a problem that is blocking Windows Update from operating correctly on a target device.
+
+The following fields are available:
+
+- **diagnostic**  Parameter where the resolution failed.
+- **hResult**  Error code that resulted from attempting the resolution.
+- **isRemediated**  Indicates whether the condition was remediated.
+- **pluginName**  Name of the attempted resolution.
+
+
 ### Microsoft.Windows.WaaSMedic.Summary
 
 This event provides the results of the WaaSMedic diagnostic run
@@ -5459,6 +5541,7 @@ The following fields are available:
 
 - **AggregatedPackageFullNames**  Includes a set of package full names for each app that is part of an atomic set.
 - **AttemptNumber**  The total number of attempts to acquire this product.
+- **BundleId**  The bundle ID
 - **CategoryId**  The identity of the package or packages being installed.
 - **ClientAppId**  The identity of the app that initiated this operation.
 - **HResult**  HResult code to show the result of the operation (success/failure).
@@ -5468,6 +5551,7 @@ The following fields are available:
 - **IsRemediation**  Is this repairing a previous installation?
 - **IsRestore**  Is this happening after a device restore?
 - **IsUpdate**  Is this an update?
+- **ParentBundleId**  The parent bundle ID (if it's part of a bundle).
 - **PFN**  Product Family Name of the product being installed.
 - **ProductId**  The Store Product ID for the product being installed.
 - **SystemAttemptNumber**  The number of attempts by the system to acquire this product.
@@ -6573,6 +6657,7 @@ The following fields are available:
 This event is sent when the Update Reserve Manager commits a hard reserve adjustment that was pending.
 
 
+
 ### Microsoft.Windows.UpdateReserveManager.InitializeUpdateReserveManager
 
 This event returns data about the Update Reserve Manager, including whether it’s been initialized.
diff --git a/windows/privacy/basic-level-windows-diagnostic-events-and-fields-1803.md b/windows/privacy/basic-level-windows-diagnostic-events-and-fields-1803.md
index 94306ce392..64a869e06a 100644
--- a/windows/privacy/basic-level-windows-diagnostic-events-and-fields-1803.md
+++ b/windows/privacy/basic-level-windows-diagnostic-events-and-fields-1803.md
@@ -1,5 +1,5 @@
 ---
-description: Use this article to learn more about what Windows diagnostic data is gathered at the basic level. Specific to Windows 10, version 1803.
+description: Use this article to learn more about what Windows diagnostic data is gathered at the basic level.
 title: Windows 10, version 1803 basic diagnostic events and fields (Windows 10)
 keywords: privacy, telemetry
 ms.prod: w10
@@ -7,14 +7,14 @@ ms.mktglfcycl: manage
 ms.sitesec: library
 ms.pagetype: security
 localizationpriority: high
-author: dansimp
-ms.author: dansimp
+author: brianlic-msft
+ms.author: brianlic
 manager: dansimp
 ms.collection: M365-security-compliance
 ms.topic: article
 audience: ITPro
-ms.date: 04/19/2019
-ms.reviewer: 
+ms.date: 01/04/2020
+ms.reviewer:
 ---
 
 
@@ -33,7 +33,7 @@ Use this article to learn about diagnostic events, grouped by event area, and th
 
 You can learn more about Windows functional and diagnostic data through these articles:
 
-- [Windows 10, version 1903 basic diagnostic events and fields](basic-level-windows-diagnostic-events-and-fields-1903.md)
+- [Windows 10, version 1903 and Windows 10, version 1909 basic diagnostic events and fields](basic-level-windows-diagnostic-events-and-fields-1903.md)
 - [Windows 10, version 1809 basic diagnostic events and fields](basic-level-windows-diagnostic-events-and-fields-1809.md)
 - [Windows 10, version 1709 basic diagnostic events and fields](basic-level-windows-diagnostic-events-and-fields-1709.md)
 - [Windows 10, version 1703 basic diagnostic events and fields](basic-level-windows-diagnostic-events-and-fields-1703.md)
@@ -135,7 +135,7 @@ The following fields are available:
 - **HasCitData**  Indicates whether the file is present in CIT data.
 - **HasUpgradeExe**  Indicates whether the anti-virus app has an upgrade.exe file.
 - **IsAv**  Is the file an antivirus reporting EXE?
-- **ResolveAttempted**  This will always be an empty string when sent.
+- **ResolveAttempted**  This will always be an empty string when sending diagnostic data.
 - **SdbEntries**  An array of fields that indicates the SDB entries that apply to this file.
 
 
@@ -234,7 +234,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DataSourceMatchingInfoBlockAdd
 
-This event sends blocking data about any compatibility blocking entries hit on the system that are not directly related to specific applications or devices, to help keep Windows up-to-date.
+This event sends blocking data about any compatibility blocking entries on the system that are not directly related to specific applications or devices, to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -267,7 +267,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DataSourceMatchingInfoPassiveAdd
 
-This event sends compatibility database information about non-blocking compatibility entries on the system that are not keyed by either applications or devices, to help keep Windows up-to-date.
+This event sends compatibility database information about non-blocking compatibility entries on the system that are not keyed by either applications or devices, to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -300,7 +300,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DataSourceMatchingInfoPostUpgradeAdd
 
-This event sends compatibility database information about entries requiring reinstallation after an upgrade on the system that are not keyed by either applications or devices, to help keep Windows up-to-date.
+This event sends compatibility database information about entries requiring reinstallation after an upgrade on the system that are not keyed by either applications or devices, to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -333,7 +333,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DatasourceSystemBiosAdd
 
-This event sends compatibility database information about the BIOS to help keep Windows up-to-date.
+This event sends compatibility database information about the BIOS to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -366,7 +366,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DecisionApplicationFileAdd
 
-This event sends compatibility decision data about a file to help keep Windows up-to-date.
+This event sends compatibility decision data about a file to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -381,7 +381,7 @@ The following fields are available:
 - **HasUxBlockOverride**  Does the file have a block that is overridden by a tag in the SDB?
 - **MigApplication**  Does the file have a MigXML from the SDB associated with it that applies to the current upgrade mode?
 - **MigRemoval**  Does the file have a MigXML from the SDB that will cause the app to be removed on upgrade?
-- **NeedsDismissAction**  Will the file cause an action that can be dimissed?
+- **NeedsDismissAction**  Will the file cause an action that can be dismissed?
 - **NeedsInstallPostUpgradeData**  After upgrade, the file will have a post-upgrade notification to install a replacement for the app.
 - **NeedsNotifyPostUpgradeData**  Does the file have a notification that should be shown after upgrade?
 - **NeedsReinstallPostUpgradeData**  After upgrade, this file will have a post-upgrade notification to reinstall the app.
@@ -418,7 +418,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DecisionDevicePnpAdd
 
-This event sends compatibility decision data about a PNP device to help keep Windows up to date.
+This event sends compatibility decision data about a Plug and Play (PNP) device to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -865,7 +865,7 @@ This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedevic
 
 The following fields are available:
 
-- **AppraiserVersion**  The version of the Appraiser file that is generating the events.
+- **AppraiserVersion**  The version of the Appraiser binary (executable) generating the events.
 
 
 ### Microsoft.Windows.Appraiser.General.InventoryUplevelDriverPackageAdd
@@ -931,7 +931,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.SystemMemoryAdd
 
-This event sends data on the amount of memory on the system and whether it meets requirements, to help keep Windows up-to-date.
+This event sends data on the amount of memory on the system and whether it meets requirements, to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1006,7 +1006,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.SystemProcessorLahfSahfAdd
 
-This event sends data indicating whether the system supports the LahfSahf CPU requirement, to help keep Windows up-to-date.
+This event sends data indicating whether the system supports the LAHF & SAHF CPU requirement, to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1041,7 +1041,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.SystemProcessorNxAdd
 
-This event sends data indicating whether the system supports the NX CPU requirement, to help keep Windows up-to-date.
+This event sends data indicating whether the system supports the NX CPU requirement, to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1258,7 +1258,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.SystemWlanAdd
 
-This event sends data indicating whether the system has WLAN, and if so, whether it uses an emulated driver that could block an upgrade, to help keep Windows up-to-date.
+This event sends data indicating whether the system has WLAN, and if so, whether it uses an emulated driver that could block an upgrade, to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1297,18 +1297,18 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.TelemetryRunHealth
 
-This event indicates the parameters and result of a telemetry (diagnostic) run. This allows the rest of the data sent over the course of the run to be properly contextualized and understood, which is then used to keep Windows up to date.
+This event indicates the parameters and result of a diagnostic data run. This allows the rest of the data sent over the course of the run to be properly contextualized and understood, which is then used to keep Windows up to date.
 
 The following fields are available:
 
 - **AppraiserBranch**  The source branch in which the version of Appraiser that is running was built.
-- **AppraiserDataVersion**  The version of the data files being used by the Appraiser telemetry run.
+- **AppraiserDataVersion**  The version of the data files being used by the Appraiser diagnostic data run.
 - **AppraiserProcess**  The name of the process that launched Appraiser.
 - **AppraiserVersion**  The file version (major, minor and build) of the Appraiser DLL, concatenated without dots.
 - **AuxFinal**  Obsolete, always set to false.
 - **AuxInitial**  Obsolete, indicates if Appraiser is writing data files to be read by the Get Windows 10 app.
 - **DeadlineDate**  A timestamp representing the deadline date, which is the time until which appraiser will wait to do a full scan.
-- **EnterpriseRun**  Indicates if the telemetry run is an enterprise run, which means appraiser was run from the command line with an extra enterprise parameter.
+- **EnterpriseRun**  Indicates whether the diagnostic data run is an enterprise run, which means appraiser was run from the command line with an extra enterprise parameter.
 - **FullSync**  Indicates if Appraiser is performing a full sync, which means that full set of events representing the state of the machine are sent. Otherwise, only the changes from the previous run are sent.
 - **InboxDataVersion**  The original version of the data files before retrieving any newer version.
 - **IndicatorsWritten**  Indicates if all relevant UEX indicators were successfully written or updated.
@@ -1317,14 +1317,14 @@ The following fields are available:
 - **PerfBackoff**  Indicates if the run was invoked with logic to stop running when a user is present. Helps to understand why a run may have a longer elapsed time than normal.
 - **PerfBackoffInsurance**  Indicates if appraiser is running without performance backoff because it has run with perf backoff and failed to complete several times in a row.
 - **RunAppraiser**  Indicates if Appraiser was set to run at all. If this if false, it is understood that data events will not be received from this device.
-- **RunDate**  The date that the telemetry run was stated, expressed as a filetime.
-- **RunGeneralTel**  Indicates if the generaltel.dll component was run. Generaltel collects additional telemetry on an infrequent schedule and only from machines at telemetry levels higher than Basic.
+- **RunDate**  The date that the diagnostic data run was stated, expressed as a filetime.
+- **RunGeneralTel**  Indicates if the generaltel.dll component was run. Generaltel collects additional diagnostic data on an infrequent schedule and only from machines at diagnostic data levels higher than Basic.
 - **RunOnline**  Indicates if appraiser was able to connect to Windows Update and theefore is making decisions using up-to-date driver coverage information.
-- **RunResult**  The hresult of the Appraiser telemetry run.
-- **SendingUtc**  Indicates if the Appraiser client is sending events during the current telemetry run.
+- **RunResult**  The hresult of the Appraiser diagnostic data run.
+- **SendingUtc**  Indicates whether the Appraiser client is sending events during the current diagnostic data run.
 - **StoreHandleIsNotNull**  Obsolete, always set to false
-- **TelementrySent**  Indicates if telemetry was successfully sent.
-- **ThrottlingUtc**  Indicates if the Appraiser client is throttling its output of CUET events to avoid being disabled. This increases runtime but also telemetry reliability.
+- **TelementrySent**  Indicates whether diagnostic data was successfully sent.
+- **ThrottlingUtc**  Indicates whether the Appraiser client is throttling its output of CUET events to avoid being disabled. This increases runtime but also diagnostic data reliability.
 - **Time**  The client time of the event.
 - **VerboseMode**  Indicates if appraiser ran in Verbose mode, which is a test-only mode with extra logging.
 - **WhyFullSyncWithoutTablePrefix**  Indicates the reason or reasons that a full sync was generated.
@@ -1391,6 +1391,18 @@ The following fields are available:
 - **IEVersion**  The version of Internet Explorer that is running on the device.
 
 
+### Census.Azure
+
+This event returns data from Microsoft-internal Azure server machines (only from Microsoft-internal machines with Server SKUs). All other machines (those outside Microsoft and/or machines that are not part of the “Azure fleet”) return empty data sets.
+
+The following fields are available:
+
+- **CloudCoreBuildEx**  The Azure CloudCore build number.
+- **CloudCoreSupportBuildEx**  The Azure CloudCore support build number.
+- **NodeID**  The node identifier on the device that indicates whether the device is part of the Azure fleet.
+- **PartA_PrivTags**  The privacy tags associated with the event.
+
+
 ### Census.Battery
 
 This event sends type and capacity data about the battery on the device, as well as the number of connected standby devices in use, type to help keep Windows up to date.
@@ -2105,6 +2117,43 @@ The following fields are available:
 - **transactionCanceled**  Indicates whether the uninstall was cancelled.
 
 
+### CbsServicingProvider.CbsQualityUpdateInstall
+
+This event reports on the performance and reliability results of installing Servicing content from Windows Update to keep Windows up to date.
+
+The following fields are available:
+
+- **buildVersion**  The build version number of the update package.
+- **clientId**  The name of the application requesting the optional content.
+- **corruptionHistoryFlags**  A bitmask of the types of component store corruption that have caused update failures on the device.
+- **corruptionType**  An enumeration listing the type of data corruption responsible for the current update failure.
+- **currentStateEnd**  The final state of the package after the operation has completed.
+- **doqTimeSeconds**  The time in seconds spent updating drivers.
+- **executeTimeSeconds**  The number of seconds required to execute the install.
+- **failureDetails**  The driver or installer that caused the update to fail.
+- **failureSourceEnd**  An enumeration indicating at what phase of the update a failure occurred.
+- **hrStatusEnd**  The return code of the install operation.
+- **initiatedOffline**  A true or false value indicating whether the package was installed into an offline Windows Imaging Format (WIM) file.
+- **majorVersion**  The major version number of the update package.
+- **minorVersion**  The minor version number of the update package.
+- **originalState**  The starting state of the package.
+- **overallTimeSeconds**  The time (in seconds) to perform the overall servicing operation.
+- **PartA_PrivTags**  The privacy tags associated with the event.
+- **planTimeSeconds**  The time in seconds required to plan the update operations.
+- **poqTimeSeconds**  The time in seconds processing file and registry operations.
+- **postRebootTimeSeconds**  The time (in seconds) to do startup processing for the update.
+- **preRebootTimeSeconds**  The time (in seconds) between execution of the installation and the reboot.
+- **primitiveExecutionContext**  An enumeration indicating at what phase of shutdown or startup the update was installed.
+- **rebootCount**  The number of reboots required to install the update.
+- **rebootTimeSeconds**  The time (in seconds) before startup processing begins for the update.
+- **resolveTimeSeconds**  The time in seconds required to resolve the packages that are part of the update.
+- **revisionVersion**  The revision version number of the update package.
+- **rptTimeSeconds**  The time in seconds spent executing installer plugins.
+- **shutdownTimeSeconds**  The time (in seconds) required to do shutdown processing for the update.
+- **stackRevision**  The revision number of the servicing stack.
+- **stageTimeSeconds**  The time (in seconds) required to stage all files that are part of the update.
+
+
 ### CbsServicingProvider.CbsSelectableUpdateChangeV2
 
 This event reports the results of enabling or disabling optional Windows Content to keep Windows up to date.
@@ -2250,7 +2299,7 @@ The following fields are available:
 
 ### TelClientSynthetic.ConnectivityHeartbeat_0
 
-This event sends data about the connectivity status of the Connected User Experience and Telemetry component that uploads telemetry events. If an unrestricted free network (such as Wi-Fi) is available, this event updates the last successful upload time. Otherwise, it checks whether a Connectivity Heartbeat event was fired in the past 24 hours, and if not, it fires an event. A Connectivity Heartbeat event also fires when a device recovers from costed network to free network.
+This event sends data about the connectivity status of the Connected User Experience and Telemetry component that uploads telemetry events. If an unrestricted free network (such as Wi-Fi) is available, this event updates the last successful upload time. Otherwise, it checks whether a Connectivity Heartbeat event was fired in the past 24 hours, and if not, it sends an event. A Connectivity Heartbeat event is also sent when a device recovers from costed network to free network.
 
 The following fields are available:
 
@@ -3394,7 +3443,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.InventoryDevicePnpAdd
 
-This event represents the basic metadata about a plug and play (PNP) device and its associated driver.
+This event sends basic metadata about a PNP device and its associated driver to help keep Windows up to date. This information is used to assess if the PNP device and driver will remain compatible when upgrading Windows.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -3568,6 +3617,50 @@ The following fields are available:
 - **InventoryVersion**  The version of the inventory file generating the events.
 
 
+### Microsoft.Windows.Inventory.General.AppHealthStaticAdd
+
+This event sends details collected for a specific application on the source device.
+
+This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
+
+The following fields are available:
+
+- **AhaVersion**  The binary version of the App Health Analyzer tool.
+- **ApplicationErrors**  The count of application errors from the event log.
+- **Bitness**  The architecture type of the application (16 Bit or 32 bit or 64 bit).
+- **device_level**  Various JRE/JAVA versions installed on a particular device.
+- **ExtendedProperties**  Attribute used for aggregating all other attributes under this event type.
+- **Jar**  Flag to determine if an app has a Java JAR file dependency.
+- **Jre**  Flag to determine if an app has JRE framework dependency.
+- **Jre_version**  JRE versions an app has declared framework dependency for.
+- **Name**  Name of the application.
+- **NonDPIAware**  Flag to determine if an app is non-DPI aware
+- **NumBinaries**  Count of all binaries (.sys,.dll,.ini) from application install location.
+- **ProgramId**  The ID of the associated program.
+- **RequiresAdmin**  Flag to determine if an app requests admin privileges for execution.
+- **RequiresAdminv2**  Additional flag to determine if an app requests admin privileges for execution.
+- **RequiresUIAccess**  Flag to determine if an app is based on UI features for accessibility.
+- **VB6**  Flag to determine if an app is based on VB6 framework.
+- **VB6v2**  Additional flag to determine if an app is based on VB6 framework.
+- **Version**  Version of the application.
+- **VersionCheck**  Flag to determine if an app has a static dependency on OS version.
+- **VersionCheckv2**  Additional flag to determine if an app has a static dependency on OS version.
+
+
+### Microsoft.Windows.Inventory.General.AppHealthStaticStartSync
+
+This event indicates the beginning of a series of AppHealthStaticAdd events.
+
+This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
+
+The following fields are available:
+
+- **AllowTelemetry**  Indicates the presence of the 'allowtelemetry' command line argument.
+- **CommandLineArgs**  Command line arguments passed when launching the App Health Analyzer executable.
+- **Enhanced**  Indicates the presence of the 'enhanced' command line argument.
+- **StartTime**  UTC date and time at which this event was sent.
+
+
 ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousOfficeAddInAdd
 
 Provides data on the installed Office Add-ins
@@ -3760,10 +3853,10 @@ This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedevic
 
 The following fields are available:
 
-- **BrowserFlags**  Browser flags for Office-related products
-- **ExchangeProviderFlags**  Provider policies for Office Exchange
+- **BrowserFlags**  Browser flags for Office-related products.
+- **ExchangeProviderFlags**  Provider policies for Office Exchange.
 - **InventoryVersion**  The version of the inventory binary generating the events.
-- **SharedComputerLicensing**  Office shared computer licensing policies
+- **SharedComputerLicensing**  Office shared computer licensing policies.
 
 
 ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousOfficeSettingsStartSync
@@ -3994,6 +4087,215 @@ The following fields are available:
 - **UptimeDeltaMS**  Total time (in milliseconds) added to Uptime since the last event
 
 
+## Microsoft Edge events
+
+### Aria.160f0649efde47b7832f05ed000fc453.Microsoft.WebBrowser.SystemInfo.Config
+
+This event sends basic device connectivity and configuration information from Microsoft Edge about the current data collection consent, app version, and installation state to keep Microsoft Edge up to date and secure.
+
+The following fields are available:
+
+- **app_version**  The internal Microsoft Edge build version string.
+- **appConsentState**  Bit flags that describe the consent for data collection on the device, or zero if the state was not retrieved. The following are true when the associated bit is set: consent was granted (0x1), consent was communicated at install (0x2), diagnostic data consent granted (0x20000), browsing data consent granted (0x40000).
+- **Channel**  An integer indicating the channel of the installation (Canary or Dev).
+- **client_id**  A non-durable unique identifier with which all other diagnostic client data is associated. This value is reset whenever UMA data collection is disabled, or when the application is uninstalled.
+- **ConnectionType**  The first reported type of network connection currently connected. Possible values: Unknown, Ethernet, WiFi, 2G, 3G, 4G, None, or Bluetooth
+- **container_client_id**  The client ID of the container if the device is in Windows Defender Application Guard mode.
+- **container_session_id**  The session ID of the container if the device is in Windows Defender Application Guard mode.
+- **Etag**  Etag is an identifier representing all service applied configurations and experiments for the current browser session. There is not value in this field is the device is at the Basic diagnostic data level.
+- **EventInfo.Level**  The minimum Windows diagnostic data level required for the event. Possible values: 1 -- Basic, 2 -- Enhanced, 3 -- Full
+- **install_date**  The date and time of the most recent installation in seconds since midnight on January 1, 1970 UTC, rounded down to the nearest hour.
+- **installSource**  An enumeration representing the source of this installation. Possible values: source was not retrieved (0), unspecified source (1), website installer (2), enterprise MSI (3), Windows update (4), Edge updater (5), scheduled or timed task (6, 7), uninstall (8), Edge about page (9), self-repair (10), other install command line (11), reserved (12), unknown source (13).
+- **PayloadClass**  The base class used to serialize and deserialize the Protobuf binary payload.
+- **PayloadGUID**  A random identifier generated for each original monolithic Protobuf payload, before the payload is potentially broken up into manageably-sized chunks for transmission.
+- **PayloadLogType**  The log type for the event correlating with. Possible values: 0 -- Unknown, 1 -- Stability, 2 -- On-going, 3 -- Independent, 4 -- UKM, or 5 -- Instance level
+- **session_id** An ordered identifier that is guaranteed to be greater than the previous session identifier each time the user launches the application, reset on subsequent launch after client_id changes. session_id is seeded during the initial installation of the application. session_id is effectively unique per client_id value. Several other internal identifier values, such as window or tab IDs, are only meaningful within a particular session. The session_id value is forgotten when the application is uninstalled, but not during an upgrade.
+
+
+### Aria.29e24d069f27450385c7acaa2f07e277.Microsoft.WebBrowser.SystemInfo.Config
+
+This event sends basic device connectivity and configuration information from Microsoft Edge about the current data collection consent, app version, and installation state to keep Microsoft Edge up to date and secure.
+
+The following fields are available:
+
+- **app_version**  The internal Microsoft Edge build version string.
+- **appConsentState**  Bit flags that describe the consent for data collection on the device, or zero if the state was not retrieved. The following are true when the associated bit is set: consent was granted (0x1), consent was communicated at install (0x2), diagnostic data consent granted (0x20000), browsing data consent granted (0x40000).
+- **Channel**  An integer indicating the channel of the installation (Canary or Dev).
+- **client_id**  A non-durable unique identifier with which all other diagnostic client data is associated. This value is reset whenever UMA data collection is disabled, or when the application is uninstalled.
+- **ConnectionType**  The first reported type of network connection currently connected. Possible values: Unknown, Ethernet, WiFi, 2G, 3G, 4G, None, or Bluetooth
+- **container_client_id**  The client ID of the container if the device is in Windows Defender Application Guard mode.
+- **container_session_id**  The session ID of the container if the device is in Windows Defender Application Guard mode.
+- **Etag**  Etag is an identifier representing all service applied configurations and experiments for the current browser session. There is not value in this field is the device is at the Basic diagnostic data level.
+- **EventInfo.Level**  The minimum Windows diagnostic data level required for the event. Possible values: 1 -- Basic, 2 -- Enhanced, 3 -- Full
+- **install_date**  The date and time of the most recent installation in seconds since midnight on January 1, 1970 UTC, rounded down to the nearest hour.
+- **installSource**  An enumeration representing the source of this installation. Possible values: source was not retrieved (0), unspecified source (1), website installer (2), enterprise MSI (3), Windows update (4), Edge updater (5), scheduled or timed task (6, 7), uninstall (8), Edge about page (9), self-repair (10), other install command line (11), reserved (12), unknown source (13).
+- **PayloadClass**  The base class used to serialize and deserialize the Protobuf binary payload.
+- **PayloadGUID**  A random identifier generated for each original monolithic Protobuf payload, before the payload is potentially broken up into manageably-sized chunks for transmission.
+- **PayloadLogType**  The log type for the event correlating with. Possible values: 0 -- Unknown, 1 -- Stability, 2 -- On-going, 3 -- Independent, 4 -- UKM, or 5 -- Instance level
+- **session_id** An ordered identifier that is guaranteed to be greater than the previous session identifier each time the user launches the application, reset on subsequent launch after client_id changes. session_id is seeded during the initial installation of the application. session_id is effectively unique per client_id value. Several other internal identifier values, such as window or tab IDs, are only meaningful within a particular session. The session_id value is forgotten when the application is uninstalled, but not during an upgrade.
+
+
+### Aria.7005b72804a64fa4b2138faab88f877b.Microsoft.WebBrowser.SystemInfo.Config
+
+This event sends basic device connectivity and configuration information from Microsoft Edge about the current data collection consent, app version, and installation state to keep Microsoft Edge up to date and secure.
+
+The following fields are available:
+
+- **app_version**  The internal Microsoft Edge build version string.
+- **appConsentState**  Bit flags that describe the consent for data collection on the device, or zero if the state was not retrieved. The following are true when the associated bit is set: consent was granted (0x1), consent was communicated at install (0x2), diagnostic data consent granted (0x20000), browsing data consent granted (0x40000).
+- **Channel**  An integer indicating the channel of the installation (Canary or Dev).
+- **client_id**  A non-durable unique identifier with which all other diagnostic client data is associated. This value is reset whenever UMA data collection is disabled, or when the application is uninstalled.
+- **ConnectionType**  The first reported type of network connection currently connected. Possible values: Unknown, Ethernet, WiFi, 2G, 3G, 4G, None, or Bluetooth
+- **container_client_id**  The client ID of the container if the device is in Windows Defender Application Guard mode.
+- **container_session_id**  The session ID of the container if the device is in Windows Defender Application Guard mode.
+- **Etag**  Etag is an identifier representing all service applied configurations and experiments for the current browser session. There is not value in this field is the device is at the Basic diagnostic data level.
+- **EventInfo.Level**  The minimum Windows diagnostic data level required for the event. Possible values: 1 -- Basic, 2 -- Enhanced, 3 -- Full
+- **install_date**  The date and time of the most recent installation in seconds since midnight on January 1, 1970 UTC, rounded down to the nearest hour.
+- **installSource**  An enumeration representing the source of this installation. Possible values: source was not retrieved (0), unspecified source (1), website installer (2), enterprise MSI (3), Windows update (4), Edge updater (5), scheduled or timed task (6, 7), uninstall (8), Edge about page (9), self-repair (10), other install command line (11), reserved (12), unknown source (13).
+- **PayloadClass**  The base class used to serialize and deserialize the Protobuf binary payload.
+- **PayloadGUID**  A random identifier generated for each original monolithic Protobuf payload, before the payload is potentially broken up into manageably-sized chunks for transmission.
+- **PayloadLogType**  The log type for the event correlating with. Possible values: 0 -- Unknown, 1 -- Stability, 2 -- On-going, 3 -- Independent, 4 -- UKM, or 5 -- Instance level
+- **session_id** An ordered identifier that is guaranteed to be greater than the previous session identifier each time the user launches the application, reset on subsequent launch after client_id changes. session_id is seeded during the initial installation of the application. session_id is effectively unique per client_id value. Several other internal identifier values, such as window or tab IDs, are only meaningful within a particular session. The session_id value is forgotten when the application is uninstalled, but not during an upgrade.
+
+
+### Aria.754de735ccd546b28d0bfca8ac52c3de.Microsoft.WebBrowser.SystemInfo.Config
+
+This config event sends basic device connectivity and configuration information from Microsoft Edge about the current data collection consent, app version, and installation state to keep Microsoft Edge up to date and secure.
+
+The following fields are available:
+
+- **app_version**  The internal Microsoft Edge build version string.
+- **appConsentState**  Bit flags that describe the consent for data collection on the device, or zero if the state was not retrieved. The following are true when the associated bit is set: consent was granted (0x1), consent was communicated at install (0x2), diagnostic data consent granted (0x20000), browsing data consent granted (0x40000).
+- **Channel**  An integer indicating the channel of the installation (Canary or Dev).
+- **client_id**  A non-durable unique identifier with which all other diagnostic client data is associated. This value is reset whenever UMA data collection is disabled, or when the application is uninstalled.
+- **ConnectionType**  The first reported type of network connection currently connected. Possible values: Unknown, Ethernet, WiFi, 2G, 3G, 4G, None, or Bluetooth
+- **container_client_id**  The client ID of the container if the device is in Windows Defender Application Guard mode.
+- **container_session_id**  The session ID of the container if the device is in Windows Defender Application Guard mode.
+- **Etag**  Etag is an identifier representing all service applied configurations and experiments for the current browser session. There is not value in this field is the device is at the Basic diagnostic data level.
+- **EventInfo.Level**  The minimum Windows diagnostic data level required for the event. Possible values: 1 -- Basic, 2 -- Enhanced, 3 -- Full
+- **install_date**  The date and time of the most recent installation in seconds since midnight on January 1, 1970 UTC, rounded down to the nearest hour.
+- **installSource**  An enumeration representing the source of this installation. Possible values: source was not retrieved (0), unspecified source (1), website installer (2), enterprise MSI (3), Windows update (4), Edge updater (5), scheduled or timed task (6, 7), uninstall (8), Edge about page (9), self-repair (10), other install command line (11), reserved (12), unknown source (13).
+- **PayloadClass**  The base class used to serialize and deserialize the Protobuf binary payload.
+- **PayloadGUID**  A random identifier generated for each original monolithic Protobuf payload, before the payload is potentially broken up into manageably-sized chunks for transmission.
+- **PayloadLogType**  The log type for the event correlating with. Possible values: 0 -- Unknown, 1 -- Stability, 2 -- On-going, 3 -- Independent, 4 -- UKM, or 5 -- Instance level
+- **session_id** An ordered identifier that is guaranteed to be greater than the previous session identifier each time the user launches the application, reset on subsequent launch after client_id changes. session_id is seeded during the initial installation of the application. session_id is effectively unique per client_id value. Several other internal identifier values, such as window or tab IDs, are only meaningful within a particular session. The session_id value is forgotten when the application is uninstalled, but not during an upgrade.
+
+
+### Aria.af397ef28e484961ba48646a5d38cf54.Microsoft.WebBrowser.Installer.EdgeUpdate.Ping
+
+This event sends hardware and software inventory information about the Microsoft Edge Update service, Microsoft Edge applications, and the current system environment, including app configuration, update configuration, and hardware capabilities. It's  used to measure the reliability and performance of the EdgeUpdate service and if Microsoft Edge applications are up to date.
+
+The following fields are available:
+
+- **appAp**  Microsoft Edge Update parameters, including channel, architecture, platform, and additional parameters identifying the release of Microsoft Edge to update and how to install it. Example: 'beta-arch_x64-full'. Default: ''.
+- **appAppId**  The GUID that identifies the product channels such as Edge Canary, Dev, Beta, Stable, and Edge Update.
+- **appBrandCode**  The 4-digit brand code under which the the product was installed, if any. Possible values: 'GGLS' (default), 'GCEU' (enterprise install), and '' (unknown).
+- **appChannel**  An integer indicating the channel of the installation (e.g. Canary or Dev).
+- **appClientId** A generalized form of the brand code that can accept a wider range of values and is used for similar purposes. Default: ''.
+- **appCohort**  A machine-readable string identifying the release channel that the app belongs to. Limited to ASCII characters 32 to 127 (inclusive) and a maximum length of 1024 characters. Default: ''.
+- **appCohortHint**  A machine-readable enum indicating that the client has a desire to switch to a different release cohort. Limited to ASCII characters 32 to 127 (inclusive) and a maximum length of 1024 characters. Default: ''.
+- **appCohortName**  A stable non-localized human-readable enum indicating which (if any) set of messages the app should display to the user. For example, an app with a cohort name of 'beta' might display beta-specific branding to the user. Limited to ASCII characters 32 to 127 (inclusive) and a maximum length of 1024 characters. Default: ''.
+- **appConsentState**  Bit flags describing the diagnostic data disclosure and response flow where 1 indicates the affirmative and 0 indicates the negative or unspecified data. Bit 1 indicates consent was given, bit 2 indicates data originated from the download page, bit 18 indicates choice for sending data about how the browser is used, and bit 19 indicates choice for sending data about websites visited.
+- **appDayOfInstall**  The date-based counting equivalent of appInstallTimeDiffSec (the numeric calendar day that the app was installed on). This value is provided by the server in the response to the first request in the installation flow. Default: '-2' (Unknown).
+- **appExperiments**  A semicolon-delimited key/value list of experiment identifiers and treatment groups. This field is unused and always empty in Edge Update. Default: ''.
+- **appInstallTimeDiffSec**  The difference between the current time and the install date in seconds. '0' if unknown. Default: '-1'.
+- **appLang**  The language of the product install, in IETF BCP 47 representation. Default: ''.
+- **appNextVersion**  The version of the app that the update attempted to reach, regardless of the success or failure of the update operation. Default: '0.0.0.0'.
+- **appPingEventAppSize**  The total number of bytes of all downloaded packages. Default: '0'.
+- **appPingEventDownloadMetricsDownloadedBytes**  For events representing a download, the number of bytes expected to be downloaded. For events representing an entire update flow, the sum of all such expected bytes over the course of the update flow. Default: '0'.
+- **appPingEventDownloadMetricsDownloader**  A string identifying the download algorithm and/or stack. Example values include: 'bits', 'direct', 'winhttp', 'p2p'. Sent in events that have an event type of '14' only. Default: ''.
+- **appPingEventDownloadMetricsDownloadTimeMs**  For events representing a download, the time elapsed between the start of the download and the end of the download, in milliseconds. For events representing an entire update flow, the sum of all such download times over the course of the update flow. Sent in events that have an event type of '1', '2', '3', and '14' only. Default: '0'.
+- **appPingEventDownloadMetricsError**  The error code (if any) of the operation, encoded as a signed base-10 integer. Default: '0'.
+- **appPingEventDownloadMetricsServerIpHint**  For events representing a download, the CDN Host IP address that corresponds to the update file server. The CDN host is controlled by Microsoft servers and always maps to IP addresses hosting *.delivery.mp.microsoft.com or msedgesetup.azureedge.net. Default: ''.
+- **appPingEventDownloadMetricsTotalBytes**  For events representing a download, the number of bytes expected to be downloaded. For events representing an entire update flow, the sum of all such expected bytes over the course of the update flow. Default: '0'.
+- **appPingEventDownloadMetricsUrl** For events representing a download, the CDN URL provided by the update server for the client to download the update, the URL is controlled by Microsoft servers and always maps back to either *.delivery.mp.microsoft.com or msedgesetup.azureedge.net. Default: ''.
+- **appPingEventDownloadTimeMs**  For events representing a download, the time elapsed between the start of the download and the end of the download, in milliseconds. For events representing an entire update flow, the sum of all such download times over the course of the update flow. Sent in events that have an event type of '1', '2', '3', and '14' only. Default: '0'.
+- **appPingEventErrorCode**  The error code (if any) of the operation, encoded as a signed, base-10 integer. Default: '0'.
+- **appPingEventEventResult**  An enumeration indicating the result of the event. Common values are '0' (Error) and '1' (Success). Default: '0' (Error).
+- **appPingEventEventType**  An enumeration indicating the type of the event and the event stage. Default: '0' (Unknown).
+- **appPingEventExtraCode1**  Additional numeric information about the operation's result, encoded as a signed, base-10 integer. Default: '0'.
+- **appPingEventInstallTimeMs**  For events representing an install, the time elapsed between the start of the install and the end of the install, in milliseconds. For events representing an entire update flow, the sum of all such durations. Sent in events that have an event type of '2' and '3' only. Default: '0'.
+- **appPingEventNumBytesDownloaded**  The number of bytes downloaded for the specified application. Default: '0'.
+- **appPingEventSequenceId**  An ID that uniquely identifies particular events within one requestId. Since a request can contain multiple ping events, this field is necessary to uniquely identify each possible event.
+- **appPingEventSourceUrlIndex**  For events representing a download, the position of the download URL in the list of URLs supplied by the server in a <urls> tag.
+- **appPingEventUpdateCheckTimeMs**	For events representing an entire update flow, the time elapsed between the start of the update check and the end of the update check, in milliseconds. Sent in events that have an event type of '2' and '3' only. Default: '0'.
+- **appUpdateCheckIsUpdateDisabled**  The state of whether app updates are restricted by group policy. True if updates have been restricted by group policy or false if they have not.
+- **appUpdateCheckTargetVersionPrefix**  A component-wise prefix of a version number, or a complete version number suffixed with the $ character. The prefix is interpreted a dotted-tuple that specifies the exactly-matching elements; it is not a lexical prefix (for example, '1.2.3' MUST match '1.2.3.4' but MUST NOT match '1.2.34'). Default: ''.
+- **appUpdateCheckTtToken**  An opaque access token that can be used to identify the requesting client as a member of a trusted-tester group. If non-empty, the request is sent over SSL or another secure protocol. This field is unused by Edge Update and always empty. Default: ''.
+- **appVersion**  The version of the product install. Default: '0.0.0.0'.
+- **EventInfo.Level**  The minimum Windows diagnostic data level required for the event where 1 is basic, 2 is enhanced, and 3 is full.
+- **eventType**  A string representation of appPingEventEventType indicating the type of the event.
+- **hwHasAvx**  '1' if the client's hardware supports the SSE instruction set. '0' if the client's hardware does not support the SSE instruction set. '-1' if unknown. Default: '-1'.
+- **hwHasSse**  '1' if the client's hardware supports the SSE instruction set. '0' if the client's hardware does not support the SSE instruction set. '-1' if unknown. Default: '-1'.
+- **hwHasSse2**  '1' if the client's hardware supports the SSE2 instruction set. '0' if the client's hardware does not support the SSE2 instruction set. '-1' if unknown. Default: '-1'.
+- **hwHasSse3**  '1' if the client's hardware supports the SSE3 instruction set. '0' if the client's hardware does not support the SSE3 instruction set. '-1' if unknown. Default: '-1'.
+- **hwHasSse41**  '1' if the client's hardware supports the SSE4.1 instruction set. '0' if the client's hardware does not support the SSE4.1 instruction set. '-1' if unknown. Default: '-1'.
+- **hwHasSse42**  '1' if the client's hardware supports the SSE4.2 instruction set. '0' if the client's hardware does not support the SSE4.2 instruction set. '-1' if unknown. Default: '-1'.
+- **hwHasSsse3**  '1' if the client's hardware supports the SSSE3 instruction set. '0' if the client's hardware does not support the SSSE3 instruction set. '-1' if unknown. Default: '-1'.
+- **hwPhysmemory**  The physical memory available to the client, truncated down to the nearest gibibyte. '-1' if unknown. This value is intended to reflect the maximum theoretical storage capacity of the client, not including any hard drive or paging to a hard drive or peripheral. Default: '-1'.
+- **isMsftDomainJoined**  '1' if the client is a member of a Microsoft domain. '0' otherwise. Default: '0'.
+- **osArch**  The architecture of the operating system (e.g. 'x86', 'x64', 'arm'). '' if unknown. Default: ''.
+- **osPlatform**  The operating system family that the within which the Omaha client is running (e.g. 'win', 'mac', 'linux', 'ios', 'android'). '' if unknown. The operating system name should be transmitted in lowercase with minimal formatting. Default: ''.
+- **osServicePack**  The secondary version of the operating system. '' if unknown. Default: ''.
+- **osVersion**  The primary version of the operating system. '' if unknown. Default: ''.
+- **requestCheckPeriodSec**  The update interval in seconds. The value is read from the registry. Default: '-1'.
+- **requestDlpref**  A comma-separated list of values specifying the preferred download URL behavior. The first value is the highest priority, further values reflect secondary, tertiary, et cetera priorities. Legal values are '' (in which case the entire list must be empty, indicating unknown or no-preference) or 'cacheable' (the server should prioritize sending URLs that are easily cacheable). Default: ''.
+- **requestDomainJoined**  '1' if the device is part of a managed enterprise domain. Otherwise '0'.
+- **requestInstallSource**  A string specifying the cause of the update flow. For example: 'ondemand', or 'scheduledtask'. Default: ''.
+- **requestIsMachine**  '1' if the client is known to be installed with system-level or administrator privileges. '0' otherwise. Default: '0'.
+- **requestOmahaShellVersion**  The version of the Omaha installation folder. Default: ''.
+- **requestOmahaVersion**  The version of the Omaha updater itself (the entity sending this request). Default: '0.0.0.0'.
+- **requestProtocolVersion**  The version of the Omaha protocol. Compatible clients MUST provide a value of '3.0'. Compatible clients MUST always transmit this attribute. Default: undefined.
+- **requestRequestId**  A randomly-generated (uniformly distributed) GUID, corresponding to the Omaha request. Default: ''.
+- **requestSessionCorrelationVectorBase**  A client generated random MS Correlation Vector base code used to correlate the update session with update and CDN servers. Default: ''.
+- **requestSessionId**  A randomly-generated (uniformly distributed) GUID. Each single update flow (e.g. update check, update application, event ping sequence) should have (with high probability) a single unique sessionid. Default: ''.
+- **requestTestSource**  Either '', 'dev', 'qa', 'prober', 'auto', or 'ossdev'. Any value except '' indicates that the request is a test and should not be counted toward normal metrics. Default: ''.
+- **requestUid**  A randomly-generated (uniformly distributed) GUID, corresponding to the Omaha user. Each request attempt should have (with high probability) a unique request id. Default: ''.
+
+
+### Aria.f4a7d46e472049dfba756e11bdbbc08f.Microsoft.WebBrowser.SystemInfo.Config
+
+This config event sends basic device connectivity and configuration information from Microsoft Edge about the current data collection consent, app version, and installation state to keep Microsoft Edge up to date and secure.
+
+The following fields are available:
+
+- **app_version**  The internal Microsoft Edge build version string.
+- **appConsentState**  Bit flags that describe the consent for data collection on the device, or zero if the state was not retrieved. The following are true when the associated bit is set: consent was granted (0x1), consent was communicated at install (0x2), diagnostic data consent granted (0x20000), browsing data consent granted (0x40000).
+- **Channel**  An integer indicating the channel of the installation (Canary or Dev).
+- **client_id**  A non-durable unique identifier with which all other diagnostic client data is associated. This value is reset whenever UMA data collection is disabled, or when the application is uninstalled.
+- **ConnectionType**  The first reported type of network connection currently connected. Possible values: Unknown, Ethernet, WiFi, 2G, 3G, 4G, None, or Bluetooth
+- **container_client_id**  The client ID of the container if the device is in Windows Defender Application Guard mode.
+- **container_session_id**  The session ID of the container if the device is in Windows Defender Application Guard mode.
+- **Etag**  Etag is an identifier representing all service applied configurations and experiments for the current browser session. There is not value in this field is the device is at the Basic diagnostic data level.
+- **EventInfo.Level**  The minimum Windows diagnostic data level required for the event. Possible values: 1 -- Basic, 2 -- Enhanced, 3 -- Full
+- **install_date**  The date and time of the most recent installation in seconds since midnight on January 1, 1970 UTC, rounded down to the nearest hour.
+- **installSource**  An enumeration representing the source of this installation. Possible values: source was not retrieved (0), unspecified source (1), website installer (2), enterprise MSI (3), Windows update (4), Edge updater (5), scheduled or timed task (6, 7), uninstall (8), Edge about page (9), self-repair (10), other install command line (11), reserved (12), unknown source (13).
+- **PayloadClass**  The base class used to serialize and deserialize the Protobuf binary payload.
+- **PayloadGUID**  A random identifier generated for each original monolithic Protobuf payload, before the payload is potentially broken up into manageably-sized chunks for transmission.
+- **PayloadLogType**  The log type for the event correlating with. Possible values: 0 -- Unknown, 1 -- Stability, 2 -- On-going, 3 -- Independent, 4 -- UKM, or 5 -- Instance level
+- **session_id** An ordered identifier that is guaranteed to be greater than the previous session identifier each time the user launches the application, reset on subsequent launch after client_id changes. session_id is seeded during the initial installation of the application. session_id is effectively unique per client_id value. Several other internal identifier values, such as window or tab IDs, are only meaningful within a particular session. The session_id value is forgotten when the application is uninstalled, but not during an upgrade.
+
+
+## Migration events
+
+### Microsoft.Windows.MigrationCore.MigObjectCountDLUsr
+
+This event returns data to track the count of the migration objects across various phases during feature update.
+
+
+
+### Microsoft.Windows.MigrationCore.MigObjectCountKFSys
+
+This event returns data about the count of the migration objects across various phases during feature update.
+
+
+
+### Microsoft.Windows.MigrationCore.MigObjectCountKFUsr
+
+This event returns data to track the count of the migration objects across various phases during feature update.
+
+
+
 ## Miracast events
 
 ### Microsoft.Windows.Cast.Miracast.MiracastSessionEnd
@@ -4937,6 +5239,12 @@ The following fields are available:
 
 ## SIH events
 
+### SIHEngineTelemetry.ExecuteAction
+
+This event is triggered with SIH attempts to execute (e.g. install) the update or action in question. Includes important information like if the update required a reboot.
+
+
+
 ### SIHEngineTelemetry.SLSActionData
 
 This event reports if the SIH client was able to successfully parse the manifest describing the actions to be evaluated.
@@ -5287,28 +5595,111 @@ The following fields are available:
 - **CallerApplicationName**  Name of application making the Windows Update request. Used to identify context of request.
 - **EndpointUrl**  The endpoint URL where the device obtains update metadata. This is used to distinguish between test, staging, and production environments.
 - **EventScenario**  The purpose of this event, such as scan started, scan succeeded, or scan failed.
-- **ExtendedStatusCode**  The secondary status code of the event.
+- **ExtendedStatusCode**  Secondary status code for certain scenarios where StatusCode was not specific enough.
 - **LeafCertId**  The integral ID from the FragmentSigning data for the certificate that failed.
 - **ListOfSHA256OfIntermediateCerData**  A semicolon delimited list of base64 encoding of hashes for the Base64CerData in the FragmentSigning data of an intermediate certificate.
 - **MetadataIntegrityMode**  The mode of the transport metadata integrity check. 0 = unknown; 1 = ignore; 2 = audit; 3 = enforce
-- **MetadataSignature**  Base64 string of the signature associated with the update metadata (specified by revision id)
+- **MetadataSignature**  A base64-encoded string of the signature associated with the update metadata (specified by revision ID).
 - **RawMode**  The raw unparsed mode string from the SLS response. This field is null if not applicable.
 - **RawValidityWindowInDays**  The raw unparsed validity window string in days of the timestamp token. This field is null if not applicable.
-- **RevisionId**  Identifies the revision of this specific piece of content
-- **RevisionNumber**  Identifies the revision number of this specific piece of content
+- **RevisionId**  The revision ID for a specific piece of content.
+- **RevisionNumber**  The revision number for a specific piece of content.
 - **ServiceGuid**  Identifies the service to which the software distribution client is connected, Example: Windows Update or Microsoft Store
 - **SHA256OfLeafCerData**  A base64 encoding of the hash for the Base64CerData in the FragmentSigning data of the leaf certificate.
-- **SHA256OfLeafCertPublicKey**  Base64 encoding of hash of the Base64CertData in the FragmentSigning data of leaf certificate.
+- **SHA256OfLeafCertPublicKey**  A base64 encoding of the hash of the Base64CertData in the FragmentSigning data of the leaf certificate.
 - **SHA256OfTimestampToken**  An encoded string of the timestamp token.
-- **SignatureAlgorithm**  Hash algorithm for the metadata signature
+- **SignatureAlgorithm**  The hash algorithm for the metadata signature.
 - **SLSPrograms**  A test program to which a device may have opted in. Example: Insider Fast
-- **StatusCode**  The status code of the event.
+- **StatusCode**  Result code of the event (success, cancellation, failure code HResult).
 - **TimestampTokenCertThumbprint**  The thumbprint of the encoded timestamp token.
 - **TimestampTokenId**  The time this was created. It is encoded in a timestamp blob and will be zero if the token is malformed.
-- **UpdateId**  Identifier associated with the specific piece of content
+- **UpdateId**  The update ID for a specific piece of content.
 - **ValidityWindowInDays**  The validity window that's in effect when verifying the timestamp.
 
 
+## Update Assistant events
+
+### Microsoft.Windows.UpdateAssistant.Orchestrator.BlockingEventId
+
+The event sends basic info on the reason that Windows 10 was not updated due to compatibility issues, previous rollbacks, or admin policies.
+
+The following fields are available:
+
+- **ApplicabilityBlockedReason**  Blocked due to an applicability issue.
+- **BlockWuUpgrades**  The upgrade assistant is currently blocked.
+- **clientID**  An identification of the current release of Update Assistant.
+- **CloverTrail**  This device is Clovertrail.
+- **DeviceIsMdmManaged**  This device is MDM managed.
+- **IsNetworkAvailable**  If the device network is not available.
+- **IsNetworkMetered**  If network is metered.
+- **IsSccmManaged**  This device is SCCM managed.
+- **NewlyInstalledOs**  OS is newly installed quiet period.
+- **PausedByPolicy**  Updates are paused by policy.
+- **RecoveredFromRS3**  Previously recovered from RS3.
+- **RS1UninstallActive**  Blocked due to an active RS1 uninstall.
+- **RS3RollBacks**  Exceeded number of allowable RS3 rollbacks.
+- **triggerTaskSource**  Describe which task launches this instance.
+- **WsusManaged**  This device is WSUS managed.
+- **ZeroExhaust**  This device is zero exhaust.
+
+
+### Microsoft.Windows.UpdateAssistant.Orchestrator.DeniedLaunchEventId
+
+The event sends basic info when a device was blocked or prevented from updating to the latest Windows 10 version.
+
+The following fields are available:
+
+- **clientID**  An identification of the current release of Update Assistant.
+- **denyReason**  All the reasons why the Update Assistant was prevented from launching. Bitmask with values from UpdateAssistant.cpp eUpgradeModeReason.
+- **triggerTaskSource**  Describe which task launches this instance.
+
+
+### Microsoft.Windows.UpdateAssistant.Orchestrator.FailedLaunchEventId
+
+Event to mark that Update Assistant Orchestrator failed to launch Update Assistant.
+
+The following fields are available:
+
+- **calendarRun**  Standard time-based triggered task.
+- **clientID**  An identification of the current release of Update Assistant.
+- **hResult**  Error code of the Update Assistant Orchestrator failure.
+- **triggerTaskSource**  Describe which task launches this instance.
+
+
+### Microsoft.Windows.UpdateAssistant.Orchestrator.FailedOneSettingsQueryEventId
+
+Event indicating One Settings was not queried by update assistant.
+
+The following fields are available:
+
+- **clientID**  An identification of the current release of Update Assistant.
+- **hResult**  Error code of One Settings query failure.
+
+
+### Microsoft.Windows.UpdateAssistant.Orchestrator.LaunchEventId
+
+This event sends basic information on whether the device should be updated to the latest Windows 10 version.
+
+The following fields are available:
+
+- **autoStartRunCount**  The auto start run count of Update Assistant.
+- **clientID**  The ID of the current release of Update Assistant.
+- **launchMode**  Indicates the type of launch performed.
+- **launchTypeReason**  A bitmask of all the reasons for type of launch.
+- **triggerTaskSource**  Indicates which task launches this instance.
+
+
+### Microsoft.Windows.UpdateAssistant.Orchestrator.RestoreEventId
+
+The event sends basic info on whether the Windows 10 update notification has previously launched.
+
+The following fields are available:
+
+- **clientID**  ID of the current release of Update Assistant.
+- **restoreReason**  All the reasons for the restore.
+- **triggerTaskSource**  Indicates which task launches this instance.
+
+
 ## Update events
 
 ### Update360Telemetry.Revert
@@ -5722,7 +6113,7 @@ The following fields are available:
 
 ### FacilitatorTelemetry.DCATDownload
 
-This event indicates whether devices received additional or critical supplemental content during an OS Upgrade, to help keep Windows up-to-date and secure.
+This event indicates whether devices received additional or critical supplemental content during an OS Upgrade, to help keep Windows up to date and secure.
 
 The following fields are available:
 
@@ -5760,7 +6151,7 @@ The following fields are available:
 
 ### Setup360Telemetry.Downlevel
 
-This event sends data indicating that the device has started the downlevel phase of the upgrade, to help keep Windows up-to-date and secure.
+This event sends data indicating that the device has started the downlevel phase of the upgrade, to help keep Windows up to date and secure.
 
 The following fields are available:
 
@@ -6041,7 +6432,7 @@ The following fields are available:
 - **ReportId**  With Windows Update, this is the updateID that is passed to Setup. In media setup, this is the GUID for the install.wim.
 - **Setup360Extended**  Detailed information about the phase/action when the potential failure occurred.
 - **Setup360Mode**  The phase of Setup360. Example: Predownload, Install, Finalize, Rollback.
-- **Setup360Result**  The result of Setup360. This is an HRESULT error code that can be used to diagnose errors.
+- **Setup360Result**  The result of Setup360. This is an HRESULT error code that can be used used to diagnose errors.
 - **Setup360Scenario**  The Setup360 flow type. Example: Boot, Media, Update, MCT.
 - **SetupVersionBuildNumber**  The build number of Setup360 (build number of target OS).
 - **State**  The exit state of a Setup360 run. Example: succeeded, failed, blocked, cancelled.
@@ -6219,6 +6610,7 @@ The following fields are available:
 
 - **AggregatedPackageFullNames**  Includes a set of package full names for each app that is part of an atomic set.
 - **AttemptNumber**  The total number of attempts to acquire this product.
+- **BundleId**  The bundle ID
 - **CategoryId**  The identity of the package or packages being installed.
 - **ClientAppId**  The identity of the app that initiated this operation.
 - **HResult**  HResult code to show the result of the operation (success/failure).
@@ -6228,6 +6620,7 @@ The following fields are available:
 - **IsRemediation**  Is this repairing a previous installation?
 - **IsRestore**  Is this happening after a device restore?
 - **IsUpdate**  Is this an update?
+- **ParentBundleId**  The parent bundle ID (if it's part of a bundle).
 - **PFN**  Product Family Name of the product being installed.
 - **ProductId**  The Store Product ID for the product being installed.
 - **SystemAttemptNumber**  The number of attempts by the system to acquire this product.
@@ -7169,6 +7562,19 @@ The following fields are available:
 - **wuDeviceid**  The unique device ID used by Windows Update.
 
 
+### Microsoft.Windows.Update.Orchestrator.DetectionResult
+
+This event runs when an update is detected. This helps ensure Windows is kept up to date.
+
+The following fields are available:
+
+- **applicableUpdateIdList**  A list of applicable update IDs.
+- **applicableUpdateList**  A list of applicable update names.
+- **seekerUpdateIdList**  A list of optional update IDs.
+- **seekerUpdateList**  A list of optional update names.
+- **wuDeviceid**  The Windows Update device identifier.
+
+
 ### Microsoft.Windows.Update.Orchestrator.DisplayNeeded
 
 This event indicates the reboot was postponed due to needing a display.
@@ -7481,6 +7887,32 @@ The following fields are available:
 - **wuDeviceid**  Unique device ID used by Windows Update.
 
 
+### Microsoft.Windows.Update.Orchestrator.SeekerUpdateAvailable
+
+This event defines when an optional update is available for the device to help keep Windows up to date.
+
+The following fields are available:
+
+- **flightID**  The unique identifier of the Windows Insider build on this device.
+- **isFeatureUpdate**  Indicates whether the update is a Feature Update.
+- **revisionNumber**  The revision number of the update.
+- **updateId**  The GUID (Globally Unique Identifier) of the update.
+- **wuDeviceid**  The Windows Update device identifier.
+
+
+### Microsoft.Windows.Update.Orchestrator.SeekUpdate
+
+This event occurs when user initiates "seeker" scan. This helps keep Windows up to date.
+
+The following fields are available:
+
+- **flightID**  The ID of the Windows Insider builds on the device.
+- **isFeatureUpdate**  Indicates that the target of the Seek is a feature update.
+- **revisionNumber**  The revision number of the update.
+- **updateId**  The identifier of the update.
+- **wuDeviceid**  The Windows Update device identifier.
+
+
 ### Microsoft.Windows.Update.Orchestrator.SystemNeeded
 
 This event sends data about why a device is unable to reboot, to help keep Windows up to date.
diff --git a/windows/privacy/basic-level-windows-diagnostic-events-and-fields-1809.md b/windows/privacy/basic-level-windows-diagnostic-events-and-fields-1809.md
index 65bf5e307f..bbf2e70bfb 100644
--- a/windows/privacy/basic-level-windows-diagnostic-events-and-fields-1809.md
+++ b/windows/privacy/basic-level-windows-diagnostic-events-and-fields-1809.md
@@ -1,5 +1,5 @@
 ---
-description: Use this article to learn more about what Windows diagnostic data is gathered at the basic level. Specific to Windows 10,  version 1809.
+description: Use this article to learn more about what Windows diagnostic data is gathered at the basic level.
 title: Windows 10, version 1809 basic diagnostic events and fields (Windows 10)
 keywords: privacy, telemetry
 ms.prod: w10
@@ -7,14 +7,14 @@ ms.mktglfcycl: manage
 ms.sitesec: library
 ms.pagetype: security
 localizationpriority: high
-author: dansimp
-ms.author: dansimp
+author: brianlic-msft
+ms.author: brianlic
 manager: dansimp
 ms.collection: M365-security-compliance
 ms.topic: article
 audience: ITPro
-ms.date: 04/19/2019
-ms.reviewer: 
+ms.date: 01/04/2020
+ms.reviewer:
 ---
 
 
@@ -33,7 +33,8 @@ Use this article to learn about diagnostic events, grouped by event area, and th
 
 You can learn more about Windows functional and diagnostic data through these articles:
 
-- [Windows 10, version 1903 basic diagnostic events and fields](basic-level-windows-diagnostic-events-and-fields-1903.md)
+
+- [Windows 10, version 1903 and Windows 10, version 1909 basic diagnostic events and fields](basic-level-windows-diagnostic-events-and-fields-1903.md)
 - [Windows 10, version 1803 basic diagnostic events and fields](basic-level-windows-diagnostic-events-and-fields-1803.md)
 - [Windows 10, version 1709 basic diagnostic events and fields](basic-level-windows-diagnostic-events-and-fields-1709.md)
 - [Windows 10, version 1703 basic diagnostic events and fields](basic-level-windows-diagnostic-events-and-fields-1703.md)
@@ -81,7 +82,7 @@ Automatically closed activity for start/stop operations that aren't explicitly c
 
 ### Microsoft.Windows.Security.AppLockerCSP.AddParams
 
-Parameters passed to Add function of the AppLockerCSP Node.
+This event indicates the parameters passed to the Add function of the AppLocker Configuration Service Provider (CSP) to help keep Windows secure.
 
 The following fields are available:
 
@@ -91,13 +92,13 @@ The following fields are available:
 
 ### Microsoft.Windows.Security.AppLockerCSP.AddStart
 
-Start of "Add" Operation for the AppLockerCSP Node.
+This event indicates the start of an Add operation for the AppLocker Configuration Service Provider (CSP) to help keep Windows secure.
 
 
 
 ### Microsoft.Windows.Security.AppLockerCSP.AddStop
 
-End of "Add" Operation for AppLockerCSP Node.
+This event indicates the end of an Add operation for the AppLocker Configuration Service Provider (CSP) to help keep Windows secure.
 
 The following fields are available:
 
@@ -106,7 +107,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Security.AppLockerCSP.CAppLockerCSP::Rollback
 
-Result of the 'Rollback' operation in AppLockerCSP.
+This event provides the result of the Rollback operation in the AppLocker Configuration Service Provider (CSP) to help keep Windows secure.
 
 The following fields are available:
 
@@ -116,7 +117,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Security.AppLockerCSP.ClearParams
 
-Parameters passed to the "Clear" operation for AppLockerCSP.
+This event provides the parameters passed to the Clear operation of the AppLocker Configuration Service Provider (CSP) to help keep Windows secure.
 
 The following fields are available:
 
@@ -125,13 +126,13 @@ The following fields are available:
 
 ### Microsoft.Windows.Security.AppLockerCSP.ClearStart
 
-Start of the "Clear" operation for the AppLockerCSP Node.
+This event indicates the start of the Clear operation of the AppLocker Configuration Service Provider (CSP) to help keep Windows secure.
 
 
 
 ### Microsoft.Windows.Security.AppLockerCSP.ClearStop
 
-End of the "Clear" operation for the AppLockerCSP node.
+This event indicates the end of the Clear operation of the AppLocker Configuration Service Provider (CSP) to help keep Windows secure.
 
 The following fields are available:
 
@@ -140,7 +141,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Security.AppLockerCSP.ConfigManagerNotificationStart
 
-Start of the "ConfigManagerNotification" operation for AppLockerCSP.
+This event indicates the start of the Configuration Manager Notification operation of the AppLocker Configuration Service Provider (CSP) to help keep Windows secure.
 
 The following fields are available:
 
@@ -149,7 +150,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Security.AppLockerCSP.ConfigManagerNotificationStop
 
-End of the "ConfigManagerNotification" operation for AppLockerCSP.
+This event indicates the end of the Configuration Manager Notification operation of the AppLocker Configuration Service Provider (CSP) to help keep Windows secure.
 
 The following fields are available:
 
@@ -158,7 +159,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Security.AppLockerCSP.CreateNodeInstanceParams
 
-Parameters passed to the CreateNodeInstance function of the AppLockerCSP node.
+This event provides the parameters that were passed to the Create Node Instance operation of the AppLocker Configuration Service Provider (CSP) to help keep Windows secure.
 
 The following fields are available:
 
@@ -169,13 +170,13 @@ The following fields are available:
 
 ### Microsoft.Windows.Security.AppLockerCSP.CreateNodeInstanceStart
 
-Start of the "CreateNodeInstance" operation for the AppLockerCSP node.
+This event indicates the start of the Create Node Instance operation of the AppLocker Configuration Service Provider (CSP) to help keep Windows secure.
 
 
 
 ### Microsoft.Windows.Security.AppLockerCSP.CreateNodeInstanceStop
 
-End of the "CreateNodeInstance" operation for the AppLockerCSP node
+This event indicates the end of the Create Node Instance operation of the AppLocker Configuration Service Provider (CSP) to help keep Windows secure.
 
 The following fields are available:
 
@@ -184,7 +185,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Security.AppLockerCSP.DeleteChildParams
 
-Parameters passed to the DeleteChild function of the AppLockerCSP node.
+This event provides the parameters passed to the Delete Child operation of the AppLocker Configuration Service Provider (CSP) to help keep Windows secure.
 
 The following fields are available:
 
@@ -194,13 +195,13 @@ The following fields are available:
 
 ### Microsoft.Windows.Security.AppLockerCSP.DeleteChildStart
 
-Start of the "DeleteChild" operation for the AppLockerCSP node.
+This event indicates the start of the Delete Child operation of the AppLocker Configuration Service Provider (CSP) to help keep Windows secure.
 
 
 
 ### Microsoft.Windows.Security.AppLockerCSP.DeleteChildStop
 
-End of the "DeleteChild" operation for the AppLockerCSP node.
+This event indicates the end of the Delete Child operation of the AppLocker Configuration Service Provider (CSP) to help keep Windows secure.
 
 The following fields are available:
 
@@ -209,7 +210,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Security.AppLockerCSP.EnumPolicies
 
-Logged URI relative to %SYSTEM32%\AppLocker, if the Plugin GUID is null, or the CSP doesn't believe the old policy is present.
+This event provides the logged Uniform Resource Identifier (URI) relative to %SYSTEM32%\AppLocker if the plug-in GUID is null or the Configuration Service Provider (CSP) doesn't believe the old policy is present.
 
 The following fields are available:
 
@@ -218,7 +219,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Security.AppLockerCSP.GetChildNodeNamesParams
 
-Parameters passed to the GetChildNodeNames function of the AppLockerCSP node.
+This event provides the parameters passed to the Get Child Node Names operation of the AppLocker Configuration Service Provider (CSP) to help keep Windows secure.
 
 The following fields are available:
 
@@ -227,13 +228,13 @@ The following fields are available:
 
 ### Microsoft.Windows.Security.AppLockerCSP.GetChildNodeNamesStart
 
-Start of the "GetChildNodeNames" operation for the AppLockerCSP node.
+This event indicates the start of the Get Child Node Names operation of the AppLocker Configuration Service Provider (CSP) to help keep Windows secure.
 
 
 
 ### Microsoft.Windows.Security.AppLockerCSP.GetChildNodeNamesStop
 
-End of the "GetChildNodeNames" operation for the AppLockerCSP node.
+This event indicates the end of the Get Child Node Names operation of the AppLocker Configuration Service Provider (CSP) to help keep Windows secure.
 
 The following fields are available:
 
@@ -244,7 +245,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Security.AppLockerCSP.GetLatestId
 
-The result of 'GetLatestId' in AppLockerCSP (the latest time stamped GUID).
+This event provides the latest time-stamped unique identifier in the AppLocker Configuration Service Provider (CSP) to help keep Windows secure.
 
 The following fields are available:
 
@@ -254,7 +255,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Security.AppLockerCSP.HResultException
 
-HRESULT thrown by any arbitrary function in AppLockerCSP.
+This event provides the result code (HRESULT) generated by any arbitrary function in the AppLocker Configuration Service Provider (CSP).
 
 The following fields are available:
 
@@ -266,7 +267,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Security.AppLockerCSP.SetValueParams
 
-Parameters passed to the SetValue function of the AppLockerCSP node.
+This event provides the parameters that were passed to the SetValue operation in the AppLocker Configuration Service Provider (CSP) to help keep Windows secure.
 
 The following fields are available:
 
@@ -276,7 +277,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Security.AppLockerCSP.SetValueStart
 
-Start of the "SetValue" operation for the AppLockerCSP node.
+This event indicates the start of the SetValue operation in the AppLocker Configuration Service Provider (CSP) to help keep Windows secure.
 
 
 
@@ -291,7 +292,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Security.AppLockerCSP.TryRemediateMissingPolicies
 
-EntryPoint of fix step or policy remediation, includes URI relative to %SYSTEM32%\AppLocker that needs to be fixed.
+This event provides information for fixing a policy in the AppLocker Configuration Service Provider (CSP) to help keep Windows secure. It includes Uniform Resource Identifier (URI) relative to %SYSTEM32%\AppLocker that needs to be fixed.
 
 The following fields are available:
 
@@ -309,6 +310,8 @@ The following fields are available:
 - **DatasourceApplicationFile_19ASetup**  The count of the number of this particular object type present on this device.
 - **DatasourceApplicationFile_19H1**  The count of the number of this particular object type present on this device.
 - **DatasourceApplicationFile_19H1Setup**  The count of the number of this particular object type present on this device.
+- **DatasourceApplicationFile_20H1**  The count of the number of this particular object type present on this device.
+- **DatasourceApplicationFile_20H1Setup**  The count of the number of this particular object type present on this device.
 - **DatasourceApplicationFile_RS1**  An ID for the system, calculated by hashing hardware identifiers.
 - **DatasourceApplicationFile_RS2**  An ID for the system, calculated by hashing hardware identifiers.
 - **DatasourceApplicationFile_RS3**  The count of the number of this particular object type present on this device.
@@ -322,6 +325,8 @@ The following fields are available:
 - **DatasourceDevicePnp_19ASetup**  The count of the number of this particular object type present on this device.
 - **DatasourceDevicePnp_19H1**  The count of the number of this particular object type present on this device.
 - **DatasourceDevicePnp_19H1Setup**  The count of the number of this particular object type present on this device.
+- **DatasourceDevicePnp_20H1**  The count of the number of this particular object type present on this device.
+- **DatasourceDevicePnp_20H1Setup**  The count of the number of this particular object type present on this device.
 - **DatasourceDevicePnp_RS1**  The total DataSourceDevicePnp objects targeting Windows 10 version 1607 on this device.
 - **DatasourceDevicePnp_RS2**  The count of the number of this particular object type present on this device.
 - **DatasourceDevicePnp_RS3**  The count of the number of this particular object type present on this device.
@@ -335,6 +340,8 @@ The following fields are available:
 - **DatasourceDriverPackage_19ASetup**  The count of the number of this particular object type present on this device.
 - **DatasourceDriverPackage_19H1**  The count of the number of this particular object type present on this device.
 - **DatasourceDriverPackage_19H1Setup**  The count of the number of this particular object type present on this device.
+- **DatasourceDriverPackage_20H1**  The count of the number of this particular object type present on this device.
+- **DatasourceDriverPackage_20H1Setup**  The count of the number of this particular object type present on this device.
 - **DatasourceDriverPackage_RS1**  The total DataSourceDriverPackage objects targeting Windows 10 version 1607 on this device.
 - **DatasourceDriverPackage_RS2**  The total DataSourceDriverPackage objects targeting Windows 10, version 1703 on this device.
 - **DatasourceDriverPackage_RS3**  The count of the number of this particular object type present on this device.
@@ -348,6 +355,8 @@ The following fields are available:
 - **DataSourceMatchingInfoBlock_19ASetup**  The count of the number of this particular object type present on this device.
 - **DataSourceMatchingInfoBlock_19H1**  The count of the number of this particular object type present on this device.
 - **DataSourceMatchingInfoBlock_19H1Setup**  The count of the number of this particular object type present on this device.
+- **DataSourceMatchingInfoBlock_20H1**  The count of the number of this particular object type present on this device.
+- **DataSourceMatchingInfoBlock_20H1Setup**  The count of the number of this particular object type present on this device.
 - **DataSourceMatchingInfoBlock_RS1**  The total DataSourceMatchingInfoBlock objects targeting Windows 10 version 1607 on this device.
 - **DataSourceMatchingInfoBlock_RS2**  The count of the number of this particular object type present on this device.
 - **DataSourceMatchingInfoBlock_RS3**  The count of the number of this particular object type present on this device.
@@ -361,6 +370,8 @@ The following fields are available:
 - **DataSourceMatchingInfoPassive_19ASetup**  The count of the number of this particular object type present on this device.
 - **DataSourceMatchingInfoPassive_19H1**  The count of the number of this particular object type present on this device.
 - **DataSourceMatchingInfoPassive_19H1Setup**  The count of the number of this particular object type present on this device.
+- **DataSourceMatchingInfoPassive_20H1**  The count of the number of this particular object type present on this device.
+- **DataSourceMatchingInfoPassive_20H1Setup**  The count of the number of this particular object type present on this device.
 - **DataSourceMatchingInfoPassive_RS1**  The total DataSourceMatchingInfoPassive objects targeting Windows 10 version 1607 on this device.
 - **DataSourceMatchingInfoPassive_RS2**  The count of the number of this particular object type present on this device.
 - **DataSourceMatchingInfoPassive_RS3**  The count of the number of this particular object type present on this device.
@@ -374,6 +385,8 @@ The following fields are available:
 - **DataSourceMatchingInfoPostUpgrade_19ASetup**  The count of the number of this particular object type present on this device.
 - **DataSourceMatchingInfoPostUpgrade_19H1**  The count of the number of this particular object type present on this device.
 - **DataSourceMatchingInfoPostUpgrade_19H1Setup**  The count of the number of this particular object type present on this device.
+- **DataSourceMatchingInfoPostUpgrade_20H1**  The count of the number of this particular object type present on this device.
+- **DataSourceMatchingInfoPostUpgrade_20H1Setup**  The count of the number of this particular object type present on this device.
 - **DataSourceMatchingInfoPostUpgrade_RS1**  The total DataSourceMatchingInfoPostUpgrade objects targeting Windows 10 version 1607 on this device.
 - **DataSourceMatchingInfoPostUpgrade_RS2**  The total DataSourceMatchingInfoPostUpgrade objects targeting Windows 10 version 1703 on this device.
 - **DataSourceMatchingInfoPostUpgrade_RS3**  The total DataSourceMatchingInfoPostUpgrade objects targeting Windows 10 version 1709 on this device.
@@ -387,6 +400,8 @@ The following fields are available:
 - **DatasourceSystemBios_19ASetup**  The count of the number of this particular object type present on this device.
 - **DatasourceSystemBios_19H1**  The count of the number of this particular object type present on this device.
 - **DatasourceSystemBios_19H1Setup**  The count of the number of this particular object type present on this device.
+- **DatasourceSystemBios_20H1**  The count of the number of this particular object type present on this device.
+- **DatasourceSystemBios_20H1Setup**  The count of the number of this particular object type present on this device.
 - **DatasourceSystemBios_RS1**  The total DatasourceSystemBios objects targeting Windows 10 version 1607 present on this device.
 - **DatasourceSystemBios_RS2**  The total DatasourceSystemBios objects targeting Windows 10 version 1703 present on this device.
 - **DatasourceSystemBios_RS3**  The total DatasourceSystemBios objects targeting Windows 10 version 1709 present on this device.
@@ -400,6 +415,8 @@ The following fields are available:
 - **DecisionApplicationFile_19ASetup**  The count of the number of this particular object type present on this device.
 - **DecisionApplicationFile_19H1**  The count of the number of this particular object type present on this device.
 - **DecisionApplicationFile_19H1Setup**  The count of the number of this particular object type present on this device.
+- **DecisionApplicationFile_20H1**  The count of the number of this particular object type present on this device.
+- **DecisionApplicationFile_20H1Setup**  The count of the number of this particular object type present on this device.
 - **DecisionApplicationFile_RS1**  The count of the number of this particular object type present on this device.
 - **DecisionApplicationFile_RS2**  The count of the number of this particular object type present on this device.
 - **DecisionApplicationFile_RS3**  The count of the number of this particular object type present on this device.
@@ -413,6 +430,8 @@ The following fields are available:
 - **DecisionDevicePnp_19ASetup**  The count of the number of this particular object type present on this device.
 - **DecisionDevicePnp_19H1**  The count of the number of this particular object type present on this device.
 - **DecisionDevicePnp_19H1Setup**  The count of the number of this particular object type present on this device.
+- **DecisionDevicePnp_20H1**  The count of the number of this particular object type present on this device.
+- **DecisionDevicePnp_20H1Setup**  The count of the number of this particular object type present on this device.
 - **DecisionDevicePnp_RS1**  The total DecisionDevicePnp objects targeting Windows 10 version 1607 on this device.
 - **DecisionDevicePnp_RS2**  The count of the number of this particular object type present on this device.
 - **DecisionDevicePnp_RS3**  The count of the number of this particular object type present on this device.
@@ -426,6 +445,8 @@ The following fields are available:
 - **DecisionDriverPackage_19ASetup**  The count of the number of this particular object type present on this device.
 - **DecisionDriverPackage_19H1**  The count of the number of this particular object type present on this device.
 - **DecisionDriverPackage_19H1Setup**  The count of the number of this particular object type present on this device.
+- **DecisionDriverPackage_20H1**  The count of the number of this particular object type present on this device.
+- **DecisionDriverPackage_20H1Setup**  The count of the number of this particular object type present on this device.
 - **DecisionDriverPackage_RS1**  The total DecisionDriverPackage objects targeting Windows 10 version 1607 on this device.
 - **DecisionDriverPackage_RS2**  The count of the number of this particular object type present on this device.
 - **DecisionDriverPackage_RS3**  The count of the number of this particular object type present on this device.
@@ -439,6 +460,8 @@ The following fields are available:
 - **DecisionMatchingInfoBlock_19ASetup**  The count of the number of this particular object type present on this device.
 - **DecisionMatchingInfoBlock_19H1**  The count of the number of this particular object type present on this device.
 - **DecisionMatchingInfoBlock_19H1Setup**  The count of the number of this particular object type present on this device.
+- **DecisionMatchingInfoBlock_20H1**  The count of the number of this particular object type present on this device.
+- **DecisionMatchingInfoBlock_20H1Setup**  The count of the number of this particular object type present on this device.
 - **DecisionMatchingInfoBlock_RS1**  The total DecisionMatchingInfoBlock objects targeting Windows 10 version 1607 present on this device.
 - **DecisionMatchingInfoBlock_RS2**  The total DecisionMatchingInfoBlock objects targeting Windows 10 version 1703 present on this device.
 - **DecisionMatchingInfoBlock_RS3**  The total DecisionMatchingInfoBlock objects targeting Windows 10 version 1709 present on this device.
@@ -452,6 +475,8 @@ The following fields are available:
 - **DecisionMatchingInfoPassive_19ASetup**  The count of the number of this particular object type present on this device.
 - **DecisionMatchingInfoPassive_19H1**  The count of the number of this particular object type present on this device.
 - **DecisionMatchingInfoPassive_19H1Setup**  The count of the number of this particular object type present on this device.
+- **DecisionMatchingInfoPassive_20H1**  The count of the number of this particular object type present on this device.
+- **DecisionMatchingInfoPassive_20H1Setup**  The count of the number of this particular object type present on this device.
 - **DecisionMatchingInfoPassive_RS1**  The total DecisionMatchingInfoPassive objects targeting Windows 10 version 1607 on this device.
 - **DecisionMatchingInfoPassive_RS2**  The total DecisionMatchingInfoPassive objects targeting Windows 10 version 1703 on this device.
 - **DecisionMatchingInfoPassive_RS3**  The total DecisionMatchingInfoPassive objects targeting Windows 10 version 1803 on this device.
@@ -465,6 +490,8 @@ The following fields are available:
 - **DecisionMatchingInfoPostUpgrade_19ASetup**  The count of the number of this particular object type present on this device.
 - **DecisionMatchingInfoPostUpgrade_19H1**  The count of the number of this particular object type present on this device.
 - **DecisionMatchingInfoPostUpgrade_19H1Setup**  The count of the number of this particular object type present on this device.
+- **DecisionMatchingInfoPostUpgrade_20H1**  The count of the number of this particular object type present on this device.
+- **DecisionMatchingInfoPostUpgrade_20H1Setup**  The count of the number of this particular object type present on this device.
 - **DecisionMatchingInfoPostUpgrade_RS1**  The total DecisionMatchingInfoPostUpgrade objects targeting Windows 10 version 1607 on this device.
 - **DecisionMatchingInfoPostUpgrade_RS2**  The total DecisionMatchingInfoPostUpgrade objects targeting Windows 10 version 1703 on this device.
 - **DecisionMatchingInfoPostUpgrade_RS3**  The total DecisionMatchingInfoPostUpgrade objects targeting Windows 10 version 1709 on this device.
@@ -478,6 +505,8 @@ The following fields are available:
 - **DecisionMediaCenter_19ASetup**  The count of the number of this particular object type present on this device.
 - **DecisionMediaCenter_19H1**  The count of the number of this particular object type present on this device.
 - **DecisionMediaCenter_19H1Setup**  The total DecisionMediaCenter objects targeting the next release of Windows on this device.
+- **DecisionMediaCenter_20H1**  The count of the number of this particular object type present on this device.
+- **DecisionMediaCenter_20H1Setup**  The count of the number of this particular object type present on this device.
 - **DecisionMediaCenter_RS1**  The total DecisionMediaCenter objects targeting Windows 10 version 1607 present on this device.
 - **DecisionMediaCenter_RS2**  The total DecisionMediaCenter objects targeting Windows 10 version 1703 present on this device.
 - **DecisionMediaCenter_RS3**  The total DecisionMediaCenter objects targeting Windows 10 version 1709 present on this device.
@@ -491,6 +520,8 @@ The following fields are available:
 - **DecisionSystemBios_19ASetup**  The total DecisionSystemBios objects targeting the next release of Windows on this device.
 - **DecisionSystemBios_19H1**  The count of the number of this particular object type present on this device.
 - **DecisionSystemBios_19H1Setup**  The total DecisionSystemBios objects targeting the next release of Windows on this device.
+- **DecisionSystemBios_20H1**  The count of the number of this particular object type present on this device.
+- **DecisionSystemBios_20H1Setup**  The count of the number of this particular object type present on this device.
 - **DecisionSystemBios_RS1**  The total DecisionSystemBios objects targeting Windows 10 version 1607 on this device.
 - **DecisionSystemBios_RS2**  The total DecisionSystemBios objects targeting Windows 10 version 1703 on this device.
 - **DecisionSystemBios_RS3**  The total DecisionSystemBios objects targeting Windows 10 version 1709 on this device.
@@ -502,6 +533,7 @@ The following fields are available:
 - **DecisionSystemBios_TH1**  The count of the number of this particular object type present on this device.
 - **DecisionSystemBios_TH2**  The count of the number of this particular object type present on this device.
 - **DecisionSystemProcessor_RS2**  The count of the number of this particular object type present on this device.
+- **DecisionTest_20H1Setup**  The count of the number of this particular object type present on this device.
 - **DecisionTest_RS1**  An ID for the system, calculated by hashing hardware identifiers.
 - **InventoryApplicationFile**  The count of the number of this particular object type present on this device.
 - **InventoryDeviceContainer**  A count of device container objects in cache.
@@ -529,6 +561,8 @@ The following fields are available:
 - **Wmdrm_19ASetup**  The count of the number of this particular object type present on this device.
 - **Wmdrm_19H1**  The count of the number of this particular object type present on this device.
 - **Wmdrm_19H1Setup**  The total Wmdrm objects targeting the next release of Windows on this device.
+- **Wmdrm_20H1**  The count of the number of this particular object type present on this device.
+- **Wmdrm_20H1Setup**  The count of the number of this particular object type present on this device.
 - **Wmdrm_RS1**  An ID for the system, calculated by hashing hardware identifiers.
 - **Wmdrm_RS2**  An ID for the system, calculated by hashing hardware identifiers.
 - **Wmdrm_RS3**  An ID for the system, calculated by hashing hardware identifiers.
@@ -555,7 +589,7 @@ The following fields are available:
 - **HasCitData**  Indicates whether the file is present in CIT data.
 - **HasUpgradeExe**  Indicates whether the anti-virus app has an upgrade.exe file.
 - **IsAv**  Is the file an anti-virus reporting EXE?
-- **ResolveAttempted**  This will always be an empty string when sending telemetry.
+- **ResolveAttempted**  This will always be an empty string when sending diagnostic data.
 - **SdbEntries**  An array of fields that indicates the SDB entries that apply to this file.
 
 
@@ -659,13 +693,14 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DataSourceMatchingInfoBlockAdd
 
-This event sends blocking data about any compatibility blocking entries hit on the system that are not directly related to specific applications or devices, to help keep Windows up-to-date.
+This event sends blocking data about any compatibility blocking entries on the system that are not directly related to specific applications or devices, to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
 The following fields are available:
 
 - **AppraiserVersion**  The version of the appraiser file generating the events.
+- **ResolveAttempted**  This will always be an empty string when sending diagnostic data.
 
 
 ### Microsoft.Windows.Appraiser.General.DataSourceMatchingInfoBlockRemove
@@ -692,7 +727,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DataSourceMatchingInfoPassiveAdd
 
-This event sends compatibility database information about non-blocking compatibility entries on the system that are not keyed by either applications or devices, to help keep Windows up-to-date.
+This event sends compatibility database information about non-blocking compatibility entries on the system that are not keyed by either applications or devices, to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -725,7 +760,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DataSourceMatchingInfoPostUpgradeAdd
 
-This event sends compatibility database information about entries requiring reinstallation after an upgrade on the system that are not keyed by either applications or devices, to help keep Windows up-to-date.
+This event sends compatibility database information about entries requiring reinstallation after an upgrade on the system that are not keyed by either applications or devices, to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -758,7 +793,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DatasourceSystemBiosAdd
 
-This event sends compatibility database information about the BIOS to help keep Windows up-to-date.
+This event sends compatibility database information about the BIOS to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -791,7 +826,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DecisionApplicationFileAdd
 
-This event sends compatibility decision data about a file to help keep Windows up-to-date.
+This event sends compatibility decision data about a file to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -806,7 +841,7 @@ The following fields are available:
 - **HasUxBlockOverride**  Does the file have a block that is overridden by a tag in the SDB?
 - **MigApplication**  Does the file have a MigXML from the SDB associated with it that applies to the current upgrade mode?
 - **MigRemoval**  Does the file have a MigXML from the SDB that will cause the app to be removed on upgrade?
-- **NeedsDismissAction**  Will the file cause an action that can be dimissed?
+- **NeedsDismissAction**  Will the file cause an action that can be dismissed?
 - **NeedsInstallPostUpgradeData**  After upgrade, the file will have a post-upgrade notification to install a replacement for the app.
 - **NeedsNotifyPostUpgradeData**  Does the file have a notification that should be shown after upgrade?
 - **NeedsReinstallPostUpgradeData**  After upgrade, this file will have a post-upgrade notification to reinstall the app.
@@ -843,7 +878,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.DecisionDevicePnpAdd
 
-This event sends compatibility decision data about a PNP device to help keep Windows up to date.
+This event sends compatibility decision data about a Plug and Play (PNP) device to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -941,10 +976,12 @@ The following fields are available:
 - **AppraiserVersion**  The version of the appraiser file generating the events.
 - **BlockingApplication**  Are there are any application issues that interfere with upgrade due to matching info blocks?
 - **DisplayGenericMessage**  Will a generic message be shown for this block?
+- **NeedsDismissAction**  Will the file cause an action that can be dismissed?
 - **NeedsUninstallAction**  Does the user need to take an action in setup due to a matching info block?
 - **SdbBlockUpgrade**  Is a matching info block blocking upgrade?
 - **SdbBlockUpgradeCanReinstall**  Is a matching info block blocking upgrade, but has the can reinstall tag?
 - **SdbBlockUpgradeUntilUpdate**  Is a matching info block blocking upgrade but has the until update tag?
+- **SdbReinstallUpgradeWarn**  The file is tagged as needing to be reinstalled after upgrade with a warning in the SDB. It does not block upgrade.
 
 
 ### Microsoft.Windows.Appraiser.General.DecisionMatchingInfoBlockRemove
@@ -1295,7 +1332,7 @@ This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedevic
 
 The following fields are available:
 
-- **AppraiserVersion**  The version of the Appraiser file that is generating the events.
+- **AppraiserVersion**  The version of the Appraiser binary (executable) generating the events.
 
 
 ### Microsoft.Windows.Appraiser.General.InventoryUplevelDriverPackageAdd
@@ -1363,7 +1400,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.SystemMemoryAdd
 
-This event sends data on the amount of memory on the system and whether it meets requirements, to help keep Windows up-to-date.
+This event sends data on the amount of memory on the system and whether it meets requirements, to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1438,7 +1475,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.SystemProcessorLahfSahfAdd
 
-This event sends data indicating whether the system supports the LahfSahf CPU requirement, to help keep Windows up-to-date.
+This event sends data indicating whether the system supports the LAHF & SAHF CPU requirement, to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1473,7 +1510,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.SystemProcessorNxAdd
 
-This event sends data indicating whether the system supports the NX CPU requirement, to help keep Windows up-to-date.
+This event sends data indicating whether the system supports the NX CPU requirement, to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1684,7 +1721,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.SystemWlanAdd
 
-This event sends data indicating whether the system has WLAN, and if so, whether it uses an emulated driver that could block an upgrade, to help keep Windows up-to-date.
+This event sends data indicating whether the system has WLAN, and if so, whether it uses an emulated driver that could block an upgrade, to help keep Windows up to date.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -1723,18 +1760,18 @@ The following fields are available:
 
 ### Microsoft.Windows.Appraiser.General.TelemetryRunHealth
 
-This event indicates the parameters and result of a telemetry (diagnostic) run. This allows the rest of the data sent over the course of the run to be properly contextualized and understood, which is then used to keep Windows up to date.
+This event indicates the parameters and result of a diagnostic data run. This allows the rest of the data sent over the course of the run to be properly contextualized and understood, which is then used to keep Windows up to date.
 
 The following fields are available:
 
 - **AppraiserBranch**  The source branch in which the version of Appraiser that is running was built.
-- **AppraiserDataVersion**  The version of the data files being used by the Appraiser telemetry run.
+- **AppraiserDataVersion**  The version of the data files being used by the Appraiser diagnostic data run.
 - **AppraiserProcess**  The name of the process that launched Appraiser.
 - **AppraiserVersion**  The file version (major, minor and build) of the Appraiser DLL, concatenated without dots.
 - **AuxFinal**  Obsolete, always set to false.
 - **AuxInitial**  Obsolete, indicates if Appraiser is writing data files to be read by the Get Windows 10 app.
 - **DeadlineDate**  A timestamp representing the deadline date, which is the time until which appraiser will wait to do a full scan.
-- **EnterpriseRun**  Indicates if the telemetry run is an enterprise run, which means appraiser was run from the command line with an extra enterprise parameter.
+- **EnterpriseRun**  Indicates whether the diagnostic data run is an enterprise run, which means appraiser was run from the command line with an extra enterprise parameter.
 - **FullSync**  Indicates if Appraiser is performing a full sync, which means that full set of events representing the state of the machine are sent. Otherwise, only the changes from the previous run are sent.
 - **InboxDataVersion**  The original version of the data files before retrieving any newer version.
 - **IndicatorsWritten**  Indicates if all relevant UEX indicators were successfully written or updated.
@@ -1743,18 +1780,19 @@ The following fields are available:
 - **PerfBackoff**  Indicates if the run was invoked with logic to stop running when a user is present. Helps to understand why a run may have a longer elapsed time than normal.
 - **PerfBackoffInsurance**  Indicates if appraiser is running without performance backoff because it has run with perf backoff and failed to complete several times in a row.
 - **RunAppraiser**  Indicates if Appraiser was set to run at all. If this if false, it is understood that data events will not be received from this device.
-- **RunDate**  The date that the telemetry run was stated, expressed as a filetime.
-- **RunGeneralTel**  Indicates if the generaltel.dll component was run. Generaltel collects additional telemetry on an infrequent schedule and only from machines at telemetry levels higher than Basic.
+- **RunDate**  The date that the diagnostic data run was stated, expressed as a filetime.
+- **RunGeneralTel**  Indicates if the generaltel.dll component was run. Generaltel collects additional diagnostic data on an infrequent schedule and only from machines at diagnostic data levels higher than Basic.
 - **RunOnline**  Indicates if appraiser was able to connect to Windows Update and theefore is making decisions using up-to-date driver coverage information.
-- **RunResult**  The hresult of the Appraiser telemetry run.
+- **RunResult**  The hresult of the Appraiser diagnostic data run.
 - **ScheduledUploadDay**  The day scheduled for the upload.
-- **SendingUtc**  Indicates if the Appraiser client is sending events during the current telemetry run.
+- **SendingUtc**  Indicates whether the Appraiser client is sending events during the current diagnostic data run.
 - **StoreHandleIsNotNull**  Obsolete, always set to false
-- **TelementrySent**  Indicates if telemetry was successfully sent.
-- **ThrottlingUtc**  Indicates if the Appraiser client is throttling its output of CUET events to avoid being disabled. This increases runtime but also telemetry reliability.
+- **TelementrySent**  Indicates whether diagnostic data was successfully sent.
+- **ThrottlingUtc**  Indicates whether the Appraiser client is throttling its output of CUET events to avoid being disabled. This increases runtime but also diagnostic data reliability.
 - **Time**  The client time of the event.
 - **VerboseMode**  Indicates if appraiser ran in Verbose mode, which is a test-only mode with extra logging.
 - **WhyFullSyncWithoutTablePrefix**  Indicates the reason or reasons that a full sync was generated.
+- **WhyRunSkipped**  Indicates the reason or reasons that an appraiser run was skipped.
 
 
 ### Microsoft.Windows.Appraiser.General.WmdrmAdd
@@ -1798,6 +1836,47 @@ The following fields are available:
 - **AppraiserVersion**  The version of the Appraiser file that is generating the events.
 
 
+## Audio endpoint events
+
+### Microsoft.Windows.Audio.EndpointBuilder.DeviceInfo
+
+This event logs the successful enumeration of an audio endpoint (such as a microphone or speaker) and provides information about the audio endpoint.
+
+The following fields are available:
+
+- **BusEnumeratorName**  The name of the bus enumerator (for example, HDAUDIO or USB).
+- **ContainerId**  An identifier that uniquely groups the functional devices associated with a single-function or multifunction device.
+- **DeviceInstanceId**  The unique identifier for this instance of the device.
+- **EndpointDevnodeId**  The IMMDevice identifier of the associated devnode.
+- **EndpointFormFactor**  The enumeration value for the form factor of the endpoint device (for example speaker, microphone, remote  network device).
+- **endpointID**  The unique identifier for the audio endpoint.
+- **endpointInstanceId**  The unique identifier for the software audio endpoint. Used for joining to other audio event.
+- **Flow**  Indicates whether the endpoint is capture (1) or render (0).
+- **HWID**  The hardware identifier for the endpoint.
+- **IsBluetooth**  Indicates whether the device is a Bluetooth device.
+- **IsSideband**  Indicates whether the device is a sideband device.
+- **IsUSB**  Indicates whether the device is a USB device.
+- **JackSubType**  A unique ID representing the KS node type of the endpoint.
+- **MicArrayGeometry**  Describes the microphone array, including the microphone position, coordinates, type, and frequency range. See [MicArrayGeometry](#micarraygeometry).
+- **persistentId**  A unique ID for this endpoint which is retained across migrations.
+
+### MicArrayGeometry
+
+This event provides information about the layout of the individual microphone elements in the microphone array.
+
+The following fields are available:
+
+- **MicCoords**  The location and orientation of the microphone element.
+- **usFrequencyBandHi**  The high end of the frequency range for the microphone.
+- **usFrequencyBandLo**  The low end of the frequency range for the microphone.
+- **usMicArrayType**  The type of the microphone array.
+- **usNumberOfMicrophones**  The number of microphones in the array.
+- **usVersion**  The version of the microphone array specification.
+- **wHorizontalAngleBegin**  The horizontal angle of the start of the working volume (reported as radians times 10,000).
+- **wHorizontalAngleEnd**  The horizontal angle of the end of the working volume (reported as radians times 10,000).
+- **wVerticalAngleBegin**  The vertical angle of the start of the working volume (reported as radians times 10,000).
+- **wVerticalAngleEnd**  The vertical angle of the end of the working volume (reported as radians times 10,000).
+
 ## Census events
 
 ### Census.App
@@ -2247,6 +2326,7 @@ The following fields are available:
 - **IsVirtualDevice**  Retrieves that when the Hypervisor is Microsoft's Hyper-V Hypervisor or other Hv#1 Hypervisor, this field will be set to FALSE for the Hyper-V host OS and TRUE for any guest OS's. This field should not be relied upon for non-Hv#1 Hypervisors.
 - **SLATSupported**  Represents whether Second Level Address Translation (SLAT) is supported by the hardware.
 - **VirtualizationFirmwareEnabled**  Represents whether virtualization is enabled in the firmware.
+- **VMId**  A string that identifies a virtual machine.
 
 
 ### Census.WU
@@ -2734,7 +2814,7 @@ The following fields are available:
 
 ### TelClientSynthetic.ConnectivityHeartBeat_0
 
-This event sends data about the connectivity status of the Connected User Experience and Telemetry component that uploads telemetry events. If an unrestricted free network (such as Wi-Fi) is available, this event updates the last successful upload time. Otherwise, it checks whether a Connectivity Heartbeat event was fired in the past 24 hours, and if not, it fires an event. A Connectivity Heartbeat event also fires when a device recovers from costed network to free network.
+This event sends data about the connectivity status of the Connected User Experience and Telemetry component that uploads telemetry events. If an unrestricted free network (such as Wi-Fi) is available, this event updates the last successful upload time. Otherwise, it checks whether a Connectivity Heartbeat event was fired in the past 24 hours, and if not, it sends an event. A Connectivity Heartbeat event is also sent when a device recovers from costed network to free network.
 
 The following fields are available:
 
@@ -3175,6 +3255,20 @@ The following fields are available:
 - **CV**  Correlation vector.
 
 
+### Microsoft.Windows.DirectToUpdate.DTUHandlerCheckApplicabilityGenericFailure
+
+This event indicates that we have received an unexpected error in the Direct to Update (DTU) Handler CheckApplicability call.
+
+The following fields are available:
+
+- **CampaignID**  Campaign ID being run
+- **ClientID**  Client ID being run
+- **CoordinatorVersion**  Coordinator version of DTU
+- **CV**  Correlation vector
+- **CV_new**  New correlation vector
+- **hResult**  HRESULT of the failure
+
+
 ### Microsoft.Windows.DirectToUpdate.DTUHandlerCheckApplicabilityInternalGenericFailure
 
 This event indicates that we have received an unexpected error in the Direct to Update (DTU) Handler CheckApplicabilityInternal call.
@@ -3395,6 +3489,144 @@ The following fields are available:
 - **CV**  Correlation vector.
 
 
+## DISM events
+
+### Microsoft.Windows.StartRepairCore.DISMLatestInstalledLCU
+
+The DISM Latest Installed LCU sends information to report result of search for latest installed LCU after last successful boot.
+
+The following fields are available:
+
+- **dismInstalledLCUPackageName**  The name of the latest installed package.
+
+
+### Microsoft.Windows.StartRepairCore.DISMPendingInstall
+
+The DISM Pending Install event sends information to report pending package installation found.
+
+The following fields are available:
+
+- **dismPendingInstallPackageName**  The name of the pending package.
+
+
+### Microsoft.Windows.StartRepairCore.SRTRootCauseDiagEnd
+
+The SRT Root Cause Diagnosis End event sends information to report diagnosis operation completed for given plug-in.
+
+The following fields are available:
+
+- **errorCode**  The result code returned by the event.
+- **flightIds**  The Flight IDs (identifier of the beta release) of found driver updates.
+- **foundDriverUpdateCount**  The number of found driver updates.
+- **srtRootCauseDiag**  The scenario name for a diagnosis event.
+
+
+### Microsoft.Windows.StartRepairCore.SRTRootCauseDiagStart
+
+The SRT Root Cause Diagnosis Start event sends information to report diagnosis operation started for given plug-in.
+
+The following fields are available:
+
+- **srtRootCauseDiag**  The scenario name for a diagnosis event.
+
+
+## Driver installation events
+
+### Microsoft.Windows.DriverInstall.DeviceInstall
+
+This critical event sends information about the driver installation that took place.
+
+The following fields are available:
+
+- **ClassGuid**  The unique ID for the device class.
+- **ClassLowerFilters**  The list of lower filter class drivers.
+- **ClassUpperFilters**  The list of upper filter class drivers.
+- **CoInstallers**  The list of coinstallers.
+- **ConfigFlags**  The device configuration flags.
+- **DeviceConfigured**  Indicates whether this device was configured through the kernel configuration.
+- **DeviceInstanceId**  The unique identifier of the device in the system.
+- **DeviceStack**  The device stack of the driver being installed.
+- **DriverDate**  The date of the driver.
+- **DriverDescription**  A description of the driver function.
+- **DriverInfName**  Name of the INF file (the setup information file) for the driver.
+- **DriverInfSectionName**  Name of the DDInstall section within the driver INF file.
+- **DriverPackageId**  The ID of the driver package that is staged to the driver store.
+- **DriverProvider**  The driver manufacturer or provider.
+- **DriverUpdated**  Indicates whether the driver is replacing an old driver.
+- **DriverVersion**  The version of the driver file.
+- **EndTime**  The time the installation completed.
+- **Error**  Provides the WIN32 error code for the installation.
+- **ExtensionDrivers**  List of extension drivers that complement this installation.
+- **FinishInstallAction**  Indicates whether the co-installer invoked the finish-install action.
+- **FinishInstallUI**  Indicates whether the installation process shows the user interface.
+- **FirmwareDate**  The firmware date that will be stored in the EFI System Resource Table (ESRT).
+- **FirmwareRevision**  The firmware revision that will be stored in the EFI System Resource Table (ESRT).
+- **FirmwareVersion**  The firmware version that will be stored in the EFI System Resource Table (ESRT).
+- **FirstHardwareId**  The ID in the hardware ID list that provides the most specific device description.
+- **FlightIds**  A list of the different Windows Insider builds on the device.
+- **GenericDriver**  Indicates whether the driver is a generic driver.
+- **Inbox**  Indicates whether the driver package is included with Windows.
+- **InstallDate**  The date the driver was installed.
+- **LastCompatibleId**  The ID in the hardware ID list that provides the least specific device description.
+- **LegacyInstallReasonError**  The error code for the legacy installation.
+- **LowerFilters**  The list of lower filter drivers.
+- **MatchingDeviceId**  The hardware ID or compatible ID that Windows used to install the device instance.
+- **NeedReboot**  Indicates whether the driver requires a reboot.
+- **OriginalDriverInfName**  The original name of the INF file before it was renamed.
+- **ParentDeviceInstanceId**  The device instance ID of the parent of the device.
+- **PendedUntilReboot**  Indicates whether the installation is pending until the device is rebooted.
+- **Problem**  Error code returned by the device after installation.
+- **ProblemStatus**  The status of the device after the driver installation.
+- **RebootRequiredReason**  DWORD (Double Word—32-bit unsigned integer) containing the reason why the device required a reboot during install.
+- **SecondaryDevice**  Indicates whether the device is a secondary device.
+- **ServiceName**  The service name of the driver.
+- **SetupMode**  Indicates whether the driver installation took place before the Out Of Box Experience (OOBE) was completed.
+- **StartTime**  The time when the installation started.
+- **SubmissionId**  The driver submission identifier assigned by the Windows Hardware Development Center.
+- **UpperFilters**  The list of upper filter drivers.
+
+
+### Microsoft.Windows.DriverInstall.NewDevInstallDeviceEnd
+
+This event sends data about the driver installation once it is completed.
+
+The following fields are available:
+
+- **DeviceInstanceId**  The unique identifier of the device in the system.
+- **DriverUpdated**  Indicates whether the driver was updated.
+- **Error**  The Win32 error code of the installation.
+- **FlightId**  The ID of the Windows Insider build the device received.
+- **InstallDate**  The date the driver was installed.
+- **InstallFlags**  The driver installation flags.
+- **OptionalData**  Metadata specific to WU (Windows Update) associated with the driver (flight IDs, recovery IDs, etc.)
+- **RebootRequired**  Indicates whether a reboot is required after the installation.
+- **RollbackPossible**  Indicates whether this driver can be rolled back.
+- **WuTargetedHardwareId**  Indicates that the driver was installed because the device hardware ID was targeted by the Windows Update.
+- **WuUntargetedHardwareId**  Indicates that the driver was installed because Windows Update performed a generic driver update for all devices of that hardware class.
+
+
+### Microsoft.Windows.DriverInstall.NewDevInstallDeviceStart
+
+This event sends data about the driver that the new driver installation is replacing.
+
+The following fields are available:
+
+- **DeviceInstanceId**  The unique identifier of the device in the system.
+- **FirstInstallDate**  The first time a driver was installed on this device.
+- **LastDriverDate**  Date of the driver that is being replaced.
+- **LastDriverInbox**  Indicates whether the previous driver was included with Windows.
+- **LastDriverInfName**  Name of the INF file (the setup information file) of the driver being replaced.
+- **LastDriverVersion**  The version of the driver that is being replaced.
+- **LastFirmwareDate**  The date of the last firmware reported from the EFI System Resource Table (ESRT).
+- **LastFirmwareRevision**  The last firmware revision number reported from EFI System Resource Table (ESRT).
+- **LastFirmwareVersion**  The last firmware version reported from the EFI System Resource Table (ESRT).
+- **LastInstallDate**  The date a driver was last installed on this device.
+- **LastMatchingDeviceId**  The hardware ID or compatible ID that Windows last used to install the device instance.
+- **LastProblem**  The previous problem code that was set on the device.
+- **LastProblemStatus**  The previous problem code that was set on the device.
+- **LastSubmissionId**  The driver submission identifier of the driver that is being replaced.
+
+
 ## DxgKernelTelemetry events
 
 ### DxgKrnlTelemetry.GPUAdapterInventoryV2
@@ -3408,12 +3640,15 @@ The following fields are available:
 - **bootId**  The system boot ID.
 - **BrightnessVersionViaDDI**  The version of the Display Brightness Interface.
 - **ComputePreemptionLevel**  The maximum preemption level supported by GPU for compute payload.
+- **DDIInterfaceVersion**  The device driver interface version.
 - **DedicatedSystemMemoryB**  The amount of system memory dedicated for GPU use (in bytes).
 - **DedicatedVideoMemoryB**  The amount of dedicated VRAM of the GPU (in bytes).
 - **DisplayAdapterLuid**  The display adapter LUID.
 - **DriverDate**  The date of the display driver.
 - **DriverRank**  The rank of the display driver.
 - **DriverVersion**  The display driver version.
+- **DriverWorkarounds**  Bitfield data for specific driver workarounds enabled for this device.
+- **DriverWorkarounds.Length**  The length of the DriverWorkarounds bitfield.
 - **DX10UMDFilePath**  The file path to the location of the DirectX 10 Display User Mode Driver in the Driver Store.
 - **DX11UMDFilePath**  The file path to the location of the DirectX 11 Display User Mode Driver in the Driver Store.
 - **DX12UMDFilePath**  The file path to the location of the DirectX 12 Display User Mode Driver in the Driver Store.
@@ -3422,8 +3657,11 @@ The following fields are available:
 - **GPUPreemptionLevel**  The maximum preemption level supported by GPU for graphics payload.
 - **GPURevisionID**  The GPU revision ID.
 - **GPUVendorID**  The GPU vendor ID.
+- **InterfaceFuncPointersProvided1**  The number of device driver interface function pointers provided.
+- **InterfaceFuncPointersProvided2**  The number of device driver interface function pointers provided.
 - **InterfaceId**  The GPU interface ID.
 - **IsDisplayDevice**  Does the GPU have displaying capabilities?
+- **IsHwSchEnabled**  Indicates whether Hardware Scheduling is enabled.
 - **IsHwSchSupported**  Indicates whether the adapter supports hardware scheduling.
 - **IsHybridDiscrete**  Does the GPU have discrete GPU capabilities in a hybrid device?
 - **IsHybridIntegrated**  Does the GPU have integrated GPU capabilities in a hybrid device?
@@ -3887,7 +4125,7 @@ The following fields are available:
 
 ### Microsoft.Windows.Inventory.Core.InventoryDevicePnpAdd
 
-This event represents the basic metadata about a plug and play (PNP) device and its associated driver.
+This event sends basic metadata about a PNP device and its associated driver to help keep Windows up to date. This information is used to assess if the PNP device and driver will remain compatible when upgrading Windows.
 
 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).
 
@@ -3914,7 +4152,7 @@ The following fields are available:
 - **HWID**  A list of hardware IDs for the device.
 - **Inf**  The name of the INF file (possibly renamed by the OS, such as oemXX.inf).
 - **InstallDate**  The date of the most recent installation of the device on the machine.
-- **InstallState**  The device installation state. For a list of values, see: https://msdn.microsoft.com/library/windows/hardware/ff543130.aspx
+- **InstallState**  The device installation state.  One of these values: https://msdn.microsoft.com/library/windows/hardware/ff543130.aspx
 - **InventoryVersion**  The version number of the inventory process generating the events.
 - **LowerClassFilters**  The identifiers of the Lower Class filters installed for the device.
 - **LowerFilters**  The identifiers of the Lower filters installed for the device.
@@ -4089,39 +4327,12 @@ The following fields are available:
 
 This event sends details collected for a specific application on the source device.
 
-The following fields are available:
-
-- **AhaVersion**  The binary version of the App Health Analyzer tool.
-- **ApplicationErrors**  The count of application errors from the event log.
-- **Bitness**  The architecture type of the application (16 Bit or 32 bit or 64 bit).
-- **device_level**  Various JRE/JAVA versions installed on a particular device.
-- **ExtendedProperties**  Attribute used for aggregating all other attributes under this event type.
-- **Jar**  Flag to determine if an app has a Java JAR file dependency.
-- **Jre**  Flag to determine if an app has JRE framework dependency.
-- **Jre_version**  JRE versions an app has declared framework dependency for.
-- **Name**  Name of the application.
-- **NonDPIAware**  Flag to determine if an app is non-DPI aware.
-- **NumBinaries**  Count of all binaries (.sys,.dll,.ini) from application install location.
-- **RequiresAdmin**  Flag to determine if an app requests admin privileges for execution.
-- **RequiresAdminv2**  Additional flag to determine if an app requests admin privileges for execution.
-- **RequiresUIAccess**  Flag to determine if an app is based on UI features for accessibility.
-- **VB6**  Flag to determine if an app is based on VB6 framework.
-- **VB6v2**  Additional flag to determine if an app is based on VB6 framework.
-- **Version**  Version of the application.
-- **VersionCheck**  Flag to determine if an app has a static dependency on OS version.
-- **VersionCheckv2**  Additional flag to determine if an app has a static dependency on OS version.
 
 
 ### Microsoft.Windows.Inventory.General.AppHealthStaticStartSync
 
 This event indicates the beginning of a series of AppHealthStaticAdd events.
 
-The following fields are available:
-
-- **AllowTelemetry**  Indicates the presence of the 'allowtelemetry' command line argument.
-- **CommandLineArgs**  Command line arguments passed when launching the App Health Analyzer executable.
-- **Enhanced**  Indicates the presence of the 'enhanced' command line argument.
-- **StartTime**  UTC date and time at which this event was sent.
 
 
 ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousOfficeAddInAdd
@@ -4316,10 +4527,10 @@ This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedevic
 
 The following fields are available:
 
-- **BrowserFlags**  Browser flags for Office-related products
-- **ExchangeProviderFlags**  Provider policies for Office Exchange
+- **BrowserFlags**  Browser flags for Office-related products.
+- **ExchangeProviderFlags**  Provider policies for Office Exchange.
 - **InventoryVersion**  The version of the inventory binary generating the events.
-- **SharedComputerLicensing**  Office shared computer licensing policies
+- **SharedComputerLicensing**  Office shared computer licensing policies.
 
 
 ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousOfficeSettingsStartSync
@@ -4534,6 +4745,250 @@ The following fields are available:
 - **UserInputTime**  The amount of time the loader application spent waiting for user input.
 
 
+### Microsoft.Windows.Kernel.DeviceConfig.DeviceConfig
+
+This critical device configuration event provides information about drivers for a driver installation that took place within the kernel.
+
+The following fields are available:
+
+- **ClassGuid**  The unique ID for the device class.
+- **DeviceInstanceId**  The unique ID for the device on the system.
+- **DriverDate**  The date of the driver.
+- **DriverFlightIds**  The IDs for the driver flights.
+- **DriverInfName**  Driver INF file name.
+- **DriverProvider**  The driver manufacturer or provider.
+- **DriverSubmissionId**  The driver submission ID assigned by the hardware developer center.
+- **DriverVersion**  The driver version number.
+- **ExtensionDrivers**  The list of extension driver INF files, extension IDs, and associated flight IDs.
+- **FirstHardwareId**  The ID in the hardware ID list that provides the most specific device description.
+- **InboxDriver**  Indicates whether the driver package is included with Windows.
+- **InstallDate**  Date the driver was installed.
+- **LastCompatibleId**  The ID in the hardware ID list that provides the least specific device description.
+- **Legacy**  Indicates whether the driver is a legacy driver.
+- **NeedReboot**  Indicates whether the driver requires a reboot.
+- **SetupMode**  Indicates whether the device configuration occurred during the Out Of Box Experience (OOBE).
+- **StatusCode**  The NTSTATUS of device configuration operation.
+
+
+### Microsoft.Windows.Kernel.PnP.AggregateClearDevNodeProblem
+
+This event is sent when a problem code is cleared from a device.
+
+The following fields are available:
+
+- **Count**  The total number of events.
+- **DeviceInstanceId**  The unique identifier of the device on the system.
+- **LastProblem**  The previous problem that was cleared.
+- **LastProblemStatus**  The previous NTSTATUS value that was cleared.
+- **Problem**  The new problem code set on the device node.
+- **ProblemStatus**  The new NT_STATUS set on the device node.
+- **ServiceName**  The name of the driver or service attached to the device.
+
+
+### Microsoft.Windows.Kernel.PnP.AggregateSetDevNodeProblem
+
+This event is sent when a new problem code is assigned to a device.
+
+The following fields are available:
+
+- **Count**  The total number of events.
+- **DeviceInstanceId**  The unique identifier of the device in the system.
+- **LastProblem**  The previous problem code that was set on the device.
+- **LastProblemStatus**  The previous NTSTATUS value that was set on the device.
+- **Problem**  The new problem code that was set on the device.
+- **ProblemStatus**  The new NTSTATUS value that was set on the device.
+- **ServiceName**  The driver or service name that is attached to the device.
+
+
+## Microsoft Edge events
+
+### Aria.160f0649efde47b7832f05ed000fc453.Microsoft.WebBrowser.SystemInfo.Config
+
+This event sends basic device connectivity and configuration information from Microsoft Edge about the current data collection consent, app version, and installation state to keep Microsoft Edge up to date and secure.
+
+The following fields are available:
+
+- **app_version**  The internal Microsoft Edge build version string.
+- **appConsentState**  Bit flags that describe the consent for data collection on the device, or zero if the state was not retrieved. The following are true when the associated bit is set: consent was granted (0x1), consent was communicated at install (0x2), diagnostic data consent granted (0x20000), browsing data consent granted (0x40000).
+- **Channel**  An integer indicating the channel of the installation (Canary or Dev).
+- **client_id**  A non-durable unique identifier with which all other diagnostic client data is associated. This value is reset whenever UMA data collection is disabled, or when the application is uninstalled.
+- **ConnectionType**  The first reported type of network connection currently connected. Possible values: Unknown, Ethernet, WiFi, 2G, 3G, 4G, None, or Bluetooth
+- **container_client_id**  The client ID of the container if the device is in Windows Defender Application Guard mode.
+- **container_session_id**  The session ID of the container if the device is in Windows Defender Application Guard mode.
+- **Etag**  Etag is an identifier representing all service applied configurations and experiments for the current browser session. There is not value in this field is the device is at the Basic diagnostic data level.
+- **EventInfo.Level**  The minimum Windows diagnostic data level required for the event. Possible values: 1 -- Basic, 2 -- Enhanced, 3 -- Full
+- **install_date**  The date and time of the most recent installation in seconds since midnight on January 1, 1970 UTC, rounded down to the nearest hour.
+- **installSource**  An enumeration representing the source of this installation. Possible values: source was not retrieved (0), unspecified source (1), website installer (2), enterprise MSI (3), Windows update (4), Edge updater (5), scheduled or timed task (6, 7), uninstall (8), Edge about page (9), self-repair (10), other install command line (11), reserved (12), unknown source (13).
+- **PayloadClass**  The base class used to serialize and deserialize the Protobuf binary payload.
+- **PayloadGUID**  A random identifier generated for each original monolithic Protobuf payload, before the payload is potentially broken up into manageably-sized chunks for transmission.
+- **PayloadLogType**  The log type for the event correlating with. Possible values: 0 -- Unknown, 1 -- Stability, 2 -- On-going, 3 -- Independent, 4 -- UKM, or 5 -- Instance level
+- **session_id** An ordered identifier that is guaranteed to be greater than the previous session identifier each time the user launches the application, reset on subsequent launch after client_id changes. session_id is seeded during the initial installation of the application. session_id is effectively unique per client_id value. Several other internal identifier values, such as window or tab IDs, are only meaningful within a particular session. The session_id value is forgotten when the application is uninstalled, but not during an upgrade.
+
+
+### Aria.29e24d069f27450385c7acaa2f07e277.Microsoft.WebBrowser.SystemInfo.Config
+
+This event sends basic device connectivity and configuration information from Microsoft Edge about the current data collection consent, app version, and installation state to keep Microsoft Edge up to date and secure.
+
+The following fields are available:
+
+- **app_version**  The internal Microsoft Edge build version string.
+- **appConsentState**  Bit flags that describe the consent for data collection on the device, or zero if the state was not retrieved. The following are true when the associated bit is set: consent was granted (0x1), consent was communicated at install (0x2), diagnostic data consent granted (0x20000), browsing data consent granted (0x40000).
+- **Channel**  An integer indicating the channel of the installation (Canary or Dev).
+- **client_id**  A non-durable unique identifier with which all other diagnostic client data is associated. This value is reset whenever UMA data collection is disabled, or when the application is uninstalled.
+- **ConnectionType**  The first reported type of network connection currently connected. Possible values: Unknown, Ethernet, WiFi, 2G, 3G, 4G, None, or Bluetooth
+- **container_client_id**  The client ID of the container if the device is in Windows Defender Application Guard mode.
+- **container_session_id**  The session ID of the container if the device is in Windows Defender Application Guard mode.
+- **Etag**  Etag is an identifier representing all service applied configurations and experiments for the current browser session. There is not value in this field is the device is at the Basic diagnostic data level.
+- **EventInfo.Level**  The minimum Windows diagnostic data level required for the event. Possible values: 1 -- Basic, 2 -- Enhanced, 3 -- Full
+- **install_date**  The date and time of the most recent installation in seconds since midnight on January 1, 1970 UTC, rounded down to the nearest hour.
+- **installSource**  An enumeration representing the source of this installation. Possible values: source was not retrieved (0), unspecified source (1), website installer (2), enterprise MSI (3), Windows update (4), Edge updater (5), scheduled or timed task (6, 7), uninstall (8), Edge about page (9), self-repair (10), other install command line (11), reserved (12), unknown source (13).
+- **PayloadClass**  The base class used to serialize and deserialize the Protobuf binary payload.
+- **PayloadGUID**  A random identifier generated for each original monolithic Protobuf payload, before the payload is potentially broken up into manageably-sized chunks for transmission.
+- **PayloadLogType**  The log type for the event correlating with. Possible values: 0 -- Unknown, 1 -- Stability, 2 -- On-going, 3 -- Independent, 4 -- UKM, or 5 -- Instance level
+- **session_id** An ordered identifier that is guaranteed to be greater than the previous session identifier each time the user launches the application, reset on subsequent launch after client_id changes. session_id is seeded during the initial installation of the application. session_id is effectively unique per client_id value. Several other internal identifier values, such as window or tab IDs, are only meaningful within a particular session. The session_id value is forgotten when the application is uninstalled, but not during an upgrade.
+
+
+### Aria.7005b72804a64fa4b2138faab88f877b.Microsoft.WebBrowser.SystemInfo.Config
+
+This event sends basic device connectivity and configuration information from Microsoft Edge about the current data collection consent, app version, and installation state to keep Microsoft Edge up to date and secure.
+
+The following fields are available:
+
+- **app_version**  The internal Microsoft Edge build version string.
+- **appConsentState**  Bit flags that describe the consent for data collection on the device, or zero if the state was not retrieved. The following are true when the associated bit is set: consent was granted (0x1), consent was communicated at install (0x2), diagnostic data consent granted (0x20000), browsing data consent granted (0x40000).
+- **Channel**  An integer indicating the channel of the installation (Canary or Dev).
+- **client_id**  A non-durable unique identifier with which all other diagnostic client data is associated. This value is reset whenever UMA data collection is disabled, or when the application is uninstalled.
+- **ConnectionType**  The first reported type of network connection currently connected. Possible values: Unknown, Ethernet, WiFi, 2G, 3G, 4G, None, or Bluetooth
+- **container_client_id**  The client ID of the container if the device is in Windows Defender Application Guard mode.
+- **container_session_id**  The session ID of the container if the device is in Windows Defender Application Guard mode.
+- **Etag**  Etag is an identifier representing all service applied configurations and experiments for the current browser session. There is not value in this field is the device is at the Basic diagnostic data level.
+- **EventInfo.Level**  The minimum Windows diagnostic data level required for the event. Possible values: 1 -- Basic, 2 -- Enhanced, 3 -- Full
+- **install_date**  The date and time of the most recent installation in seconds since midnight on January 1, 1970 UTC, rounded down to the nearest hour.
+- **installSource**  An enumeration representing the source of this installation. Possible values: source was not retrieved (0), unspecified source (1), website installer (2), enterprise MSI (3), Windows update (4), Edge updater (5), scheduled or timed task (6, 7), uninstall (8), Edge about page (9), self-repair (10), other install command line (11), reserved (12), unknown source (13).
+- **PayloadClass**  The base class used to serialize and deserialize the Protobuf binary payload.
+- **PayloadGUID**  A random identifier generated for each original monolithic Protobuf payload, before the payload is potentially broken up into manageably-sized chunks for transmission.
+- **PayloadLogType**  The log type for the event correlating with. Possible values: 0 -- Unknown, 1 -- Stability, 2 -- On-going, 3 -- Independent, 4 -- UKM, or 5 -- Instance level
+- **session_id** An ordered identifier that is guaranteed to be greater than the previous session identifier each time the user launches the application, reset on subsequent launch after client_id changes. session_id is seeded during the initial installation of the application. session_id is effectively unique per client_id value. Several other internal identifier values, such as window or tab IDs, are only meaningful within a particular session. The session_id value is forgotten when the application is uninstalled, but not during an upgrade.
+
+
+### Aria.754de735ccd546b28d0bfca8ac52c3de.Microsoft.WebBrowser.SystemInfo.Config
+
+This config event sends basic device connectivity and configuration information from Microsoft Edge about the current data collection consent, app version, and installation state to keep Microsoft Edge up to date and secure.
+
+The following fields are available:
+
+- **app_version**  The internal Microsoft Edge build version string.
+- **appConsentState**  Bit flags that describe the consent for data collection on the device, or zero if the state was not retrieved. The following are true when the associated bit is set: consent was granted (0x1), consent was communicated at install (0x2), diagnostic data consent granted (0x20000), browsing data consent granted (0x40000).
+- **Channel**  An integer indicating the channel of the installation (Canary or Dev).
+- **client_id**  A non-durable unique identifier with which all other diagnostic client data is associated. This value is reset whenever UMA data collection is disabled, or when the application is uninstalled.
+- **ConnectionType**  The first reported type of network connection currently connected. Possible values: Unknown, Ethernet, WiFi, 2G, 3G, 4G, None, or Bluetooth
+- **container_client_id**  The client ID of the container if the device is in Windows Defender Application Guard mode.
+- **container_session_id**  The session ID of the container if the device is in Windows Defender Application Guard mode.
+- **Etag**  Etag is an identifier representing all service applied configurations and experiments for the current browser session. There is not value in this field is the device is at the Basic diagnostic data level.
+- **EventInfo.Level**  The minimum Windows diagnostic data level required for the event. Possible values: 1 -- Basic, 2 -- Enhanced, 3 -- Full
+- **install_date**  The date and time of the most recent installation in seconds since midnight on January 1, 1970 UTC, rounded down to the nearest hour.
+- **installSource**  An enumeration representing the source of this installation. Possible values: source was not retrieved (0), unspecified source (1), website installer (2), enterprise MSI (3), Windows update (4), Edge updater (5), scheduled or timed task (6, 7), uninstall (8), Edge about page (9), self-repair (10), other install command line (11), reserved (12), unknown source (13).
+- **PayloadClass**  The base class used to serialize and deserialize the Protobuf binary payload.
+- **PayloadGUID**  A random identifier generated for each original monolithic Protobuf payload, before the payload is potentially broken up into manageably-sized chunks for transmission.
+- **PayloadLogType**  The log type for the event correlating with. Possible values: 0 -- Unknown, 1 -- Stability, 2 -- On-going, 3 -- Independent, 4 -- UKM, or 5 -- Instance level
+- **session_id** An ordered identifier that is guaranteed to be greater than the previous session identifier each time the user launches the application, reset on subsequent launch after client_id changes. session_id is seeded during the initial installation of the application. session_id is effectively unique per client_id value. Several other internal identifier values, such as window or tab IDs, are only meaningful within a particular session. The session_id value is forgotten when the application is uninstalled, but not during an upgrade.
+
+
+### Aria.af397ef28e484961ba48646a5d38cf54.Microsoft.WebBrowser.Installer.EdgeUpdate.Ping
+
+This event sends hardware and software inventory information about the Microsoft Edge Update service, Microsoft Edge applications, and the current system environment, including app configuration, update configuration, and hardware capabilities. It's  used to measure the reliability and performance of the EdgeUpdate service and if Microsoft Edge applications are up to date.
+
+The following fields are available:
+
+- **appAp**  Microsoft Edge Update parameters, including channel, architecture, platform, and additional parameters identifying the release of Microsoft Edge to update and how to install it. Example: 'beta-arch_x64-full'. Default: ''.
+- **appAppId**  The GUID that identifies the product channels such as Edge Canary, Dev, Beta, Stable, and Edge Update.
+- **appBrandCode**  The 4-digit brand code under which the the product was installed, if any. Possible values: 'GGLS' (default), 'GCEU' (enterprise install), and '' (unknown).
+- **appChannel**  An integer indicating the channel of the installation (e.g. Canary or Dev).
+- **appClientId** A generalized form of the brand code that can accept a wider range of values and is used for similar purposes. Default: ''.
+- **appCohort**  A machine-readable string identifying the release channel that the app belongs to. Limited to ASCII characters 32 to 127 (inclusive) and a maximum length of 1024 characters. Default: ''.
+- **appCohortHint**  A machine-readable enum indicating that the client has a desire to switch to a different release cohort. Limited to ASCII characters 32 to 127 (inclusive) and a maximum length of 1024 characters. Default: ''.
+- **appCohortName**  A stable non-localized human-readable enum indicating which (if any) set of messages the app should display to the user. For example, an app with a cohort name of 'beta' might display beta-specific branding to the user. Limited to ASCII characters 32 to 127 (inclusive) and a maximum length of 1024 characters. Default: ''.
+- **appConsentState**  Bit flags describing the diagnostic data disclosure and response flow where 1 indicates the affirmative and 0 indicates the negative or unspecified data. Bit 1 indicates consent was given, bit 2 indicates data originated from the download page, bit 18 indicates choice for sending data about how the browser is used, and bit 19 indicates choice for sending data about websites visited.
+- **appDayOfInstall**  The date-based counting equivalent of appInstallTimeDiffSec (the numeric calendar day that the app was installed on). This value is provided by the server in the response to the first request in the installation flow. Default: '-2' (Unknown).
+- **appExperiments**  A semicolon-delimited key/value list of experiment identifiers and treatment groups. This field is unused and always empty in Edge Update. Default: ''.
+- **appInstallTimeDiffSec**  The difference between the current time and the install date in seconds. '0' if unknown. Default: '-1'.
+- **appLang**  The language of the product install, in IETF BCP 47 representation. Default: ''.
+- **appNextVersion**  The version of the app that the update attempted to reach, regardless of the success or failure of the update operation. Default: '0.0.0.0'.
+- **appPingEventAppSize**  The total number of bytes of all downloaded packages. Default: '0'.
+- **appPingEventDownloadMetricsDownloadedBytes**  For events representing a download, the number of bytes expected to be downloaded. For events representing an entire update flow, the sum of all such expected bytes over the course of the update flow. Default: '0'.
+- **appPingEventDownloadMetricsDownloader**  A string identifying the download algorithm and/or stack. Example values include: 'bits', 'direct', 'winhttp', 'p2p'. Sent in events that have an event type of '14' only. Default: ''.
+- **appPingEventDownloadMetricsDownloadTimeMs**  For events representing a download, the time elapsed between the start of the download and the end of the download, in milliseconds. For events representing an entire update flow, the sum of all such download times over the course of the update flow. Sent in events that have an event type of '1', '2', '3', and '14' only. Default: '0'.
+- **appPingEventDownloadMetricsError**  The error code (if any) of the operation, encoded as a signed base-10 integer. Default: '0'.
+- **appPingEventDownloadMetricsServerIpHint**  For events representing a download, the CDN Host IP address that corresponds to the update file server. The CDN host is controlled by Microsoft servers and always maps to IP addresses hosting *.delivery.mp.microsoft.com or msedgesetup.azureedge.net. Default: ''.
+- **appPingEventDownloadMetricsTotalBytes**  For events representing a download, the number of bytes expected to be downloaded. For events representing an entire update flow, the sum of all such expected bytes over the course of the update flow. Default: '0'.
+- **appPingEventDownloadMetricsUrl** For events representing a download, the CDN URL provided by the update server for the client to download the update, the URL is controlled by Microsoft servers and always maps back to either *.delivery.mp.microsoft.com or msedgesetup.azureedge.net. Default: ''.
+- **appPingEventDownloadTimeMs**  For events representing a download, the time elapsed between the start of the download and the end of the download, in milliseconds. For events representing an entire update flow, the sum of all such download times over the course of the update flow. Sent in events that have an event type of '1', '2', '3', and '14' only. Default: '0'.
+- **appPingEventErrorCode**  The error code (if any) of the operation, encoded as a signed, base-10 integer. Default: '0'.
+- **appPingEventEventResult**  An enumeration indicating the result of the event. Common values are '0' (Error) and '1' (Success). Default: '0' (Error).
+- **appPingEventEventType**  An enumeration indicating the type of the event and the event stage. Default: '0' (Unknown).
+- **appPingEventExtraCode1**  Additional numeric information about the operation's result, encoded as a signed, base-10 integer. Default: '0'.
+- **appPingEventInstallTimeMs**  For events representing an install, the time elapsed between the start of the install and the end of the install, in milliseconds. For events representing an entire update flow, the sum of all such durations. Sent in events that have an event type of '2' and '3' only. Default: '0'.
+- **appPingEventNumBytesDownloaded**  The number of bytes downloaded for the specified application. Default: '0'.
+- **appPingEventSequenceId**  An ID that uniquely identifies particular events within one requestId. Since a request can contain multiple ping events, this field is necessary to uniquely identify each possible event.
+- **appPingEventSourceUrlIndex**  For events representing a download, the position of the download URL in the list of URLs supplied by the server in a <urls> tag.
+- **appPingEventUpdateCheckTimeMs**	For events representing an entire update flow, the time elapsed between the start of the update check and the end of the update check, in milliseconds. Sent in events that have an event type of '2' and '3' only. Default: '0'.
+- **appUpdateCheckIsUpdateDisabled**  The state of whether app updates are restricted by group policy. True if updates have been restricted by group policy or false if they have not.
+- **appUpdateCheckTargetVersionPrefix**  A component-wise prefix of a version number, or a complete version number suffixed with the $ character. The prefix is interpreted a dotted-tuple that specifies the exactly-matching elements; it is not a lexical prefix (for example, '1.2.3' MUST match '1.2.3.4' but MUST NOT match '1.2.34'). Default: ''.
+- **appUpdateCheckTtToken**  An opaque access token that can be used to identify the requesting client as a member of a trusted-tester group. If non-empty, the request is sent over SSL or another secure protocol. This field is unused by Edge Update and always empty. Default: ''.
+- **appVersion**  The version of the product install. Default: '0.0.0.0'.
+- **EventInfo.Level**  The minimum Windows diagnostic data level required for the event where 1 is basic, 2 is enhanced, and 3 is full.
+- **eventType**  A string representation of appPingEventEventType indicating the type of the event.
+- **hwHasAvx**  '1' if the client's hardware supports the SSE instruction set. '0' if the client's hardware does not support the SSE instruction set. '-1' if unknown. Default: '-1'.
+- **hwHasSse**  '1' if the client's hardware supports the SSE instruction set. '0' if the client's hardware does not support the SSE instruction set. '-1' if unknown. Default: '-1'.
+- **hwHasSse2**  '1' if the client's hardware supports the SSE2 instruction set. '0' if the client's hardware does not support the SSE2 instruction set. '-1' if unknown. Default: '-1'.
+- **hwHasSse3**  '1' if the client's hardware supports the SSE3 instruction set. '0' if the client's hardware does not support the SSE3 instruction set. '-1' if unknown. Default: '-1'.
+- **hwHasSse41**  '1' if the client's hardware supports the SSE4.1 instruction set. '0' if the client's hardware does not support the SSE4.1 instruction set. '-1' if unknown. Default: '-1'.
+- **hwHasSse42**  '1' if the client's hardware supports the SSE4.2 instruction set. '0' if the client's hardware does not support the SSE4.2 instruction set. '-1' if unknown. Default: '-1'.
+- **hwHasSsse3**  '1' if the client's hardware supports the SSSE3 instruction set. '0' if the client's hardware does not support the SSSE3 instruction set. '-1' if unknown. Default: '-1'.
+- **hwPhysmemory**  The physical memory available to the client, truncated down to the nearest gibibyte. '-1' if unknown. This value is intended to reflect the maximum theoretical storage capacity of the client, not including any hard drive or paging to a hard drive or peripheral. Default: '-1'.
+- **isMsftDomainJoined**  '1' if the client is a member of a Microsoft domain. '0' otherwise. Default: '0'.
+- **osArch**  The architecture of the operating system (e.g. 'x86', 'x64', 'arm'). '' if unknown. Default: ''.
+- **osPlatform**  The operating system family that the within which the Omaha client is running (e.g. 'win', 'mac', 'linux', 'ios', 'android'). '' if unknown. The operating system name should be transmitted in lowercase with minimal formatting. Default: ''.
+- **osServicePack**  The secondary version of the operating system. '' if unknown. Default: ''.
+- **osVersion**  The primary version of the operating system. '' if unknown. Default: ''.
+- **requestCheckPeriodSec**  The update interval in seconds. The value is read from the registry. Default: '-1'.
+- **requestDlpref**  A comma-separated list of values specifying the preferred download URL behavior. The first value is the highest priority, further values reflect secondary, tertiary, et cetera priorities. Legal values are '' (in which case the entire list must be empty, indicating unknown or no-preference) or 'cacheable' (the server should prioritize sending URLs that are easily cacheable). Default: ''.
+- **requestDomainJoined**  '1' if the device is part of a managed enterprise domain. Otherwise '0'.
+- **requestInstallSource**  A string specifying the cause of the update flow. For example: 'ondemand', or 'scheduledtask'. Default: ''.
+- **requestIsMachine**  '1' if the client is known to be installed with system-level or administrator privileges. '0' otherwise. Default: '0'.
+- **requestOmahaShellVersion**  The version of the Omaha installation folder. Default: ''.
+- **requestOmahaVersion**  The version of the Omaha updater itself (the entity sending this request). Default: '0.0.0.0'.
+- **requestProtocolVersion**  The version of the Omaha protocol. Compatible clients MUST provide a value of '3.0'. Compatible clients MUST always transmit this attribute. Default: undefined.
+- **requestRequestId**  A randomly-generated (uniformly distributed) GUID, corresponding to the Omaha request. Default: ''.
+- **requestSessionCorrelationVectorBase**  A client generated random MS Correlation Vector base code used to correlate the update session with update and CDN servers. Default: ''.
+- **requestSessionId**  A randomly-generated (uniformly distributed) GUID. Each single update flow (e.g. update check, update application, event ping sequence) should have (with high probability) a single unique sessionid. Default: ''.
+- **requestTestSource**  Either '', 'dev', 'qa', 'prober', 'auto', or 'ossdev'. Any value except '' indicates that the request is a test and should not be counted toward normal metrics. Default: ''.
+- **requestUid**  A randomly-generated (uniformly distributed) GUID, corresponding to the Omaha user. Each request attempt should have (with high probability) a unique request id. Default: ''.
+
+
+### Aria.f4a7d46e472049dfba756e11bdbbc08f.Microsoft.WebBrowser.SystemInfo.Config
+
+This config event sends basic device connectivity and configuration information from Microsoft Edge about the current data collection consent, app version, and installation state to keep Microsoft Edge up to date and secure.
+
+The following fields are available:
+
+- **app_version**  The internal Microsoft Edge build version string.
+- **appConsentState**  Bit flags that describe the consent for data collection on the device, or zero if the state was not retrieved. The following are true when the associated bit is set: consent was granted (0x1), consent was communicated at install (0x2), diagnostic data consent granted (0x20000), browsing data consent granted (0x40000).
+- **Channel**  An integer indicating the channel of the installation (Canary or Dev).
+- **client_id**  A non-durable unique identifier with which all other diagnostic client data is associated. This value is reset whenever UMA data collection is disabled, or when the application is uninstalled.
+- **ConnectionType**  The first reported type of network connection currently connected. Possible values: Unknown, Ethernet, WiFi, 2G, 3G, 4G, None, or Bluetooth
+- **container_client_id**  The client ID of the container if the device is in Windows Defender Application Guard mode.
+- **container_session_id**  The session ID of the container if the device is in Windows Defender Application Guard mode.
+- **Etag**  Etag is an identifier representing all service applied configurations and experiments for the current browser session. There is not value in this field is the device is at the Basic diagnostic data level.
+- **EventInfo.Level**  The minimum Windows diagnostic data level required for the event. Possible values: 1 -- Basic, 2 -- Enhanced, 3 -- Full
+- **install_date**  The date and time of the most recent installation in seconds since midnight on January 1, 1970 UTC, rounded down to the nearest hour.
+- **installSource**  An enumeration representing the source of this installation. Possible values: source was not retrieved (0), unspecified source (1), website installer (2), enterprise MSI (3), Windows update (4), Edge updater (5), scheduled or timed task (6, 7), uninstall (8), Edge about page (9), self-repair (10), other install command line (11), reserved (12), unknown source (13).
+- **PayloadClass**  The base class used to serialize and deserialize the Protobuf binary payload.
+- **PayloadGUID**  A random identifier generated for each original monolithic Protobuf payload, before the payload is potentially broken up into manageably-sized chunks for transmission.
+- **PayloadLogType**  The log type for the event correlating with. Possible values: 0 -- Unknown, 1 -- Stability, 2 -- On-going, 3 -- Independent, 4 -- UKM, or 5 -- Instance level
+- **session_id** An ordered identifier that is guaranteed to be greater than the previous session identifier each time the user launches the application, reset on subsequent launch after client_id changes. session_id is seeded during the initial installation of the application. session_id is effectively unique per client_id value. Several other internal identifier values, such as window or tab IDs, are only meaningful within a particular session. The session_id value is forgotten when the application is uninstalled, but not during an upgrade.
+
+
 ## Migration events
 
 ### Microsoft.Windows.MigrationCore.MigObjectCountDLUsr
@@ -4747,6 +5202,7 @@ This event determines the error code that was returned when verifying Internet c
 
 The following fields are available:
 
+- **failedCheck**  The error code returned by the operation.
 - **winInetError**  The HResult of the operation.
 
 
@@ -4802,6 +5258,23 @@ The following fields are available:
 - **originatingContextName**  The name of the originating call context that resulted in the failure.
 - **threadId**  The ID of the thread on which the activity is executing.
 
+## Privacy notifier events
+
+
+### Microsoft.Windows.Shell.PrivacyNotifierLogging.PrivacyNotifierCompleted
+
+This event returns data to report the efficacy of a single-use tool to inform users impacted by a known issue and to take corrective action to address the issue.
+
+The following fields are available:
+
+- **cleanupTask**  Indicates whether the task that launched the dialog should be cleaned up.
+- **cleanupTaskResult**  The return code of the attempt to clean up the task used to show the dialog.
+- **deviceEvaluated**  Indicates whether the device was eligible for evaluation of a known issue.
+- **deviceImpacted**  Indicates whether the device was impacted by a known issue.
+- **modalAction**  The action the user took on the dialog that was presented to them.
+- **modalResult**  The return code of the attempt to show a dialog to the user explaining the issue.
+- **resetSettingsResult**  The return code of the action to correct the known issue.
+
 
 ## Remediation events
 
@@ -4880,24 +5353,11 @@ The following fields are available:
 - **QualityUpdateSedimentTargetedTriggers**  Provides information about remediations that are applicable to enable Quality Updates on the device.
 - **RegkeysExist**  Indicates whether specified registry keys exist.
 - **Reload**  True if SIH reload is required.
-- **RemediationAutoUAAcLineStatus**  Indicates the power status returned by the Automatic Update Assistant tool.
-- **RemediationAutoUAAutoStartCount**  Indicates the number of times the Automatic Update Assistant tool has automatically started.
-- **RemediationAutoUACalendarTaskEnabled**  Indicates whether an Automatic Update Assistant tool task is enabled.
-- **RemediationAutoUACalendarTaskExists**  Indicates whether an Automatic Update Assistant tool task exists.
-- **RemediationAutoUACalendarTaskTriggerEnabledCount**  Indicates the number of times an Automatic Update Assistant tool task has been triggered.
-- **RemediationAutoUADaysSinceLastTaskRunTime**  Indicates the last run time an Automatic Update Assistant tool task was run.
-- **RemediationAutoUAGetCurrentSize**  Indicates the current size of the Automatic Update Assistant tool.
+- **RemediationAutoUACleanupNeeded**  Automatic Update Assistant cleanup is required.
 - **RemediationAutoUAIsInstalled**  Indicates whether the Automatic Update Assistant tool is installed.
-- **RemediationAutoUALastTaskRunResult**  Indicates the result from the last time the Automatic Update Assistant tool was run.
-- **RemediationAutoUAMeteredNetwork**  Indicates whether the Automatic Update Assistant tool is running on a metered network.
-- **RemediationAutoUATaskEnabled**  Indicates whether the Automatic Update Assistant tool task is enabled.
-- **RemediationAutoUATaskExists**  Indicates whether an Automatic Update Assistant tool task exists.
+- **RemediationAutoUATaskDisabled**  Indicates whether the Automatic Update Assistant tool task is disabled.
+- **RemediationAutoUATaskNotExists**  Indicates whether an Automatic Update Assistant tool task does not exist.
 - **RemediationAutoUATasksStalled**  Indicates whether an Automatic Update Assistant tool task is stalled.
-- **RemediationAutoUATaskTriggerEnabledCount**  Indicates how many times an Automatic Update Assistant tool task was triggered.
-- **RemediationAutoUAUAExitCode**  Indicates any exit code provided by the Automatic Update Assistant tool.
-- **RemediationAutoUAUAExitState**  Indicates the exit state of the Automatic Update Assistant tool.
-- **RemediationAutoUAUserLoggedIn**  Indicates whether a user is logged in.
-- **RemediationAutoUAUserLoggedInAdmin**  Indicates whether a user is logged in as an Administrator.
 - **RemediationCorruptionRepairBuildNumber**  The build number to use to repair corruption.
 - **RemediationCorruptionRepairCorruptionsDetected**  Indicates whether corruption was detected.
 - **RemediationCorruptionRepairDetected**  Indicates whether an attempt was made to repair the corruption.
@@ -5010,6 +5470,7 @@ The following fields are available:
 - **branchReadinessLevel**  Branch readiness level policy.
 - **cloudControlState**  Value indicating whether the shell is enabled on the cloud control settings.
 - **CV**  The Correlation Vector.
+- **DateTimeDifference**  The difference between the local and reference clocks.
 - **DiskFreeSpaceAfterSedimentPackInMB**  The amount of free disk space (in megabytes) after executing the Sediment Pack.
 - **DiskFreeSpaceBeforeSedimentPackInMB**  The amount of free disk space (in megabytes) before executing the Sediment Pack.
 - **DiskMbFreeAfterCleanup**  The amount of free hard disk space after cleanup, measured in Megabytes.
@@ -5038,6 +5499,7 @@ The following fields are available:
 - **QualityUpdateSedimentMatchedTriggers**  The list of triggers that were matched by the Windows Quality Update remediation.
 - **QualityUpdateSedimentModelExecutionSeconds**  The number of seconds needed to execute the Windows Quality Update remediation.
 - **recoveredFromTargetOS**  Indicates whether the device recovered from the target operating system (OS).
+- **RemediationAutoUASpaceSaved**  Amount of disk space saved in MB after cleaning up AutoUA folders.
 - **RemediationBatteryPowerBatteryLevel**  Indicates the battery level at which it is acceptable to continue operation.
 - **RemediationBatteryPowerExitDueToLowBattery**  True when we exit due to low battery power.
 - **RemediationBatteryPowerOnBattery**  True if we allow execution on battery.
@@ -5046,8 +5508,12 @@ The following fields are available:
 - **RemediationComponentCleanupEstimateInMB**  The amount of space (megabytes) in the WinSxS (Windows Side-by-Side) folder that is available for cleanup by the plug-in.
 - **RemediationConfigurationTroubleshooterIpconfigFix**  TRUE if IPConfig Fix completed successfully.
 - **RemediationConfigurationTroubleshooterNetShFix**  TRUE if network card cache reset ran successfully.
+- **RemediationCorruptionIsManifestFix**  Boolean indicating if the manifest was repaired.
 - **RemediationCorruptionRepairCorruptionsDetected**  Number of corruptions detected on the device.
 - **RemediationCorruptionRepairCorruptionsFixed**  Number of detected corruptions that were fixed on the device.
+- **RemediationCorruptionRepairDownloadCompleted**  Boolean indicating if the download of manifest cab was completed.
+- **RemediationCorruptionRepairDownloadRequired**  Boolean indicating if the download of manifest cab is required for repair.
+- **RemediationCorruptionRepairMeteredNetwork**  Boolean indicating if the device is on a metered network.
 - **RemediationCorruptionRepairPerformActionSuccessful**  Indicates whether corruption repair was successful on the device.
 - **RemediationDiskCleanupSearchFileSizeInMB**  The size of the Cleanup Search index file, measured in megabytes.
 - **RemediationDiskSpaceSavedByCompressionInMB**  The amount of disk space (megabytes) that was compressed by the plug-in.
@@ -5096,6 +5562,7 @@ The following fields are available:
 - **systemDriveFreeDiskSpace**  Indicates the free disk space on system drive, in megabytes.
 - **systemUptimeInHours**  Indicates the amount of time the system in hours has been on since the last boot.
 - **uninstallActive**  TRUE if previous uninstall has occurred for current OS
+- **UpdateApplicabilityFixedBitMap**  Bitmap indicating which fixes were applied by the plugin.
 - **usoScanDaysSinceLastScan**  The number of days since the last USO (Update Session Orchestrator) scan.
 - **usoScanInProgress**  TRUE if a USO (Update Session Orchestrator) scan is in progress, to prevent multiple simultaneous scans.
 - **usoScanIsAllowAutoUpdateKeyPresent**  TRUE if the AllowAutoUpdate registry key is set.
@@ -5357,6 +5824,45 @@ The following fields are available:
 - **WUDeviceID**  The unique identifier controlled by the software distribution client.
 
 
+### SIHEngineTelemetry.ExecuteAction
+
+This event is triggered with SIH attempts to execute (e.g. install) the update or action in question. Includes important information like if the update required a reboot.
+
+The following fields are available:
+
+- **CachedEngineVersion**  The engine DLL version that is being used.
+- **EventInstanceID**  A unique identifier for event instance.
+- **EventScenario**  Indicates the purpose of sending this event, whether because the software distribution just started checking for content, or whether it was cancelled, succeeded, or failed.
+- **RebootRequired**  Indicates if a reboot was required to complete the action.
+- **ServiceGuid**  A unique identifier that represents which service the software distribution client is connecting to (SIH, Windows Update, Microsoft Store, etc.).
+- **SihclientVersion**  The SIH version.
+- **StatusCode**  Result code of the event (success, cancellation, failure code HResult).
+- **UpdateID**  A unique identifier for the action being acted upon.
+- **WuapiVersion**  The Windows Update API version.
+- **WuaucltVersion**  The Windows Update version identifier for SIH.
+- **WuauengVersion**  The Windows Update engine version identifier.
+- **WUDeviceID**  The unique identifier controlled by the software distribution client.
+
+
+### SIHEngineTelemetry.PostRebootReport
+
+This event reports the status of an action following a reboot, should one have been required.
+
+The following fields are available:
+
+- **CachedEngineVersion**  The engine DLL version that is being used.
+- **EventInstanceID**  A unique identifier for event instance.
+- **EventScenario**  Indicates the purpose of sending this event, whether because the software distribution just started checking for content, or whether it was cancelled, succeeded, or failed.
+- **ServiceGuid**  A unique identifier that represents which service the software distribution client is connecting to (SIH, Windows Update, Microsoft Store, etc.).
+- **SihclientVersion**  Version of SIH Client on the device.
+- **StatusCode**  Result code of the event (success, cancellation, failure code HResult).
+- **UpdateID**  A unique identifier for the action being acted upon.
+- **WuapiVersion**  Version of Windows Update DLL on the device.
+- **WuaucltVersion**  Version of WUAUCLT (Windows Update Auto-Update Client) on the device.
+- **WuauengVersion**  Version of Windows Update (Auto-Update) engine on the device.
+- **WUDeviceID**  The unique identifier controlled by the software distribution client.
+
+
 ## Software update events
 
 ### SoftwareUpdateClientTelemetry.CheckForUpdates
@@ -5511,6 +6017,7 @@ The following fields are available:
 - **DeviceModel**  The model of the device.
 - **DownloadPriority**  Indicates whether a download happened at background, normal, or foreground priority.
 - **DownloadProps**  Information about the download operation properties in the form of a bitmask.
+- **DownloadScenarioId**  A unique ID for a given download, used to tie together Windows Update and Delivery Optimizer events.
 - **DownloadType**  Differentiates the download type of “Self-Initiated Healing” (SIH) downloads between Metadata and Payload downloads.
 - **EventInstanceID**  A globally unique identifier for event instance.
 - **EventScenario**  Indicates the purpose for sending this event: whether because the software distribution just started downloading content; or whether it was cancelled, succeeded, or failed.
@@ -5818,12 +6325,12 @@ Ensures Windows Updates are secure and complete. Event helps to identify whether
 The following fields are available:
 
 - **CallerApplicationName**  Name of application making the Windows Update request. Used to identify context of request.
-- **EndpointUrl**  URL of the endpoint where client obtains update metadata. Used to identify test vs staging vs production environments.
+- **EndpointUrl**  The endpoint URL where the device obtains update metadata. This is used to distinguish between test, staging, and production environments.
 - **EventScenario**  Indicates the purpose of the event - whether because scan started, succeded, failed, etc.
 - **ExtendedStatusCode**  Secondary status code for certain scenarios where StatusCode was not specific enough.
 - **LeafCertId**  The integral ID from the FragmentSigning data for the certificate that failed.
 - **ListOfSHA256OfIntermediateCerData**  A semicolon delimited list of base64 encoding of hashes for the Base64CerData in the FragmentSigning data of an intermediate certificate.
-- **MetadataIntegrityMode**  Mode of update transport metadata integrity check. 0-Unknown, 1-Ignoe, 2-Audit, 3-Enforce
+- **MetadataIntegrityMode**  The mode of the transport metadata integrity check. 0 = unknown; 1 = ignore; 2 = audit; 3 = enforce
 - **MetadataSignature**  A base64-encoded string of the signature associated with the update metadata (specified by revision ID).
 - **RawMode**  The raw unparsed mode string from the SLS response. This field is null if not applicable.
 - **RawValidityWindowInDays**  The raw unparsed validity window string in days of the timestamp token. This field is null if not applicable.
@@ -5834,8 +6341,8 @@ The following fields are available:
 - **SHA256OfLeafCertPublicKey**  A base64 encoding of the hash of the Base64CertData in the FragmentSigning data of the leaf certificate.
 - **SHA256OfTimestampToken**  An encoded string of the timestamp token.
 - **SignatureAlgorithm**  The hash algorithm for the metadata signature.
-- **SLSPrograms**  A test program a machine may be opted in. Examples include "Canary" and "Insider Fast".
-- **StatusCode**  Result code of the event (success, cancellation, failure code HResult)
+- **SLSPrograms**  A test program to which a device may have opted in. Example: Insider Fast
+- **StatusCode**  Result code of the event (success, cancellation, failure code HResult).
 - **TimestampTokenCertThumbprint**  The thumbprint of the encoded timestamp token.
 - **TimestampTokenId**  The time this was created. It is encoded in a timestamp blob and will be zero if the token is malformed.
 - **UpdateId**  The update ID for a specific piece of content.
@@ -5854,7 +6361,6 @@ The following fields are available:
 - **UsageMean**  The mean of hourly average CPU usage.
 - **UsageMedian**  The median of hourly average CPU usage.
 - **UsageTwoHourMaxMean**  The mean of the maximum of every two hour of hourly average CPU usage.
-- **UsageTwoHourMedianMean**  The mean of the median of every two hour of hourly average CPU usage.
 
 
 ### Microsoft.Windows.Srum.Sdp.NetworkUsage
@@ -5868,7 +6374,6 @@ The following fields are available:
 - **BytesTotalMean**  The mean of the hourly average bytes total.
 - **BytesTotalMedian**  The median of the hourly average bytes total.
 - **BytesTotalTwoHourMaxMean**  The mean of the maximum of every two hours of hourly average bytes total.
-- **BytesTotalTwoHourMedianMean**  The mean of the median of every two hour of hourly average bytes total.
 - **LinkSpeed**  The adapter link speed.
 
 
@@ -5914,7 +6419,9 @@ This event sends data for the download request phase of updating Windows via the
 
 The following fields are available:
 
+- **ContainsSafeOSDUPackage**  Boolean indicating whether Safe DU packages are part of the payload.
 - **DeletedCorruptFiles**  Boolean indicating whether corrupt payload was deleted.
+- **DownloadComplete**  Indicates if the download is complete.
 - **DownloadRequests**  Number of times a download was retried.
 - **ErrorCode**  The error code returned for the current download request phase.
 - **ExtensionName**  Indicates whether the payload is related to Operating System content or a plugin.
@@ -6136,12 +6643,15 @@ The following fields are available:
 
 - **ErrorCode**  The error code returned for the current reboot.
 - **FlightId**  Unique ID for the flight (test instance version).
+- **IsSuspendable**  Indicates whether the update has the ability to be suspended and resumed at the time of reboot. When the machine is rebooted and the update is in middle of Predownload or Install and Setup.exe is running, this field is TRUE, if not its FALSE.
 - **ObjectId**  The unique value for each Update Agent mode.
+- **Reason**  Indicates the HResult why the machine could not be suspended. If it is successfully suspended, the result is 0.
 - **RelatedCV**  The correlation vector value generated from the latest USO (Update Service Orchestrator) scan.
 - **Result**  The HResult of the event.
 - **ScenarioId**  The ID of the update scenario.
 - **SessionId**  The ID of the update attempt.
 - **UpdateId**  The ID of the update.
+- **UpdateState**  Indicates the state of the machine when Suspend is called. For example, Install, Download, Commit.
 
 
 ### Update360Telemetry.UpdateAgentSetupBoxLaunch
@@ -6160,6 +6670,7 @@ The following fields are available:
 - **SandboxSize**  Size of the sandbox.
 - **ScenarioId**  Indicates the update scenario.
 - **SessionId**  Unique value for each update attempt.
+- **SetupLaunchAttemptCount**  Indicates the count of attempts to launch setup for the current Update Agent instance.
 - **SetupMode**  Mode of setup to be launched.
 - **UpdateId**  Unique ID for each Update.
 - **UserSession**  Indicates whether install was invoked by user actions.
@@ -6167,6 +6678,22 @@ The following fields are available:
 
 ## Update notification events
 
+### Microsoft.Windows.UpdateNotificationPipeline.UNPCampaignHeartbeat
+
+This event is sent at the start of each campaign, to be used as a heartbeat.
+
+The following fields are available:
+
+- **CampaignConfigVersion**  Configuration version for the current campaign.
+- **CampaignID**  Current campaign that is running on Update Notification Pipeline.
+- **ConfigCatalogVersion**  Current catalog version of Update Notification Pipeline.
+- **ContentVersion**  Content version for the current campaign on Update Notification Pipeline.
+- **CV**  Correlation vector.
+- **DetectorVersion**  Most recently run detector version for the current campaign on Update Notification Pipeline.
+- **GlobalEventCounter**  Client-side counter that indicates the event ordering sent by the user.
+- **PackageVersion**  Current package version for Update Notification Pipeline.
+
+
 ### Microsoft.Windows.UpdateNotificationPipeline.UNPCampaignManagerHeartbeat
 
 This event is sent at the start of the CampaignManager event and is intended to be used as a heartbeat.
@@ -6183,11 +6710,28 @@ The following fields are available:
 - **PackageVersion**  Current UNP package version.
 
 
+### Microsoft.Windows.UpdateNotificationPipeline.UnpCampaignManagerRunCampaignFailed
+
+This event is sent when the Campaign Manager encounters an unexpected error while running the campaign.
+
+The following fields are available:
+
+- **CampaignConfigVersion**  Configuration version for the current campaign.
+- **CampaignID**  Currently campaign that's running on Update Notification Pipeline (UNP).
+- **ConfigCatalogVersion**  Current catalog version of UNP.
+- **ContentVersion**  Content version for the current campaign on UNP.
+- **CV**  Correlation vector.
+- **DetectorVersion**  Most recently run detector version for the current campaign on UNP.
+- **GlobalEventCounter**  Client-side counter that indicates the event ordering sent by the user.
+- **hresult**  HRESULT of the failure.
+- **PackageVersion**  Current UNP package version.
+
+
 ## Upgrade events
 
 ### FacilitatorTelemetry.DCATDownload
 
-This event indicates whether devices received additional or critical supplemental content during an OS Upgrade, to help keep Windows up-to-date and secure.
+This event indicates whether devices received additional or critical supplemental content during an OS Upgrade, to help keep Windows up to date and secure.
 
 The following fields are available:
 
@@ -6206,13 +6750,8 @@ This event returns data about the download of supplemental packages critical to
 
 The following fields are available:
 
-- **DownloadRequestAttributes**  The attributes sent for download.
 - **PackageCategoriesFailed**  Lists the categories of packages that failed to download.
 - **PackageCategoriesSkipped**  Lists the categories of package downloads that were skipped.
-- **ResultCode**  The result of the event execution.
-- **Scenario**  Identifies the active Download scenario.
-- **Url**  The URL the download request was sent to.
-- **Version**  Identifies the version of Facilitator used.
 
 
 ### FacilitatorTelemetry.InitializeDU
@@ -6231,7 +6770,7 @@ The following fields are available:
 
 ### Setup360Telemetry.Downlevel
 
-This event sends data indicating that the device has started the downlevel phase of the upgrade, to help keep Windows up-to-date and secure.
+This event sends data indicating that the device has started the downlevel phase of the upgrade, to help keep Windows up to date and secure.
 
 The following fields are available:
 
@@ -6512,7 +7051,7 @@ The following fields are available:
 - **ReportId**  With Windows Update, this is the updateID that is passed to Setup. In media setup, this is the GUID for the install.wim.
 - **Setup360Extended**  Detailed information about the phase/action when the potential failure occurred.
 - **Setup360Mode**  The phase of Setup360. Example: Predownload, Install, Finalize, Rollback.
-- **Setup360Result**  The result of Setup360. This is an HRESULT error code that can be used to diagnose errors.
+- **Setup360Result**  The result of Setup360. This is an HRESULT error code that can be used used to diagnose errors.
 - **Setup360Scenario**  The Setup360 flow type. Example: Boot, Media, Update, MCT.
 - **SetupVersionBuildNumber**  The build number of Setup360 (build number of target OS).
 - **State**  The exit state of a Setup360 run. Example: succeeded, failed, blocked, cancelled.
@@ -6573,6 +7112,18 @@ The following fields are available:
 - **IsValidDumpFile**  True if the dump file is valid for the debugger, false otherwise
 - **ReportId**  WER Report Id associated with this bug check (used for finding the corresponding report archive in Watson).
 
+### Value
+
+This event returns data about Mean Time to Failure (MTTF) for Windows devices. It is the primary means of estimating reliability problems in Basic Diagnostic reporting with very strong privacy guarantees. Since Basic Diagnostic reporting does not include system up-time, and since that information is important to ensuring the safe and stable operation of Windows, the data provided by this event provides that data in a manner which does not threaten a user’s privacy.
+
+The following fields are available:
+
+- **Algorithm**  The algorithm used to preserve privacy.
+- **DPRange**  The upper bound of the range being measured.
+- **DPValue**  The randomized response returned by the client.
+- **Epsilon**  The level of privacy to be applied.
+- **HistType**  The histogram type if the algorithm is a histogram algorithm.
+- **PertProb**  The probability the entry will be Perturbed if the algorithm chosen is “heavy-hitters”.
 
 ## Windows Error Reporting MTT events
 
@@ -6587,28 +7138,8 @@ The following fields are available:
 - **Value**  Standard UTC emitted DP value structure See [Value](#value).
 
 
-### Value
-
-This event returns data about Mean Time to Failure (MTTF) for Windows devices. It is the primary means of estimating reliability problems in Basic Diagnostic reporting with very strong privacy guarantees. Since Basic Diagnostic reporting does not include system up-time, and since that information is important to ensuring the safe and stable operation of Windows, the data provided by this event provides that data in a manner which does not threaten a user’s privacy.
-
-The following fields are available:
-
-- **Algorithm**  The algorithm used to preserve privacy.
-- **DPRange**  The upper bound of the range being measured.
-- **DPValue**  The randomized response returned by the client.
-- **Epsilon**  The level of privacy to be applied.
-- **HistType**  The histogram type if the algorithm is a histogram algorithm.
-- **PertProb**  The probability the entry will be Perturbed if the algorithm chosen is “heavy-hitters”.
-
-
 ## Windows Store events
 
-### Microsoft.Windows.Store.StoreActivating
-
-This event sends tracking data about when the Store app activation via protocol URI is in progress, to help keep Windows up to date.
-
-
-
 ### Microsoft.Windows.StoreAgent.Telemetry.AbortedInstallation
 
 This event is sent when an installation or update is canceled by a user or the system and is used to help keep Windows Apps up to date and secure.
@@ -6697,6 +7228,7 @@ The following fields are available:
 
 - **AggregatedPackageFullNames**  Includes a set of package full names for each app that is part of an atomic set.
 - **AttemptNumber**  The total number of attempts to acquire this product.
+- **BundleId**  The identity of the test build (flight) associated with this product.
 - **CategoryId**  The identity of the package or packages being installed.
 - **ClientAppId**  The identity of the app that initiated this operation.
 - **HResult**  HResult code to show the result of the operation (success/failure).
@@ -6706,6 +7238,7 @@ The following fields are available:
 - **IsRemediation**  Is this repairing a previous installation?
 - **IsRestore**  Is this happening after a device restore?
 - **IsUpdate**  Is this an update?
+- **ParentBundleId**  The product identifier of the parent if this product is part of a bundle.
 - **PFN**  Product Family Name of the product being installed.
 - **ProductId**  The Store Product ID for the product being installed.
 - **SystemAttemptNumber**  The number of attempts by the system to acquire this product.
@@ -6996,6 +7529,11 @@ This event sends simple Product and Service usage data when a user is using the
 The following fields are available:
 
 - **Phase**  The image creation phase. Values are “Start” or “End”.
+- **Result**  Result of the image creation phase. Indicates if the image was created successfully. Value is integer.
+- **WorkspaceArchitecture**  Architecture of image created.
+- **WorkspaceOsEdition**  OSEdition of the image created.
+- **WskImageEnvironment**  Type of environment image was created for "Lab" or "Non-Lab".
+- **WskSessionId**  A string identifier (GUID) for the workspace.
 - **WskVersion**  The version of the Windows System Kit being used.
 
 
@@ -7009,7 +7547,9 @@ The following fields are available:
 - **CustomizationType**  Indicates the type of customization (drivers or apps).
 - **Mode**  The mode of update to image configuration files. Values are “New” or “Update”.
 - **Phase**  The image creation phase. Values are “Start” or “End”.
+- **Result**  Result of the image creation phase.
 - **Type**  The type of update to image configuration files. Values are “Apps” or “Drivers”.
+- **WskSessionId**  A string identifier (GUID) for the workspace.
 - **WskVersion**  The version of the Windows System Kit being used.
 
 
@@ -7022,11 +7562,21 @@ The following fields are available:
 - **Architecture**  The OS architecture that the workspace will target. Values are one of: “AMD64”, “ARM64”, “x86”, or “ARM”.
 - **OsEdition**  The Operating System Edition that the workspace will target.
 - **Phase**  The image creation phase. Values are “Start” or “End”.
+- **Result**  Stage result. Values are integers.
 - **WorkspaceArchitecture**  The operating system architecture that the workspace will target.
 - **WorkspaceOsEdition**  The operating system edition that the workspace will target.
+- **WskSessionId**  A string identifier (GUID) for the workspace.
 - **WskVersion**  The version of the Windows System Kit being used.
 
 
+## Windows Update CSP events
+
+### Microsoft.Windows.UpdateCsp.ExecuteRollBackFeatureStarted
+
+This event sends basic information indicating that Feature Rollback has started.
+
+
+
 ## Windows Update Delivery Optimization events
 
 ### Microsoft.OSG.DU.DeliveryOptClient.DownloadCanceled
@@ -7100,6 +7650,7 @@ The following fields are available:
 - **groupConnectionCount**  The total number of connections made to peers in the same group.
 - **internetConnectionCount**  The total number of connections made to peers not in the same LAN or the same group.
 - **isEncrypted**  TRUE if the file is encrypted and will be decrypted after download.
+- **isThrottled**  Indicates the Event Rate was throttled (event represent aggregated data).
 - **isVpn**  Is the device connected to a Virtual Private Network?
 - **jobID**  Identifier for the Windows Update job.
 - **lanConnectionCount**  The total number of connections made to peers in the same LAN.
@@ -7504,6 +8055,16 @@ The following fields are available:
 - **wuDeviceid**  Device ID.
 
 
+### Microsoft.Windows.Update.Orchestrator.CommitFailed
+
+This event indicates that a device was unable to restart after an update.
+
+The following fields are available:
+
+- **errorCode**  The error code that was returned.
+- **wuDeviceid**  The Windows Update device GUID.
+
+
 ### Microsoft.Windows.Update.Orchestrator.DeferRestart
 
 This event indicates that a restart required for installing updates was postponed.
@@ -7545,6 +8106,39 @@ The following fields are available:
 - **wuDeviceid**  The unique device ID used by Windows Update.
 
 
+### Microsoft.Windows.Update.Orchestrator.DetectionActivity
+
+This event returns data about detected updates, as well as the types of update (optional or recommended). This data helps keep Windows up to date.
+
+The following fields are available:
+
+- **applicableUpdateIdList**  The list of update identifiers.
+- **applicableUpdateList**  The list of available updates.
+- **durationInSeconds**  The amount of time (in seconds) it took for the event to run.
+- **expeditedMode**  Indicates whether Expedited Mode is on.
+- **networkCostPolicy**  The network cost.
+- **scanTriggerSource**  Indicates whether the scan is Interactive or Background.
+- **scenario**  The result code of the event.
+- **scenarioReason**  The reason for the result code (scenario).
+- **seekerUpdateIdList**  The list of “seeker” update identifiers.
+- **seekerUpdateList**  The list of “seeker” updates.
+- **services**  The list of services that were called during update.
+- **wilActivity**  The activity results. See [wilActivity](#wilactivity).
+
+
+### Microsoft.Windows.Update.Orchestrator.DetectionResult
+
+This event runs when an update is detected. This helps ensure Windows is kept up to date.
+
+The following fields are available:
+
+- **applicableUpdateIdList**  A list of applicable update IDs.
+- **applicableUpdateList**  A list of applicable update names.
+- **seekerUpdateIdList**  A list of optional update IDs.
+- **seekerUpdateList**  A list of optional update names.
+- **wuDeviceid**  The Windows Update device identifier.
+
+
 ### Microsoft.Windows.Update.Orchestrator.DisplayNeeded
 
 This event indicates the reboot was postponed due to needing a display.
@@ -7720,6 +8314,23 @@ The following fields are available:
 - **wuDeviceid**  The Windows Update Device GUID (Globally-Unique ID).
 
 
+### Microsoft.Windows.Update.Orchestrator.PostInstall
+
+This event is sent after a Windows update install completes.
+
+The following fields are available:
+
+- **batteryLevel**  Current battery capacity in megawatt-hours (mWh) or percentage left.
+- **bundleId**  The unique identifier associated with the specific content bundle.
+- **bundleRevisionnumber**  Identifies the revision number of the content bundle.
+- **errorCode**  The error code returned for the current phase.
+- **eventScenario**  State of update action.
+- **flightID**  The unique identifier for the flight (Windows Insider pre-release build) should be delivered to the device, if applicable.
+- **sessionType**  The Windows Update session type (Interactive or Background).
+- **updateScenarioType**  Identifies the type of Update session being performed.
+- **wuDeviceid**  The unique device identifier used by Windows Update.
+
+
 ### Microsoft.Windows.Update.Orchestrator.PreShutdownStart
 
 This event is generated before the shutdown and commit operations.
@@ -7791,6 +8402,32 @@ The following fields are available:
 - **wuDeviceid**  Unique device ID used by Windows Update.
 
 
+### Microsoft.Windows.Update.Orchestrator.SeekerUpdateAvailable
+
+This event defines when an optional update is available for the device to help keep Windows up to date.
+
+The following fields are available:
+
+- **flightID**  The unique identifier of the Windows Insider build on this device.
+- **isFeatureUpdate**  Indicates whether the update is a Feature Update.
+- **revisionNumber**  The revision number of the update.
+- **updateId**  The GUID (Globally Unique Identifier) of the update.
+- **wuDeviceid**  The Windows Update device identifier.
+
+
+### Microsoft.Windows.Update.Orchestrator.SeekUpdate
+
+This event occurs when user initiates "seeker" scan. This helps keep Windows up to date.
+
+The following fields are available:
+
+- **flightID**  The ID of the Windows Insider builds on the device.
+- **isFeatureUpdate**  Indicates that the target of the Seek is a feature update.
+- **revisionNumber**  The revision number of the update.
+- **updateId**  The identifier of the update.
+- **wuDeviceid**  The Windows Update device identifier.
+
+
 ### Microsoft.Windows.Update.Orchestrator.StickUpdate
 
 This event is sent when the update service orchestrator (USO) indicates the update cannot be superseded by a newer update.
@@ -8018,19 +8655,19 @@ This event sends data specific to the FixAppXReparsePoints mitigation used for O
 
 The following fields are available:
 
-- **ClientId**  Unique identifier for each flight.
+- **ClientId**  In the WU scenario, this will be the WU client ID that is passed to Setup. In Media setup, default value is Media360, but can be overwritten by the caller to a unique value.
 - **FlightId**  Unique GUID that identifies each instances of setuphost.exe.
-- **InstanceId**  The update scenario in which the mitigation was executed.
-- **MitigationScenario**  Correlation vector value generated from the latest USO scan.
-- **RelatedCV**  Number of reparse points that are corrupted but we failed to fix them.
-- **ReparsePointsFailed**  Number of reparse points that were corrupted and were fixed by this mitigation.
-- **ReparsePointsFixed**  Number of reparse points that are not corrupted and no action is required.
-- **ReparsePointsSkipped**  HResult of this operation.
-- **Result**  ID indicating the mitigation scenario.
-- **ScenarioId**  Indicates whether the scenario was supported.
-- **ScenarioSupported**  Unique value for each update attempt.
-- **SessionId**  Unique ID for each Update.
-- **UpdateId**  Unique ID for the Windows Update client.
+- **InstanceId**  Unique GUID that identifies each instances of setuphost.exe.
+- **MitigationScenario**  The update scenario in which the mitigation was executed.
+- **RelatedCV**  Correlation vector value generated from the latest USO scan.
+- **ReparsePointsFailed**  Number of reparse points that were corrupted but were not fixed by this mitigation.
+- **ReparsePointsFixed**  Number of reparse points that were corrupted and were fixed by this mitigation.
+- **ReparsePointsSkipped**  Number of reparse points that are not corrupted and no action is required.
+- **Result**  HResult of this operation.
+- **ScenarioId**  ID indicating the mitigation scenario.
+- **ScenarioSupported**  Indicates whether the scenario was supported.
+- **SessionId**  Unique ID for the update session.
+- **UpdateId**  Unique ID for the Windows Update.
 - **WuId**  Unique ID for the Windows Update client.
 
 
@@ -8103,6 +8740,7 @@ This event is sent when the Update Reserve Manager prepares the Trusted Installe
 
 The following fields are available:
 
+- **FallbackLogicUsed**  Indicates whether fallback logic was used for initialization.
 - **Flags**  The flags that are passed to the function to prepare the Trusted Installer for reserve initialization.
 
 
diff --git a/windows/release-information/status-windows-10-1507.yml b/windows/release-information/status-windows-10-1507.yml
index 780532c8fb..9891ddf467 100644
--- a/windows/release-information/status-windows-10-1507.yml
+++ b/windows/release-information/status-windows-10-1507.yml
@@ -29,11 +29,11 @@ sections:
     columns: 3
     items:
     
-    - href: https://aka.ms/how-to-get-1909
-      html: Get the update >
+    - href: https://www.microsoft.com/en-us/microsoft-365/blog/2020/01/14/windows-7-support-ends-today-and-windows-10-is-better-than-ever/
+      html: Find out what you need to know >
       image: 
-        src: http://docs.microsoft.com/media/common/i_download-install.svg
-      title: Windows 10, version 1909 now available
+        src: https://docs.microsoft.com/media/common/i_alert.svg
+      title: Windows 7 has reached end of support
     - href: https://aka.ms/1909mechanics
       html: Explore the improvements >
       image: 
diff --git a/windows/release-information/status-windows-10-1607-and-windows-server-2016.yml b/windows/release-information/status-windows-10-1607-and-windows-server-2016.yml
index b7c13357d2..d38454e785 100644
--- a/windows/release-information/status-windows-10-1607-and-windows-server-2016.yml
+++ b/windows/release-information/status-windows-10-1607-and-windows-server-2016.yml
@@ -29,11 +29,11 @@ sections:
     columns: 3
     items:
     
-    - href: https://aka.ms/how-to-get-1909
-      html: Get the update >
+    - href: https://www.microsoft.com/en-us/microsoft-365/blog/2020/01/14/windows-7-support-ends-today-and-windows-10-is-better-than-ever/
+      html: Find out what you need to know >
       image: 
-        src: http://docs.microsoft.com/media/common/i_download-install.svg
-      title: Windows 10, version 1909 now available
+        src: https://docs.microsoft.com/media/common/i_alert.svg
+      title: Windows 7 has reached end of support
     - href: https://aka.ms/1909mechanics
       html: Explore the improvements >
       image: 
diff --git a/windows/release-information/status-windows-10-1709.yml b/windows/release-information/status-windows-10-1709.yml
index 20cdc6691b..af729c8f0f 100644
--- a/windows/release-information/status-windows-10-1709.yml
+++ b/windows/release-information/status-windows-10-1709.yml
@@ -29,11 +29,11 @@ sections:
     columns: 3
     items:
     
-    - href: https://aka.ms/how-to-get-1909
-      html: Get the update >
+    - href: https://www.microsoft.com/en-us/microsoft-365/blog/2020/01/14/windows-7-support-ends-today-and-windows-10-is-better-than-ever/
+      html: Find out what you need to know >
       image: 
-        src: http://docs.microsoft.com/media/common/i_download-install.svg
-      title: Windows 10, version 1909 now available
+        src: https://docs.microsoft.com/media/common/i_alert.svg
+      title: Windows 7 has reached end of support
     - href: https://aka.ms/1909mechanics
       html: Explore the improvements >
       image: 
diff --git a/windows/release-information/status-windows-10-1803.yml b/windows/release-information/status-windows-10-1803.yml
index 259b1f258f..397f577291 100644
--- a/windows/release-information/status-windows-10-1803.yml
+++ b/windows/release-information/status-windows-10-1803.yml
@@ -33,11 +33,11 @@ sections:
     columns: 3
     items:
     
-    - href: https://aka.ms/how-to-get-1909
-      html: Get the update >
+    - href: https://www.microsoft.com/en-us/microsoft-365/blog/2020/01/14/windows-7-support-ends-today-and-windows-10-is-better-than-ever/
+      html: Find out what you need to know >
       image: 
-        src: http://docs.microsoft.com/media/common/i_download-install.svg
-      title: Windows 10, version 1909 now available
+        src: https://docs.microsoft.com/media/common/i_alert.svg
+      title: Windows 7 has reached end of support
     - href: https://aka.ms/1909mechanics
       html: Explore the improvements >
       image: 
diff --git a/windows/release-information/status-windows-10-1809-and-windows-server-2019.yml b/windows/release-information/status-windows-10-1809-and-windows-server-2019.yml
index b45f2a51e5..51ee30b209 100644
--- a/windows/release-information/status-windows-10-1809-and-windows-server-2019.yml
+++ b/windows/release-information/status-windows-10-1809-and-windows-server-2019.yml
@@ -33,11 +33,11 @@ sections:
     columns: 3
     items:
     
-    - href: https://aka.ms/how-to-get-1909
-      html: Get the update >
+    - href: https://www.microsoft.com/en-us/microsoft-365/blog/2020/01/14/windows-7-support-ends-today-and-windows-10-is-better-than-ever/
+      html: Find out what you need to know >
       image: 
-        src: http://docs.microsoft.com/media/common/i_download-install.svg
-      title: Windows 10, version 1909 now available
+        src: https://docs.microsoft.com/media/common/i_alert.svg
+      title: Windows 7 has reached end of support
     - href: https://aka.ms/1909mechanics
       html: Explore the improvements >
       image: 
diff --git a/windows/release-information/status-windows-10-1903.yml b/windows/release-information/status-windows-10-1903.yml
index 695f9e9477..b1bf959c78 100644
--- a/windows/release-information/status-windows-10-1903.yml
+++ b/windows/release-information/status-windows-10-1903.yml
@@ -33,11 +33,11 @@ sections:
     columns: 3
     items:
     
-    - href: https://aka.ms/how-to-get-1909
-      html: Get the update >
+    - href: https://www.microsoft.com/en-us/microsoft-365/blog/2020/01/14/windows-7-support-ends-today-and-windows-10-is-better-than-ever/
+      html: Find out what you need to know >
       image: 
-        src: http://docs.microsoft.com/media/common/i_download-install.svg
-      title: Windows 10, version 1909 now available
+        src: https://docs.microsoft.com/media/common/i_alert.svg
+      title: Windows 7 has reached end of support
     - href: https://aka.ms/1909mechanics
       html: Explore the improvements >
       image: 
diff --git a/windows/release-information/status-windows-10-1909.yml b/windows/release-information/status-windows-10-1909.yml
index ac72f26612..61f2073d2e 100644
--- a/windows/release-information/status-windows-10-1909.yml
+++ b/windows/release-information/status-windows-10-1909.yml
@@ -33,11 +33,11 @@ sections:
     columns: 3
     items:
     
-    - href: https://aka.ms/how-to-get-1909
-      html: Get the update >
+    - href: https://www.microsoft.com/en-us/microsoft-365/blog/2020/01/14/windows-7-support-ends-today-and-windows-10-is-better-than-ever/
+      html: Find out what you need to know >
       image: 
-        src: http://docs.microsoft.com/media/common/i_download-install.svg
-      title: Windows 10, version 1909 now available
+        src: https://docs.microsoft.com/media/common/i_alert.svg
+      title: Windows 7 has reached end of support
     - href: https://aka.ms/1909mechanics
       html: Explore the improvements >
       image: 
diff --git a/windows/release-information/status-windows-7-and-windows-server-2008-r2-sp1.yml b/windows/release-information/status-windows-7-and-windows-server-2008-r2-sp1.yml
index dadedc3369..574e1ff814 100644
--- a/windows/release-information/status-windows-7-and-windows-server-2008-r2-sp1.yml
+++ b/windows/release-information/status-windows-7-and-windows-server-2008-r2-sp1.yml
@@ -29,11 +29,11 @@ sections:
     columns: 3
     items:
     
-    - href: https://aka.ms/how-to-get-1909
-      html: Get the update >
+    - href: https://www.microsoft.com/en-us/microsoft-365/blog/2020/01/14/windows-7-support-ends-today-and-windows-10-is-better-than-ever/
+      html: Find out what you need to know >
       image: 
-        src: http://docs.microsoft.com/media/common/i_download-install.svg
-      title: Windows 10, version 1909 now available
+        src: https://docs.microsoft.com/media/common/i_alert.svg
+      title: Windows 7 has reached end of support
     - href: https://aka.ms/1909mechanics
       html: Explore the improvements >
       image: 
diff --git a/windows/release-information/status-windows-8.1-and-windows-server-2012-r2.yml b/windows/release-information/status-windows-8.1-and-windows-server-2012-r2.yml
index 3db7d9a3ea..388b55fa0a 100644
--- a/windows/release-information/status-windows-8.1-and-windows-server-2012-r2.yml
+++ b/windows/release-information/status-windows-8.1-and-windows-server-2012-r2.yml
@@ -29,11 +29,11 @@ sections:
     columns: 3
     items:
     
-    - href: https://aka.ms/how-to-get-1909
-      html: Get the update >
+    - href: https://www.microsoft.com/en-us/microsoft-365/blog/2020/01/14/windows-7-support-ends-today-and-windows-10-is-better-than-ever/
+      html: Find out what you need to know >
       image: 
-        src: http://docs.microsoft.com/media/common/i_download-install.svg
-      title: Windows 10, version 1909 now available
+        src: https://docs.microsoft.com/media/common/i_alert.svg
+      title: Windows 7 has reached end of support
     - href: https://aka.ms/1909mechanics
       html: Explore the improvements >
       image: 
diff --git a/windows/release-information/status-windows-server-2008-sp2.yml b/windows/release-information/status-windows-server-2008-sp2.yml
index ba7311b1cc..0a5c7ee17d 100644
--- a/windows/release-information/status-windows-server-2008-sp2.yml
+++ b/windows/release-information/status-windows-server-2008-sp2.yml
@@ -29,11 +29,11 @@ sections:
     columns: 3
     items:
     
-    - href: https://aka.ms/how-to-get-1909
-      html: Get the update >
+    - href: https://www.microsoft.com/en-us/microsoft-365/blog/2020/01/14/windows-7-support-ends-today-and-windows-10-is-better-than-ever/
+      html: Find out what you need to know >
       image: 
-        src: http://docs.microsoft.com/media/common/i_download-install.svg
-      title: Windows 10, version 1909 now available
+        src: https://docs.microsoft.com/media/common/i_alert.svg
+      title: Windows 7 has reached end of support
     - href: https://aka.ms/1909mechanics
       html: Explore the improvements >
       image: 
diff --git a/windows/release-information/status-windows-server-2012.yml b/windows/release-information/status-windows-server-2012.yml
index ae33c73b72..96c3cad5e2 100644
--- a/windows/release-information/status-windows-server-2012.yml
+++ b/windows/release-information/status-windows-server-2012.yml
@@ -29,11 +29,11 @@ sections:
     columns: 3
     items:
     
-    - href: https://aka.ms/how-to-get-1909
-      html: Get the update >
+    - href: https://www.microsoft.com/en-us/microsoft-365/blog/2020/01/14/windows-7-support-ends-today-and-windows-10-is-better-than-ever/
+      html: Find out what you need to know >
       image: 
-        src: http://docs.microsoft.com/media/common/i_download-install.svg
-      title: Windows 10, version 1909 now available
+        src: https://docs.microsoft.com/media/common/i_alert.svg
+      title: Windows 7 has reached end of support
     - href: https://aka.ms/1909mechanics
       html: Explore the improvements >
       image: 
diff --git a/windows/release-information/windows-message-center.yml b/windows/release-information/windows-message-center.yml
index e8c99b7485..f993b30323 100644
--- a/windows/release-information/windows-message-center.yml
+++ b/windows/release-information/windows-message-center.yml
@@ -23,11 +23,11 @@ sections:
     columns: 2
     items:
     
-    - href: https://aka.ms/how-to-get-1909
-      html: Get the update >
+    - href: https://www.microsoft.com/en-us/microsoft-365/blog/2020/01/14/windows-7-support-ends-today-and-windows-10-is-better-than-ever/
+      html: Find out what you need to know >
       image: 
-        src: http://docs.microsoft.com/media/common/i_download-install.svg
-      title: Windows 10, version 1909 now available
+        src: https://docs.microsoft.com/media/common/i_alert.svg
+      title: Windows 7 has reached end of support
     - href: https://aka.ms/1909mechanics
       html: Explore the improvements >
       image: 
@@ -50,6 +50,7 @@ sections:
     text: "
       <table border ='0'><tr><td width='80%'>Message</td><td width='20%'>Date</td></tr>
       
+      <tr><td id='382'><a href = 'https://www.microsoft.com/en-us/microsoft-365/blog/2020/01/14/windows-7-support-ends-today-and-windows-10-is-better-than-ever/' target='_blank'><b>Windows 7 has reached end of support</b></a><a class='docon docon-link heading-anchor' aria-labelledby='382' href='#382'></a><br><div>Windows&nbsp;7 reached end of support on January 14, 2020. If your organization has&nbsp;not yet been able to complete your transition from Windows 7 to Windows 10, and want to continue to receive security updates while you complete your upgrade projects, please read <a href=\"https://techcommunity.microsoft.com/t5/windows-it-pro-blog/how-to-get-extended-security-updates-for-eligible-windows/ba-p/917807\" rel=\"noopener noreferrer\" target=\"_blank\">How to get Extended Security Updates for eligible Windows devices</a>. For more information on end of service dates for currently supported versions of Windows 10, see the&nbsp;<a href=\"https://support.microsoft.com/help/13853/windows-lifecycle-fact-sheet\" rel=\"noopener noreferrer\" target=\"_blank\">Windows lifecycle fact sheet</a>.</div></td><td>January 15, 2020 <br>10:00 AM PT</td></tr>
       <tr><td id='379'><a href = 'https://support.microsoft.com/help/4528760' target='_blank'><b>Take action: January 2020 security update available for all supported versions of Windows</b></a><a class='docon docon-link heading-anchor' aria-labelledby='379' href='#379'></a><br><div>The January 2020 security update release, referred to as our “B” release, is now available for Windows 10, version 1909 and all supported versions of Windows. We recommend that you install these updates promptly. For more information on the different types of monthly quality updates, see our <a href=\"https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Windows-10-update-servicing-cadence/ba-p/222376\" rel=\"noopener noreferrer\" target=\"_blank\">Windows 10 update servicing cadence primer</a>. To be informed about the latest updates and releases, follow us on Twitter&nbsp;<a href=\"https://twitter.com/windowsupdate\" rel=\"noopener noreferrer\" target=\"_blank\">@WindowsUpdate</a>.</div></td><td>January 14, 2020 <br>08:00 AM PT</td></tr>
       <tr><td id='380'><a href = 'https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0601' target='_blank'><b>Advisory: Windows CryptoAPI certificate validation vulnerability</b></a><a class='docon docon-link heading-anchor' aria-labelledby='380' href='#380'></a><br><div>On January 14, 2020, Microsoft released security updates to address&nbsp;an<a href=\"&nbsp;elliptic-curve cryptography&nbsp;(\" target=\"_blank\" rel=\"noopener noreferrer\">&nbsp;elliptic-curve cryptography<u>&nbsp;(</u></a>ECC) certificate validation issue in the Windows CryptoAPI. This vulnerability applies to all versions of the Windows 10&nbsp;operating system, client and server.&nbsp;While we have not observed an attack exploiting this vulnerability,&nbsp;we recommend that you apply this update to all of your Windows 10 devices&nbsp;with priority. Here is what you need to know:</div><ul><li>If you are running a supported version of Windows&nbsp;10&nbsp;and have automatic updates enabled, you are automatically protected and do not need to take any&nbsp;further&nbsp;action.</li><li>If you are managing updates on behalf of your organization, you should download the latest updates from the&nbsp;<a href=\"https://portal.msrc.microsoft.com/en-us/\" target=\"_blank\" rel=\"noopener noreferrer\">Microsoft Security Update Guide&nbsp;</a>and apply those updates to your&nbsp;Windows 10 devices and servers&nbsp;as soon as possible.</li></ul><div></div><div>If you are&nbsp;running an <a href=\"https://support.microsoft.com/help/13853/windows-lifecycle-fact-sheet\" target=\"_blank\" rel=\"noopener noreferrer\">unsupported version of Windows 10</a>, we&nbsp;recommend that you upgrade to the current version of Windows 10 to benefit from the latest security protections.&nbsp;For more information&nbsp;about this vulnerability,&nbsp;see&nbsp;the <a href=\"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0601\" target=\"_blank\" rel=\"noopener noreferrer\">Microsoft Security Guidance for&nbsp;CVE-2020-0601</a> and the Microsoft Security Response Center blog, <a href=\"https://msrc-blog.microsoft.com/2020/01/14/january-2020-security-updates-cve-2020-0601/\" target=\"_blank\" rel=\"noopener noreferrer\">January 2020 Security Updates: CVE-2020-0601</a>.</div></td><td>January 14, 2020 <br>08:00 AM PT</td></tr>
       <tr><td id='376'><a href = 'https://support.microsoft.com/help/4530684' target='_blank'><b>Take action: December 2019 security update available for all supported versions of Windows</b></a><a class='docon docon-link heading-anchor' aria-labelledby='376' href='#376'></a><br><div>The December 2019 security update release, referred to as our “B” release, is now available for Windows 10, version 1909 and all supported versions of Windows. We recommend that you install these updates promptly. For more information on the different types of monthly quality updates, see our <a href=\"https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Windows-10-update-servicing-cadence/ba-p/222376\" rel=\"noopener noreferrer\" target=\"_blank\">Windows 10 update servicing cadence primer</a>. To be informed about the latest updates and releases, follow us on Twitter&nbsp;<a href=\"https://twitter.com/windowsupdate\" rel=\"noopener noreferrer\" target=\"_blank\">@WindowsUpdate</a>.</div></td><td>December 10, 2019 <br>08:00 AM PT</td></tr>

From 8673500b224a773e04e401b643587a8cc2f041bd Mon Sep 17 00:00:00 2001
From: isbrahm <43386070+isbrahm@users.noreply.github.com>
Date: Wed, 15 Jan 2020 14:43:04 -0800
Subject: [PATCH 13/96] Update LOB Win32 apps on s mode

Add brief testing information, correct spelling mistakes, add errata section
---
 .../LOB-win32-apps-on-s.md                        | 15 +++++++++++----
 1 file changed, 11 insertions(+), 4 deletions(-)

diff --git a/windows/security/threat-protection/windows-defender-application-control/LOB-win32-apps-on-s.md b/windows/security/threat-protection/windows-defender-application-control/LOB-win32-apps-on-s.md
index 4095a6a122..edd54678bf 100644
--- a/windows/security/threat-protection/windows-defender-application-control/LOB-win32-apps-on-s.md
+++ b/windows/security/threat-protection/windows-defender-application-control/LOB-win32-apps-on-s.md
@@ -32,7 +32,8 @@ Refer to the below video for an overview and brief demo.
 
 ## Policy Authorization Process
 ![Policy Authorization](images/wdac-intune-policy-authorization.png)
-The general steps for expanding the S mode base policy on your devices are to generate a supplemental policy, sign that policy, and then upload the signed policy to Intune and assign it to user or device groups.
+The general steps for expanding the S mode base policy on your Intune-managed devices are to generate a supplemental policy, sign that policy, and then upload the signed policy to Intune and assign it to user or device groups. Because you need access to WDAC PowerShell cmdlets to generate your supplemental policy, you should create and manage your policies on a non-S mode device. Once the policy has been uploaded to Intune, we recommend assigning it to a single test S-mode device to verify expected functioning before deploying the policy more broadly.
+
 1. Generate a supplemental policy with WDAC tooling
 
     This policy will expand the S mode base policy to authorize additional applications. Anything authorized by either the S mode base policy or your supplemental policy will be allowed to run. Your supplemental policies can specify filepath rules, trusted publishers, and more. 
@@ -60,7 +61,7 @@ The general steps for expanding the S mode base policy on your devices are to ge
     -  Since you'll be signing your policy, you must authorize the signing certificate you will use to sign the policy and optionally one or more additional signers that can be used to sign updates to the policy in the future. For more information, refer to Section 2, Sign policy. Use Add-SignerRule to add the signing certificate to the WDAC policy: 
        
         ```powershell
-        Add-SignerRule -FilePath <policypath> -CertificatePath <certpath> -User -Update`
+        Add-SignerRule -FilePath <policypath> -CertificatePath <certpath> -User -Update
         ```
     - Convert to .bin using [ConvertFrom-CIPolicy](https://docs.microsoft.com/powershell/module/configci/convertfrom-cipolicy?view=win10-ps)
 
@@ -91,7 +92,7 @@ Your supplemental policy can be used to significantly relax the S mode base poli
 
 Instead of authorizing signers external to your organization, Intune has added new functionality to make it easier to authorize existing applications (without requiring repackaging or access to the source code) through the use of signed catalogs. This works for apps which may be unsigned or even signed apps when you don’t want to trust all apps that may share the same signing certificate.
 
-The basic process is to generate a catalog file for each app using Package Inspector, then sign the catalog files using the DGSS or a custom PKI. After that, IT Pros can use the standard Intune app deployment process outlined above. Refer to [Deploy catalog files to support Windows Defender Application Control](deploy-catalog-files-to-support-windows-defender-application-control.md) for more in-depth guidance on generating catalogs. 
+The basic process is to generate a catalog file for each app using Package Inspector, then sign the catalog files using the DGSS or a custom PKI. Use the Add-SignerRule PowerShell cmdlet as shown above to authorize the catalog signing certificate in the supplemental policy. After that, IT Pros can use the standard Intune app deployment process outlined above. Refer to [Deploy catalog files to support Windows Defender Application Control](deploy-catalog-files-to-support-windows-defender-application-control.md) for more in-depth guidance on generating catalogs. 
 
 > [!Note] 
 > Every time an app updates, you will need to deploy an updated catalog. Because of this, IT Pros should try to avoid using catalog files for applications that auto-update and direct users not to update applications on their own.
@@ -180,8 +181,11 @@ Below is a sample policy that allows kernel debuggers, PowerShell ISE, and Regis
 </SiPolicy>
 ```
 ## Policy removal
+In order to revert users to an unmodified S mode policy, an IT Pro can remove a user or users from the targeted Intune group which received the policy, which will trigger a removal of both the policy and the authorization token from the device.
+
+IT Pros also have the choice of deleting a supplemental policy through Intune.
 > [!Note]
-> This feature currently has a known a policy deletion bug, with a fix expected in the 2D update in late February 2020. Devices of users who are unenrolled will still have their WDAC policies removed. In the mentime, IT Pros are recommended to update their policy with the below 'empty' policy which makes no changes to S mode.
+> This feature currently has a known bug which occurs when an S mode supplemental policy is deleted through Intune, in which the policy is not immediately removed from the devices to which it was deployed. A fix is expected in the 2D update in late February 2020. In the meantime, IT Pros are recommended to update their policy with the below 'empty' policy which makes no changes to S mode.
 
 ```xml
 <?xml version="1.0" encoding="utf-8"?>
@@ -233,3 +237,6 @@ Below is a sample policy that allows kernel debuggers, PowerShell ISE, and Regis
   </Settings>
 </SiPolicy>
 ```
+
+## Errata
+If an S-mode device with a policy authorization token and supplemental policy is rolled back from the 1909 update to the 1903 build, it will not revert to locked-down S mode until the next policy refresh. To achieve an immediate change to a locked-down S mode state, IT Pros should delete any tokens in %SystemRoot%\System32\CI\Tokens\Active.

From d452fb853d68f57928e791f8cc275c6a8b6d283f Mon Sep 17 00:00:00 2001
From: John Liu <49762389+ShenLanJohn@users.noreply.github.com>
Date: Wed, 15 Jan 2020 14:52:41 -0800
Subject: [PATCH 14/96] CAT Auto Pulish for Windows Release Messages -
 20200115144242 (#1872)

* January 2020 update

* adding micarraygeometry and value

* removing locale from links

* Update deploy-windows-10-to-surface-devices-with-mdt.md

* CAT Auto Pulish for Windows Release Messages - CAT_AutoPublish_20200115103958 (#1865)

Co-authored-by: Direesh Kumar Kandakatla <direek@microsoft.com>

* Update deploy-windows-10-to-surface-devices-with-mdt.md

* Trying to get Figure 16 to be indented

* CAT Auto Pulish for Windows Release Messages - CAT_AutoPublish_20200115135958 (#1871)

Co-authored-by: Direesh Kumar Kandakatla <direek@microsoft.com>

Co-authored-by: Brian Lich <brianlic-msft@users.noreply.github.com>
Co-authored-by: Dani Halfin <daniha@microsoft.com>
Co-authored-by: John Kaiser <35939694+CoveMiner@users.noreply.github.com>
Co-authored-by: Direesh Kumar Kandakatla <direek@microsoft.com>
Co-authored-by: Gary Moore <v-gmoor@microsoft.com>
---
 ...deploy-windows-10-to-surface-devices-with-mdt.md | 13 +++++--------
 .../release-information/windows-message-center.yml  |  2 +-
 2 files changed, 6 insertions(+), 9 deletions(-)

diff --git a/devices/surface/deploy-windows-10-to-surface-devices-with-mdt.md b/devices/surface/deploy-windows-10-to-surface-devices-with-mdt.md
index fe487f8337..61fc8352df 100644
--- a/devices/surface/deploy-windows-10-to-surface-devices-with-mdt.md
+++ b/devices/surface/deploy-windows-10-to-surface-devices-with-mdt.md
@@ -11,7 +11,7 @@ ms.author: dansimp
 ms.topic: article
 ms.localizationpriority: medium
 ms.audience: itpro
-ms.date: 10/21/2019
+ms.date: 01/15/2020
 ms.reviewer: 
 manager: dansimp
 ---
@@ -99,10 +99,7 @@ Because customizations are performed by MDT at the time of deployment, the goal
 
 For your deployed Windows environment to function correctly on your Surface devices, you will need to install the drivers used by Windows to communicate with the components of your device. These drivers are available for download in the Microsoft Download Center for each Surface device. You can find the correct Microsoft Download Center page for your device at [Download the latest firmware and drivers for Surface devices](https://technet.microsoft.com/itpro/surface/deploy-the-latest-firmware-and-drivers-for-surface-devices).
 
-When you browse to the specific Microsoft Download Center page for your device, you will notice that there are two files available for download. One file is a Windows Installer (.msi) file. This file is used to update drivers on devices that are already running Windows or that have device management solutions. The other file is an archive (.zip) file. This file contains the individual driver files that are used during deployment, or for manual installation with Device Manager. The file that you will need to download is the .zip archive file. You can read more about the difference between the firmware and driver pack file types at [Manage Surface driver and firmware updates](https://technet.microsoft.com/itpro/surface/manage-surface-pro-3-firmware-updates).
-
-
-In addition to the driver files that help Windows communicate with the hardware components of the Surface device, the .zip file you download will also contain firmware updates. These firmware updates will update the instructions used by the device hardware to communicate between components and Windows. The firmware of Surface device components is updated by installation of specific driver files and thus is installed along with the other drivers during deployment. The firmware of an out-of-date Surface device is thus updated when the device reboots during and after the Windows deployment process.
+When you browse to the specific Microsoft Download Center page for your device, you will find a Windows Installer (.msi) file. This file is used to update drivers on devices that are already running Windows or that have device management solutions. Firmware updates maintain the instructions used by the device hardware to communicate between components and Windows. The firmware of Surface device components is updated by installation of specific driver files and thus is installed along with the other drivers during deployment. For more information, see [Manage Surface driver and firmware updates](https://technet.microsoft.com/itpro/surface/manage-surface-pro-3-firmware-updates).
 
 >[!NOTE]
 >Beginning in Windows 10, the drivers for Surface devices are included in the Windows Preinstallation Environment (WinPE). In earlier versions of Windows, specific drivers (like network drivers) had to be imported and configured in MDT for use in WinPE to successfully deploy to Surface devices.
@@ -234,7 +231,7 @@ You now have an empty deployment share that is ready for you to add the resource
 The first resources that are required to perform a deployment of Windows are the installation files from Windows 10 installation media. Even if you have an already prepared reference image, you still need to supply the unaltered installation files from your installation media. The source of these files can be a physical disk, or it can be an ISO file like the download from the Volume Licensing Service Center (VLSC).
 
 >[!NOTE]
->A 64-bit operating system is required for compatibility with Surface Studio, Surface Pro 4, Surface Book, Surface Pro 3, and Surface 3.
+>A 64-bit operating system is required for compatibility with Surface devices except Surface Pro X which cannot be managed with MDT.
 
 To import Windows 10 installation files, follow these steps:
 
@@ -404,9 +401,9 @@ Perform the reference image deployment and capture using the following steps:
    * **Locale and Time** – Leave the default options for language and time settings selected. The locale and time settings will be specified during deployment of the image to other devices. Click **Next**.
    * **Capture Image** – Click the **Capture an Image of this Reference Computer** option, as shown in Figure 16. In the **Location** field, keep the default location of the Captures folder. You can keep or change the name of the image file in the **File Name** field. When you are finished, click **Next**.
   
-   ![Capture an image of the reference machine](images/surface-deploymdt-fig16.png "Capture an image of the reference machine")
+    ![Capture an image of the reference machine](images/surface-deploymdt-fig16.png "Capture an image of the reference machine")
     
-   *Figure 16. Use the Capture Image page to capture an image of the reference machine after deployment*
+    *Figure 16. Use the Capture Image page to capture an image of the reference machine after deployment*
 
    * **Ready** – You can review your selections by expanding **Details** on the **Ready** page. Click **Begin** when you are ready to perform the deployment and capture of your reference image.
 
diff --git a/windows/release-information/windows-message-center.yml b/windows/release-information/windows-message-center.yml
index f993b30323..ee042491ec 100644
--- a/windows/release-information/windows-message-center.yml
+++ b/windows/release-information/windows-message-center.yml
@@ -52,7 +52,7 @@ sections:
       
       <tr><td id='382'><a href = 'https://www.microsoft.com/en-us/microsoft-365/blog/2020/01/14/windows-7-support-ends-today-and-windows-10-is-better-than-ever/' target='_blank'><b>Windows 7 has reached end of support</b></a><a class='docon docon-link heading-anchor' aria-labelledby='382' href='#382'></a><br><div>Windows&nbsp;7 reached end of support on January 14, 2020. If your organization has&nbsp;not yet been able to complete your transition from Windows 7 to Windows 10, and want to continue to receive security updates while you complete your upgrade projects, please read <a href=\"https://techcommunity.microsoft.com/t5/windows-it-pro-blog/how-to-get-extended-security-updates-for-eligible-windows/ba-p/917807\" rel=\"noopener noreferrer\" target=\"_blank\">How to get Extended Security Updates for eligible Windows devices</a>. For more information on end of service dates for currently supported versions of Windows 10, see the&nbsp;<a href=\"https://support.microsoft.com/help/13853/windows-lifecycle-fact-sheet\" rel=\"noopener noreferrer\" target=\"_blank\">Windows lifecycle fact sheet</a>.</div></td><td>January 15, 2020 <br>10:00 AM PT</td></tr>
       <tr><td id='379'><a href = 'https://support.microsoft.com/help/4528760' target='_blank'><b>Take action: January 2020 security update available for all supported versions of Windows</b></a><a class='docon docon-link heading-anchor' aria-labelledby='379' href='#379'></a><br><div>The January 2020 security update release, referred to as our “B” release, is now available for Windows 10, version 1909 and all supported versions of Windows. We recommend that you install these updates promptly. For more information on the different types of monthly quality updates, see our <a href=\"https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Windows-10-update-servicing-cadence/ba-p/222376\" rel=\"noopener noreferrer\" target=\"_blank\">Windows 10 update servicing cadence primer</a>. To be informed about the latest updates and releases, follow us on Twitter&nbsp;<a href=\"https://twitter.com/windowsupdate\" rel=\"noopener noreferrer\" target=\"_blank\">@WindowsUpdate</a>.</div></td><td>January 14, 2020 <br>08:00 AM PT</td></tr>
-      <tr><td id='380'><a href = 'https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0601' target='_blank'><b>Advisory: Windows CryptoAPI certificate validation vulnerability</b></a><a class='docon docon-link heading-anchor' aria-labelledby='380' href='#380'></a><br><div>On January 14, 2020, Microsoft released security updates to address&nbsp;an<a href=\"&nbsp;elliptic-curve cryptography&nbsp;(\" target=\"_blank\" rel=\"noopener noreferrer\">&nbsp;elliptic-curve cryptography<u>&nbsp;(</u></a>ECC) certificate validation issue in the Windows CryptoAPI. This vulnerability applies to all versions of the Windows 10&nbsp;operating system, client and server.&nbsp;While we have not observed an attack exploiting this vulnerability,&nbsp;we recommend that you apply this update to all of your Windows 10 devices&nbsp;with priority. Here is what you need to know:</div><ul><li>If you are running a supported version of Windows&nbsp;10&nbsp;and have automatic updates enabled, you are automatically protected and do not need to take any&nbsp;further&nbsp;action.</li><li>If you are managing updates on behalf of your organization, you should download the latest updates from the&nbsp;<a href=\"https://portal.msrc.microsoft.com/en-us/\" target=\"_blank\" rel=\"noopener noreferrer\">Microsoft Security Update Guide&nbsp;</a>and apply those updates to your&nbsp;Windows 10 devices and servers&nbsp;as soon as possible.</li></ul><div></div><div>If you are&nbsp;running an <a href=\"https://support.microsoft.com/help/13853/windows-lifecycle-fact-sheet\" target=\"_blank\" rel=\"noopener noreferrer\">unsupported version of Windows 10</a>, we&nbsp;recommend that you upgrade to the current version of Windows 10 to benefit from the latest security protections.&nbsp;For more information&nbsp;about this vulnerability,&nbsp;see&nbsp;the <a href=\"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0601\" target=\"_blank\" rel=\"noopener noreferrer\">Microsoft Security Guidance for&nbsp;CVE-2020-0601</a> and the Microsoft Security Response Center blog, <a href=\"https://msrc-blog.microsoft.com/2020/01/14/january-2020-security-updates-cve-2020-0601/\" target=\"_blank\" rel=\"noopener noreferrer\">January 2020 Security Updates: CVE-2020-0601</a>.</div></td><td>January 14, 2020 <br>08:00 AM PT</td></tr>
+      <tr><td id='380'><a href = 'https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0601' target='_blank'><b>Advisory: Windows CryptoAPI certificate validation vulnerability</b></a><a class='docon docon-link heading-anchor' aria-labelledby='380' href='#380'></a><br><div>On January 14, 2020, Microsoft released security updates to address&nbsp;an&nbsp;<a href=\"https://en.wikipedia.org/wiki/Elliptic-curve_cryptography\" rel=\"noopener noreferrer\" target=\"_blank\"><u>elliptic-curve cryptography</u></a>&nbsp;(ECC) certificate validation issue in the Windows CryptoAPI. This vulnerability applies to all versions of the Windows 10&nbsp;operating system, client and server.&nbsp;While we have not observed an attack exploiting this vulnerability,&nbsp;we recommend that you apply this update to all of your Windows 10 devices&nbsp;with priority. Here is what you need to know:</div><ul><li>If you are running a supported version of Windows&nbsp;10&nbsp;and have automatic updates enabled, you are automatically protected and do not need to take any&nbsp;further&nbsp;action.</li><li>If you are managing updates on behalf of your organization, you should download the latest updates from the&nbsp;<a href=\"https://portal.msrc.microsoft.com/en-us/\" rel=\"noopener noreferrer\" target=\"_blank\">Microsoft Security Update Guide&nbsp;</a>and apply those updates to your&nbsp;Windows 10 devices and servers&nbsp;as soon as possible.</li></ul><div></div><div>If you are&nbsp;running an <a href=\"https://support.microsoft.com/help/13853/windows-lifecycle-fact-sheet\" rel=\"noopener noreferrer\" target=\"_blank\">unsupported version of Windows 10</a>, we&nbsp;recommend that you upgrade to the current version of Windows 10 to benefit from the latest security protections.&nbsp;For more information&nbsp;about this vulnerability,&nbsp;see&nbsp;the <a href=\"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0601\" rel=\"noopener noreferrer\" target=\"_blank\">Microsoft Security Guidance for&nbsp;CVE-2020-0601</a> and the Microsoft Security Response Center blog, <a href=\"https://msrc-blog.microsoft.com/2020/01/14/january-2020-security-updates-cve-2020-0601/\" rel=\"noopener noreferrer\" target=\"_blank\">January 2020 Security Updates: CVE-2020-0601</a>.</div></td><td>January 14, 2020 <br>08:00 AM PT</td></tr>
       <tr><td id='376'><a href = 'https://support.microsoft.com/help/4530684' target='_blank'><b>Take action: December 2019 security update available for all supported versions of Windows</b></a><a class='docon docon-link heading-anchor' aria-labelledby='376' href='#376'></a><br><div>The December 2019 security update release, referred to as our “B” release, is now available for Windows 10, version 1909 and all supported versions of Windows. We recommend that you install these updates promptly. For more information on the different types of monthly quality updates, see our <a href=\"https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Windows-10-update-servicing-cadence/ba-p/222376\" rel=\"noopener noreferrer\" target=\"_blank\">Windows 10 update servicing cadence primer</a>. To be informed about the latest updates and releases, follow us on Twitter&nbsp;<a href=\"https://twitter.com/windowsupdate\" rel=\"noopener noreferrer\" target=\"_blank\">@WindowsUpdate</a>.</div></td><td>December 10, 2019 <br>08:00 AM PT</td></tr>
       <tr><td id='378'><b>Timing of Windows 10 optional update releases (December 2019)</b><a class='docon docon-link heading-anchor' aria-labelledby='378' href='#378'></a><br><div>For the balance of this calendar year, there will be no optional non-security “C” and “D” releases for Windows 10. The \"C\" releases normally target the third week of the month, with \"D\" releases targeting the fourth week.&nbsp;For more information on the different types of monthly quality updates, see our&nbsp;<a href=\"https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Windows-10-update-servicing-cadence/ba-p/222376\" rel=\"noopener noreferrer\" target=\"_blank\">Windows 10 update servicing cadence primer</a>.</div></td><td>December 10, 2019 <br>08:00 AM PT</td></tr>
       <tr><td id='369'><a href = 'https://aka.ms/how-to-get-1909' target='_blank'><b>Windows 10, version 1909 now available</b></a><a class='docon docon-link heading-anchor' aria-labelledby='369' href='#369'></a><br><div>Learn how to get Windows 10, version 1909 (the November 2019 Update), and explore how we’ve worked to make this a great experience for all devices, including a new, streamlined (and fast) update experience for devices updating directly from the May 2019 Update.</div></td><td>November 12, 2019 <br>10:00 AM PT</td></tr>

From 8b0e9983d011cca6eb7ea90a910a46a1039e1c6b Mon Sep 17 00:00:00 2001
From: Rick Munck <33725928+jmunck@users.noreply.github.com>
Date: Wed, 15 Jan 2020 21:10:37 -0800
Subject: [PATCH 15/96] Update security-compliance-toolkit-10.md

---
 .../threat-protection/security-compliance-toolkit-10.md      | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/security-compliance-toolkit-10.md b/windows/security/threat-protection/security-compliance-toolkit-10.md
index 8d134aaa46..4c475c71c0 100644
--- a/windows/security/threat-protection/security-compliance-toolkit-10.md
+++ b/windows/security/threat-protection/security-compliance-toolkit-10.md
@@ -41,7 +41,10 @@ The Security Compliance Toolkit consists of:
     -   Windows Server 2012 R2
 
 -   Microsoft Office security baseline
-    -   Office365 ProPlus (Sept 2019)
+    -   Office 365 ProPlus (Sept 2019)
+
+-   Microsoft Edge security baseline
+    -   Version 79
 
 -   Tools
     -   Policy Analyzer tool

From ff8ffa82791ab6b9e8fd0b793d150405d60fcda4 Mon Sep 17 00:00:00 2001
From: Denise Vangel-MSFT <deniseb@microsoft.com>
Date: Thu, 16 Jan 2020 16:54:52 -0800
Subject: [PATCH 16/96] Update
 prevent-changes-to-security-settings-with-tamper-protection.md

---
 ...event-changes-to-security-settings-with-tamper-protection.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/windows-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md b/windows/security/threat-protection/windows-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md
index 21736ff5a6..a787ce0cd1 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md
@@ -121,7 +121,7 @@ Here's what you see in the Windows Security app:
 
 If you are using Windows OS [1709](https://docs.microsoft.com/windows/release-information/status-windows-10-1709), [1803](https://docs.microsoft.com/windows/release-information/status-windows-10-1803), or [1809](https://docs.microsoft.com/windows/release-information/status-windows-10-1809-and-windows-server-2019), you won't see **Tamper Protection** in the Windows Security app. In this case, you can use PowerShell to determine whether tamper protection is enabled.
 
-#### Use PowerShell to determine whether tamper protection is turned
+#### Use PowerShell to determine whether tamper protection is turned on
 
 1. Open the Windows PowerShell app.
 

From 4f796e885ca5adb9cf17d9033844de6fcbc8725c Mon Sep 17 00:00:00 2001
From: MaratMussabekov <48041687+MaratMussabekov@users.noreply.github.com>
Date: Sat, 18 Jan 2020 19:18:21 +0500
Subject: [PATCH 17/96] Update
 upgrade-to-windows-10-with-the-microsoft-deployment-toolkit.md

---
 ...de-to-windows-10-with-the-microsoft-deployment-toolkit.md | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/windows/deployment/upgrade/upgrade-to-windows-10-with-the-microsoft-deployment-toolkit.md b/windows/deployment/upgrade/upgrade-to-windows-10-with-the-microsoft-deployment-toolkit.md
index 2a7e01c1d8..ee85dd816a 100644
--- a/windows/deployment/upgrade/upgrade-to-windows-10-with-the-microsoft-deployment-toolkit.md
+++ b/windows/deployment/upgrade/upgrade-to-windows-10-with-the-microsoft-deployment-toolkit.md
@@ -11,7 +11,8 @@ ms.mktglfcycl: deploy
 ms.localizationpriority: medium
 ms.sitesec: library
 ms.pagetype: mdt
-audience: itpro
author: greg-lindsay
+audience: itpro
+author: greg-lindsay
 ms.topic: article
 ---
 
@@ -24,7 +25,7 @@ The simplest path to upgrade PCs that are currently running Windows 7, Windows
 
 ## Proof-of-concept environment
 
-For the purposes of this topic, we will use four machines: DC01, MDT01, and PC0001. DC01 is a domain controller and MDT01 is a Windows Server 2012 R2 standard machine, fully patched with the latest security updates, and configured as a member server in the fictional contoso.com domain. PC0001 is a machine with Windows 7 SP1, targeted for the Windows 10 upgrade. For more details on the setup for this topic, please see [Deploy Windows 10 with the Microsoft Deployment Toolkit](../deploy-windows-mdt/deploy-windows-10-with-the-microsoft-deployment-toolkit.md).
+For the purposes of this topic, we will use three machines: DC01, MDT01, and PC0001. DC01 is a domain controller and MDT01 is a Windows Server 2012 R2 standard machine, fully patched with the latest security updates, and configured as a member server in the fictional contoso.com domain. PC0001 is a machine with Windows 7 SP1, targeted for the Windows 10 upgrade. For more details on the setup for this topic, please see [Deploy Windows 10 with the Microsoft Deployment Toolkit](../deploy-windows-mdt/deploy-windows-10-with-the-microsoft-deployment-toolkit.md).
 
 ![fig 1](../images/upgrademdt-fig1-machines.png)
 

From f4966d1cd3111aae1c8739a0da3430836c3703ef Mon Sep 17 00:00:00 2001
From: ImranHabib <47118050+joinimran@users.noreply.github.com>
Date: Sat, 18 Jan 2020 21:12:20 +0500
Subject: [PATCH 18/96] Removed the link

As the link is not pointing to a proper source and there is no other information is available on Microsoft docs so I have removed this link. The link provided was pointing to the LinkedIn course intro video and doesn't fit with the context of the article.

Problem: https://github.com/MicrosoftDocs/windows-itpro-docs/issues/5854
---
 .../credential-guard/credential-guard-requirements.md          | 3 ---
 1 file changed, 3 deletions(-)

diff --git a/windows/security/identity-protection/credential-guard/credential-guard-requirements.md b/windows/security/identity-protection/credential-guard/credential-guard-requirements.md
index 68102f6e49..d0124ff8cf 100644
--- a/windows/security/identity-protection/credential-guard/credential-guard-requirements.md
+++ b/windows/security/identity-protection/credential-guard/credential-guard-requirements.md
@@ -78,9 +78,6 @@ Applications may cause performance issues when they attempt to hook the isolated
 
 Services or protocols that rely on Kerberos, such as file shares, remote desktop, or BranchCache, continue to work and are not affected by Windows Defender Credential Guard.
 
-See this video: [Credentials Protected by Windows Defender Credential Guard](https://mva.microsoft.com/en-us/training-courses/deep-dive-into-credential-guard-16651?l=pdc37LJyC_1204300474)
-
-
 ## Security considerations
 
 All computers that meet baseline protections for hardware, firmware, and software can use Windows Defender Credential Guard.

From aac0c2b8d7e67c6f8dbae166045e046a049c9a05 Mon Sep 17 00:00:00 2001
From: ImranHabib <47118050+joinimran@users.noreply.github.com>
Date: Sat, 18 Jan 2020 21:42:40 +0500
Subject: [PATCH 19/96] Correction in RegKey

Verified and made a correction in the Reg Key.

Problem: https://github.com/MicrosoftDocs/windows-itpro-docs/issues/5550
---
 .../configure-server-exclusions-windows-defender-antivirus.md   | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/windows-defender-antivirus/configure-server-exclusions-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/configure-server-exclusions-windows-defender-antivirus.md
index 85b7b015a3..6c817499da 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/configure-server-exclusions-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/configure-server-exclusions-windows-defender-antivirus.md
@@ -266,7 +266,7 @@ This section lists the exclusions that are delivered automatically when you inst
 
   - %windir%\Ntds\ntds.pat
 
-- The AD DS transaction log files. The transaction log files are specified in the registry key `HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NTDS\Parameters\Database Log Files`
+- The AD DS transaction log files. The transaction log files are specified in the registry key `HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NTDS\Parameters\Database Log Files Path`
 
   - %windir%\Ntds\EDB*.log
 

From 2ea2afc8df9c45c3ecc0ebc2ec71f0ef7574f8dc Mon Sep 17 00:00:00 2001
From: ImranHabib <47118050+joinimran@users.noreply.github.com>
Date: Sat, 18 Jan 2020 21:59:42 +0500
Subject: [PATCH 20/96] Removed the note

As mentioned in the document https://docs.microsoft.com/en-us/surface/surface-pro-arm-app-management PXE boot is supported in Surface Pro X

Problem: https://github.com/MicrosoftDocs/windows-itpro-docs/issues/5856
---
 .../surface/ethernet-adapters-and-surface-device-deployment.md | 3 ---
 1 file changed, 3 deletions(-)

diff --git a/devices/surface/ethernet-adapters-and-surface-device-deployment.md b/devices/surface/ethernet-adapters-and-surface-device-deployment.md
index 1b1216cd8d..d04ad089fc 100644
--- a/devices/surface/ethernet-adapters-and-surface-device-deployment.md
+++ b/devices/surface/ethernet-adapters-and-surface-device-deployment.md
@@ -33,9 +33,6 @@ The primary concern when selecting an Ethernet adapter is how that adapter will
 
 Booting from the network (PXE boot) is only supported when you use an Ethernet adapter or docking station from Microsoft. To boot from the network, the chipset in the Ethernet adapter or dock must be detected and configured as a boot device in the firmware of the Surface device. Microsoft Ethernet adapters, such as the Surface Ethernet Adapter and the [Surface Dock](https://www.microsoft.com/surface/accessories/surface-dock) use a chipset that is compatible with the Surface firmware.
 
-> [!NOTE]
->  PXE boot is not supported on Surface Pro X. For more information, refer to [Deploying, managing, and servicing Surface Pro X](surface-pro-arm-app-management.md)
-
 The following Ethernet devices are supported for network boot with Surface devices:
 
 -   Surface USB-C to Ethernet and USB 3.0 Adapter

From 0d1a9197d67d6e3373b8113906821c20aa092332 Mon Sep 17 00:00:00 2001
From: Carol Bailey <carol.bailey@microsoft.com>
Date: Sun, 19 Jan 2020 18:48:18 -0800
Subject: [PATCH 21/96] Add link to new how-to article (create label)

---
 .../windows-information-protection/how-wip-works-with-labels.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/information-protection/windows-information-protection/how-wip-works-with-labels.md b/windows/security/information-protection/windows-information-protection/how-wip-works-with-labels.md
index 5b2d65942a..116ddd8e14 100644
--- a/windows/security/information-protection/windows-information-protection/how-wip-works-with-labels.md
+++ b/windows/security/information-protection/windows-information-protection/how-wip-works-with-labels.md
@@ -47,7 +47,7 @@ Microsoft information protection technologies include:
 ## How WIP protects sensitivity labels with endpoint data loss prevention
 
 You can create and manage [sensitivity labels](https://docs.microsoft.com/office365/securitycompliance/labels) in the Microsoft 365 compliance center. 
-When you create a sensitivity label, you can specify that endpoint data loss prevention applies to content with that label. 
+When you [create a sensitivity label](https://docs.microsoft.com/microsoft-365/compliance/create-sensitivity-labels), you can specify that endpoint data loss prevention applies to content with that label. 
 
 ![Endpoint data loss prevention](images/sensitivity-label-endpoint-dlp.png)
 

From d2cd44e10988ca98dec5259560c1f341be298527 Mon Sep 17 00:00:00 2001
From: Bill Mcilhargey <19168174+computeronix@users.noreply.github.com>
Date: Tue, 21 Jan 2020 11:20:52 -0500
Subject: [PATCH 22/96] Added keyword - third party av

Added keyword third party av for easier finding this document
---
 .../windows-defender-antivirus/why-use-microsoft-antivirus.md   | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/windows-defender-antivirus/why-use-microsoft-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/why-use-microsoft-antivirus.md
index 392bc3f8e3..57b00a8aa0 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/why-use-microsoft-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/why-use-microsoft-antivirus.md
@@ -1,7 +1,7 @@
 ---
 title: Why you should use Windows Defender Antivirus together with Microsoft Defender Advanced Threat Protection
 description: For best results, use Windows Defender Antivirus together with your other Microsoft offerings.
-keywords: windows defender, antivirus
+keywords: windows defender, antivirus, third party av
 search.product: eADQiWindows 10XVcnh
 ms.pagetype: security
 ms.prod: w10

From d034371f9b6bee8cfb6393a258a8b399dd0fcdb9 Mon Sep 17 00:00:00 2001
From: isbrahm <43386070+isbrahm@users.noreply.github.com>
Date: Tue, 21 Jan 2020 09:34:51 -0800
Subject: [PATCH 23/96] Minor edits for readability

---
 .../microsoft-recommended-block-rules.md                      | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-block-rules.md b/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-block-rules.md
index 044f402da2..465dfec3fb 100644
--- a/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-block-rules.md
+++ b/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-block-rules.md
@@ -160,7 +160,7 @@ Pick the correct version of each .dll for the Windows release you plan to suppor
   <Deny ID="ID_DENY_MS_BUILD" FriendlyName="Microsoft.Build.dll" FileName="Microsoft.Build.dll" MinimumFileVersion="65535.65535.65535.65535" /> 
   <Deny ID="ID_DENY_MS_BUILD_FMWK" FriendlyName="Microsoft.Build.Framework.dll" FileName="Microsoft.Build.Framework.dll" MinimumFileVersion="65535.65535.65535.65535" /> 
 
-  <!-- pick correct version of msxml3.dll, msxml6.dll, and jscript9.dll based on release you are supporting -->
+  <!-- pick the correct version of msxml3.dll, msxml6.dll, and jscript9.dll based on the release you are supporting -->
   <!-- the versions of these files in the 1903 release have this issue fixed, so they don’t need to be blocked -->
   <!-- RS1 Windows 1607
   <Deny  ID="ID_DENY_MSXML3"        FriendlyName="msxml3.dll"         FileName="msxml3.dll" MinimumFileVersion ="8.110.14393.2550"/>
@@ -892,7 +892,7 @@ Pick the correct version of each .dll for the Windows release you plan to suppor
   <FileRuleRef RuleID="ID_DENY_WMIC"/>
   <FileRuleRef RuleID="ID_DENY_MWFC" /> 
   <FileRuleRef RuleID="ID_DENY_WFC" /> 
-  <!-- Uncomment the relevant line(s) below if you have uncommented them in the rule definitions above.
+  <!-- uncomment the relevant line(s) below if you have uncommented them in the rule definitions above
   <FileRuleRef RuleID="ID_DENY_MSXML3" /> 
   <FileRuleRef RuleID="ID_DENY_MSXML6" /> 
   <FileRuleRef RuleID="ID_DENY_JSCRIPT9" />

From 5bb670248a498d07a8b4bb89f7cec8037e774e33 Mon Sep 17 00:00:00 2001
From: John Liu <49762389+ShenLanJohn@users.noreply.github.com>
Date: Tue, 21 Jan 2020 13:26:42 -0800
Subject: [PATCH 24/96] CAT Auto Pulish for Windows Release Messages -
 20200121131606 (#1898)

* added note about SCEP incompat

* CAT Auto Pulish for Windows Release Messages - CAT_AutoPublish_20200121122401 (#1897)

Co-authored-by: Direesh Kumar Kandakatla <direek@microsoft.com>

Co-authored-by: Greg Lindsay <greg.lindsay@microsoft.com>
Co-authored-by: Direesh Kumar Kandakatla <direek@microsoft.com>
---
 ...with-system-center-configuraton-manager.md |  5 ++++-
 .../resolved-issues-windows-10-1607.yml       | 20 -------------------
 .../status-windows-10-1909.yml                |  2 +-
 3 files changed, 5 insertions(+), 22 deletions(-)

diff --git a/windows/deployment/upgrade/upgrade-to-windows-10-with-system-center-configuraton-manager.md b/windows/deployment/upgrade/upgrade-to-windows-10-with-system-center-configuraton-manager.md
index c6118f8f14..76b181f82a 100644
--- a/windows/deployment/upgrade/upgrade-to-windows-10-with-system-center-configuraton-manager.md
+++ b/windows/deployment/upgrade/upgrade-to-windows-10-with-system-center-configuraton-manager.md
@@ -21,7 +21,10 @@ ms.topic: article
 
 -   Windows 10
 
-The simplest path to upgrade PCs currently running Windows 7, Windows 8, or Windows 8.1 to Windows 10 is through an in-place upgrade. You can use a System Center Configuration Manager task sequence to completely automate the process.
+The simplest path to upgrade PCs currently running Windows 7, Windows 8, or Windows 8.1 to Windows 10 is through an in-place upgrade. You can use a Configuration Manager task sequence to completely automate the process.
+
+>[!IMPORTANT]
+>Beginning with Windows 10 and Windows Server 2016, Windows Defender is already installed. A management client for Windows Defender is also installed automatically if the Configuration Manager client is installed. However, previous Windows operating systems installed the System Center Endpoint Protection (SCEP) client with the Configuration Manager client. The SCEP client can block in-place upgrade to Windows 10 due to incompatibility, and must removed from a device before performing an in-place upgrade to Windows 10.
 
 ## Proof-of-concept environment
 
diff --git a/windows/release-information/resolved-issues-windows-10-1607.yml b/windows/release-information/resolved-issues-windows-10-1607.yml
index 404538ea70..d8af11db00 100644
--- a/windows/release-information/resolved-issues-windows-10-1607.yml
+++ b/windows/release-information/resolved-issues-windows-10-1607.yml
@@ -40,8 +40,6 @@ sections:
       <tr><td><div id='315msg'></div><b>Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error</b><br>Applications made using VB6, macros using VBA, and VBScript may stop responding and you may receive an error.<br><br><a href = '#315msgdesc'>See details ></a></td><td>OS Build 14393.3144<br><br>August 13, 2019<br><a href ='https://support.microsoft.com/help/4512517' target='_blank'>KB4512517</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4512495' target='_blank'>KB4512495</a></td><td>August 17, 2019 <br>02:00 PM PT</td></tr>
       <tr><td><div id='256msg'></div><b>Internet Explorer 11 and apps using the WebBrowser control may fail to render</b><br>JavaScript may fail to render as expected in IE11 and in apps using JavaScript or the WebBrowser control.<br><br><a href = '#256msgdesc'>See details ></a></td><td>OS Build 14393.3085<br><br>July 09, 2019<br><a href ='https://support.microsoft.com/help/4507460' target='_blank'>KB4507460</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4512517' target='_blank'>KB4512517</a></td><td>August 13, 2019 <br>10:00 AM PT</td></tr>
       <tr><td><div id='306msg'></div><b>MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices</b><br>You may receive an error on MacOS when trying to access network shares via CIFS or SMBv1 on certain Windows devices.<br><br><a href = '#306msgdesc'>See details ></a></td><td>OS Build 14393.3025<br><br>June 11, 2019<br><a href ='https://support.microsoft.com/help/4503267' target='_blank'>KB4503267</a></td><td>Resolved External<br></td><td>August 09, 2019 <br>07:03 PM PT</td></tr>
-      <tr><td><div id='53msg'></div><b>SCVMM cannot enumerate and manage logical switches deployed on the host</b><br>System Center Virtual Machine Manager cannot enumerate and manage logical switches deployed on managed hosts.<br><br><a href = '#53msgdesc'>See details ></a></td><td>OS Build 14393.2639<br><br>November 27, 2018<br><a href ='https://support.microsoft.com/help/4467684' target='_blank'>KB4467684</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4507459' target='_blank'>KB4507459</a></td><td>July 16, 2019 <br>10:00 AM PT</td></tr>
-      <tr><td><div id='240msg'></div><b>Some applications may fail to run as expected on clients of AD FS 2016</b><br>Some applications may fail to run as expected on clients of Active Directory Federation Services 2016 (AD FS 2016)<br><br><a href = '#240msgdesc'>See details ></a></td><td>OS Build 14393.2941<br><br>April 25, 2019<br><a href ='https://support.microsoft.com/help/4493473' target='_blank'>KB4493473</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4507459' target='_blank'>KB4507459</a></td><td>July 16, 2019 <br>10:00 AM PT</td></tr>
       </table>
       "
 
@@ -84,21 +82,3 @@ sections:
       <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='256msgdesc'></div><b>Internet Explorer 11 and apps using the WebBrowser control may fail to render</b><div>Internet Explorer 11 may fail to render some JavaScript after installing <a href='https://support.microsoft.com/help/4507460' target='_blank'>KB4507460</a>. You may also have issues with apps using JavaScript or the <strong>WebBrowser</strong> control, such as the present PowerPoint feature of Skype Meeting&nbsp;Broadcast.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10 Enterprise LTSC 2016; Windows 10, version 1607</li><li>Server: Windows Server 2016</li></ul><div></div><div><strong>Resolution:</strong>&nbsp;This issue was resolved in&nbsp;<a href='https://support.microsoft.com/help/4512517' target='_blank'>KB4512517</a>.</div><br><a href ='#256msg'>Back to top</a></td><td>OS Build 14393.3085<br><br>July 09, 2019<br><a href ='https://support.microsoft.com/help/4507460' target='_blank'>KB4507460</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4512517' target='_blank'>KB4512517</a></td><td>Resolved:<br>August 13, 2019 <br>10:00 AM PT<br><br>Opened:<br>July 26, 2019 <br>04:58 PM PT</td></tr>
       </table>
       "
-
-- title: June 2019
-- items:
-  - type: markdown
-    text: "
-      <table border ='0'><tr><td width='65%'>Details</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>History</td></tr>
-      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='240msgdesc'></div><b>Some applications may fail to run as expected on clients of AD FS 2016</b><div>Some applications may fail to run as expected on clients of Active Directory Federation Services 2016 (AD FS 2016) after installation of <a href='https://support.microsoft.com/help/4493473' target='_blank'>KB4493473</a> on the server. Applications that may exhibit&nbsp;this behavior use an <strong>IFRAME </strong>during non-interactive authentication requests and receive <strong>X-Frame Options </strong>set to<strong> </strong>DENY.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Server: Windows Server 2016</li></ul><div></div><div><strong>Resolution:</strong>&nbsp;This issue was resolved in&nbsp;<a href='https://support.microsoft.com/help/4507459' target='_blank'>KB4507459</a>.</div><br><a href ='#240msg'>Back to top</a></td><td>OS Build 14393.2941<br><br>April 25, 2019<br><a href ='https://support.microsoft.com/help/4493473' target='_blank'>KB4493473</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4507459' target='_blank'>KB4507459</a></td><td>Resolved:<br>July 16, 2019 <br>10:00 AM PT<br><br>Opened:<br>June 04, 2019 <br>05:55 PM PT</td></tr>
-      </table>
-      "
-
-- title: November 2018
-- items:
-  - type: markdown
-    text: "
-      <table border ='0'><tr><td width='65%'>Details</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>History</td></tr>
-      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='53msgdesc'></div><b>SCVMM cannot enumerate and manage logical switches deployed on the host</b><div>For hosts managed by System Center Virtual Machine Manager (VMM), VMM cannot enumerate and manage logical switches deployed on the host after installing <a href=\"https://support.microsoft.com/help/4467684\" target=\"_blank\">KB4467684</a>.</div><div><br></div><div>Additionally, if you do not follow the best practices, a stop error may occur in vfpext.sys on the hosts.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1607; Windows 10 Enterprise LTSC 2016</li><li>Server: Windows Server 2016</li></ul><div></div><div><strong>Resolution:</strong>&nbsp;This issue was resolved in <a href='https://support.microsoft.com/help/4507459' target='_blank'>KB4507459</a>.</div><br><a href ='#53msg'>Back to top</a></td><td>OS Build 14393.2639<br><br>November 27, 2018<br><a href ='https://support.microsoft.com/help/4467684' target='_blank'>KB4467684</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4507459' target='_blank'>KB4507459</a></td><td>Resolved:<br>July 16, 2019 <br>10:00 AM PT<br><br>Opened:<br>November 27, 2018 <br>10:00 AM PT</td></tr>
-      </table>
-      "
diff --git a/windows/release-information/status-windows-10-1909.yml b/windows/release-information/status-windows-10-1909.yml
index 61f2073d2e..6fb137f7db 100644
--- a/windows/release-information/status-windows-10-1909.yml
+++ b/windows/release-information/status-windows-10-1909.yml
@@ -21,7 +21,7 @@ sections:
       Find information on known issues and the status of the rollout for Windows 10, version 1909 and Windows Server, version 1909. Looking for a specific issue? Press CTRL + F (or Command + F if you are using a Mac) and enter your search term(s).
       
  <table border = '0' class='box-info'><tr>
-<td bgcolor='#d3f1fb' class='alert is-primary'><div><strong>Current status as of December 5, 2019:</strong></div><div>Windows 10, version 1909 is available for any user on a recent version of Windows 10 who manually selects “Check for updates” via Windows Update. The recommended servicing status is Semi-Annual Channel.</div><div>&nbsp;</div><div>Beginning today, we will slowly start the phased process to automatically initiate a feature update for devices running the October 2018 Update (Windows 10, version 1809) Home and Pro editions, keeping those devices supported and receiving the monthly updates that are critical to device security and ecosystem health.&nbsp;We are starting this rollout process several months in advance of the end of service date to provide adequate time for a smooth update process.</div><div><br></div><div>For information on how users running Windows 10, version 1903 can update to&nbsp;Windows 10, version 1909 in a new, streamlined way, see <a href=\"https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Windows-10-version-1909-delivery-options/ba-p/1002660\" rel=\"noopener noreferrer\" target=\"_blank\">this post</a>.</div><div>&nbsp;</div><div><strong>Note </strong>follow&nbsp;<a href=\"https://twitter.com/windowsupdate\" rel=\"noopener noreferrer\" target=\"_blank\">@WindowsUpdate</a>&nbsp;on Twitter to find out when new content is published to the release information dashboard.</div>
+<td bgcolor='#d3f1fb' class='alert is-primary'><div><strong>Current status as of January 21, 2019:</strong></div><div>Windows 10, version 1909 is available for any user on a recent version of Windows 10 who manually selects “Check for updates” via Windows Update. The recommended servicing status is Semi-Annual Channel.</div><div>&nbsp;</div><div>We are starting the next phase in our controlled approach to automatically initiate a feature update for an increased number of devices running the October 2018 Update (Windows 10, version 1809) Home and Pro editions, keeping those devices supported and receiving the monthly updates that are critical to device security and ecosystem health.&nbsp;Our rollout process starts several months in advance of the end of service date to provide adequate time for a smooth update process.</div><div><br></div><div>For information on how users running Windows 10, version 1903 can update to&nbsp;Windows 10, version 1909 in a new, streamlined way, see <a href=\"https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Windows-10-version-1909-delivery-options/ba-p/1002660\" rel=\"noopener noreferrer\" target=\"_blank\">this post</a>.</div><div>&nbsp;</div><div><strong>Note </strong>follow&nbsp;<a href=\"https://twitter.com/windowsupdate\" rel=\"noopener noreferrer\" target=\"_blank\">@WindowsUpdate</a>&nbsp;on Twitter to find out when new content is published to the release information dashboard.</div>
 </td></tr></table>
 
       " 

From aa3edf148776b72c257b13f2efc42af05ff7bef2 Mon Sep 17 00:00:00 2001
From: John Liu <49762389+ShenLanJohn@users.noreply.github.com>
Date: Wed, 22 Jan 2020 10:15:41 -0800
Subject: [PATCH 25/96] CAT Auto Pulish for Windows Release Messages -
 20200122100633 (#1906)

* add note

* updated dell tool info

* removed M365 ransomware section

* CAT Auto Pulish for Windows Release Messages - CAT_AutoPublish_20200122092630 (#1905)

Co-authored-by: Direesh Kumar Kandakatla <direek@microsoft.com>

Co-authored-by: jcaparas <macapara@microsoft.com>
Co-authored-by: Greg Lindsay <greg.lindsay@microsoft.com>
Co-authored-by: Gary Moore <v-gmoor@microsoft.com>
Co-authored-by: Direesh Kumar Kandakatla <direek@microsoft.com>
---
 .../deploy-windows-mdt/set-up-mdt-for-bitlocker.md          | 6 +-----
 windows/release-information/status-windows-10-1909.yml      | 2 +-
 .../microsoft-defender-atp/manage-indicators.md             | 5 +++++
 windows/whats-new/ltsc/whats-new-windows-10-2019.md         | 4 ----
 4 files changed, 7 insertions(+), 10 deletions(-)

diff --git a/windows/deployment/deploy-windows-mdt/set-up-mdt-for-bitlocker.md b/windows/deployment/deploy-windows-mdt/set-up-mdt-for-bitlocker.md
index b1a4515898..03899e149e 100644
--- a/windows/deployment/deploy-windows-mdt/set-up-mdt-for-bitlocker.md
+++ b/windows/deployment/deploy-windows-mdt/set-up-mdt-for-bitlocker.md
@@ -111,11 +111,7 @@ If you want to automate enabling the TPM chip as part of the deployment process,
 
 ### Add tools from Dell
 
-The Dell tools are available via the Dell Client Configuration Toolkit (CCTK). The executable file from Dell is named *cctk.exe*. Here is a sample command to enable TPM and set a BIOS password using the cctk.exe tool:
-
-```dos
-cctk.exe --tpm=on --valsetuppwd=Password1234
-```
+[Dell Comnmand | Configure](https://www.dell.com/support/article/us/en/04/sln311302/dell-command-configure) provides a Command Line Interface and a Graphical User Interface.
 
 ### Add tools from HP
 
diff --git a/windows/release-information/status-windows-10-1909.yml b/windows/release-information/status-windows-10-1909.yml
index 6fb137f7db..36288e57f2 100644
--- a/windows/release-information/status-windows-10-1909.yml
+++ b/windows/release-information/status-windows-10-1909.yml
@@ -21,7 +21,7 @@ sections:
       Find information on known issues and the status of the rollout for Windows 10, version 1909 and Windows Server, version 1909. Looking for a specific issue? Press CTRL + F (or Command + F if you are using a Mac) and enter your search term(s).
       
  <table border = '0' class='box-info'><tr>
-<td bgcolor='#d3f1fb' class='alert is-primary'><div><strong>Current status as of January 21, 2019:</strong></div><div>Windows 10, version 1909 is available for any user on a recent version of Windows 10 who manually selects “Check for updates” via Windows Update. The recommended servicing status is Semi-Annual Channel.</div><div>&nbsp;</div><div>We are starting the next phase in our controlled approach to automatically initiate a feature update for an increased number of devices running the October 2018 Update (Windows 10, version 1809) Home and Pro editions, keeping those devices supported and receiving the monthly updates that are critical to device security and ecosystem health.&nbsp;Our rollout process starts several months in advance of the end of service date to provide adequate time for a smooth update process.</div><div><br></div><div>For information on how users running Windows 10, version 1903 can update to&nbsp;Windows 10, version 1909 in a new, streamlined way, see <a href=\"https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Windows-10-version-1909-delivery-options/ba-p/1002660\" rel=\"noopener noreferrer\" target=\"_blank\">this post</a>.</div><div>&nbsp;</div><div><strong>Note </strong>follow&nbsp;<a href=\"https://twitter.com/windowsupdate\" rel=\"noopener noreferrer\" target=\"_blank\">@WindowsUpdate</a>&nbsp;on Twitter to find out when new content is published to the release information dashboard.</div>
+<td bgcolor='#d3f1fb' class='alert is-primary'><div><strong>Current status as of January 21, 2020:</strong></div><div>Windows 10, version 1909 is available for any user on a recent version of Windows 10 who manually selects “Check for updates” via Windows Update. The recommended servicing status is Semi-Annual Channel.</div><div>&nbsp;</div><div>We are starting the next phase in our controlled approach to automatically initiate a feature update for an increased number of devices running the October 2018 Update (Windows 10, version 1809) Home and Pro editions, keeping those devices supported and receiving the monthly updates that are critical to device security and ecosystem health.&nbsp;Our rollout process starts several months in advance of the end of service date to provide adequate time for a smooth update process.</div><div><br></div><div>For information on how users running Windows 10, version 1903 can update to&nbsp;Windows 10, version 1909 in a new, streamlined way, see <a href=\"https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Windows-10-version-1909-delivery-options/ba-p/1002660\" rel=\"noopener noreferrer\" target=\"_blank\">this post</a>.</div><div>&nbsp;</div><div><strong>Note </strong>follow&nbsp;<a href=\"https://twitter.com/windowsupdate\" rel=\"noopener noreferrer\" target=\"_blank\">@WindowsUpdate</a>&nbsp;on Twitter to find out when new content is published to the release information dashboard.</div>
 </td></tr></table>
 
       " 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/manage-indicators.md b/windows/security/threat-protection/microsoft-defender-atp/manage-indicators.md
index ed62718fa4..e2674754d6 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/manage-indicators.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/manage-indicators.md
@@ -123,6 +123,11 @@ It's important to understand the following prerequisites prior to creating indic
 
 >[!IMPORTANT]
 > Only external IPs can be added to the indicator list. Indicators cannot be created for internal IPs.
+> For web protection scenarios, we recommend using the built-in capabilities in Microsoft Edge. Microsoft Edge leverages Network Protection (link) to inspect network traffic and allows blocks for TCP, HTTP, and HTTPS (TLS): <br>
+> NOTE:
+>- IP is supported for all three protocols
+>- Encrypted URLs can only be blocked on first party browsers
+>- Full URL path blocks can be applied on the domain level and all unencrypted URLs
  
 >[!NOTE]
 >There may be up to 2 hours latency (usually less) between the time the action is taken, and the URL and IP being blocked. 
diff --git a/windows/whats-new/ltsc/whats-new-windows-10-2019.md b/windows/whats-new/ltsc/whats-new-windows-10-2019.md
index 4c6f69c1a2..cff1ffcf2c 100644
--- a/windows/whats-new/ltsc/whats-new-windows-10-2019.md
+++ b/windows/whats-new/ltsc/whats-new-windows-10-2019.md
@@ -70,10 +70,6 @@ But these protections can also be configured separately. And, unlike HVCI, code
 
 ### Next-gen protection 
 
-#### Office 365 Ransomware Detection
-
-For Office 365 Home and Office 365 Personal subscribers, Ransomware Detection notifies you when your OneDrive files have been attacked and guides you through the process of restoring your files. For more information, see [Ransomware detection and recovering your files](https://support.office.com/en-us/article/ransomware-detection-and-recovering-your-files-0d90ec50-6bfd-40f4-acc7-b8c12c73637f?ui=en-US&rs=en-US&ad=US)
-
 ### Endpoint detection and response 
 
 Endpoint detection and response is improved. Enterprise customers can now take advantage of the entire Windows security stack with Windows Defender Antivirus **detections** and Device Guard **blocks** being surfaced in the Windows Defender ATP portal. 

From 7dadcefbe0a03fc62c32932337ca438c3ecbe693 Mon Sep 17 00:00:00 2001
From: isbrahm <43386070+isbrahm@users.noreply.github.com>
Date: Wed, 22 Jan 2020 11:20:42 -0800
Subject: [PATCH 26/96] Add abbreviation for DGSS

---
 .../windows-defender-application-control/LOB-win32-apps-on-s.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/windows-defender-application-control/LOB-win32-apps-on-s.md b/windows/security/threat-protection/windows-defender-application-control/LOB-win32-apps-on-s.md
index edd54678bf..4ead268500 100644
--- a/windows/security/threat-protection/windows-defender-application-control/LOB-win32-apps-on-s.md
+++ b/windows/security/threat-protection/windows-defender-application-control/LOB-win32-apps-on-s.md
@@ -71,7 +71,7 @@ The general steps for expanding the S mode base policy on your Intune-managed de
 
 2. Sign policy
     
-    Supplemental S mode policies must be digitally signed. To sign your policy, you can choose to use the Device Guard Signing Service or your organization's custom Public Key Infrastructure (PKI). Refer to [Use the Device Guard Signing Portal in the Microsoft Store for Business](use-device-guard-signing-portal-in-microsoft-store-for-business.md) for guidance on using DGSS and [Create a code signing cert for WDAC](create-code-signing-cert-for-windows-defender-application-control.md) for guidance on signing using an internal CA.
+    Supplemental S mode policies must be digitally signed. To sign your policy, you can choose to use the Device Guard Signing Service (DGSS) or your organization's custom Public Key Infrastructure (PKI). Refer to [Use the Device Guard Signing Portal in the Microsoft Store for Business](use-device-guard-signing-portal-in-microsoft-store-for-business.md) for guidance on using DGSS and [Create a code signing cert for WDAC](create-code-signing-cert-for-windows-defender-application-control.md) for guidance on signing using an internal CA.
 
     Rename your policy to "{PolicyID}.p7b" after you've signed it. PolicyID can be found by inspecting the Supplemental Policy XML.
 

From 4faec041f396c1d20d25af1e1304e9db5d76ff42 Mon Sep 17 00:00:00 2001
From: isbrahm <43386070+isbrahm@users.noreply.github.com>
Date: Wed, 22 Jan 2020 12:07:14 -0800
Subject: [PATCH 27/96] Document WDAC signer key restrictions

---
 .../select-types-of-rules-to-create.md                    | 8 +++-----
 1 file changed, 3 insertions(+), 5 deletions(-)

diff --git a/windows/security/threat-protection/windows-defender-application-control/select-types-of-rules-to-create.md b/windows/security/threat-protection/windows-defender-application-control/select-types-of-rules-to-create.md
index 26bd6f527f..feb46cf416 100644
--- a/windows/security/threat-protection/windows-defender-application-control/select-types-of-rules-to-create.md
+++ b/windows/security/threat-protection/windows-defender-application-control/select-types-of-rules-to-create.md
@@ -83,11 +83,6 @@ Each file rule level has its benefit and disadvantage. Use Table 2 to select the
 | **Hash** | Specifies individual hash values for each discovered binary. Although this level is specific, it can cause additional administrative overhead to maintain the current product versions’ hash values. Each time a binary is updated, the hash value changes, therefore requiring a policy update. |
 | **FileName** | Specifies individual binary file names. Although the hash values for an application are modified when updated, the file names are typically not. This offers less specific security than the hash level but does not typically require a policy update when any binary is modified. |
 | **FilePath** | Beginning with Windows 10 version 1903, this specifies rules that allow execution of binaries contained under specific file path locations. Additional information about FilePath level rules can be found below. |
-> [!NOTE]
-> Due to an existing bug, you can not combine Path-based ALLOW rules with any DENY rules in a single policy. Instead, either separate DENY rules into a separate Base policy or move the Path-based ALLOW rules into a supplemental policy as described in [Deploy multiple WDAC policies.](deploy-multiple-windows-defender-application-control-policies.md) 
-
-| Rule level | Description |
-|----------- | ----------- |
 | **SignedVersion** | This combines the publisher rule with a version number. This option allows anything from the specified publisher, with a version at or above the specified version number, to run. |
 | **Publisher** | This is a combination of the PcaCertificate level (typically one certificate below the root) and the common name (CN) of the leaf certificate. This rule level allows organizations to trust a certificate from a major CA (such as Symantec), but only if the leaf certificate is from a specific company (such as Intel, for device drivers). |
 | **FilePublisher** | This is a combination of the “FileName” attribute of the signed file, plus “Publisher” (PCA certificate with CN of leaf), plus a minimum version number. This option trusts specific files from the specified publisher, with a version at or above the specified version number. |
@@ -101,6 +96,9 @@ Each file rule level has its benefit and disadvantage. Use Table 2 to select the
 > [!NOTE]
 > When you create WDAC policies with [New-CIPolicy](https://docs.microsoft.com/powershell/module/configci/new-cipolicy), you can specify a primary file rule level by including the **-Level** parameter. For discovered binaries that cannot be trusted based on the primary file rule criteria, use the **-Fallback** parameter. For example, if the primary file rule level is PCACertificate but you would like to trust the unsigned applications as well, using the Hash rule level as a fallback adds the hash values of binaries that did not have a signing certificate.
 
+> [!NOTE]
+> WDAC only supports signer rules for RSA certificate signing keys with a maximum of 4096 bits.
+
 ## Example of file rule levels in use
 
 For example, consider some IT professionals in a department that runs many servers. They decide they want their servers to run only software signed by the providers of their software and drivers, that is, the companies that provide their hardware, operating system, antivirus, and other important software. They know that their servers also run an internally written application that is unsigned but is rarely updated. They want to allow this application to run.

From 031fbe2588a6aa2769fe54d3af7d1fb92a3a0484 Mon Sep 17 00:00:00 2001
From: Lucas Gabriel Schneider <casdpa@gmail.com>
Date: Wed, 22 Jan 2020 20:44:01 +0000
Subject: [PATCH 28/96] fixed typo at surface hub file

---
 .../use-surface-hub-diagnostic-test-device-account.md           | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/devices/surface-hub/use-surface-hub-diagnostic-test-device-account.md b/devices/surface-hub/use-surface-hub-diagnostic-test-device-account.md
index 40a5768d27..0e5600c12c 100644
--- a/devices/surface-hub/use-surface-hub-diagnostic-test-device-account.md
+++ b/devices/surface-hub/use-surface-hub-diagnostic-test-device-account.md
@@ -93,7 +93,7 @@ Internet Connectivity |Device does have Internet connectivity |Device does not h
 HTTP Version |1.1 |1.0 |If HTTP 1.0 found, it will cause issue with WU and Store |
 Direct Internet Connectivity |Device has a Proxy configured Device has no Proxy configured |N/A |Informational. Is your device behind a proxy? |
 Proxy Address | | |If configured, returns proxy address. |
-Proxy Authentication |Proxy does not require Authentication |Proxy requires Proxy Auth |Result may be a false positive if a user already has an open session in Edge and has authenticated thru the proxy. |[Configuring a proxy for your Surface Hub](https://blogs.technet.microsoft.com/y0av/2017/12/03/7/)
+Proxy Authentication |Proxy does not require Authentication |Proxy requires Proxy Auth |Result may be a false positive if a user already has an open session in Edge and has authenticated through the proxy. |[Configuring a proxy for your Surface Hub](https://blogs.technet.microsoft.com/y0av/2017/12/03/7/)
 Proxy Auth Types | | |If proxy authentication is used, return the Authentication methods advertised by the proxy.  |
 
 #### Environment

From 73d0184517f272a65390e12530c3ea1c5b902b8b Mon Sep 17 00:00:00 2001
From: Lucas Gabriel Schneider <casdpa@gmail.com>
Date: Wed, 22 Jan 2020 20:45:10 +0000
Subject: [PATCH 29/96] Update
 considerations-for-surface-and-system-center-configuration-manager.md

---
 ...tions-for-surface-and-system-center-configuration-manager.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/devices/surface/considerations-for-surface-and-system-center-configuration-manager.md b/devices/surface/considerations-for-surface-and-system-center-configuration-manager.md
index 2513abc0f9..87ae58a8b0 100644
--- a/devices/surface/considerations-for-surface-and-system-center-configuration-manager.md
+++ b/devices/surface/considerations-for-surface-and-system-center-configuration-manager.md
@@ -30,7 +30,7 @@ Although the deployment and management of Surface devices is fundamentally the s
 ## Updating Surface device drivers and firmware
 
 
-For devices that recieve updates through Windows Update, drivers for Surface components (and even firmware updates) are applied automatically as part of the Windows Update process. For devices with managed updates, such as those updated through Windows Server Update Services (WSUS) or System Center Configuration Manager, see [Manage Surface driver and firmware updates](https://docs.microsoft.com/surface/manage-surface-driver-and-firmware-updates/).
+For devices that receive updates through Windows Update, drivers for Surface components (and even firmware updates) are applied automatically as part of the Windows Update process. For devices with managed updates, such as those updated through Windows Server Update Services (WSUS) or System Center Configuration Manager, see [Manage Surface driver and firmware updates](https://docs.microsoft.com/surface/manage-surface-driver-and-firmware-updates/).
 
 
 > [!NOTE]

From 0f27965a1f67d5971d172bde8cfccf2f9bfe4ae9 Mon Sep 17 00:00:00 2001
From: Lucas Gabriel Schneider <casdpa@gmail.com>
Date: Wed, 22 Jan 2020 20:46:44 +0000
Subject: [PATCH 30/96] Update troubleshooting-mbam-installation.md

---
 mdop/mbam-v25/troubleshooting-mbam-installation.md | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/mdop/mbam-v25/troubleshooting-mbam-installation.md b/mdop/mbam-v25/troubleshooting-mbam-installation.md
index d8e8d0fc89..f2d0494b7f 100644
--- a/mdop/mbam-v25/troubleshooting-mbam-installation.md
+++ b/mdop/mbam-v25/troubleshooting-mbam-installation.md
@@ -335,7 +335,7 @@ The MBAM agent will be unable to post any updates to the database if connectivit
     User:          SYSTEM
     Computer:      TESTLABS.CONTOSO.COM
     Description:
-    An error occured while applying MBAM policies.
+    An error occurred while applying MBAM policies.
     Volume ID:\\?\Volume{871c5858-2467-4d0b-8c83-d68af8ce10e5}\ 
     Error code:
     0x803D0010 
@@ -352,7 +352,7 @@ The MBAM agent will be unable to post any updates to the database if connectivit
     User:          SYSTEM
     Computer:      TESTLABS.CONTOSO.COM
     Description:
-    An error occured while applying MBAM policies.
+    An error occurred while applying MBAM policies.
     Volume ID:\\?\Volume{871c5858-2467-4d0b-8c83-d68af8ce10e5}\ 
     Error code:
     0x803D0006 
@@ -420,7 +420,7 @@ The MBAM services may be unable to connect to the database server because of a n
     Computer:      MBAM2-Admin.contoso.com
     Description:
     Event code: 100001
-    Event message: SQL error occured
+    Event message: SQL error occurred
     Event time: 7/11/2013 6:16:34 PM
     Event time (UTC): 7/11/2013 12:46:34 PM
     Event ID: 6615fb8eb9d54e778b933d5bb7ca91ed
@@ -552,7 +552,7 @@ Review the activity in the service trace log for any error or warning entries. B
     <Channel />
     <Computer>XXXXXXXXXXX</Computer>
     </System>
-    <ApplicationData>AddUpdateVolume: While executing sql transaction for add volume to store exception occured Key Recovery Data Store processing error: Violation of UNIQUE KEY constraint 'UniqueRecoveryKeyId'. Cannot insert duplicate key in object 'RecoveryAndHardwareCore.Keys'. The duplicate key value is (8637036e-b379-4798-bd9e-5a0b36296de3).
+    <ApplicationData>AddUpdateVolume: While executing sql transaction for add volume to store exception occurred Key Recovery Data Store processing error: Violation of UNIQUE KEY constraint 'UniqueRecoveryKeyId'. Cannot insert duplicate key in object 'RecoveryAndHardwareCore.Keys'. The duplicate key value is (8637036e-b379-4798-bd9e-5a0b36296de3).
     </ApplicationData>
     </E2ETraceEvent>
 

From b5fa25154b4923ea4cd30f5f96a2cf61b0fe159e Mon Sep 17 00:00:00 2001
From: MaratMussabekov <48041687+MaratMussabekov@users.noreply.github.com>
Date: Thu, 23 Jan 2020 12:31:16 +0500
Subject: [PATCH 31/96] Update password-must-meet-complexity-requirements.md

---
 .../password-must-meet-complexity-requirements.md             | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/windows/security/threat-protection/security-policy-settings/password-must-meet-complexity-requirements.md b/windows/security/threat-protection/security-policy-settings/password-must-meet-complexity-requirements.md
index 253e07225b..e66ecad727 100644
--- a/windows/security/threat-protection/security-policy-settings/password-must-meet-complexity-requirements.md
+++ b/windows/security/threat-protection/security-policy-settings/password-must-meet-complexity-requirements.md
@@ -49,7 +49,7 @@ The rules that are included in the Windows Server password complexity requiremen
 
 Enabling the default Passfilt.dll may cause some additional Help Desk calls for locked-out accounts because users might not be used to having passwords that contain characters other than those found in the alphabet. However, this policy setting is liberal enough that all users should be able to abide by the requirements with a minor learning curve.
 
-Additional settings that can be included in a custom Passfilt.dll are the use of non–upper-row characters. Upper-row characters are those that are typed by holding down the SHIFT key and typing any of the digits from 1 through 10.
+Additional settings that can be included in a custom Passfilt.dll are the use of non–upper-row characters. Upper-row characters are those typed by pressing and holding the SHIFT key and then pressing any of the keys on the number row of the keyboard (between 1 and 0).
 
 ### Possible values
 
@@ -100,7 +100,7 @@ When combined with a [Minimum password length](minimum-password-length.md) of 8,
 
 If the default password complexity configuration is retained, additional Help Desk calls for locked-out accounts could occur because users might not be accustomed to passwords that contain non-alphabetical characters, or they might have problems entering passwords that contain accented characters or symbols on keyboards with different layouts. However, all users should be able to comply with the complexity requirement with minimal difficulty.
 
-If your organization has more stringent security requirements, you can create a custom version of the Passfilt.dll file that allows the use of arbitrarily complex password strength rules. For example, a custom password filter might require the use of non-upper-row symbols. (Upper-row symbols are those that require you to press and hold the SHIFT key and then press any of the digits between 1 and 0.) A custom password filter might also perform a dictionary check to verify that the proposed password does not contain common dictionary words or fragments.
+If your organization has more stringent security requirements, you can create a custom version of the Passfilt.dll file that allows the use of arbitrarily complex password strength rules. For example, a custom password filter might require the use of non-upper-row symbols. (Upper-row symbols are those that require you to press and hold the SHIFT key and then press any of the keys on the number row of the keyboard, between 1 and 0.) A custom password filter might also perform a dictionary check to verify that the proposed password does not contain common dictionary words or fragments.
 
 The use of ALT key character combinations can greatly enhance the complexity of a password. However, such stringent password requirements can result in additional Help Desk requests. Alternatively, your organization could consider a requirement for all administrator passwords to use ALT characters in the 0128–0159 range. (ALT characters outside of this range can represent standard alphanumeric characters that would not add additional complexity to the password.)
 

From c073d4990727945210dba52a32c7533403e91b0b Mon Sep 17 00:00:00 2001
From: Herbert Mauerer <41573578+HerbertMauerer@users.noreply.github.com>
Date: Thu, 23 Jan 2020 10:14:23 +0100
Subject: [PATCH 32/96] Update active-directory-accounts.md

wrong event ID is mentioned. it's really 9:
          <event
              keywords="win:EventlogClassic"
              message="$(string.event_KDCEVENT_KRBTGT_PASSWORD_CHANGED)"
              symbol="KDCEVENT_KRBTGT_PASSWORD_CHANGED"
              value="0x00000009"
              />
---
 .../access-control/active-directory-accounts.md                 | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/identity-protection/access-control/active-directory-accounts.md b/windows/security/identity-protection/access-control/active-directory-accounts.md
index 50958f0314..c712073a39 100644
--- a/windows/security/identity-protection/access-control/active-directory-accounts.md
+++ b/windows/security/identity-protection/access-control/active-directory-accounts.md
@@ -334,7 +334,7 @@ A strong password is assigned to the KRBTGT and trust accounts automatically. Li
 
 Resetting the password requires you either to be a member of the Domain Admins group, or to have been delegated with the appropriate authority. In addition, you must be a member of the local Administrators group, or you must have been delegated the appropriate authority.
 
-After you reset the KRBTGT password, ensure that event ID 6 in the (Kerberos) Key-Distribution-Center event source is written to the System event log.
+After you reset the KRBTGT password, ensure that event ID 9 in the (Kerberos) Key-Distribution-Center event source is written to the System event log.
 
 ### Security considerations
 

From 054f4a556b039adda7831fca48d69eb09bdad514 Mon Sep 17 00:00:00 2001
From: Lucas Gabriel Schneider <casdpa@gmail.com>
Date: Thu, 23 Jan 2020 18:11:08 +0000
Subject: [PATCH 33/96] MED-V fix typo

---
 mdop/medv-v2/creating-a-windows-virtual-pc-image-for-med-v.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/mdop/medv-v2/creating-a-windows-virtual-pc-image-for-med-v.md b/mdop/medv-v2/creating-a-windows-virtual-pc-image-for-med-v.md
index 665b8f08a0..d501b3826f 100644
--- a/mdop/medv-v2/creating-a-windows-virtual-pc-image-for-med-v.md
+++ b/mdop/medv-v2/creating-a-windows-virtual-pc-image-for-med-v.md
@@ -81,7 +81,7 @@ When you install updates to Windows XP, make sure that you remain on the version
 Although it is optional, we recommend that you install the following update for [hotfix KB972435](https://go.microsoft.com/fwlink/?LinkId=201077) (https://go.microsoft.com/fwlink/?LinkId=201077). This update increases the performance of shared folders in a Terminal Services session:
 
 **Note**  
-The update is publically available. However, you might be prompted to accept an agreement for Microsoft Services. Follow the prompts on the successive webpages to retrieve this hotfix.
+The update is publicly available. However, you might be prompted to accept an agreement for Microsoft Services. Follow the prompts on the successive webpages to retrieve this hotfix.
 
  
 

From aa97638ed80682353628e9d0c1b7e2a7ebdec0ff Mon Sep 17 00:00:00 2001
From: Lucas Gabriel Schneider <casdpa@gmail.com>
Date: Thu, 23 Jan 2020 18:12:19 +0000
Subject: [PATCH 34/96] Update
 how-to-deploy-a-med-v-workspace-through-an-electronic-software-distribution-system.md

---
 ...kspace-through-an-electronic-software-distribution-system.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/mdop/medv-v2/how-to-deploy-a-med-v-workspace-through-an-electronic-software-distribution-system.md b/mdop/medv-v2/how-to-deploy-a-med-v-workspace-through-an-electronic-software-distribution-system.md
index 06b7cfbe45..e2ebe0a01f 100644
--- a/mdop/medv-v2/how-to-deploy-a-med-v-workspace-through-an-electronic-software-distribution-system.md
+++ b/mdop/medv-v2/how-to-deploy-a-med-v-workspace-through-an-electronic-software-distribution-system.md
@@ -29,7 +29,7 @@ If you are using System Center Configuration Manager 2007 SP2 and your MED-V wor
 
 The [hotfix to improve the functionality for VMs that are managed by MED-V](https://go.microsoft.com/fwlink/?LinkId=201088) (https://go.microsoft.com/fwlink/?LinkId=201088) adds new functionality to virtual machines that are managed by MED-V and that are configured to operate in **NAT** mode. The new functionality lets virtual machines access the closest distribution points. Therefore, the administrator can manage the virtual machine and the host computer in the same manner. This hotfix must be installed first on the site server and then on the client.
 
-The update is publically available. However, you might be prompted to accept an agreement for Microsoft Services. Follow the prompts on the successive webpages to retrieve this hotfix.
+The update is publicly available. However, you might be prompted to accept an agreement for Microsoft Services. Follow the prompts on the successive webpages to retrieve this hotfix.
 
 
 

From fbce8b8f6865b6180592a497d4959d50a1040154 Mon Sep 17 00:00:00 2001
From: Lucas Gabriel Schneider <casdpa@gmail.com>
Date: Thu, 23 Jan 2020 18:14:13 +0000
Subject: [PATCH 35/96] Update
 how-to-deploy-the-med-v-components-through-an-electronic-software-distribution-system.md

---
 ...onents-through-an-electronic-software-distribution-system.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/mdop/medv-v2/how-to-deploy-the-med-v-components-through-an-electronic-software-distribution-system.md b/mdop/medv-v2/how-to-deploy-the-med-v-components-through-an-electronic-software-distribution-system.md
index 0ec14a0a96..5dfe7451d7 100644
--- a/mdop/medv-v2/how-to-deploy-the-med-v-components-through-an-electronic-software-distribution-system.md
+++ b/mdop/medv-v2/how-to-deploy-the-med-v-components-through-an-electronic-software-distribution-system.md
@@ -29,7 +29,7 @@ If you are using System Center Configuration Manager 2007 SP2 and your MED-V wor
 
 The [hotfix to improve the functionality for VMs that are managed by MED-V](https://go.microsoft.com/fwlink/?LinkId=201088) (https://go.microsoft.com/fwlink/?LinkId=201088) adds new functionality to virtual machines that are managed by MED-V and that are configured to operate in **NAT** mode. The new functionality lets virtual machines access the closest distribution points. Therefore, the administrator can manage the virtual machine and the host computer in the same manner. This hotfix must be installed first on the site server and then on the client.
 
-The update is publically available. However, you might be prompted to accept an agreement for Microsoft Services. Follow the prompts on the successive webpages to retrieve this hotfix.
+The update is publicly available. However, you might be prompted to accept an agreement for Microsoft Services. Follow the prompts on the successive webpages to retrieve this hotfix.
 
 
 

From 4a5cea61dcd75cbf1c209167de0cbf3738161420 Mon Sep 17 00:00:00 2001
From: Lucas Gabriel Schneider <casdpa@gmail.com>
Date: Thu, 23 Jan 2020 18:15:08 +0000
Subject: [PATCH 36/96] Update diagnosticlog-ddf.md

---
 windows/client-management/mdm/diagnosticlog-ddf.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/client-management/mdm/diagnosticlog-ddf.md b/windows/client-management/mdm/diagnosticlog-ddf.md
index c4591652a5..8bedac1205 100644
--- a/windows/client-management/mdm/diagnosticlog-ddf.md
+++ b/windows/client-management/mdm/diagnosticlog-ddf.md
@@ -1806,7 +1806,7 @@ The content below are the latest versions of the DDF files:
                     <Replace />
                   </AccessType>
                   <DefaultValue>4</DefaultValue>
-                  <Description>This node is used for setting or getting the block size (in Kilobytes) for the download of assoicated log file. The value range is 1~16. Default value is 4.</Description>
+                  <Description>This node is used for setting or getting the block size (in Kilobytes) for the download of associated log file. The value range is 1~16. Default value is 4.</Description>
                   <DFFormat>
                     <int />
                   </DFFormat>

From efa355c521c09e59fbbfd12ec1e96ac7a4924f9d Mon Sep 17 00:00:00 2001
From: Lucas Gabriel Schneider <casdpa@gmail.com>
Date: Thu, 23 Jan 2020 18:16:17 +0000
Subject: [PATCH 37/96] Update dmclient-ddf-file.md

---
 windows/client-management/mdm/dmclient-ddf-file.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/client-management/mdm/dmclient-ddf-file.md b/windows/client-management/mdm/dmclient-ddf-file.md
index c93fe4da96..15b21d0197 100644
--- a/windows/client-management/mdm/dmclient-ddf-file.md
+++ b/windows/client-management/mdm/dmclient-ddf-file.md
@@ -957,7 +957,7 @@ The XML below is for Windows 10, version 1803.
                   <Get />
                   <Replace />
                 </AccessType>
-                <Description>Number of days after last sucessful sync to unenroll</Description>
+                <Description>Number of days after last successful sync to unenroll</Description>
                 <DFFormat>
                   <int />
                 </DFFormat>

From 2f1a4c16d4ab418d00c75eeca0706b0cedd84111 Mon Sep 17 00:00:00 2001
From: Lucas Gabriel Schneider <casdpa@gmail.com>
Date: Thu, 23 Jan 2020 18:17:24 +0000
Subject: [PATCH 38/96] Update enterpriseappvmanagement-csp.md

---
 windows/client-management/mdm/enterpriseappvmanagement-csp.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/client-management/mdm/enterpriseappvmanagement-csp.md b/windows/client-management/mdm/enterpriseappvmanagement-csp.md
index 1fe417dd0f..ab13935f66 100644
--- a/windows/client-management/mdm/enterpriseappvmanagement-csp.md
+++ b/windows/client-management/mdm/enterpriseappvmanagement-csp.md
@@ -89,7 +89,7 @@ The following diagram shows the EnterpriseAppVManagement configuration service p
 - SYNC\_ERR\_PUBLISH\_GROUP_PACKAGES (3) - Publish group packages failed during publish.
 - SYNC\_ERR\_UNPUBLISH_PACKAGES (4) - Unpublish packages failed during publish.
 - SYNC\_ERR\_NEW_POLICY_WRITE (5) - New policy write failed during publish.
-- SYNC\_ERR\_MULTIPLE\_DURING_PUBLISH (6) - Multiple non-fatal errors occured during publish.
+- SYNC\_ERR\_MULTIPLE\_DURING_PUBLISH (6) - Multiple non-fatal errors occurred during publish.
 
 <p style="margin-left: 20px">Value type is string. Supported operation is Get.</p>
 

From 58186fc354d35c7a308d9b5d8362203bbc8cadb9 Mon Sep 17 00:00:00 2001
From: Lucas Gabriel Schneider <casdpa@gmail.com>
Date: Thu, 23 Jan 2020 18:19:12 +0000
Subject: [PATCH 39/96] Update wcd-calling.md

---
 windows/configuration/wcd/wcd-calling.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/windows/configuration/wcd/wcd-calling.md b/windows/configuration/wcd/wcd-calling.md
index 186d34e8ec..ea77470ed5 100644
--- a/windows/configuration/wcd/wcd-calling.md
+++ b/windows/configuration/wcd/wcd-calling.md
@@ -5,7 +5,7 @@ ms.prod: w10
 ms.mktglfcycl: deploy
 ms.sitesec: library
 author: dansimp
-ms.localizationpriority: medium
+ms.localizationpriority: medium 
 ms.author: dansimp
 ms.topic: article
 ms.date: 04/30/2018
@@ -57,7 +57,7 @@ See [Dialer codes to launch diagnostic applications](https://docs.microsoft.com/
 
 ## PerSimSettings
 
-Use to configure settings for each subscriber identification module (SIM) card. Enter the Integrated Circuit Card Identifier (ICCID) for the SIM card, select **Add**, and then configure the folowing settings. 
+Use to configure settings for each subscriber identification module (SIM) card. Enter the Integrated Circuit Card Identifier (ICCID) for the SIM card, select **Add**, and then configure the following settings. 
 
 ### Critical
 

From 8925a43d8e392d6347b204d4caca5576910a3844 Mon Sep 17 00:00:00 2001
From: Firras Altaher <faltaher@gcmlp.com>
Date: Thu, 23 Jan 2020 14:06:12 -0600
Subject: [PATCH 40/96] Change language to match setting

the note previously stated "Waiting for other disk encryption"; however, the setting in Intune is called "Warning for other disk encryption"
---
 .../bitlocker/ts-bitlocker-intune-issues.md                     | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/information-protection/bitlocker/ts-bitlocker-intune-issues.md b/windows/security/information-protection/bitlocker/ts-bitlocker-intune-issues.md
index e2d0822e3c..cb9490e9cd 100644
--- a/windows/security/information-protection/bitlocker/ts-bitlocker-intune-issues.md
+++ b/windows/security/information-protection/bitlocker/ts-bitlocker-intune-issues.md
@@ -305,7 +305,7 @@ The OMA-URI references for these settings are as follows:
 > Because of an update to the BitLocker Policy CSP, if the device uses Windows 10 version 1809 or later, you can use an endpoint protection policy to enforce silent BitLocker Device Encryption even if the device is not HSTI-compliant.
 
 > [!NOTE]
-> If the **Waiting for other disk encryption** setting is set to **Not configured**, you have to manually start the BitLocker Drive Encryption wizard.  
+> If the **Warning for other disk encryption** setting is set to **Not configured**, you have to manually start the BitLocker Drive Encryption wizard.  
 
 If the device does not support Modern Standby but is HSTI-compliant, and it uses a version of Windows that is earlier than Windows 10, version 1803, an endpoint protection policy that has the settings that are described in this article delivers the policy configuration to the device. However, Windows then notifies the user to manually enable BitLocker Drive Encryption. To do this, the user selects the notification. This action starts the BitLocker Drive Encryption wizard.  
 

From afb846aa4aa5c438e99d0260a4abb4f4a87f7b47 Mon Sep 17 00:00:00 2001
From: Lucas Gabriel Schneider <casdpa@gmail.com>
Date: Thu, 23 Jan 2020 20:46:10 +0000
Subject: [PATCH 41/96] Update wcd-messaging.md

---
 windows/configuration/wcd/wcd-messaging.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/configuration/wcd/wcd-messaging.md b/windows/configuration/wcd/wcd-messaging.md
index 67158a5f0c..f556155dc7 100644
--- a/windows/configuration/wcd/wcd-messaging.md
+++ b/windows/configuration/wcd/wcd-messaging.md
@@ -81,7 +81,7 @@ SyncSender | Specify a value for SyncSender that is greater than 3 characters bu
 
 ## PerSimSettings 
 
-Use to configure settings for each subscriber identification module (SIM) card. Enter the Integrated Circuit Card Identifier (ICCID) for the SIM card, click **Add**, and then configure the folowing settings.
+Use to configure settings for each subscriber identification module (SIM) card. Enter the Integrated Circuit Card Identifier (ICCID) for the SIM card, click **Add**, and then configure the following settings.
 
 ### AllowMmsIfDataIsOff
 

From 6c987c8179e5ec9bee1c1130695180b0fc99ff84 Mon Sep 17 00:00:00 2001
From: Lucas Gabriel Schneider <casdpa@gmail.com>
Date: Thu, 23 Jan 2020 20:47:45 +0000
Subject: [PATCH 42/96] Update waas-manage-updates-wsus.md

---
 windows/deployment/update/waas-manage-updates-wsus.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/deployment/update/waas-manage-updates-wsus.md b/windows/deployment/update/waas-manage-updates-wsus.md
index e24cc6ff0b..08c96719aa 100644
--- a/windows/deployment/update/waas-manage-updates-wsus.md
+++ b/windows/deployment/update/waas-manage-updates-wsus.md
@@ -272,7 +272,7 @@ For clients that should have their feature updates approved as soon as they’re
 Now, whenever Windows 10 feature updates are published to WSUS, they will automatically be approved for the **Ring 3 Broad IT** deployment ring with an installation deadline of 1 week.
 
 > [!WARNING]
-> The auto approval rule runs after synchronization occurs. This means that the *next* upgrade for each Windows 10 version will be approved. If you select **Run Rule**, all possible updates that meet the criteria will be approved, potentially including older updates that you don't actualy want--which can be a problem when the download sizes are very large.
+> The auto approval rule runs after synchronization occurs. This means that the *next* upgrade for each Windows 10 version will be approved. If you select **Run Rule**, all possible updates that meet the criteria will be approved, potentially including older updates that you don't actually want--which can be a problem when the download sizes are very large.
 
 ## Manually approve and deploy feature updates
 

From 12e224150dd13b0885b1305ff9461dece4c37b60 Mon Sep 17 00:00:00 2001
From: Lucas Gabriel Schneider <casdpa@gmail.com>
Date: Thu, 23 Jan 2020 20:51:38 +0000
Subject: [PATCH 43/96] Update live-response.md

---
 .../threat-protection/microsoft-defender-atp/live-response.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/live-response.md b/windows/security/threat-protection/microsoft-defender-atp/live-response.md
index 3003c707b4..ddd34985a3 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/live-response.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/live-response.md
@@ -119,11 +119,11 @@ The following commands are available for user roles that's been granted the abil
 Command | Description 
 :---|:---
 analyze | Analyses the entity with various incrimination engines to reach a verdict.
-getfile | Gets a file from the machine. <br> NOTE: This command has a prerequisite command. You can use the `-auto` command in conjuction with `getfile` to automatically run the prerequisite command. 
+getfile | Gets a file from the machine. <br> NOTE: This command has a prerequisite command. You can use the `-auto` command in conjunction with `getfile` to automatically run the prerequisite command. 
 run | Runs a PowerShell script from the library on the machine.
 library | Lists files that were uploaded to the live response library.
 putfile | Puts a file from the library to the machine. Files are saved in a working folder and are deleted when the machine restarts by default.
-remediate | Remediates an entity on the machine. The remediation action will vary depending on the entity type:<br>- File: delete<br>- Process: stop, delete image file<br>- Service: stop, delete image file<br>- Registry entry: delete<br>- Scheduled task: remove<br>- Startup folder item: delete file <br> NOTE: This command has a prerequisite command. You can use the `-auto` command in conjuction with `remediate` to automatically run the prerequisite command. 
+remediate | Remediates an entity on the machine. The remediation action will vary depending on the entity type:<br>- File: delete<br>- Process: stop, delete image file<br>- Service: stop, delete image file<br>- Registry entry: delete<br>- Scheduled task: remove<br>- Startup folder item: delete file <br> NOTE: This command has a prerequisite command. You can use the `-auto` command in conjunction with `remediate` to automatically run the prerequisite command. 
 undo | Restores an entity that was remediated. 
 
 

From f1885420425d60d16103ee315a1cedd86c4eab14 Mon Sep 17 00:00:00 2001
From: John Liu <49762389+ShenLanJohn@users.noreply.github.com>
Date: Thu, 23 Jan 2020 13:58:33 -0800
Subject: [PATCH 44/96] CAT Auto Pulish for Windows Release Messages -
 20200123134816 (#1925)

* table doesn't seem to be updating correctly

* adding workaround note

* editing ProPlus info

* CAT Auto Pulish for Windows Release Messages - CAT_AutoPublish_20200123123014 (#1924)

Co-authored-by: Direesh Kumar Kandakatla <direek@microsoft.com>

Co-authored-by: Greg Lindsay <greg.lindsay@microsoft.com>
Co-authored-by: Direesh Kumar Kandakatla <direek@microsoft.com>
---
 windows/deployment/deploy-enterprise-licenses.md       |  4 ++++
 windows/deployment/windows-autopilot/add-devices.md    |  4 ++--
 .../windows-autopilot/autopilot-device-guidelines.md   |  3 ++-
 .../resolved-issues-windows-10-1607.yml                | 10 ++++++++++
 .../resolved-issues-windows-10-1709.yml                | 10 ++++++++++
 .../resolved-issues-windows-10-1803.yml                | 10 ++++++++++
 ...-issues-windows-10-1809-and-windows-server-2019.yml |  2 ++
 ...issues-windows-7-and-windows-server-2008-r2-sp1.yml | 10 ++++++++++
 .../resolved-issues-windows-server-2008-sp2.yml        | 10 ++++++++++
 .../status-windows-10-1607-and-windows-server-2016.yml |  4 ++--
 windows/release-information/status-windows-10-1709.yml |  4 ++--
 windows/release-information/status-windows-10-1803.yml |  4 ++--
 .../status-windows-10-1809-and-windows-server-2019.yml |  4 ++--
 ...status-windows-7-and-windows-server-2008-r2-sp1.yml |  4 ++--
 .../status-windows-server-2008-sp2.yml                 |  4 ++--
 windows/release-information/windows-message-center.yml |  1 +
 16 files changed, 73 insertions(+), 15 deletions(-)

diff --git a/windows/deployment/deploy-enterprise-licenses.md b/windows/deployment/deploy-enterprise-licenses.md
index cd4f1c3e5b..e43658fdb5 100644
--- a/windows/deployment/deploy-enterprise-licenses.md
+++ b/windows/deployment/deploy-enterprise-licenses.md
@@ -25,6 +25,10 @@ This topic describes how to deploy Windows 10 Enterprise E3 or E5 licenses with
 >* Windows 10 Enterprise E3 in CSP requires Windows 10 Pro, version 1607 or later.
 >* Automatic, non-KMS activation requires Windows 10, version 1803 or later, on a device with a firmware-embedded activation key.
 
+>[!IMPORTANT]
+>An issue has been identified where devices can lose activation status or be blocked from upgrading to Windows Enterprise if the device is not able to connect to Windows Update. A workaround is to ensure that devices do not have the REG_DWORD present HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\DoNotConnectToWindowsUpdateInternetLocations and set to 1.  If this REG_DWORD is present, it must be set to 0.<br> 
+>Also ensure that the Group Policy setting: Computer Configuration > Administrative Templates > Windows Components > Windows Update > "Do not connect to any Windows Update Internet locations" is set to "Disabled".
+
 ## Firmware-embedded activation key
 
 To determine if the computer has a firmware-embedded activation key, type the following command at an elevated Windows PowerShell prompt
diff --git a/windows/deployment/windows-autopilot/add-devices.md b/windows/deployment/windows-autopilot/add-devices.md
index b9ed3fdd35..4c5f020f92 100644
--- a/windows/deployment/windows-autopilot/add-devices.md
+++ b/windows/deployment/windows-autopilot/add-devices.md
@@ -129,8 +129,8 @@ A summary of each platform's capabilities is provided below.<br>
 
 <tr>
 <td><a href="https://docs.microsoft.com/intune/enrollment-autopilot">Intune</a></td>
-<td>YES - 500 at a time max<b><sup>1</sup></b></td>
-<td>YES<b><sup>12</sup></b></td>
+<td>YES - 500 at a time max<b><sup>1</sup></b></td> 
+<td>YES<b><sup>12</sup></b></td> 
 <td>4K HH</td>
 </tr>
 
diff --git a/windows/deployment/windows-autopilot/autopilot-device-guidelines.md b/windows/deployment/windows-autopilot/autopilot-device-guidelines.md
index 63f327622a..43ac6da548 100644
--- a/windows/deployment/windows-autopilot/autopilot-device-guidelines.md
+++ b/windows/deployment/windows-autopilot/autopilot-device-guidelines.md
@@ -36,7 +36,8 @@ The following additional best practices ensure that devices can easily be provis
 
 ## Software best practice guidelines for Windows Autopilot
 
-- The Windows Autopilot device should be preinstalled with only a Windows 10 base image plus drivers and Office 365 Pro Plus Retail (C2R).
+- The Windows Autopilot device should be preinstalled with only a Windows 10 base image plus drivers.
+- You can preinstall your licensed version of Office, such as [Office 365 ProPlus](https://docs.microsoft.com/deployoffice/about-office-365-proplus-in-the-enterprise).
 - Unless explicitly requested by the customer, no other preinstalled software should be included.
   - Per OEM Policy, Windows 10 features, including built-in apps, should not be disabled or removed.
 
diff --git a/windows/release-information/resolved-issues-windows-10-1607.yml b/windows/release-information/resolved-issues-windows-10-1607.yml
index d8af11db00..b586fa4b0e 100644
--- a/windows/release-information/resolved-issues-windows-10-1607.yml
+++ b/windows/release-information/resolved-issues-windows-10-1607.yml
@@ -32,6 +32,7 @@ sections:
   - type: markdown
     text: "
       <table border ='0'><tr><td width='65%'>Summary</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>Date resolved</td></tr>
+      <tr><td><div id='61msg'></div><b>Windows may not start on certain Lenovo and Fujitsu laptops with less than 8GB of RAM</b><br>Windows may fail to start on certain Lenovo and Fujitsu laptops that have less than 8 GB of RAM.<br><br><a href = '#61msgdesc'>See details ></a></td><td>OS Build 14393.2608<br><br>November 13, 2018<br><a href ='https://support.microsoft.com/help/4467691' target='_blank'>KB4467691</a></td><td>Resolved External<br></td><td>January 23, 2020 <br>08:10 AM PT</td></tr>
       <tr><td><div id='351msg'></div><b>Intermittent issues when printing</b><br>The print spooler service may intermittently have issues completing a print job and results print job failure.<br><br><a href = '#351msgdesc'>See details ></a></td><td>OS Build 14393.3206<br><br>September 23, 2019<br><a href ='https://support.microsoft.com/help/4522010' target='_blank'>KB4522010</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4519998' target='_blank'>KB4519998</a></td><td>October 08, 2019 <br>10:00 AM PT</td></tr>
       <tr><td><div id='336msg'></div><b>IME may become unresponsive or have High CPU usage</b><br>Some Input Method Editor (IME) including ChsIME.EXE and ChtIME.EXE, may become unresponsive or may have high CPU usage.<br><br><a href = '#336msgdesc'>See details ></a></td><td>OS Build 14393.3204<br><br>September 10, 2019<br><a href ='https://support.microsoft.com/help/4516044' target='_blank'>KB4516044</a></td><td>Resolved<br><a href = '' target='_blank'></a></td><td>September 17, 2019 <br>04:47 PM PT</td></tr>
       <tr><td><div id='301msg'></div><b>Apps and scripts using the NetQueryDisplayInformation API may fail with error</b><br>Applications and scripts that call NetQueryDisplayInformation may fail to return results after the first page of data.<br><br><a href = '#301msgdesc'>See details ></a></td><td>OS Build 14393.3053<br><br>June 18, 2019<br><a href ='https://support.microsoft.com/help/4503294' target='_blank'>KB4503294</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4516044' target='_blank'>KB4516044</a></td><td>September 10, 2019 <br>10:00 AM PT</td></tr>
@@ -82,3 +83,12 @@ sections:
       <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='256msgdesc'></div><b>Internet Explorer 11 and apps using the WebBrowser control may fail to render</b><div>Internet Explorer 11 may fail to render some JavaScript after installing <a href='https://support.microsoft.com/help/4507460' target='_blank'>KB4507460</a>. You may also have issues with apps using JavaScript or the <strong>WebBrowser</strong> control, such as the present PowerPoint feature of Skype Meeting&nbsp;Broadcast.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10 Enterprise LTSC 2016; Windows 10, version 1607</li><li>Server: Windows Server 2016</li></ul><div></div><div><strong>Resolution:</strong>&nbsp;This issue was resolved in&nbsp;<a href='https://support.microsoft.com/help/4512517' target='_blank'>KB4512517</a>.</div><br><a href ='#256msg'>Back to top</a></td><td>OS Build 14393.3085<br><br>July 09, 2019<br><a href ='https://support.microsoft.com/help/4507460' target='_blank'>KB4507460</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4512517' target='_blank'>KB4512517</a></td><td>Resolved:<br>August 13, 2019 <br>10:00 AM PT<br><br>Opened:<br>July 26, 2019 <br>04:58 PM PT</td></tr>
       </table>
       "
+
+- title: November 2018
+- items:
+  - type: markdown
+    text: "
+      <table border ='0'><tr><td width='65%'>Details</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>History</td></tr>
+      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='61msgdesc'></div><b>Windows may not start on certain Lenovo and Fujitsu laptops with less than 8GB of RAM</b><div>After installing <a href=\"https://support.microsoft.com/help/4467691\" rel=\"noopener noreferrer\" target=\"_blank\">KB4467691</a>, Windows may fail to start on certain Lenovo and Fujitsu laptops that have less than 8 GB of RAM.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1607; Windows 10 Enterprise LTSC 2016</li><li>Server: Windows Server 2016</li></ul><div></div><div><strong>Workaround:</strong> Restart the affected machine using the Unified Extensible Firmware Interface (UEFI). Disable Secure Boot and then restart.</div><div><br></div><div>If BitLocker is enabled on your machine, you may have to go through BitLocker recovery after Secure Boot has been disabled.</div><div><br></div><div><strong>Resolution:</strong> Lenovo and Fujitsu are aware of this issue. Please contact your OEM to ask if there is a firmware update available for your device.</div><br><a href ='#61msg'>Back to top</a></td><td>OS Build 14393.2608<br><br>November 13, 2018<br><a href ='https://support.microsoft.com/help/4467691' target='_blank'>KB4467691</a></td><td>Resolved External<br></td><td>Last updated:<br>January 23, 2020 <br>08:10 AM PT<br><br>Opened:<br>November 13, 2018 <br>10:00 AM PT</td></tr>
+      </table>
+      "
diff --git a/windows/release-information/resolved-issues-windows-10-1709.yml b/windows/release-information/resolved-issues-windows-10-1709.yml
index 92e479f7e8..82bf0df89e 100644
--- a/windows/release-information/resolved-issues-windows-10-1709.yml
+++ b/windows/release-information/resolved-issues-windows-10-1709.yml
@@ -32,6 +32,7 @@ sections:
   - type: markdown
     text: "
       <table border ='0'><tr><td width='65%'>Summary</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>Date resolved</td></tr>
+      <tr><td><div id='348msg'></div><b>Unable to create local users in Chinese, Japanese and Korean during device setup</b><br>You might be unable to create users in Chinese, Japanese and Korean using Input Method Editor (IME) during OOBE.<br><br><a href = '#348msgdesc'>See details ></a></td><td>OS Build 16299.1387<br><br>September 10, 2019<br><a href ='https://support.microsoft.com/help/4516066' target='_blank'>KB4516066</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4534318' target='_blank'>KB4534318</a></td><td>January 23, 2020 <br>02:00 PM PT</td></tr>
       <tr><td><div id='351msg'></div><b>Intermittent issues when printing</b><br>The print spooler service may intermittently have issues completing a print job and results print job failure.<br><br><a href = '#351msgdesc'>See details ></a></td><td>OS Build 16299.1392<br><br>September 23, 2019<br><a href ='https://support.microsoft.com/help/4522012' target='_blank'>KB4522012</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4520004' target='_blank'>KB4520004</a></td><td>October 08, 2019 <br>10:00 AM PT</td></tr>
       <tr><td><div id='336msg'></div><b>IME may become unresponsive or have High CPU usage</b><br>Some Input Method Editor (IME) including ChsIME.EXE and ChtIME.EXE, may become unresponsive or may have high CPU usage.<br><br><a href = '#336msgdesc'>See details ></a></td><td>OS Build 16299.1387<br><br>September 10, 2019<br><a href ='https://support.microsoft.com/help/4516066' target='_blank'>KB4516066</a></td><td>Resolved<br><a href = '' target='_blank'></a></td><td>September 19, 2019 <br>04:08 PM PT</td></tr>
       <tr><td><div id='255msg'></div><b>Domain connected devices that use MIT Kerberos realms will not start up</b><br>Devices may not start after updating when connected to a domain that is configured to use MIT Kerberos realms.<br><br><a href = '#255msgdesc'>See details ></a></td><td>OS Build 16299.1296<br><br>July 16, 2019<br><a href ='https://support.microsoft.com/help/4507465' target='_blank'>KB4507465</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4512516' target='_blank'>KB4512516</a></td><td>August 13, 2019 <br>10:00 AM PT</td></tr>
@@ -48,6 +49,15 @@ sections:
         <div>
         </div> 
       "
+- title: October 2019
+- items:
+  - type: markdown
+    text: "
+      <table border ='0'><tr><td width='65%'>Details</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>History</td></tr>
+      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='348msgdesc'></div><b>Unable to create local users in Chinese, Japanese and Korean during device setup</b><div>When setting up a new Windows device using the Out of Box Experience (OOBE), you might be unable to create a local user when using Input Method Editor (IME). This issue might affect you if you are using the IME for Chinese, Japanese, or Korean languages.</div><div><br></div><div><strong>Note</strong> This issue does not affect using a Microsoft Account during OOBE.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1909; Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709</li><li>Server: Windows Server, version 1909; Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709</li></ul><div></div><div><strong>Resolution:</strong> This issue was resolved in <a href='https://support.microsoft.com/help/4534318' target='_blank'>KB4534318</a>.</div><br><a href ='#348msg'>Back to top</a></td><td>OS Build 16299.1387<br><br>September 10, 2019<br><a href ='https://support.microsoft.com/help/4516066' target='_blank'>KB4516066</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4534318' target='_blank'>KB4534318</a></td><td>Resolved:<br>January 23, 2020 <br>02:00 PM PT<br><br>Opened:<br>October 29, 2019 <br>05:15 PM PT</td></tr>
+      </table>
+      "
+
 - title: September 2019
 - items:
   - type: markdown
diff --git a/windows/release-information/resolved-issues-windows-10-1803.yml b/windows/release-information/resolved-issues-windows-10-1803.yml
index 378576d142..bdf3c62854 100644
--- a/windows/release-information/resolved-issues-windows-10-1803.yml
+++ b/windows/release-information/resolved-issues-windows-10-1803.yml
@@ -32,6 +32,7 @@ sections:
   - type: markdown
     text: "
       <table border ='0'><tr><td width='65%'>Summary</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>Date resolved</td></tr>
+      <tr><td><div id='348msg'></div><b>Unable to create local users in Chinese, Japanese and Korean during device setup</b><br>You might be unable to create users in Chinese, Japanese and Korean using Input Method Editor (IME) during OOBE.<br><br><a href = '#348msgdesc'>See details ></a></td><td>OS Build 17134.1006<br><br>September 10, 2019<br><a href ='https://support.microsoft.com/help/4516058' target='_blank'>KB4516058</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4534308' target='_blank'>KB4534308</a></td><td>January 23, 2020 <br>02:00 PM PT</td></tr>
       <tr><td><div id='330msg'></div><b>Windows Mixed Reality Portal users may intermittently receive a 15-5 error code</b><br>You may receive a 15-5 error code in Windows Mixed Reality Portal and your headset may not wake up from sleep.<br><br><a href = '#330msgdesc'>See details ></a></td><td>OS Build 17134.950<br><br>August 13, 2019<br><a href ='https://support.microsoft.com/help/4512501' target='_blank'>KB4512501</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4519978' target='_blank'>KB4519978</a></td><td>October 15, 2019 <br>10:00 AM PT</td></tr>
       <tr><td><div id='244msg'></div><b>Startup to a black screen after installing updates</b><br>Your device may startup to a black screen during the first logon after installing updates.<br><br><a href = '#244msgdesc'>See details ></a></td><td>OS Build 17134.829<br><br>June 11, 2019<br><a href ='https://support.microsoft.com/help/4503286' target='_blank'>KB4503286</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4519978' target='_blank'>KB4519978</a></td><td>October 15, 2019 <br>10:00 AM PT</td></tr>
       <tr><td><div id='351msg'></div><b>Intermittent issues when printing</b><br>The print spooler service may intermittently have issues completing a print job and results print job failure.<br><br><a href = '#351msgdesc'>See details ></a></td><td>OS Build 17134.1009<br><br>September 23, 2019<br><a href ='https://support.microsoft.com/help/4522014' target='_blank'>KB4522014</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4520008' target='_blank'>KB4520008</a></td><td>October 08, 2019 <br>10:00 AM PT</td></tr>
@@ -51,6 +52,15 @@ sections:
         <div>
         </div> 
       "
+- title: October 2019
+- items:
+  - type: markdown
+    text: "
+      <table border ='0'><tr><td width='65%'>Details</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>History</td></tr>
+      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='348msgdesc'></div><b>Unable to create local users in Chinese, Japanese and Korean during device setup</b><div>When setting up a new Windows device using the Out of Box Experience (OOBE), you might be unable to create a local user when using Input Method Editor (IME). This issue might affect you if you are using the IME for Chinese, Japanese, or Korean languages.</div><div><br></div><div><strong>Note</strong> This issue does not affect using a Microsoft Account during OOBE.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1909; Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709</li><li>Server: Windows Server, version 1909; Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709</li></ul><div></div><div><strong>Resolution:</strong> This issue was resolved in <a href='https://support.microsoft.com/help/4534308' target='_blank'>KB4534308</a>.</div><br><a href ='#348msg'>Back to top</a></td><td>OS Build 17134.1006<br><br>September 10, 2019<br><a href ='https://support.microsoft.com/help/4516058' target='_blank'>KB4516058</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4534308' target='_blank'>KB4534308</a></td><td>Resolved:<br>January 23, 2020 <br>02:00 PM PT<br><br>Opened:<br>October 29, 2019 <br>05:15 PM PT</td></tr>
+      </table>
+      "
+
 - title: September 2019
 - items:
   - type: markdown
diff --git a/windows/release-information/resolved-issues-windows-10-1809-and-windows-server-2019.yml b/windows/release-information/resolved-issues-windows-10-1809-and-windows-server-2019.yml
index 82cba46203..d113831f80 100644
--- a/windows/release-information/resolved-issues-windows-10-1809-and-windows-server-2019.yml
+++ b/windows/release-information/resolved-issues-windows-10-1809-and-windows-server-2019.yml
@@ -32,6 +32,7 @@ sections:
   - type: markdown
     text: "
       <table border ='0'><tr><td width='65%'>Summary</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>Date resolved</td></tr>
+      <tr><td><div id='348msg'></div><b>Unable to create local users in Chinese, Japanese and Korean during device setup</b><br>You might be unable to create users in Chinese, Japanese and Korean using Input Method Editor (IME) during OOBE.<br><br><a href = '#348msgdesc'>See details ></a></td><td>OS Build 17763.737<br><br>September 10, 2019<br><a href ='https://support.microsoft.com/help/4512578' target='_blank'>KB4512578</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4534321' target='_blank'>KB4534321</a></td><td>January 23, 2020 <br>02:00 PM PT</td></tr>
       <tr><td><div id='360msg'></div><b>Microsoft Defender Advanced Threat Protection might stop running</b><br>The Microsoft Defender ATP service might stop running and might fail to send reporting data.<br><br><a href = '#360msgdesc'>See details ></a></td><td>OS Build 17763.832<br><br>October 15, 2019<br><a href ='https://support.microsoft.com/help/4520062' target='_blank'>KB4520062</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4523205' target='_blank'>KB4523205</a></td><td>November 12, 2019 <br>10:00 AM PT</td></tr>
       <tr><td><div id='330msg'></div><b>Windows Mixed Reality Portal users may intermittently receive a 15-5 error code</b><br>You may receive a 15-5 error code in Windows Mixed Reality Portal and your headset may not wake up from sleep.<br><br><a href = '#330msgdesc'>See details ></a></td><td>OS Build 17763.678<br><br>August 13, 2019<br><a href ='https://support.microsoft.com/help/4511553' target='_blank'>KB4511553</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4520062' target='_blank'>KB4520062</a></td><td>October 15, 2019 <br>10:00 AM PT</td></tr>
       <tr><td><div id='244msg'></div><b>Startup to a black screen after installing updates</b><br>Your device may startup to a black screen during the first logon after installing updates.<br><br><a href = '#244msgdesc'>See details ></a></td><td>OS Build 17763.557<br><br>June 11, 2019<br><a href ='https://support.microsoft.com/help/4503327' target='_blank'>KB4503327</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4520062' target='_blank'>KB4520062</a></td><td>October 15, 2019 <br>10:00 AM PT</td></tr>
@@ -57,6 +58,7 @@ sections:
   - type: markdown
     text: "
       <table border ='0'><tr><td width='65%'>Details</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>History</td></tr>
+      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='348msgdesc'></div><b>Unable to create local users in Chinese, Japanese and Korean during device setup</b><div>When setting up a new Windows device using the Out of Box Experience (OOBE), you might be unable to create a local user when using Input Method Editor (IME). This issue might affect you if you are using the IME for Chinese, Japanese, or Korean languages.</div><div><br></div><div><strong>Note</strong> This issue does not affect using a Microsoft Account during OOBE.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1909; Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709</li><li>Server: Windows Server, version 1909; Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709</li></ul><div></div><div><strong>Resolution:</strong> This issue was resolved in <a href='https://support.microsoft.com/help/4534321' target='_blank'>KB4534321</a>.</div><br><a href ='#348msg'>Back to top</a></td><td>OS Build 17763.737<br><br>September 10, 2019<br><a href ='https://support.microsoft.com/help/4512578' target='_blank'>KB4512578</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4534321' target='_blank'>KB4534321</a></td><td>Resolved:<br>January 23, 2020 <br>02:00 PM PT<br><br>Opened:<br>October 29, 2019 <br>05:15 PM PT</td></tr>
       <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='360msgdesc'></div><b>Microsoft Defender Advanced Threat Protection might stop running</b><div>After installing the optional non-security&nbsp;update (<a href='https://support.microsoft.com/help/4520062' target='_blank'>KB4520062</a>), the Microsoft Defender Advanced Threat Protection (ATP) service might stop running and might fail to send reporting data. You might also receive a&nbsp;0xc0000409 error in <strong>Event Viewer</strong> on MsSense.exe.</div><div><br></div><div><strong>Note</strong> Microsoft Windows Defender Antivirus is not affected by this issue.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019</li><li>Server: Windows Server, version 1809; Windows Server 2019</li></ul><div></div><div><strong>Resolution:</strong> This issue was resolved in <a href='https://support.microsoft.com/help/4523205' target='_blank'>KB4523205</a>.</div><br><a href ='#360msg'>Back to top</a></td><td>OS Build 17763.832<br><br>October 15, 2019<br><a href ='https://support.microsoft.com/help/4520062' target='_blank'>KB4520062</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4523205' target='_blank'>KB4523205</a></td><td>Resolved:<br>November 12, 2019 <br>10:00 AM PT<br><br>Opened:<br>October 17, 2019 <br>05:14 PM PT</td></tr>
       </table>
       "
diff --git a/windows/release-information/resolved-issues-windows-7-and-windows-server-2008-r2-sp1.yml b/windows/release-information/resolved-issues-windows-7-and-windows-server-2008-r2-sp1.yml
index 7401114369..caeed9779b 100644
--- a/windows/release-information/resolved-issues-windows-7-and-windows-server-2008-r2-sp1.yml
+++ b/windows/release-information/resolved-issues-windows-7-and-windows-server-2008-r2-sp1.yml
@@ -32,6 +32,7 @@ sections:
   - type: markdown
     text: "
       <table border ='0'><tr><td width='65%'>Summary</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>Date resolved</td></tr>
+      <tr><td><div id='374msg'></div><b>MSRT might fail to install and be re-offered from Windows Update or WSUS </b><br>The November 2019 update for Windows Malicious Software Removal Tool (MSRT) might fail to install from WU/WSUS.<br><br><a href = '#374msgdesc'>See details ></a></td><td><br><a href ='' target='_blank'></a></td><td>Resolved<br><a href = '' target='_blank'></a></td><td>January 23, 2020 <br>08:10 AM PT</td></tr>
       <tr><td><div id='351msg'></div><b>Intermittent issues when printing</b><br>The print spooler service may intermittently have issues completing a print job and results print job failure.<br><br><a href = '#351msgdesc'>See details ></a></td><td>September 24, 2019<br><a href ='https://support.microsoft.com/help/4516048' target='_blank'>KB4516048</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4519976' target='_blank'>KB4519976</a></td><td>October 08, 2019 <br>10:00 AM PT</td></tr>
       <tr><td><div id='329msg'></div><b>You may receive an error when opening or using the Toshiba Qosmio AV Center</b><br>Toshiba Qosmio AV Center may error when opening and you may also receive an error in Event Log related to cryptnet.dll.<br><br><a href = '#329msgdesc'>See details ></a></td><td>August 13, 2019<br><a href ='https://support.microsoft.com/help/4512506' target='_blank'>KB4512506</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4516048' target='_blank'>KB4516048</a></td><td>September 24, 2019 <br>10:00 AM PT</td></tr>
       <tr><td><div id='307msg'></div><b>Windows updates that are SHA-2 signed may not be offered for Symantec and Norton AV</b><br>Windows updates that are SHA-2 signed are not available with Symantec or Norton antivirus program installed<br><br><a href = '#307msgdesc'>See details ></a></td><td>August 13, 2019<br><a href ='https://support.microsoft.com/help/4512506' target='_blank'>KB4512506</a></td><td>Resolved External<br></td><td>August 27, 2019 <br>02:29 PM PT</td></tr>
@@ -49,6 +50,15 @@ sections:
         <div>
         </div> 
       "
+- title: November 2019
+- items:
+  - type: markdown
+    text: "
+      <table border ='0'><tr><td width='65%'>Details</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>History</td></tr>
+      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='374msgdesc'></div><b>MSRT might fail to install and be re-offered from Windows Update or WSUS </b><div>The November 2019 update for Windows Malicious Software Removal Tool (MSRT) might fail to install from Windows Update (WU), Windows Server Update Services (WSUS) or Configuration Manager and might be re-offered. If you use WU or WSUS, you might also receive the following error in the WindowsUpdate.log, “Misc&nbsp;&nbsp;WARNING: Digital Signatures on file C:\\Windows\\SoftwareDistribution\\Download\\XXXX are not trusted: Error 0x800b0109”. If you use Configuration Manager, you might also receive the following error in the WUAHandler.log, \"Failed to download updates to the WUAgent datastore. Error = 0x800b0109.&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;WUAHandler&nbsp;&nbsp;&nbsp;14/11/2019 16:33:23&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;980 (0x03D4)\". <strong>Note</strong> All Configuration Manager information&nbsp;also applies to System Center Configuration Manager (SCCM) and Microsoft Endpoint Configuration Manager.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 7 SP1</li><li>Server: Windows Server 2008 R2 SP1; Windows Server 2008 SP2</li></ul><div></div><div><strong>Resolution:</strong> This issue was resolved in the December 2019 release of Windows Malicious Software Removal Tool (MSRT).</div><br><a href ='#374msg'>Back to top</a></td><td><br><a href ='' target='_blank'></a></td><td>Resolved<br><a href = '' target='_blank'></a></td><td>Resolved:<br>January 23, 2020 <br>08:10 AM PT<br><br>Opened:<br>November 15, 2019 <br>05:59 PM PT</td></tr>
+      </table>
+      "
+
 - title: September 2019
 - items:
   - type: markdown
diff --git a/windows/release-information/resolved-issues-windows-server-2008-sp2.yml b/windows/release-information/resolved-issues-windows-server-2008-sp2.yml
index 18fc3ff189..47535347c0 100644
--- a/windows/release-information/resolved-issues-windows-server-2008-sp2.yml
+++ b/windows/release-information/resolved-issues-windows-server-2008-sp2.yml
@@ -32,6 +32,7 @@ sections:
   - type: markdown
     text: "
       <table border ='0'><tr><td width='65%'>Summary</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>Date resolved</td></tr>
+      <tr><td><div id='374msg'></div><b>MSRT might fail to install and be re-offered from Windows Update or WSUS </b><br>The November 2019 update for Windows Malicious Software Removal Tool (MSRT) might fail to install from WU/WSUS.<br><br><a href = '#374msgdesc'>See details ></a></td><td><br><a href ='' target='_blank'></a></td><td>Resolved<br><a href = '' target='_blank'></a></td><td>January 23, 2020 <br>08:10 AM PT</td></tr>
       <tr><td><div id='327msg'></div><b>Issues manually installing updates by double-clicking the .msu file</b><br>You may encounter issues manually installing updates by double-clicking the .msu file and may receive an error.<br><br><a href = '#327msgdesc'>See details ></a></td><td>September 10, 2019<br><a href ='https://support.microsoft.com/help/4474419' target='_blank'>KB4474419</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4474419' target='_blank'>KB4474419</a></td><td>September 23, 2019 <br>10:00 AM PT</td></tr>
       <tr><td><div id='351msg'></div><b>Intermittent issues when printing</b><br>The print spooler service may intermittently have issues completing a print job and results print job failure.<br><br><a href = '#351msgdesc'>See details ></a></td><td>September 24, 2019<br><a href ='https://support.microsoft.com/help/4516030' target='_blank'>KB4516030</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4520002' target='_blank'>KB4520002</a></td><td>October 08, 2019 <br>10:00 AM PT</td></tr>
       <tr><td><div id='252msg'></div><b>Devices starting using PXE from a WDS or SCCM servers may fail to start</b><br>Devices that start up using PXE images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"<br><br><a href = '#252msgdesc'>See details ></a></td><td>June 11, 2019<br><a href ='https://support.microsoft.com/help/4503273' target='_blank'>KB4503273</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4512499' target='_blank'>KB4512499</a></td><td>August 17, 2019 <br>02:00 PM PT</td></tr>
@@ -47,6 +48,15 @@ sections:
         <div>
         </div> 
       "
+- title: November 2019
+- items:
+  - type: markdown
+    text: "
+      <table border ='0'><tr><td width='65%'>Details</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>History</td></tr>
+      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='374msgdesc'></div><b>MSRT might fail to install and be re-offered from Windows Update or WSUS </b><div>The November 2019 update for Windows Malicious Software Removal Tool (MSRT) might fail to install from Windows Update (WU), Windows Server Update Services (WSUS) or Configuration Manager and might be re-offered. If you use WU or WSUS, you might also receive the following error in the WindowsUpdate.log, “Misc&nbsp;&nbsp;WARNING: Digital Signatures on file C:\\Windows\\SoftwareDistribution\\Download\\XXXX are not trusted: Error 0x800b0109”. If you use Configuration Manager, you might also receive the following error in the WUAHandler.log, \"Failed to download updates to the WUAgent datastore. Error = 0x800b0109.&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;WUAHandler&nbsp;&nbsp;&nbsp;14/11/2019 16:33:23&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;980 (0x03D4)\". <strong>Note</strong> All Configuration Manager information&nbsp;also applies to System Center Configuration Manager (SCCM) and Microsoft Endpoint Configuration Manager.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 7 SP1</li><li>Server: Windows Server 2008 R2 SP1; Windows Server 2008 SP2</li></ul><div></div><div><strong>Resolution:</strong> This issue was resolved in the December 2019 release of Windows Malicious Software Removal Tool (MSRT).</div><br><a href ='#374msg'>Back to top</a></td><td><br><a href ='' target='_blank'></a></td><td>Resolved<br><a href = '' target='_blank'></a></td><td>Resolved:<br>January 23, 2020 <br>08:10 AM PT<br><br>Opened:<br>November 15, 2019 <br>05:59 PM PT</td></tr>
+      </table>
+      "
+
 - title: September 2019
 - items:
   - type: markdown
diff --git a/windows/release-information/status-windows-10-1607-and-windows-server-2016.yml b/windows/release-information/status-windows-10-1607-and-windows-server-2016.yml
index d38454e785..3dba1c748b 100644
--- a/windows/release-information/status-windows-10-1607-and-windows-server-2016.yml
+++ b/windows/release-information/status-windows-10-1607-and-windows-server-2016.yml
@@ -60,9 +60,9 @@ sections:
   - type: markdown
     text: "<div>This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.</div><br>
       <table border ='0'><tr><td width='65%'>Summary</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>Last updated</td></tr>
+      <tr><td><div id='61msg'></div><b>Windows may not start on certain Lenovo and Fujitsu laptops with less than 8GB of RAM</b><br>Windows may fail to start on certain Lenovo and Fujitsu laptops that have less than 8 GB of RAM.<br><br><a href = '#61msgdesc'>See details ></a></td><td>OS Build 14393.2608<br><br>November 13, 2018<br><a href ='https://support.microsoft.com/help/4467691' target='_blank'>KB4467691</a></td><td>Resolved External<br></td><td>January 23, 2020 <br>08:10 AM PT</td></tr>
       <tr><td><div id='364msg'></div><b>TLS connections might fail or timeout</b><br>Transport Layer Security (TLS) connections might fail or timeout when connecting or attempting a resumption.<br><br><a href = '#364msgdesc'>See details ></a></td><td>OS Build 14393.3274<br><br>October 08, 2019<br><a href ='https://support.microsoft.com/help/4519998' target='_blank'>KB4519998</a></td><td>Mitigated External<br></td><td>November 05, 2019 <br>03:36 PM PT</td></tr>
       <tr><td><div id='195msg'></div><b>Certain operations performed on a Cluster Shared Volume may fail</b><br>Operations performed on files or folders on a CSV may fail with the error: STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5).<br><br><a href = '#195msgdesc'>See details ></a></td><td>OS Build 14393.2724<br><br>January 08, 2019<br><a href ='https://support.microsoft.com/help/4480961' target='_blank'>KB4480961</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>April 25, 2019 <br>02:00 PM PT</td></tr>
-      <tr><td><div id='61msg'></div><b>Windows may not start on certain Lenovo and Fujitsu laptops with less than 8GB of RAM</b><br>Windows may fail to start on certain Lenovo and Fujitsu laptops that have less than 8 GB of RAM.<br><br><a href = '#61msgdesc'>See details ></a></td><td>OS Build 14393.2608<br><br>November 13, 2018<br><a href ='https://support.microsoft.com/help/4467691' target='_blank'>KB4467691</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>February 19, 2019 <br>10:00 AM PT</td></tr>
       <tr><td><div id='36msg'></div><b>Cluster service may fail if the minimum password length is set to greater than 14</b><br>The cluster service may fail to start if “Minimum Password Length” is configured with greater than 14 characters.<br><br><a href = '#36msgdesc'>See details ></a></td><td>OS Build 14393.2639<br><br>November 27, 2018<br><a href ='https://support.microsoft.com/help/4467684' target='_blank'>KB4467684</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>April 25, 2019 <br>02:00 PM PT</td></tr>
       </table>
       "
@@ -97,7 +97,7 @@ sections:
   - type: markdown
     text: "
       <table border ='0'><tr><td width='65%'>Details</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>History</td></tr>
-      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='61msgdesc'></div><b>Windows may not start on certain Lenovo and Fujitsu laptops with less than 8GB of RAM</b><div>After installing <a href=\"https://support.microsoft.com/help/4467691\" target=\"_blank\">KB4467691</a>, Windows may fail to start on certain Lenovo and Fujitsu laptops that have less than 8 GB of RAM.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1607; Windows 10 Enterprise LTSC 2016</li><li>Server: Windows Server 2016</li></ul><div></div><div><strong>Workaround:</strong> Restart the affected machine using the Unified Extensible Firmware Interface (UEFI). Disable Secure Boot and then restart.</div><div><br></div><div>If BitLocker is enabled on your machine, you may have to go through BitLocker recovery after Secure Boot has been disabled.</div><div><br></div><div><strong>Next steps:</strong> Lenovo and Fujitsu are aware of this issue. Please contact your OEM to ask if there is a firmware update available for your device.</div><br><a href ='#61msg'>Back to top</a></td><td>OS Build 14393.2608<br><br>November 13, 2018<br><a href ='https://support.microsoft.com/help/4467691' target='_blank'>KB4467691</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>Last updated:<br>February 19, 2019 <br>10:00 AM PT<br><br>Opened:<br>November 13, 2018 <br>10:00 AM PT</td></tr>
+      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='61msgdesc'></div><b>Windows may not start on certain Lenovo and Fujitsu laptops with less than 8GB of RAM</b><div>After installing <a href=\"https://support.microsoft.com/help/4467691\" rel=\"noopener noreferrer\" target=\"_blank\">KB4467691</a>, Windows may fail to start on certain Lenovo and Fujitsu laptops that have less than 8 GB of RAM.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1607; Windows 10 Enterprise LTSC 2016</li><li>Server: Windows Server 2016</li></ul><div></div><div><strong>Workaround:</strong> Restart the affected machine using the Unified Extensible Firmware Interface (UEFI). Disable Secure Boot and then restart.</div><div><br></div><div>If BitLocker is enabled on your machine, you may have to go through BitLocker recovery after Secure Boot has been disabled.</div><div><br></div><div><strong>Resolution:</strong> Lenovo and Fujitsu are aware of this issue. Please contact your OEM to ask if there is a firmware update available for your device.</div><br><a href ='#61msg'>Back to top</a></td><td>OS Build 14393.2608<br><br>November 13, 2018<br><a href ='https://support.microsoft.com/help/4467691' target='_blank'>KB4467691</a></td><td>Resolved External<br></td><td>Last updated:<br>January 23, 2020 <br>08:10 AM PT<br><br>Opened:<br>November 13, 2018 <br>10:00 AM PT</td></tr>
       <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='36msgdesc'></div><b>Cluster service may fail if the minimum password length is set to greater than 14</b><div>After installing <a href=\"https://support.microsoft.com/help/4467684\" target=\"_blank\">KB4467684</a>, the cluster service may fail to start with the error \"2245 (NERR_PasswordTooShort)\" if the Group Policy \"Minimum Password Length\" is configured with greater than 14 characters.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1607; Windows 10 Enterprise LTSC 2016</li><li>Server: Windows Server 2016</li></ul><div></div><div><strong>Workaround:</strong> Set the domain default \"Minimum Password Length\" policy to less than or equal to 14 characters.</div><div><br></div><div><strong>Next steps:</strong> Microsoft is working on a resolution and will provide an update in an upcoming release.</div><br><a href ='#36msg'>Back to top</a></td><td>OS Build 14393.2639<br><br>November 27, 2018<br><a href ='https://support.microsoft.com/help/4467684' target='_blank'>KB4467684</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>Last updated:<br>April 25, 2019 <br>02:00 PM PT<br><br>Opened:<br>November 27, 2018 <br>10:00 AM PT</td></tr>
       </table>
       "
diff --git a/windows/release-information/status-windows-10-1709.yml b/windows/release-information/status-windows-10-1709.yml
index af729c8f0f..47169eb98d 100644
--- a/windows/release-information/status-windows-10-1709.yml
+++ b/windows/release-information/status-windows-10-1709.yml
@@ -60,7 +60,7 @@ sections:
   - type: markdown
     text: "<div>This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.</div><br>
       <table border ='0'><tr><td width='65%'>Summary</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>Last updated</td></tr>
-      <tr><td><div id='348msg'></div><b>Unable to create local users in Chinese, Japanese and Korean during device setup</b><br>You might be unable to create users in Chinese, Japanese and Korean using Input Method Editor (IME) during OOBE.<br><br><a href = '#348msgdesc'>See details ></a></td><td>OS Build 16299.1387<br><br>September 10, 2019<br><a href ='https://support.microsoft.com/help/4516066' target='_blank'>KB4516066</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>November 12, 2019 <br>08:05 AM PT</td></tr>
+      <tr><td><div id='348msg'></div><b>Unable to create local users in Chinese, Japanese and Korean during device setup</b><br>You might be unable to create users in Chinese, Japanese and Korean using Input Method Editor (IME) during OOBE.<br><br><a href = '#348msgdesc'>See details ></a></td><td>OS Build 16299.1387<br><br>September 10, 2019<br><a href ='https://support.microsoft.com/help/4516066' target='_blank'>KB4516066</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4534318' target='_blank'>KB4534318</a></td><td>January 23, 2020 <br>02:00 PM PT</td></tr>
       <tr><td><div id='364msg'></div><b>TLS connections might fail or timeout</b><br>Transport Layer Security (TLS) connections might fail or timeout when connecting or attempting a resumption.<br><br><a href = '#364msgdesc'>See details ></a></td><td>OS Build 16299.1451<br><br>October 08, 2019<br><a href ='https://support.microsoft.com/help/4520004' target='_blank'>KB4520004</a></td><td>Mitigated External<br></td><td>November 05, 2019 <br>03:36 PM PT</td></tr>
       <tr><td><div id='193msg'></div><b>Certain operations performed on a Cluster Shared Volume may fail</b><br>Operations performed on files or folders on a CSV may fail with the error: STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5).<br><br><a href = '#193msgdesc'>See details ></a></td><td>OS Build 16299.904<br><br>January 08, 2019<br><a href ='https://support.microsoft.com/help/4480978' target='_blank'>KB4480978</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>April 25, 2019 <br>02:00 PM PT</td></tr>
       </table>
@@ -87,7 +87,7 @@ sections:
   - type: markdown
     text: "
       <table border ='0'><tr><td width='65%'>Details</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>History</td></tr>
-      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='348msgdesc'></div><b>Unable to create local users in Chinese, Japanese and Korean during device setup</b><div>When setting up a new Windows device using the Out of Box Experience (OOBE), you might be unable to create a local user when using Input Method Editor (IME). This issue might affect you if you are using the IME for Chinese, Japanese, or Korean languages.</div><div><br></div><div><strong>Note</strong> This issue does not affect using a Microsoft Account during OOBE.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1909; Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709</li><li>Server: Windows Server, version 1909; Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709</li></ul><div></div><div><strong>Workaround: </strong>To mitigate this issue, set the keyboard language to English during user creation or use a Microsoft Account to complete OOBE. You can set the keyboard language back to your preferred language after user creation. Once the OOBE is done and you are at the desktop, you can rename the current user using <a href=\"https://docs.microsoft.com/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/cc725595(v=ws.11)\" rel=\"noopener noreferrer\" target=\"_blank\">these instructions</a>. If you prefer to create a new local user, see <a href=\"https://support.microsoft.com/help/4026923\" rel=\"noopener noreferrer\" target=\"_blank\">KB4026923</a>.</div><div><br></div><div><strong>Next steps: </strong>We are working on a resolution and will provide an update in an upcoming release.</div><br><a href ='#348msg'>Back to top</a></td><td>OS Build 16299.1387<br><br>September 10, 2019<br><a href ='https://support.microsoft.com/help/4516066' target='_blank'>KB4516066</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>Last updated:<br>November 12, 2019 <br>08:05 AM PT<br><br>Opened:<br>October 29, 2019 <br>05:15 PM PT</td></tr>
+      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='348msgdesc'></div><b>Unable to create local users in Chinese, Japanese and Korean during device setup</b><div>When setting up a new Windows device using the Out of Box Experience (OOBE), you might be unable to create a local user when using Input Method Editor (IME). This issue might affect you if you are using the IME for Chinese, Japanese, or Korean languages.</div><div><br></div><div><strong>Note</strong> This issue does not affect using a Microsoft Account during OOBE.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1909; Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709</li><li>Server: Windows Server, version 1909; Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709</li></ul><div></div><div><strong>Resolution:</strong> This issue was resolved in <a href='https://support.microsoft.com/help/4534318' target='_blank'>KB4534318</a>.</div><br><a href ='#348msg'>Back to top</a></td><td>OS Build 16299.1387<br><br>September 10, 2019<br><a href ='https://support.microsoft.com/help/4516066' target='_blank'>KB4516066</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4534318' target='_blank'>KB4534318</a></td><td>Resolved:<br>January 23, 2020 <br>02:00 PM PT<br><br>Opened:<br>October 29, 2019 <br>05:15 PM PT</td></tr>
       </table>
       "
 
diff --git a/windows/release-information/status-windows-10-1803.yml b/windows/release-information/status-windows-10-1803.yml
index 397f577291..9f10885c6c 100644
--- a/windows/release-information/status-windows-10-1803.yml
+++ b/windows/release-information/status-windows-10-1803.yml
@@ -64,7 +64,7 @@ sections:
   - type: markdown
     text: "<div>This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.</div><br>
       <table border ='0'><tr><td width='65%'>Summary</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>Last updated</td></tr>
-      <tr><td><div id='348msg'></div><b>Unable to create local users in Chinese, Japanese and Korean during device setup</b><br>You might be unable to create users in Chinese, Japanese and Korean using Input Method Editor (IME) during OOBE.<br><br><a href = '#348msgdesc'>See details ></a></td><td>OS Build 17134.1006<br><br>September 10, 2019<br><a href ='https://support.microsoft.com/help/4516058' target='_blank'>KB4516058</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>November 12, 2019 <br>08:05 AM PT</td></tr>
+      <tr><td><div id='348msg'></div><b>Unable to create local users in Chinese, Japanese and Korean during device setup</b><br>You might be unable to create users in Chinese, Japanese and Korean using Input Method Editor (IME) during OOBE.<br><br><a href = '#348msgdesc'>See details ></a></td><td>OS Build 17134.1006<br><br>September 10, 2019<br><a href ='https://support.microsoft.com/help/4516058' target='_blank'>KB4516058</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4534308' target='_blank'>KB4534308</a></td><td>January 23, 2020 <br>02:00 PM PT</td></tr>
       <tr><td><div id='364msg'></div><b>TLS connections might fail or timeout</b><br>Transport Layer Security (TLS) connections might fail or timeout when connecting or attempting a resumption.<br><br><a href = '#364msgdesc'>See details ></a></td><td>OS Build 17134.1069<br><br>October 08, 2019<br><a href ='https://support.microsoft.com/help/4520008' target='_blank'>KB4520008</a></td><td>Mitigated External<br></td><td>November 05, 2019 <br>03:36 PM PT</td></tr>
       <tr><td><div id='192msg'></div><b>Certain operations performed on a Cluster Shared Volume may fail</b><br>Operations performed on files or folders on a CSV may fail with the error: STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5).<br><br><a href = '#192msgdesc'>See details ></a></td><td>OS Build 17134.523<br><br>January 08, 2019<br><a href ='https://support.microsoft.com/help/4480966' target='_blank'>KB4480966</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>April 25, 2019 <br>02:00 PM PT</td></tr>
       </table>
@@ -91,7 +91,7 @@ sections:
   - type: markdown
     text: "
       <table border ='0'><tr><td width='65%'>Details</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>History</td></tr>
-      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='348msgdesc'></div><b>Unable to create local users in Chinese, Japanese and Korean during device setup</b><div>When setting up a new Windows device using the Out of Box Experience (OOBE), you might be unable to create a local user when using Input Method Editor (IME). This issue might affect you if you are using the IME for Chinese, Japanese, or Korean languages.</div><div><br></div><div><strong>Note</strong> This issue does not affect using a Microsoft Account during OOBE.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1909; Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709</li><li>Server: Windows Server, version 1909; Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709</li></ul><div></div><div><strong>Workaround: </strong>To mitigate this issue, set the keyboard language to English during user creation or use a Microsoft Account to complete OOBE. You can set the keyboard language back to your preferred language after user creation. Once the OOBE is done and you are at the desktop, you can rename the current user using <a href=\"https://docs.microsoft.com/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/cc725595(v=ws.11)\" rel=\"noopener noreferrer\" target=\"_blank\">these instructions</a>. If you prefer to create a new local user, see <a href=\"https://support.microsoft.com/help/4026923\" rel=\"noopener noreferrer\" target=\"_blank\">KB4026923</a>.</div><div><br></div><div><strong>Next steps: </strong>We are working on a resolution and will provide an update in an upcoming release.</div><br><a href ='#348msg'>Back to top</a></td><td>OS Build 17134.1006<br><br>September 10, 2019<br><a href ='https://support.microsoft.com/help/4516058' target='_blank'>KB4516058</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>Last updated:<br>November 12, 2019 <br>08:05 AM PT<br><br>Opened:<br>October 29, 2019 <br>05:15 PM PT</td></tr>
+      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='348msgdesc'></div><b>Unable to create local users in Chinese, Japanese and Korean during device setup</b><div>When setting up a new Windows device using the Out of Box Experience (OOBE), you might be unable to create a local user when using Input Method Editor (IME). This issue might affect you if you are using the IME for Chinese, Japanese, or Korean languages.</div><div><br></div><div><strong>Note</strong> This issue does not affect using a Microsoft Account during OOBE.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1909; Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709</li><li>Server: Windows Server, version 1909; Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709</li></ul><div></div><div><strong>Resolution:</strong> This issue was resolved in <a href='https://support.microsoft.com/help/4534308' target='_blank'>KB4534308</a>.</div><br><a href ='#348msg'>Back to top</a></td><td>OS Build 17134.1006<br><br>September 10, 2019<br><a href ='https://support.microsoft.com/help/4516058' target='_blank'>KB4516058</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4534308' target='_blank'>KB4534308</a></td><td>Resolved:<br>January 23, 2020 <br>02:00 PM PT<br><br>Opened:<br>October 29, 2019 <br>05:15 PM PT</td></tr>
       </table>
       "
 
diff --git a/windows/release-information/status-windows-10-1809-and-windows-server-2019.yml b/windows/release-information/status-windows-10-1809-and-windows-server-2019.yml
index 51ee30b209..2e9516660f 100644
--- a/windows/release-information/status-windows-10-1809-and-windows-server-2019.yml
+++ b/windows/release-information/status-windows-10-1809-and-windows-server-2019.yml
@@ -64,7 +64,7 @@ sections:
   - type: markdown
     text: "<div>This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.</div><br>
       <table border ='0'><tr><td width='65%'>Summary</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>Last updated</td></tr>
-      <tr><td><div id='348msg'></div><b>Unable to create local users in Chinese, Japanese and Korean during device setup</b><br>You might be unable to create users in Chinese, Japanese and Korean using Input Method Editor (IME) during OOBE.<br><br><a href = '#348msgdesc'>See details ></a></td><td>OS Build 17763.737<br><br>September 10, 2019<br><a href ='https://support.microsoft.com/help/4512578' target='_blank'>KB4512578</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>November 12, 2019 <br>08:05 AM PT</td></tr>
+      <tr><td><div id='348msg'></div><b>Unable to create local users in Chinese, Japanese and Korean during device setup</b><br>You might be unable to create users in Chinese, Japanese and Korean using Input Method Editor (IME) during OOBE.<br><br><a href = '#348msgdesc'>See details ></a></td><td>OS Build 17763.737<br><br>September 10, 2019<br><a href ='https://support.microsoft.com/help/4512578' target='_blank'>KB4512578</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4534321' target='_blank'>KB4534321</a></td><td>January 23, 2020 <br>02:00 PM PT</td></tr>
       <tr><td><div id='364msg'></div><b>TLS connections might fail or timeout</b><br>Transport Layer Security (TLS) connections might fail or timeout when connecting or attempting a resumption.<br><br><a href = '#364msgdesc'>See details ></a></td><td>OS Build 17763.805<br><br>October 08, 2019<br><a href ='https://support.microsoft.com/help/4519338' target='_blank'>KB4519338</a></td><td>Mitigated External<br></td><td>November 05, 2019 <br>03:36 PM PT</td></tr>
       <tr><td><div id='211msg'></div><b>Devices with some Asian language packs installed may receive an error</b><br>Devices with Asian language packs installed may receive the error, \"0x800f0982 - PSFX_E_MATCHING_COMPONENT_NOT_FOUND.\"<br><br><a href = '#211msgdesc'>See details ></a></td><td>OS Build 17763.437<br><br>April 09, 2019<br><a href ='https://support.microsoft.com/help/4493509' target='_blank'>KB4493509</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>May 03, 2019 <br>10:59 AM PT</td></tr>
       <tr><td><div id='191msg'></div><b>Certain operations performed on a Cluster Shared Volume may fail </b><br>Operations performed on files or folders on a CSV may fail with the error: STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5).<br><br><a href = '#191msgdesc'>See details ></a></td><td>OS Build 17763.253<br><br>January 08, 2019<br><a href ='https://support.microsoft.com/help/4480116' target='_blank'>KB4480116</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>April 09, 2019 <br>10:00 AM PT</td></tr>
@@ -92,7 +92,7 @@ sections:
   - type: markdown
     text: "
       <table border ='0'><tr><td width='65%'>Details</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>History</td></tr>
-      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='348msgdesc'></div><b>Unable to create local users in Chinese, Japanese and Korean during device setup</b><div>When setting up a new Windows device using the Out of Box Experience (OOBE), you might be unable to create a local user when using Input Method Editor (IME). This issue might affect you if you are using the IME for Chinese, Japanese, or Korean languages.</div><div><br></div><div><strong>Note</strong> This issue does not affect using a Microsoft Account during OOBE.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1909; Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709</li><li>Server: Windows Server, version 1909; Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709</li></ul><div></div><div><strong>Workaround: </strong>To mitigate this issue, set the keyboard language to English during user creation or use a Microsoft Account to complete OOBE. You can set the keyboard language back to your preferred language after user creation. Once the OOBE is done and you are at the desktop, you can rename the current user using <a href=\"https://docs.microsoft.com/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/cc725595(v=ws.11)\" rel=\"noopener noreferrer\" target=\"_blank\">these instructions</a>. If you prefer to create a new local user, see <a href=\"https://support.microsoft.com/help/4026923\" rel=\"noopener noreferrer\" target=\"_blank\">KB4026923</a>.</div><div><br></div><div><strong>Next steps: </strong>We are working on a resolution and will provide an update in an upcoming release.</div><br><a href ='#348msg'>Back to top</a></td><td>OS Build 17763.737<br><br>September 10, 2019<br><a href ='https://support.microsoft.com/help/4512578' target='_blank'>KB4512578</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>Last updated:<br>November 12, 2019 <br>08:05 AM PT<br><br>Opened:<br>October 29, 2019 <br>05:15 PM PT</td></tr>
+      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='348msgdesc'></div><b>Unable to create local users in Chinese, Japanese and Korean during device setup</b><div>When setting up a new Windows device using the Out of Box Experience (OOBE), you might be unable to create a local user when using Input Method Editor (IME). This issue might affect you if you are using the IME for Chinese, Japanese, or Korean languages.</div><div><br></div><div><strong>Note</strong> This issue does not affect using a Microsoft Account during OOBE.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1909; Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709</li><li>Server: Windows Server, version 1909; Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709</li></ul><div></div><div><strong>Resolution:</strong> This issue was resolved in <a href='https://support.microsoft.com/help/4534321' target='_blank'>KB4534321</a>.</div><br><a href ='#348msg'>Back to top</a></td><td>OS Build 17763.737<br><br>September 10, 2019<br><a href ='https://support.microsoft.com/help/4512578' target='_blank'>KB4512578</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4534321' target='_blank'>KB4534321</a></td><td>Resolved:<br>January 23, 2020 <br>02:00 PM PT<br><br>Opened:<br>October 29, 2019 <br>05:15 PM PT</td></tr>
       </table>
       "
 
diff --git a/windows/release-information/status-windows-7-and-windows-server-2008-r2-sp1.yml b/windows/release-information/status-windows-7-and-windows-server-2008-r2-sp1.yml
index 574e1ff814..4a7f56ecb1 100644
--- a/windows/release-information/status-windows-7-and-windows-server-2008-r2-sp1.yml
+++ b/windows/release-information/status-windows-7-and-windows-server-2008-r2-sp1.yml
@@ -60,7 +60,7 @@ sections:
   - type: markdown
     text: "<div>This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.</div><br>
       <table border ='0'><tr><td width='65%'>Summary</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>Last updated</td></tr>
-      <tr><td><div id='374msg'></div><b>MSRT might fail to install and be re-offered from Windows Update or WSUS </b><br>The November 2019 update for Windows Malicious Software Removal Tool (MSRT) might fail to install from WU/WSUS.<br><br><a href = '#374msgdesc'>See details ></a></td><td><br><a href ='' target='_blank'></a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>November 15, 2019 <br>05:59 PM PT</td></tr>
+      <tr><td><div id='374msg'></div><b>MSRT might fail to install and be re-offered from Windows Update or WSUS </b><br>The November 2019 update for Windows Malicious Software Removal Tool (MSRT) might fail to install from WU/WSUS.<br><br><a href = '#374msgdesc'>See details ></a></td><td><br><a href ='' target='_blank'></a></td><td>Resolved<br><a href = '' target='_blank'></a></td><td>January 23, 2020 <br>08:10 AM PT</td></tr>
       <tr><td><div id='364msg'></div><b>TLS connections might fail or timeout</b><br>Transport Layer Security (TLS) connections might fail or timeout when connecting or attempting a resumption.<br><br><a href = '#364msgdesc'>See details ></a></td><td>October 08, 2019<br><a href ='https://support.microsoft.com/help/4519976' target='_blank'>KB4519976</a></td><td>Mitigated External<br></td><td>November 05, 2019 <br>03:36 PM PT</td></tr>
       <tr><td><div id='310msg'></div><b>IA64 and x64 devices may fail to start after installing updates</b><br>After installing updates released on or after August 13, 2019, IA64 and x64 devices using EFI Boot may fail to start.<br><br><a href = '#310msgdesc'>See details ></a></td><td>August 13, 2019<br><a href ='https://support.microsoft.com/help/4512506' target='_blank'>KB4512506</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>August 17, 2019 <br>12:59 PM PT</td></tr>
       </table>
@@ -78,7 +78,7 @@ sections:
   - type: markdown
     text: "
       <table border ='0'><tr><td width='65%'>Details</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>History</td></tr>
-      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='374msgdesc'></div><b>MSRT might fail to install and be re-offered from Windows Update or WSUS </b><div>The November 2019 update for Windows Malicious Software Removal Tool (MSRT) might fail to install from Windows Update (WU), Windows Server Update Services (WSUS) or Configuration Manager and might be re-offered. If you use WU or WSUS, you might also receive the following error in the WindowsUpdate.log, “Misc&nbsp;&nbsp;WARNING: Digital Signatures on file C:\\Windows\\SoftwareDistribution\\Download\\XXXX are not trusted: Error 0x800b0109”. If you use Configuration Manager, you might also receive the following error in the WUAHandler.log, \"Failed to download updates to the WUAgent datastore. Error = 0x800b0109.&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;WUAHandler&nbsp;&nbsp;&nbsp;14/11/2019 16:33:23&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;980 (0x03D4)\". <strong>Note</strong> All Configuration Manager information&nbsp;also applies to System Center Configuration Manager (SCCM) and Microsoft Endpoint Configuration Manager.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 7 SP1</li><li>Server: Windows Server 2008 R2 SP1; Windows Server 2008 SP2</li></ul><div></div><div><strong>Workaround:</strong> You can manually install the November 2019 update for Windows Malicious Software Removal Tool (MSRT) by downloading it <a href=\"http://www.microsoft.com/en-us/downloads/details.aspx?familyid=ad724ae0-e72d-4f54-9ab3-75b8eb148356\" rel=\"noopener noreferrer\" target=\"_blank\">here</a> for 32-bit x86-based devices or <a href=\"https://www.microsoft.com/en-us/downloads/details.aspx?familyid=585d2bde-367f-495e-94e7-6349f4effc74\" rel=\"noopener noreferrer\" target=\"_blank\">here</a> for&nbsp;64-bit x64-based devices. If you are using WSUS or Configuration Manager, guidance can be found <a href=\"https://support.microsoft.com/help/891716\" rel=\"noopener noreferrer\" target=\"_blank\">here</a>.</div><div><br></div><div><strong>Next steps:</strong> This issue has been mitigated on the server side and MSRT will no longer offered to affected platforms. We are working on a resolution and estimate a solution will be available in&nbsp;the December 2019 release of Windows Malicious Software Removal Tool (MSRT).</div><br><a href ='#374msg'>Back to top</a></td><td><br><a href ='' target='_blank'></a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>Last updated:<br>November 15, 2019 <br>05:59 PM PT<br><br>Opened:<br>November 15, 2019 <br>05:59 PM PT</td></tr>
+      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='374msgdesc'></div><b>MSRT might fail to install and be re-offered from Windows Update or WSUS </b><div>The November 2019 update for Windows Malicious Software Removal Tool (MSRT) might fail to install from Windows Update (WU), Windows Server Update Services (WSUS) or Configuration Manager and might be re-offered. If you use WU or WSUS, you might also receive the following error in the WindowsUpdate.log, “Misc&nbsp;&nbsp;WARNING: Digital Signatures on file C:\\Windows\\SoftwareDistribution\\Download\\XXXX are not trusted: Error 0x800b0109”. If you use Configuration Manager, you might also receive the following error in the WUAHandler.log, \"Failed to download updates to the WUAgent datastore. Error = 0x800b0109.&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;WUAHandler&nbsp;&nbsp;&nbsp;14/11/2019 16:33:23&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;980 (0x03D4)\". <strong>Note</strong> All Configuration Manager information&nbsp;also applies to System Center Configuration Manager (SCCM) and Microsoft Endpoint Configuration Manager.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 7 SP1</li><li>Server: Windows Server 2008 R2 SP1; Windows Server 2008 SP2</li></ul><div></div><div><strong>Resolution:</strong> This issue was resolved in the December 2019 release of Windows Malicious Software Removal Tool (MSRT).</div><br><a href ='#374msg'>Back to top</a></td><td><br><a href ='' target='_blank'></a></td><td>Resolved<br><a href = '' target='_blank'></a></td><td>Resolved:<br>January 23, 2020 <br>08:10 AM PT<br><br>Opened:<br>November 15, 2019 <br>05:59 PM PT</td></tr>
       <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='364msgdesc'></div><b>TLS connections might fail or timeout</b><div>Updates for Windows released October 8, 2019 or later provide protections, tracked by <a href=\"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1318\" rel=\"noopener noreferrer\" target=\"_blank\">CVE-2019-1318</a>, against an attack that could allow unauthorized access to information or data within TLS connections.&nbsp;This type of attack is known as a man-in-the-middle exploit.&nbsp;Windows might fail to connect to TLS clients and servers that do not support Extended Master Secret for resumption (<a href=\"https://tools.ietf.org/html/rfc7627\" rel=\"noopener noreferrer\" target=\"_blank\">RFC 7627</a>). Lack of RFC support might cause one or more of the following errors or logged events:</div><ul><li>\"The request was aborted: Could not create SSL/TLS secure Channel\"</li><li>SCHANNEL event 36887 is logged in the System event log with the description, \"A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 20.​\"</li></ul><div></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1</li><li>Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2</li></ul><div></div><div><br></div><div><strong>Next Steps: </strong>Connections between two devices running any supported version of Windows should not have this issue when fully updated.&nbsp;There is no update for Windows needed for this issue.&nbsp;These changes are required to address a security issue and security compliance. For information, see <a href=\"https://support.microsoft.com/help/4528489\" rel=\"noopener noreferrer\" target=\"_blank\">KB4528489</a>.</div><br><a href ='#364msg'>Back to top</a></td><td>October 08, 2019<br><a href ='https://support.microsoft.com/help/4519976' target='_blank'>KB4519976</a></td><td>Mitigated External<br></td><td>Last updated:<br>November 05, 2019 <br>03:36 PM PT<br><br>Opened:<br>November 05, 2019 <br>03:36 PM PT</td></tr>
       </table>
       "
diff --git a/windows/release-information/status-windows-server-2008-sp2.yml b/windows/release-information/status-windows-server-2008-sp2.yml
index 0a5c7ee17d..28cf31facc 100644
--- a/windows/release-information/status-windows-server-2008-sp2.yml
+++ b/windows/release-information/status-windows-server-2008-sp2.yml
@@ -60,7 +60,7 @@ sections:
   - type: markdown
     text: "<div>This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.</div><br>
       <table border ='0'><tr><td width='65%'>Summary</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>Last updated</td></tr>
-      <tr><td><div id='374msg'></div><b>MSRT might fail to install and be re-offered from Windows Update or WSUS </b><br>The November 2019 update for Windows Malicious Software Removal Tool (MSRT) might fail to install from WU/WSUS.<br><br><a href = '#374msgdesc'>See details ></a></td><td><br><a href ='' target='_blank'></a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>November 15, 2019 <br>05:59 PM PT</td></tr>
+      <tr><td><div id='374msg'></div><b>MSRT might fail to install and be re-offered from Windows Update or WSUS </b><br>The November 2019 update for Windows Malicious Software Removal Tool (MSRT) might fail to install from WU/WSUS.<br><br><a href = '#374msgdesc'>See details ></a></td><td><br><a href ='' target='_blank'></a></td><td>Resolved<br><a href = '' target='_blank'></a></td><td>January 23, 2020 <br>08:10 AM PT</td></tr>
       <tr><td><div id='364msg'></div><b>TLS connections might fail or timeout</b><br>Transport Layer Security (TLS) connections might fail or timeout when connecting or attempting a resumption.<br><br><a href = '#364msgdesc'>See details ></a></td><td>October 08, 2019<br><a href ='https://support.microsoft.com/help/4520002' target='_blank'>KB4520002</a></td><td>Mitigated External<br></td><td>November 05, 2019 <br>03:36 PM PT</td></tr>
       </table>
       "
@@ -77,7 +77,7 @@ sections:
   - type: markdown
     text: "
       <table border ='0'><tr><td width='65%'>Details</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>History</td></tr>
-      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='374msgdesc'></div><b>MSRT might fail to install and be re-offered from Windows Update or WSUS </b><div>The November 2019 update for Windows Malicious Software Removal Tool (MSRT) might fail to install from Windows Update (WU), Windows Server Update Services (WSUS) or Configuration Manager and might be re-offered. If you use WU or WSUS, you might also receive the following error in the WindowsUpdate.log, “Misc&nbsp;&nbsp;WARNING: Digital Signatures on file C:\\Windows\\SoftwareDistribution\\Download\\XXXX are not trusted: Error 0x800b0109”. If you use Configuration Manager, you might also receive the following error in the WUAHandler.log, \"Failed to download updates to the WUAgent datastore. Error = 0x800b0109.&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;WUAHandler&nbsp;&nbsp;&nbsp;14/11/2019 16:33:23&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;980 (0x03D4)\". <strong>Note</strong> All Configuration Manager information&nbsp;also applies to System Center Configuration Manager (SCCM) and Microsoft Endpoint Configuration Manager.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 7 SP1</li><li>Server: Windows Server 2008 R2 SP1; Windows Server 2008 SP2</li></ul><div></div><div><strong>Workaround:</strong> You can manually install the November 2019 update for Windows Malicious Software Removal Tool (MSRT) by downloading it <a href=\"http://www.microsoft.com/en-us/downloads/details.aspx?familyid=ad724ae0-e72d-4f54-9ab3-75b8eb148356\" rel=\"noopener noreferrer\" target=\"_blank\">here</a> for 32-bit x86-based devices or <a href=\"https://www.microsoft.com/en-us/downloads/details.aspx?familyid=585d2bde-367f-495e-94e7-6349f4effc74\" rel=\"noopener noreferrer\" target=\"_blank\">here</a> for&nbsp;64-bit x64-based devices. If you are using WSUS or Configuration Manager, guidance can be found <a href=\"https://support.microsoft.com/help/891716\" rel=\"noopener noreferrer\" target=\"_blank\">here</a>.</div><div><br></div><div><strong>Next steps:</strong> This issue has been mitigated on the server side and MSRT will no longer offered to affected platforms. We are working on a resolution and estimate a solution will be available in&nbsp;the December 2019 release of Windows Malicious Software Removal Tool (MSRT).</div><br><a href ='#374msg'>Back to top</a></td><td><br><a href ='' target='_blank'></a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>Last updated:<br>November 15, 2019 <br>05:59 PM PT<br><br>Opened:<br>November 15, 2019 <br>05:59 PM PT</td></tr>
+      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='374msgdesc'></div><b>MSRT might fail to install and be re-offered from Windows Update or WSUS </b><div>The November 2019 update for Windows Malicious Software Removal Tool (MSRT) might fail to install from Windows Update (WU), Windows Server Update Services (WSUS) or Configuration Manager and might be re-offered. If you use WU or WSUS, you might also receive the following error in the WindowsUpdate.log, “Misc&nbsp;&nbsp;WARNING: Digital Signatures on file C:\\Windows\\SoftwareDistribution\\Download\\XXXX are not trusted: Error 0x800b0109”. If you use Configuration Manager, you might also receive the following error in the WUAHandler.log, \"Failed to download updates to the WUAgent datastore. Error = 0x800b0109.&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;WUAHandler&nbsp;&nbsp;&nbsp;14/11/2019 16:33:23&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;980 (0x03D4)\". <strong>Note</strong> All Configuration Manager information&nbsp;also applies to System Center Configuration Manager (SCCM) and Microsoft Endpoint Configuration Manager.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 7 SP1</li><li>Server: Windows Server 2008 R2 SP1; Windows Server 2008 SP2</li></ul><div></div><div><strong>Resolution:</strong> This issue was resolved in the December 2019 release of Windows Malicious Software Removal Tool (MSRT).</div><br><a href ='#374msg'>Back to top</a></td><td><br><a href ='' target='_blank'></a></td><td>Resolved<br><a href = '' target='_blank'></a></td><td>Resolved:<br>January 23, 2020 <br>08:10 AM PT<br><br>Opened:<br>November 15, 2019 <br>05:59 PM PT</td></tr>
       <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='364msgdesc'></div><b>TLS connections might fail or timeout</b><div>Updates for Windows released October 8, 2019 or later provide protections, tracked by <a href=\"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1318\" rel=\"noopener noreferrer\" target=\"_blank\">CVE-2019-1318</a>, against an attack that could allow unauthorized access to information or data within TLS connections.&nbsp;This type of attack is known as a man-in-the-middle exploit.&nbsp;Windows might fail to connect to TLS clients and servers that do not support Extended Master Secret for resumption (<a href=\"https://tools.ietf.org/html/rfc7627\" rel=\"noopener noreferrer\" target=\"_blank\">RFC 7627</a>). Lack of RFC support might cause one or more of the following errors or logged events:</div><ul><li>\"The request was aborted: Could not create SSL/TLS secure Channel\"</li><li>SCHANNEL event 36887 is logged in the System event log with the description, \"A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 20.​\"</li></ul><div></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1</li><li>Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2</li></ul><div></div><div><br></div><div><strong>Next Steps: </strong>Connections between two devices running any supported version of Windows should not have this issue when fully updated.&nbsp;There is no update for Windows needed for this issue.&nbsp;These changes are required to address a security issue and security compliance. For information, see <a href=\"https://support.microsoft.com/help/4528489\" rel=\"noopener noreferrer\" target=\"_blank\">KB4528489</a>.</div><br><a href ='#364msg'>Back to top</a></td><td>October 08, 2019<br><a href ='https://support.microsoft.com/help/4520002' target='_blank'>KB4520002</a></td><td>Mitigated External<br></td><td>Last updated:<br>November 05, 2019 <br>03:36 PM PT<br><br>Opened:<br>November 05, 2019 <br>03:36 PM PT</td></tr>
       </table>
       "
diff --git a/windows/release-information/windows-message-center.yml b/windows/release-information/windows-message-center.yml
index ee042491ec..671d2a1748 100644
--- a/windows/release-information/windows-message-center.yml
+++ b/windows/release-information/windows-message-center.yml
@@ -50,6 +50,7 @@ sections:
     text: "
       <table border ='0'><tr><td width='80%'>Message</td><td width='20%'>Date</td></tr>
       
+      <tr><td id='383'><b>January 2020 Windows \"C\" optional release is available.</b><a class='docon docon-link heading-anchor' aria-labelledby='383' href='#383'></a><br><div>The January 2020 optional monthly “C” release for all supported versions of Windows is now available. For more information on the different types of monthly quality updates, see our <a href=\"https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Windows-10-update-servicing-cadence/ba-p/222376\" rel=\"noopener noreferrer\" target=\"_blank\">Windows 10 update servicing cadence primer</a>. Follow&nbsp;<a href=\"https://twitter.com/windowsupdate\" rel=\"noopener noreferrer\" target=\"_blank\">@WindowsUpdate</a>&nbsp;for the latest on the availability of this release.</div></td><td>January 23, 2020 <br>12:00 PM PT</td></tr>
       <tr><td id='382'><a href = 'https://www.microsoft.com/en-us/microsoft-365/blog/2020/01/14/windows-7-support-ends-today-and-windows-10-is-better-than-ever/' target='_blank'><b>Windows 7 has reached end of support</b></a><a class='docon docon-link heading-anchor' aria-labelledby='382' href='#382'></a><br><div>Windows&nbsp;7 reached end of support on January 14, 2020. If your organization has&nbsp;not yet been able to complete your transition from Windows 7 to Windows 10, and want to continue to receive security updates while you complete your upgrade projects, please read <a href=\"https://techcommunity.microsoft.com/t5/windows-it-pro-blog/how-to-get-extended-security-updates-for-eligible-windows/ba-p/917807\" rel=\"noopener noreferrer\" target=\"_blank\">How to get Extended Security Updates for eligible Windows devices</a>. For more information on end of service dates for currently supported versions of Windows 10, see the&nbsp;<a href=\"https://support.microsoft.com/help/13853/windows-lifecycle-fact-sheet\" rel=\"noopener noreferrer\" target=\"_blank\">Windows lifecycle fact sheet</a>.</div></td><td>January 15, 2020 <br>10:00 AM PT</td></tr>
       <tr><td id='379'><a href = 'https://support.microsoft.com/help/4528760' target='_blank'><b>Take action: January 2020 security update available for all supported versions of Windows</b></a><a class='docon docon-link heading-anchor' aria-labelledby='379' href='#379'></a><br><div>The January 2020 security update release, referred to as our “B” release, is now available for Windows 10, version 1909 and all supported versions of Windows. We recommend that you install these updates promptly. For more information on the different types of monthly quality updates, see our <a href=\"https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Windows-10-update-servicing-cadence/ba-p/222376\" rel=\"noopener noreferrer\" target=\"_blank\">Windows 10 update servicing cadence primer</a>. To be informed about the latest updates and releases, follow us on Twitter&nbsp;<a href=\"https://twitter.com/windowsupdate\" rel=\"noopener noreferrer\" target=\"_blank\">@WindowsUpdate</a>.</div></td><td>January 14, 2020 <br>08:00 AM PT</td></tr>
       <tr><td id='380'><a href = 'https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0601' target='_blank'><b>Advisory: Windows CryptoAPI certificate validation vulnerability</b></a><a class='docon docon-link heading-anchor' aria-labelledby='380' href='#380'></a><br><div>On January 14, 2020, Microsoft released security updates to address&nbsp;an&nbsp;<a href=\"https://en.wikipedia.org/wiki/Elliptic-curve_cryptography\" rel=\"noopener noreferrer\" target=\"_blank\"><u>elliptic-curve cryptography</u></a>&nbsp;(ECC) certificate validation issue in the Windows CryptoAPI. This vulnerability applies to all versions of the Windows 10&nbsp;operating system, client and server.&nbsp;While we have not observed an attack exploiting this vulnerability,&nbsp;we recommend that you apply this update to all of your Windows 10 devices&nbsp;with priority. Here is what you need to know:</div><ul><li>If you are running a supported version of Windows&nbsp;10&nbsp;and have automatic updates enabled, you are automatically protected and do not need to take any&nbsp;further&nbsp;action.</li><li>If you are managing updates on behalf of your organization, you should download the latest updates from the&nbsp;<a href=\"https://portal.msrc.microsoft.com/en-us/\" rel=\"noopener noreferrer\" target=\"_blank\">Microsoft Security Update Guide&nbsp;</a>and apply those updates to your&nbsp;Windows 10 devices and servers&nbsp;as soon as possible.</li></ul><div></div><div>If you are&nbsp;running an <a href=\"https://support.microsoft.com/help/13853/windows-lifecycle-fact-sheet\" rel=\"noopener noreferrer\" target=\"_blank\">unsupported version of Windows 10</a>, we&nbsp;recommend that you upgrade to the current version of Windows 10 to benefit from the latest security protections.&nbsp;For more information&nbsp;about this vulnerability,&nbsp;see&nbsp;the <a href=\"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0601\" rel=\"noopener noreferrer\" target=\"_blank\">Microsoft Security Guidance for&nbsp;CVE-2020-0601</a> and the Microsoft Security Response Center blog, <a href=\"https://msrc-blog.microsoft.com/2020/01/14/january-2020-security-updates-cve-2020-0601/\" rel=\"noopener noreferrer\" target=\"_blank\">January 2020 Security Updates: CVE-2020-0601</a>.</div></td><td>January 14, 2020 <br>08:00 AM PT</td></tr>

From 93ac15f72a5c843e5a07251f4caf9493a796c5ba Mon Sep 17 00:00:00 2001
From: Payge Winfield <pawinfie@microsoft.com>
Date: Thu, 23 Jan 2020 15:22:46 -0800
Subject: [PATCH 45/96] Created 3 documents in and changed TOC

---
 devices/hololens/TOC.md                       |   6 +-
 .../hololens-commercial-infrastructure.md     | 113 ++++++++++++++++++
 .../hololens-licenses-requirements.md         |  50 ++++++++
 devices/hololens/images/AzureAD1.PNG          | Bin 0 -> 28330 bytes
 devices/hololens/images/aad-kioskmode.PNG     | Bin 0 -> 34758 bytes
 5 files changed, 167 insertions(+), 2 deletions(-)
 create mode 100644 devices/hololens/hololens-commercial-infrastructure.md
 create mode 100644 devices/hololens/hololens-licenses-requirements.md
 create mode 100644 devices/hololens/images/AzureAD1.PNG
 create mode 100644 devices/hololens/images/aad-kioskmode.PNG

diff --git a/devices/hololens/TOC.md b/devices/hololens/TOC.md
index d9ff00d3a8..54e3d65b15 100644
--- a/devices/hololens/TOC.md
+++ b/devices/hololens/TOC.md
@@ -16,9 +16,11 @@
 ## [Install localized version of HoloLens (1st gen)](hololens1-install-localized.md)
 ## [Getting around HoloLens (1st gen)](hololens1-basic-usage.md)
 
-# HoloLens in commercial environments
-## [Commercial feature overview](hololens-commercial-features.md)
+# Deploying HoloLens and Mixed Reality Apps in Commercial Environments
 ## [Deployment planning](hololens-requirements.md)
+## [Commercial feature overview](hololens-commercial-features.md)
+## [Lincense Requriements](hololens-licenses-requirements.md)
+## [Commercial Infrastructure Guidance](hololens-commercial-infrastructure)
 ## [Unlock Windows Holographic for Business features](hololens1-upgrade-enterprise.md)
 ## [Configure HoloLens using a provisioning package](hololens-provisioning.md)
 ## [Enroll HoloLens in MDM](hololens-enroll-mdm.md)
diff --git a/devices/hololens/hololens-commercial-infrastructure.md b/devices/hololens/hololens-commercial-infrastructure.md
new file mode 100644
index 0000000000..bf37f7bea4
--- /dev/null
+++ b/devices/hololens/hololens-commercial-infrastructure.md
@@ -0,0 +1,113 @@
+---
+title: Infrastructure Guidelines for HoloLens
+description: 
+ms.prod: hololens
+ms.sitesec: library
+author: Payge Winfield
+ms.author:
+audience: ITPro
+ms.topic: article
+ms.localizationpriority: high
+ms.date: 1/23/2020
+ms.reviewer: 
+manager: 
+appliesto:
+- HoloLens (1st gen)
+- HoloLens 2
+---
+
+# Configure Your Network
+
+This portion of the document will require the following people:
+1.	Network Admin with permissions to make changes to the proxy/firewall
+2.	Azure Active Directory Admin
+3.	Mobile Device Manager Admin
+4.	Teams admin for Remote Assist only
+
+## Infrastructure Requirements
+
+### HoloLens Specific Network Requirements
+Make sure that these ports and URLs are allowed on your network firewall. This will enable HoloLens to function properly. The latest list can be found [here](hololens-offline.md).
+
+### Remote Assist Specific Network Requirements
+
+1.	The recommended bandwidth for optimal performance of Remote Assist is 1.5Mbps. Detailed network requirements and additional information can be found [here](https://docs.microsoft.com/en-us/MicrosoftTeams/prepare-network).
+**Please note, if you don’t network have network speeds of at least 1.5Mbps, Remote Assist will still work. However, quality may suffer.**
+1. Make sure that these ports and URLs are allowed on your network firewall. This will enable Microsoft Teams to function. The latest list can be found [here](https://docs.microsoft.com/en-us/office365/enterprise/urls-and-ip-address-ranges#skype-for-business-online-and-microsoft-teams).
+
+### Guides Specific Network Requirements
+Guides only require network access to download and use the app. 
+
+## Azure Active Directory Guidance
+This step is only necessary if your company plans on managing the HoloLens and mixed reality apps.
+
+### 1. Ensure that you have an Azure AD License. 
+Please [HoloLens Licenses Requirements](hololens-licenses-requirements)for additional information.
+
+### 2. Ensure that your company’s users are in Azure Active Directory (Azure AD).
+Instructions for adding users can be found [here](https://docs.microsoft.com/en-us/azure/active-directory/fundamentals/add-users-azure-active-directory).
+
+### 3. We suggest that users who will be need similar licenses are added to a group.
+1. [Create a Group](https://docs.microsoft.com/en-us/azure/active-directory/fundamentals/active-directory-groups-create-azure-portal) 
+
+2. [Add users to groups](https://docs.microsoft.com/en-us/azure/active-directory/fundamentals/active-directory-groups-members-azure-portal)
+
+### 4. Ensure that your company’s users (or group of users) are assigned the necessary licenses. 
+Directions for assigning licenses can be found [here](https://docs.microsoft.com/en-us/azure/active-directory/fundamentals/license-users-groups).
+
+### 5. **IMPORTANT:** Only do this step if users are expected to enroll their HoloLens/Mobile device onto the network. 
+These steps ensure that your company’s users (or a group of users) can add devices.
+1. Option 1: Give all users permission to join devices to Azure AD.
+**Sign in to the Azure portal as an administrator** > **Azure Active Directory** > **Devices** > **Device Settings** >
+**Set Users may join devices to Azure AD to *All***
+
+1.	Option 2: Give selected users/groups permission to join devices to Azure AD
+**Sign in to the Azure portal as an administrator** > **Azure Active Directory** > **Devices** > **Device Settings** >
+**Set Users may join devices to Azure AD to *Selected***
+![Image that shows Configuration of Azure AD Joined Devices](images/AzureAD1.png)
+
+1.	Option 3: You can block all users from joining their devices to the domain. This means that all devices will need to be manually enrolled by your IT department. 
+
+## Mobile Device Manager Admin Steps
+
+### Scenario 1: Kiosk Mode
+As a note, auto-launching an app does not currently work for HoloLens.
+
+How to Set Up Kiosk Mode Using Microsoft Intune.
+#### 1. Sync Microsoft Store to Intune ([Here](https://docs.microsoft.com/en-us/intune/apps/windows-store-for-business))
+
+#### 2.	Check your app settings
+
+1. Log into your Microsoft Store Business account
+1. **Manage** > **Products and Services** > **Apps and Software** > **Select the app you want to sync** > **Private Store Availability** > **Select “Everyone” or “Specific Groups”**
+1.	If you do not see your apps in **Intune** > **Client Apps** > **Apps** , you may have to [sync your apps](https://docs.microsoft.com/en-us/intune/apps/windows-store-for-business#synchronize-apps) again.
+
+#### 3.	Configuring Kiosk Mode using MDM
+
+Information on configuring Kiosk Mode in Intune can be found [here](https://docs.microsoft.com/en-us/hololens/hololens-kiosk#set-up-kiosk-mode-using-microsoft-intune-or-mdm-windows-10-version-1803)
+
+ >[!NOTE]
+    >You can configure different users to have different Kiosk Mode experiences by using “Azure AD” as the “User logon type”. However, this option is only available in Multi-App kiosk mode. Multi-App kiosk mode will work with only one app as well as multiple apps.
+
+![Image that shows Configuration of Kiosk Mode in Intune](images/aad-kioskmode.png)
+
+If you are configuring Kiosk Mode on an MDM other than Intune, please check your MDM provider's documentation.
+
+## Additional Intune Quick Links
+
+1.	[Create Profiles:](https://docs.microsoft.com/en-us/intune/configuration/device-profile-create) Profiles allow you to add and configure settings that will be pushed to the devices in your organization.
+
+1. [CSPs (Confiruration Service Providers)](https://docs.microsoft.com/en-us/windows/client-management/mdm/configuration-service-provider-reference#csps-supported-in-hololens-devices) allows you to create and deploy management settings for the devices on your network. Some CSPs are supported by HoloLens devices. (See the list of CSPs for HoloLens [here](https://docs.microsoft.com/en-us/windows/client-management/mdm/configuration-service-provider-reference#csps-supported-in-hololens-devices).
+
+1.	[Create Compliance Policy](https://docs.microsoft.com/en-us/intune/protect/create-compliance-policy)
+
+1.	☐  Conditional Access allows/denies mobile devices and mobile applications from accessing company resources. Two documents you may find helpful are [Plan your CA Deployment](https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/plan-conditional-access) and [Best Practices](https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/best-practices).
+
+## Certificates and Authentication
+### MDM Certificate Distribution
+If your company requires certificates, Intune supports PKCS, PFX, and SCEP. It is important to understand which certificate is right for your company. Please visit [here](https://docs.microsoft.com/en-us/intune/protect/certificates-configure) to determine which cert is best for you. If you plan to use certs for HoloLens Authentication, PFX or SCEP may be right for you.
+
+Steps for SCEP can be found [here](https://docs.microsoft.com/en-us/intune/protect/certificates-profile-scep).
+
+### Device Certificates
+Certificates can also be added to the HoloLens through package provisioning. Please see [HoloLens Provisioning](hololens-provisioning) for additional information.
diff --git a/devices/hololens/hololens-licenses-requirements.md b/devices/hololens/hololens-licenses-requirements.md
new file mode 100644
index 0000000000..6254bd397b
--- /dev/null
+++ b/devices/hololens/hololens-licenses-requirements.md
@@ -0,0 +1,50 @@
+---
+title: Licenses for Mixed Reality Deployment
+description: 
+ms.prod: hololens
+ms.sitesec: library
+author: Payge Winfield
+ms.author:
+audience: ITPro
+ms.topic: article
+ms.localizationpriority: high
+ms.date: 1/23/2020
+ms.reviewer: 
+manager: 
+appliesto:
+- HoloLens (1st gen)
+- HoloLens 2
+---
+
+# Licenses Required for Mixed Reality Deployment
+
+If you plan on using a Mobile Device Management system (MDM) to manage your HoloLens, please review the MDM License Guidance section.
+
+## Mobile Device Management (MDM) Licenses Guidance
+
+If you plan on using an MDM other than Intune, an [Azure Active Directory Licenses](https://docs.microsoft.com/en-us/azure/active-directory/fundamentals/active-directory-whatis) is required.
+
+If you plan on suing Intune as your MDM, you can acquire an [Enterprise Mobility + Security (EMS) suite (E3 or E5) licenses](https://www.microsoft.com/en-us/microsoft-365/enterprise-mobility-security/compare-plans-and-pricing). **Please note that Azure AD is included in both suites.** 
+
+## Identify the licenses needed for your scenario and products
+
+### Remote Assist License Requirements
+Make sure you have the required licensing and device. Updated licensing and product requirements can be found [here](https://docs.microsoft.com/en-us/dynamics365/mixed-reality/remote-assist/requirements).
+
+1.	[Remote Assist License](https://docs.microsoft.com/en-us/azure/active-directory/fundamentals/active-directory-whatis)
+1.	[Teams Freemium/Teams](https://products.office.com/en-us/microsoft-teams/free)
+1.	[Azure Active Directory (Azure AD) License](https://docs.microsoft.com/en-us/azure/active-directory/fundamentals/active-directory-whatis)
+
+### Guides License Requirements
+Updated licensing and device requirements can be found [here](https://docs.microsoft.com/en-us/dynamics365/mixed-reality/guides/requirements).
+
+1.	[Azure Active Directory (Azure AD) License](https://docs.microsoft.com/en-us/azure/active-directory/fundamentals/active-directory-whatis)
+1.	[Power BI](https://powerbi.microsoft.com/en-us/desktop/)
+1.	[Guides](https://docs.microsoft.com/en-us/dynamics365/mixed-reality/guides/setup)
+
+### Scenario 1: Kiosk Mode
+If you are not planning to use an MDM to manage your device and you are planning to use a local account or an MSA as the login identity, you will not need any additional licenses. Kiosk mode can be accomplished using a provisioning packages.
+
+1.	If you are **not** planning to use an MDM to manage your device and you are planning to use a local account or an MSA as the login identity, you will not need any additional licenses. Kiosk mode can be accomplished using a provisioning packages.
+1.	If you are planning to use an MDM other than Intune, your MDM provider will have steps on configuring Kiosk mode. 
+1. If you are planning to use **Intune** as your MDM, implementation directions can be found in [Configuring your Network for HoloLens]().
diff --git a/devices/hololens/images/AzureAD1.PNG b/devices/hololens/images/AzureAD1.PNG
new file mode 100644
index 0000000000000000000000000000000000000000..e0215265f615530f339edfb10fafc23afed5a720
GIT binary patch
literal 28330
zcmYJa1yozl^9Nc=ad&qLv{-=x!HWj>BE_Y+yHnh)0u-l6aCZq3+$j#hCAgO0@bdlt
z-g)nw8@c!F?46yR{p{@QXJgb=fjF3yn6F;F!cmZy(R}slwLaqiAUZ1I`#qMN5#k5Q
zT@xtvs%nDz0CDriT2e*w)vMYhtVc5x#65<KyuSOZS2R)oeUOrNFTTEd<s_jXBdP6U
ze3FgkLps=aBY3k14;W6^CLOFL0^LwO6vJ3t{h&ObJC)FxwI!uc7-DVyV9BK5%SONV
zBSXiR?Yv3!JL`Pza@VOgCc&aw>FpST-H4*qw%2P-jGaENFD>b#P^R{!b+a~;fJVRI
z8%=+ce#@z+KNVxt?>JOl*3YvHA3N*CT~@8GkoK|Vn<w_7&nuzP*iDEoau0a-=vFs7
z;%CTi-zz7)r)D;xxi}l^=TPjJxNT@l<W_b#>#j@cRpxqe2Yi?C7R6{$@uA$_uI9#=
zJyj#%@kZ4bnM*5+I%j75kEkKYBarR!{tqs+XnSFVvNmGENY-pZD=XrsGZ#dYSA4+r
zIKSm_|2F7;ba%^fg2>rgGYd^AG7(KfNJvfhoyx?Fog!cEWkBSXk<tsyqiU)afC*VK
zCLZLB%^d~jH0h=o<!$qLh=y<N1)LUi8FFz6KE#evslc)d0lHHH51^JdQjksNRYO7(
z(f%XW4mX@>&_8Ts%oh70V;dH@@~-QctO{iKp6nrcd!vP~#IWaPS$jP~lNO+=3dy|e
z^VC+fbqjQFZ3R1P1{i`m#t&TljzuJ5gK3udg}pMHgjB>QY+b02(bmL)D~5DtH(zGm
zP6}O$=J?B!gw&3&EbZ`E*{C04o_fH0fTe{F?u5S`g|^a$PKkWk@LIYKwz1D;YKayG
zuI(9<E+fH=j_!8=9M$^of3g3#)#u_)1tsQg?>JVeInj~XW?qefVcRLhXQ*~+)T}QO
zX@^-W^tq6egeO8}*LrRtRYcoEW_IqC^F<@4O~k>OaCh2P8kdI+uMFTtZP%i%ArK1Q
zDm~7kP0N0n^c?ZsxZm*_duTCkff}mqYIBLFU3qkb2dE4#rDaX3G~_1H6}u?eWKM41
zwm_-r7U&QbqlWX-!H&XKsG=}HfF;3WZzm?`^J251Gh|n_NT7dr*9}dRQkM9c{siXc
z(z>JuO#~zzuTx`A+SaTKmh3udpYa`g(+N*ptABEJd2Si6nLM3xty1G6OAD)}snUhN
zJ%iaNt?+<`7nqtURKt?oMK--gePRC=0XSe%fT&4Q7H|R?p~)uT7i&Ty-a1iBR{u{{
zFqumZK*ebxOArh?4=j!k828<9b7H4#^SbrZ9+e!tYugMse-SbgA2_H>0;oE%LseVB
zOAAne7Q@4*v|jfXhY_MPnCL}g?~QmBQx*H#p4Tv}CU<dR_$Tezwtdu9&yC62pqUWv
z1or~BvpenW@}@xd4Q>?{{Ov<VwQi!b+QrmU+6w+d%nH{-#+f&C0DuE$YX0h!W;hs-
zyCcxEDKvpDJYWXkf+G)(2X>!}g`A}XRMHgsqtaRD)>q$ATAI{zU$TjVX<MLBr^vG|
zgn|>TV*z-uHW;Ag^lo|MforhG*1h#Mr^k28KK!chc_S!vdq+IvfpvoDfgxpN*w&3Q
z;K{9P;H$Msz3Zc4E;O<QdMsVV4Q2u0dS;H0DBHSIM6Pf?L{&?`X_^_pskeaUv&{$Y
zhs3AJ1zMB(fUMC8@mATvR_;B~bFpvLzExygtP6rS?9j;n^r?0+*cNro+!F8&o!Az2
z7cn)duQdVCfN>YQ0wgxwa^L2ji-Qvv7ocSIxElhK;63=z4YBHvq^r)t$binM)2=LF
zRoKc;Yw@J3z5~R7YTpobH`o;z_`3bEwR*G0kPZUgvj|9{1>?D{Y`R@^hK%;_Zo9d5
z9uj^@DKc~#Bx)Ak$oUeNJm#jyGPiBuy>cNJK=j8gjz^*u*Q9MVqN|^OJHQKr`n&x_
z!M;ET<x1!Y#jiy*SceM;nS1r5``}pf7NonGR$J*KRE$GQ412eHV}Lp8>I0gm=e^1C
z;{x>{;H*i(^Y$`Z^)UoaMoet#CB<Z12)H{tjmNA|E+1%qCkpZx0=>!n%YH!}@v@$-
z^Tt}ITcQ&41qch`Zlh6ROW5x)=YOu&qz;JRPFHmejDk}ztAkVrt)~QF!yi&)sQYbG
zXY*)-qeeQDE*la@dVKH2`+Y^uXi2s7gOm^4h0EC_(B6%y**ui4WG_lyxG$N+IDNj_
z`0*v7(<6YTsOK(AI`|3`vov7bF2`Yb(4TFcOZ(Y5c|Az_ITj?^T0C3kd#`1Pg=_sw
zOO(Hit~JY`WbAm<%*6dM({|mY#5hR)u7-(jjefljFSif?IK>hw@)68exX#A-b>*V-
zJ7ZwxC(J}MtMpE`=1+%9s|m=>x#)gJc-K)iYP1i$eUhswKL10lr6RcaV{1^>yDH+?
zZB}h7+{tSynO$DB3f<9bKhYQm;VLzRt1iMei9tlW2~Q&@-;Q#(5gvXv@%LhPr^_To
zElAGypJHi`?|U@R<ef3_nj*)j_&)lo@!K+t;5}Jd(&)JD-VT{L<*&@AzU%h5%ZAXy
z_~zhG;5H?&v7D_7MT_HU;Xgt3r69=z*DOO-`0m0-@S6O}ahmN86a4Mq@UGRmdj>Q}
zO&!cRlos&lh&i}xsA%hw(@HJ)PTcyvU^7EiL8Er!hcXM*q|u2JTkhQ-SKTMj%#pz4
z#4FDs$M~anVI$Wf?{5~~sll~RO@#+z4!>R9*<X^;H5a>>6rTssHgA8`W~HWkND2&$
z-U>+l`@nUVk#u!^&#FS@R`__)h=Ap*@ssqx(FNSJ(dd!D$dUih@#WV<T+w-P!%Mrz
zBd6kzC*n^7zLqb>1@>_>w@5{UUk#LA)};^X*1M$c&Wk>ts#Cv6-)##(#J2_duJ8Dl
zgMMu7`1jiXoY(qU%yVMh)uL&<<lR-^15gXduFo~j_fge&*szb9u~>IEGARsjp}q5i
zs$P%Z2v<osMS1Ov)_XW_!|&b{^<0lGFfD8g9#E_PIO9`#H&N{-QWOZSy8E&vTL1F;
zFZ=8fEO;nsJ#V}Hov4Y#WAFs4N%;z!5qugU;$8-FD67uZdd|rYXjeBh<WfT5>{|bB
zVxH)g=h(soUFll&4z$4EY83&BO+pju?+0tDTX8PM!A-%6W}+oH2%LqvQDeQssalsn
zjEtU?tu2AUU0B<Ozk&EF2)m>sK&)OOlx;HL#Kr%P=PtEc4Q$+s<Ep=u6rl2)GqEe|
z1^Q^th67GrTCm@T;wy%2n@f;03zP-E0wHEu{~ga|S|{m%mtC*Ul#vV3?8y_Z*u<;A
z?9uTP1d^e#VK-|z5kcwB#j?(RWuYz*Eu_&FU5lnMfi)bZ4b==)!E%6g!{B54#2*iD
zz`?b-i+I3c=d8UK&8#fk8#GwSF#@U{ZUoAl5ie2O47z+jhj;UX8qL|HAV964K?uib
z(opwQn{`q%@aj5U)iL_vwfHlhurvFwuxdIu4aoIpl^ED+2`ylK@zWsk@J%qN#sst-
zfHzbq(D#J@5POta&51z4r%N$0@h-hpD--vXZGqwI3D17V=p%1Diie1qO?z9CIaqbc
zn4uHiCDMXWvle)-m0Mg5Y-Qr+<CGLYXR+G7KzGK?Y@!B2AiQGkp*LCoB+NAjU<7Wi
zD*o8Qz2ni6wCT^a4r#%;o#v^+6VE+!3~=5P5DcK(YJ%);`BOh+j1KN@`OUp;U_9a@
z7$0(?n{vPirAJ3xbZC`BU((dWGZJaXQ~&Qt=(+1uEJswj=Fi5sA;LG3_-`cBu@Qo$
z_6hR#Cky|dU{p%X8Ns+bVanV8>Iwbu&PF!1XVs0k`Npp4|D^E4lfrZ?ja0`am8{dO
zlo0hGu3JF7C|AedP#IrCw*OZyKDt85G1@W3v+jRlEXb8ZZn5uVTRArWr_ldZ%^~;x
zf8~8`WasgmW*N&X)$0HEYWe_b%dPhRE88pmiM=j}>T`l9#qj^DJ8=UeyXadymF(3F
z&i^#Pf3vxrN1`v$r5{KA{}+<mvot#X6kqY<|8LDaJMVYI-Fg1O*%{E?o$oz6yN01*
z#q-I@ud{B<&<~21*=pmmabv^x#5~a<V6Fy1{=EEF<W=Ob1|WVoT2Xa1o~Ng0bYh~M
zj}PEAGIFikuA;+g8%at^3fsGPl0YCDD%$P{VYnLmmz3+#63U$s`FT*Z*DP5U#8{Uv
z-G>@-f=c)$gDI50LxQ8``}gnXQ4)_x++B~ndt<-D`s2tf4*nLoxVUsTgReOsx5&EG
zQFJ{$8}~RQ@x>kE$A;VfhQ6UOU}fL#Bjji_iA(@#s+TN*ii9YdrF2X${>&|UNjsU-
z<)CVRrS0~6I!NEEp%Xk@o+=W${PfRi%W4Xf!=MRAQZVjfiZ-zU#<)Ez=Og4}dJ;kC
z0axAY=n48cNYk71SzNE~j`zDr$U6!4S`JJYa-iwgz1KItHlvGqC7SS>P`^wW`A`~A
zlbM1e*qgG3<($g*7THc^Q7k~!LKO}UJPQM;0s`)47H8OGxj2hKA2ElEPBN15<QyG2
zAD^BsI?n>}%5^HG<m6B@GBUKc2P1KCaLQ_gUANu@U6-3|3U=M$)Ya8}w8jcOx0OQl
zy<0u*lCZ${Uo{J;S5}KXSD&!!_#YZRLi=}duuQFvL%+gC`9&hoKxC_qBy6fGl5Soo
zl>QGAS=~0BA<}UPdDc6q>sm{A&cqe`I57`mX8fbCv66`MI<0xXs<YNjR)vD59mZU7
zq=~N^li=2J{IM33n?pGk=<OLXe&cJyg_{$&4qn+YT`wn``v$(|x|(!tbPGtwP49o^
zTt)Q%^S+ora)tz~+8U1gJ1dQKwUDwq6q_}biaa)<nH~-NI=?WEzOyR+AXqyPx*LKX
z^FA<7U@Yl5kwzpk_vzRg9RovBU;p>skpIEqVQ;Ax=tJPW$K%skur3`9X6X3=!U8(1
z#06gl!A9xCc4%mUtQ<IT(p6TusRQIP4z3{yMIt&z6;sE=4FTOBlQBRsQxj-8Vt+p;
zb}Y&pwi84Zezy{B2x=3dvNcoUnVce}9mJaEDP=4tOXydKPUwgnT70d26O^~2O}mDj
zDGFUZi9oq`(raKP^~~rT+bPr!OJAkcJ9fY!5)o<nt>0s&hHBRqRkRCK+6}T66P3W3
zHqMS_FX#MV4;CaH&qS$5d0wQ@`1IG814VZp;#~D^&o6xQixJ6)qFc(ZoNxQ~AQ#h0
zcGC2N9@7iltVzd+d6F9j0Rd7t99~mbr^(up#3Cq2CMhYIQAwbhE1s}m?2q$sbEX@S
zMvtCL+rT)=(?tAL>yxD?|E~gO5ef{R=@u%QxZ52EsC}Nv5#$CE;?(dN#>B)x$}{av
zK$I3bw)N#>$&EN6MObCYgo2ct9|I;PmU<RVRQjS%VQSO#G?ItluY3S|%vM)<j0D=-
zgr}But%~^(4ojA=^z2>KjVd?EKZv6iTi!5#{gq!_PA1l=QZlS0WvGm8zWpQF*f6R%
zWz4(=gwfc)BoDd*ba`74CTHo#U#2qX&zR_jXUzhbElKk`d_9`y6C?fg<(1^6?>p}?
zf{JbmK%JO3e+iS5H4-Cp#82c&LHb(hAv?F^eaUnd+gi!S>JiKEY0WYkm9G&)qwKP_
zOd?4WPV7J@&DVcp%hZiE5-*Qs`Ud(Kx!%zT{ep%Bergt(iaYhYB-nkI_%}gyOjiHd
z2rAt28ZPHP7*j#(p}E*WTm{6W%KSFlp*ZWUNr{}j&oL<%5WuK;%Ac=fAf&Cf+Q_C7
z2l8W=`n*8Dyi%s2pBxu(DI#G@Ibmi3q$$JV8xAIxm{ajEWaL%KoEA79ddB^j2Agsf
z_7bGz!8jP=Dg|EcD@AXWXg|r{ZGVWd9eVF9Iq4&TU3WI3p6>fbgjB!BqmA?U5xyy<
zh}qb#^RH~&48OCIpKVk@Qi{4?);CsZDDNZH)MZ|8{Vp%OO}}T&no8#kLpr*X!K(dO
zT3NceDG=L3prDGLV0zl{Mw*lg_#B%gE9Lf{cXVIarn;{ayG^d{R3norXi@&_VTF_i
z<r%l6EY?@Q8Zu=5J9))upp&f-raNCsfFSNgX%QuoP;|}!FY#9vMpeg^82LX<M$^mH
zl~E5f-wt=e^z19q;#3F#&Epht9P)tEwnS}}Xfw>JTZ^Jbp*?PqB$;urncw>Y7qd~r
z^l{!0BX!>Q5~d$>VS3}~JQlr!!50@7dJQ%yR`%f&6ROwK3`tfO1u_Uc7yA#-XCna!
zJU{A@)!Cf_PZ0KHuf_9YRhl|EykR1;NY`&M9c{GIE@ir2wc&^z*v(#Z`M@7iiV?xn
z5D6Ix1d!?~02M5+LED8e2XZ~1UiW@GhwJ*V$}lROtanld7D!uaPTz9lSb{7p(hazK
zn=)xiXkM=LrI*dD0Y{mTd9hddux7Kn0E>OK+z_FwCjz(3KAB4t>ho+YEr?LMP#{Z1
zYUEac70v81u2)|3qi|xy#kVU_#hF=rR6n^7^#+OKFn7si0vew7nh`jSa=lR)jRvP(
zhIHZ9<^5ev*6yo?PK?>N2_PDNp-uD}KPu;?6G*~xQ+{F-i1O{lCOW(+;&-h$Huk@~
zYG)*aYDe_eoCFp}I^w7qah)l_^X|X(cMU3QqsvKe{my!!)~rpZxV<?=O&|W|Cg{6!
zY&2Z+YPN*Y3j0d6z2_tFH$}-B`<Dk&JNVLKHlFy&VWoo@OIa?-66a63XiDD#rOz^X
z@8aUm!{s*uPAje-+OQK6B1!-!SYge@J>3$7zMha@Gog{8+l!Wuq-(Wn3DL{qmQdVo
zyZYZB5E(23VyVv8sAVZcp07kw$D)3L#rMd`KdleFscPR&*6(LnR?no0A<Be)SkGEc
zNg=>ifk8Z18L|{g=_u!p?B$jc!WO}^Nb^<$9|S&z){->B^7LjK6CZeH)EN0+*d9+R
zOhw%V_Vy2?ohKZ~4HkP(T(~mY*al9`3r(O2*Hxr;+2rK=kf|wBTzlND07VKt12A{k
zlTB+IQXHqsCZ!J=K@3Vu>oBqVo{yO>CI-7or<ZQw);!!dy+G}2u^Sa7h3UlDfe-9@
z;lrvWQfdx3>bb*W(N2UaQgwxZa$VGeu|H{RThCbq?13Sphk4ggO=|?xF@?7~Lu{|T
zD&Pi@5u{amEnC=)w2I|#@mvQ5%_I0QloUr7`v_BUM{BPG65+tUK-)q(?x+CMQtO0Y
zup<pmCUUCmc+<^BJl4T+PDBv8&KC_jsjae;@swkmPm!>0rIQP=7<@<^xisWZQc@b9
z*Q2DOO3BHoTB5{~(0M#i3oZjEu%Y*YqIihbJx`FQ@i^+ZK9{z~PIB}!DlzH#A9v>)
z{2m(FQvk=|yVO$b7Jl)&tlntJ<^LCNv_a;DHH<<LEq;(x)D&4`+<?59HS~#eqOztB
zy5!tD#QBP$`MpBo`Lp;=lz;a$6un8j2jG?FbV-o{pxRITHcC@MUFj^BLU4+c+v>bc
zBh3o9KY<*S!(4nS#r87BG-NY=)pLs?_qtw;@EjXjqW(BwIbS9UD`XLF?LsoLHPbty
z3V%u?O#YFU*vE&YXQq^0aqym+i~N&`8gG@8TjZ}8D$=O8Ny^6D!eOS~?qi<oA&~9h
z<?`eYV-jJjSpR14<eLvgO0R4sHxrEX?D>)XW-0C?jJu2MbzQy4c2k7ap6--t@0QP%
z^JNUr>p{5I6nD8MO8Y&g6AZWdncWUeLe#0wgH`pq1g@vAUYA_)rJKe4+7ucBC*@8_
zeHCfI7C1YE^abIBsu@Y{?5aB$oMMhrob?X5A&Ej1EM4&yU8rF5B0YZ>apPW3ZhLt#
z{H;c{xDFu9=US=d7AJD#x5hX96SaiP&|<g@_=jG4MLSaE5WY<<J%*PEBsr;Qt4Dsm
ziZ?q6qMjxWr%Tr{TEUb+V;bZ2jDYPG0H`QJ>_M+<?_5OP?3bs%`{O=zVDk(*@HAy9
z6nc>+Wty>XnmNikauXB$noY0{?{Vge;g0&e=*L1!L7~v1<jMi1jae>sjSWb~oXd)v
zU9?zinj$52KQ`?$$D3Gf3lmvVVSXIJ51vAcOHl9;;(+XJ>$+YaqEN4I#NWxym>tr@
z7bu)b`1-rlAT=Yy%&WjuI@#lL3c4uolQ`c_SK+||57?~wRsS{5<?~*nGFG`!F1T#(
zDIDwX#`@NCnr^!jd$$;+W=ZB1ysHombz!#sIn?HjiG-zWx~s4Nq>SUR>q?uS#v=^u
z5E~`2Phw#NIkNc#tGzuvZ3s(<;Wrcv-&Qndar=|Rlpfxm17`Jtmdf=%j14)DcO?=9
z?M?9+MTY4k?{g>h@t7Epe|a#UyL+ut!mwsyIbB(JON#415t_59lT~6HQ7l8`cD^C$
z`8zUZ<4#xNZdmQ3frVKLzvJ@9&(Ro&FjA7ej`6SCRGGz*rC7~Sn<#S~;muO7>Lh9o
z!}O5)O)~mH1+d=Ff*ZITGpEP9fWd{P)tChQrVPb}fBO+5lA2Ydjau&-6d}X`5;0qv
z1_+mh$monYxi60WMq8Iw7}D^DYdzxF*ip%>2mZ5_YatWmEbhq&GRrMCS?uimr_>4;
z4K?I6`#12KW6hN$X143vv+2+F2r9rp9oY8xfy)xtvo9>rXn+5h=FZb7EppaWckE-$
zz<_;cUZIAMuUP6zde8g~^VU0hZ^mD`^W7_cNTjGT^g+F#ZVTD@6PCm2!#}RJKak@&
zjcT^E3BHK5z3Y1ViAL+Hr;y$8)<MU3>XsRUj1^zMoCAl){aG#?I;PccYodfhIa%3b
z2w6(++C?>2WTEA(R0PBu#r-pLXv8(sr?ELb?&;p3|DrXyx$ow#%=f!Gwt`Ezb8Gnv
zN3-`pZ{@<rYf+iyO<6t5llZs!7(=J;fwL@1<oiE{z#2%`A#Pt8ot)gifx&|C!lv>&
z_M~NT<~q_`by?DkYNoN(44GBl3Xxyo_s>E9{voEWa^#cMouvs5=5S63BNng%pc|62
zN!$JoccGaxyt0w3NoMwyU{mk311ZP6QFp>tK7Ckcc8Rl{^h@^}anlqj!VM@TaB<8f
z#9)dOS|BDC`18}6f`dC>M9h`no7D=<G`#(T1G!*bLM{i7?f?tIF#iILGP#cgv&#ld
z1Twp`?$AUgj7I?{EXphCT17QHzqq6gEB%?N!j~Q-yF+c`_k7K*v6&(@PDmIgQ8?%^
zwm=DqWe%~h69g*H_r@QtSzg;hN9cmCt8v64SZgK>@l*{M33Q8XSCLir<JWNn1Cd)$
zSm`_c7F)M%Wi}n}c}#6FEvmQWxBM6wDBCBAs!*>sS~ko40&#PnBpJ(#I4D4=li_Q}
z2>|1n*Yhbi+gtr{=(xD^4ha#geO>?lDrHpGYHMqE&(3NGB5UA>tKoe~`RdV3eY5O&
z^!2n4*-I}Eru>J6);A;YONP0tXF2=cmzEwiKGyQhdp{ooN{gl#Ceh~O{uKKIHga&a
z_rSJY9$E$HsK@46isM56we#6qy~CqW6f3^-L~&0YH1h*oWk&l}im|b$niD@T9H&~6
zP@i8{r)T`9@OvyWAGG7a3o3m!O8##jG}4j@PDA=xQeBp)CF?BHZKw?#kcpTMhbF(`
zh*9pKef9;`c!3$lI&U^D%LKM<hGGZiw*70|ALJ^oufJvfLc&(&*a&VVOMpu3X7`(!
z#7;WVB-W@hE4W&Z28?;0LsFH5ZhU2fD~8%;{w58?Tc8^|pb&vxQPYW#f4f{%cW7iK
zunc~sahStwm|?>_Dn+*k2D-ij{&+z;beOrZh*_dutPqN$y4#j>)m~0^w<Xfi%j|Vq
zvMv11)ChJ^l!O}N=~0e{0ez5$BkcOljIafN2u(G+_4O7h)%LAq9?qam2=HB;t~+iJ
zx)7CWgINeOu3+T7fzI#U6l|Jzvm}SiiN^GO@GmlaC5i+iW#<*jNS1$4$G=UjH*0-l
z<^ltkh)6VAq_%<vJdpJ`^eT!^I{VPTaWrPuA93oHsW(*2U21l)F>nc4Bi(De1@U`8
zXY@rLf9jH0DAJy?<t<w^b1d?F(Gv%TaL((RzOA;^w+J~kejob*KId(WgtRHiPapf^
ztybE^E~5hr^lMiAurLadKDY6@4%iD|V~f?Wmr?)P4rbF{@5v`=`q1PxcnNVW(M+0=
z&~CzGs#C_X>fvW5`rRlkIjtX6bwtIp@QDsJ71zb}rdPA9>#cFz=B`bMkaH*M%(X6o
ziCZpRAm?yP{UEXx3tW#pwcL>%$2+Wc$xJ}mNFXdD7QUN^M?L($H370#pKslY3_Dt$
zZS}oj;^4pz3JOB_aX|9WUnWU*CVd22oA0=qg`bLXDPy>Y7v$rJ9_R)h-qO8%Zg%Mj
zMpAYVt=-JnlUq-Y3Xgjrs2Rh6r!xO^5UUaWKrMLH{y{GYElsesS85#-ceL4TA@S2O
zJr*`JVzu4d;wI$^kgX^6haL--`ulI|Q4L>Na?qLmhTxf<JH9*D8-oD(Wc~D>0I=Yr
zS9b5oqn8I1m}?cz9oaq{z_A>p#dp{%o;cv@ZBM>(&$Qu}(v}7sQFp^MI4*&(rg*+D
zhzk|SztzES;<*0Se5P0d?LZb0tcLgrD(zDl^u8!^Q?}4i4t??{5sZ-~;}8Lc)*lGN
zThn`|&j1tF>&_l-2xng5{T3^8nH~3*V-+5XW+CS-H#fYA{sn+GAmHzs(1dozRHu`1
zWN~^p6Fs)jQMI<7*aL-}7d#1+t1<98{~7$kFE7zfDz4+s<1Jk%99mF$n#fT|V~i^j
z)Sm1&K})<b??ndqZO}7d!P$gz)|dFHYVgxBCg#9tHmmEVDnq~gT`3?=MWEiS_L%q&
zW}OCpBMv(U=LUIJNaS-q@hMIm2Og<@!<p5qEKaN5Aba9JtY0XYC0@hkCk9s{bzDrS
zqz+EW6@v%4j{kTyye#S)j@WdYnvldgWq0@B<ha!GN0sirZmGuVnQrm7Ic#0`loK}^
zWE@2~W$=!YTaW&G#a=UH&V`uU7|pU?v$b?!j+QFJgUGazcnHKCWuuqOk+q(@&5j!=
z?O)^4A8!P`If1^RTRBLV4xP4D`}lqK&I)@j;7qI#m3tsSOlfT01vP~vV^f_}i!$Zw
zI3v5hd&K#3UH#&zsno+@49C;&b8Jo-__;@66QxIv5sI|5*w{4`{iU+!@S40OETEO0
zoWWn(1@NBkt7w}r(yHwy`W64cO1;8Qf2Uq>awh=a4?U!uv}gL*ajd}&@|S3L|8Ggf
z4VgY?iHgXZU@Wn*OX0}bfy9(1L8Q?%?kF%AY-P^@Or-9)nv|$sqEs?7%NJ&iTUaD~
zvpIvvEsN1Cefvm5q+etmu<4YKS57kMqER5*P)IEs-H!3^M3=#Gj9uE%hAX!JdRs(3
zYb=VwlO79R_^0C^uG5*}8-pJa=NOaH51%CN@BQYS<FDb@(=TW|AEx3$f)a)@+DS#6
zNR`j`^H6Z^rdzx`L<IbndOacuvfxGeGBlcg+#GeJnPZSYjte{=-=+ozkPWUPmSw?W
zubt}(>Gdp0a{H_Z^>x<JTv$L9fsM6*Ljj^0Y*MqQ1A}Ppvrh&ZjNjpH=BfGp$wQiG
zz-4te!8e(tV^RIfacpro;ZYIDIy9<M#d1d-X*Y?M{2)5%n)bKYG|e0PE%}hkbY$jN
z*JceHdBT#9K}`A_bq+e&eT`;3vW)ihBG~NODg2573Hc;TWP;|czbGnFvuUo-@vmcA
zs2cFC<gPYK6D{W$x%x;{NfXb}+Y+P>2_71+hdh^~f<Ax3$qUXyU(hk=?(<@T=i)$?
zp1{m9X{Nevf;3dIV4pF0(i3I$(6n6#y-LvpCDGhq(Op4T+fK2693`rZnbWcdxS&bf
zn`?L4k7hB6haAj?xR6u+I8$d{DnBP6zR|ksT1K>tq2Up_y(cp}DI`p1d_kc5M*yGm
zi7k}ekGIM!d3iz8Cw;NI=Y{w0NB==7$KuELUd!X*`K34xC&wF~PAu0t?rI8NMA{a6
z+ypQ<n*#yae<-#No#l-FI&laxg&Y#c7sOl>kAB!;qOE1*`C6MUJI^+kMilAk75U)`
z%BN~M9y%BjV2Kk~F(K?B=M>(!<^VWOl-5KMsle+LI|g1d7-2~-Y^$HwdN3Uwquwr!
z^>P%n>TPtqx`Mg;?)9t<6L<+&ec)*d>5t_bS`Z!Oq$brLonVk$<?A(-rgl2H4nI*g
z0MHG~gb5#<J=Y9vHNRo?JN7<>3O(L0bRhzg?j&Ph@H~5U2P4rs%BEJNj-}9GYM$X>
zstdWYNHk8BT)NYCSR<>Z`ucKNRS9(73$Ix^E%_B+pXhp6^sK0^ZF#knmQuSF_%qX&
zdN{-z&e75S$WeDRlkD$B1HI-nJM|`fH%?;%ORNP^898#=*q;=dfRX=&J&H5N!O-SD
zYd+Fs;MU>d3`?Hp2vN;EO)#`8@)dYf)2Ud}^tE>Q+i;6T;-J>^te9~#jzqCIH(SYW
z&AxXZ6Zji%S;~mD-{y^$*4)zD-ABjJPO1)FaiOpM7r2+E{DHOn9+%6hCMu+eDIn=<
zLC(nX+-ewjLK!O5fbGQM&Xc=7uQi$LqdE^H(l0bRJ?$45iOau6r5>@DwE&WNwiuPf
z3q^_<NBS(xs*13d|GTu~sOJq$fQe^u9!gpZdQYtGpE^h?8K4QbMft%b2}Qrc0yix8
zLf)>$)moOa#*{KeGwI^JWRVl-X9(&4(#7wXdL7v`TKnw4YghXCh#6$<Pei$LP_gIH
z7j<u*6GBqaY$UDE)F`O=IV;H8p6bi6^<(P$FLoNMvylShrporV#J!~B-4*&&E){im
z;@7>-;le#$kxZng@iO9#F>uvbdOm6-CzcN$e*}CRe~ticJvD_nc>tXgv{z$d8&s)<
zfgOOzDokxz$H>tNp($@B4Uap4?^@rJlar(S`t<txBP{AG3I4%2dIpr1?5MLzY5`4S
z=<e8i=GVj2J9S+9Z|OX)^V*}bbUl&UjmFIE&XTfqvE=pO`C%gl#NgMedwh9kon)J5
ztabMWQ`zpsL3^`ssQ0#|6h>QVm7o8+=PKL=frh*=?elPnJJcVuUgF*ZhKrma``i)2
z+~mAeRv}K@G>Cv{M3Fc)=aXwkg<7Xh9Mhx1&lLG<p^)~lz@2ulhUTWJ>#WFjpsq#C
zFAR=hL4qRYO%`G=Cc}0woTjFx^Xu!Php9#ToHWnHCdW)f{*p@2spP75zS1BH4v&#@
zLy=4`Lu}kF-!f(!#QzMU+#bN?=E&m5sUP3#UGrvYa##vY0Arcj^Afp}R`l#C-7O0q
zn%~@;TDy=VI2ZJMN0eNr=aG$I2I|l)bs32k1HK8<m+wO9wx$>>Bo8hhc`=)vWj3Iv
zCyQNY*o-Yv6hVdnRZARopd0HDatOnq3zrbl?*m;Ifo^0S)B%^}%=qsEF?5dDVq6W`
zdY0o%DV`P`L%fVBB(e2E{QFhl$UxP4Gt(OUa=dIv{}C&G(=Zjh-m1HM)-HZX$^a>L
z!l@8<8QrS5-VA()`CW1CEK*#@5~s^Z&%<4Celi<H%pJ&qC6rK~#=W)U<=kRG(LMH+
zN$N)w0w=xl`;p@~I&Vny*^>Gbvg7guN73a}4G8?;gj^BM5L9lF^ocCoKqY^lOF~@H
zDRnmrpblsEF@;r)egg{H#Jc3{3A&*Wm;&ixa#JeQss|Hp8w3y#TIqFJUP(7Q!kDc2
z$rJb4PBzuQ<$ayJBGc8ao6m~+L!E2XWa1A%@ZD=Jy7ky=vx}k1N}$m)&#_CoDq|mE
zVkYkPSffEp;L+<u=k>7U)inH3tpR6L^Zur%MY5ETfAP#v(Zi%7Qf4bsnt|;5O}f|H
zrBa3^c%t#~rUxCUJ!I7zeb)j1;H%PG`Mc*IGjS~Z>2B%TqLtDnHqMt(((P@~+xZ7w
zi%g{yq$t^GG?3=gE3IEOhY7VT0N`d6s8p`rgQ8;#Ghs>_jxt|=GToF2j#(d>?e)Go
z7V{!qs50*9$AY;Yyf@+&3Xrv=HxJ`GwkGc$2owvQH0<kV%B)@NK~3cY^|&2~Q`6nF
zxWo_rvCpe!rAu4TH{*JW{@{8wIFHEaJe;Z+iuu23?+A6NszV|Y*HglU%tx^JK)g`q
zjsA9Me28s&%mg$pzpCE{4%P8BZtS)xRylT;`HDt45#buPOMyiqrP~Efe|NrZtX!&b
zTaT|PoUYt@5(>EekP~pJ;F;0mlh03UY#qP;{_**yi<=#c)eFL}9J+Uq;rs4+?8-2+
zo}3W=BeOP?Oto;r3$d4*USy3+HTfxgZ6wT#5+lWb1W$>K+&q!?$xiTNXz4g3$C@v}
zJAO!knq$cXI8?eLJTwI?OyDUH!^|gQ;sBryGd#RQMdNiDvB&+VtZQm-nWJNQ(RWi}
z0Y0yr>6?TtaYgE$lUUAruiiX3+X4+Y#*`=>+RA>XkBNgLAgTlDUu!W97^7g88rTto
zH4}EE@vA<nSTR3CP-oY12S$8ng(h<n^aVz1Y?bJ7oeiSBttd_B`i*Dp&sJ7#*g8V-
zK@?NDU&HueqpoLxXD=trb*dI=Vlf<PVbNtX9*^0(Yzes1c_7YsoITSChrs>JiHMbZ
z2p|{wL6N#|b4=5ooYJ@FhFU_GDdm^vD{<7b-q{-f7tBURhc2dK>`CvB+Cy3d6XQ)#
zuk$OFejY$`KL)A0l{uV)(9_8Pzs;EpUQr97s=uojzRQ?A#LnXv#3XC-Hv^Z_{)4#~
zQ9}BbN!a1*GKNCzJdu#S(xZs+z@yLPEl&L*uH_n}Ml0A7K?O4hADm{Imb2~^Q@ni1
z1X{jy`@pe1SKnK>likv)${CAAl>k2vD1`g0K%mjfvBjPGfbaVfzY{S@_21>6d)I~#
zWRKdbQv6<le7!@;8g-Ukc`&rfZY6Vd7=KOP#fRfQcDzZF6URbpY&$8v+<KySVp&y{
zUj(v7msUc%MKzLEHe2Z{5NFO{*TggbF};!wufl`xHg$M+HuMBF$U1eKUs3qjPh<L2
ztcRWyBht%?FWD6JAN+CClB$T>;Mf(UCHB8O;dpsWH=?+ehOgodW_Tdol=E@T8~=*L
z&TG?=>t#h;<&9Y5WajUFrSm<hv>Xph50KBz#y#)(7_N4{J{1^9=Zgv#yBl5{p{=r?
zV2oTY@Dd{AJds~M!j4*U?g>yJpXk)JKvK~k5<bR(G+S*MRTIgB_EOz{$;?B$Hm{pY
zjV@Mx`t3+a6D_t>^c6#z34*JU1MT`H$gi)j7aMGe#IJr&nl9CSwXyx}V?=0t8Uiz`
z{oe*xV7zib*KDL7jX}Iew75s}Y~CL>vZdb?hl6^2^_S}EU*ZNPz&t<n+9^j}xFv`V
zY)j>p3S3(I*-GuHe8+Rh_Z@*+p9wJQ_)=1G5*z+0TkihK%jzw44#o4z+cd^?yHwOz
zf|h~@s(1m>6Ze|LFr2|j*s8Q`;6oq^>5Q>%_@69MVx5mTmCZ$aEhwIbIgh;BAMw23
zHguKa?%pj8aaPG0i7cR;98~~i&2Z~@*{YXr)Q$BM29^mezryk=TwS!618q3l!^PnB
zA0Sp(6QqsGx2dzy?3C(1I>^{dEi!8#u`em3f`{=;^U5(Ai%^Cbf<d4kll4~`hI8Rf
zJjmIOHf+N{r&F<?C8N7qK_YhQ-+x4Od>8)cY1bB*gD=+6)evO)^5)!)#F4*$XtMa@
zyVZ(b#o4*JKj1p_-%Gx1RYy`U--_P^X4{l=e%2+JEcDw6u-YU3)6j%sVe<V%Qt2xL
zX8qrx>dz%~f~M1Rh9PyLm%bV_b0amus8cgKQHTD%L&Ne^u_Eos%bFr3!=?GC{sz<P
zI^m-H)x<1JL`x_|CG-+ym30M)hY1qv-y>%mJm#WgcN5OoYqb5oOv&$#?>6Q9iu)rR
ztJcZ!Fg5cfPSH*fO8U2S)oPD4KVI8wA#i)=OiQPLBW@v{U77}C79*@lCqI1INY0E0
zQ&Evk)Wm{WXZ9#zhEYjL>q<*~2BQ(vPbgPg7b?eFm!jf12h~Zc3pLzH$+d5N!iAgV
z)e;MNRFZu5Ry}u<$1|cMv0MIKmOC@&w`X6JfGPG@C+YyG^jRFUL=<H<b)ce3LOGbM
z?Qk?XO=0(4na0!Vl8mR}C(lnexZu4xf$U!@cNL#JwHDCC8MDwyzjVYtKwI4}E=Rey
z#|78J1-o|JEHQj)|4O{vO@83z?cE#CocpzLmr{?Q8i+SA+WQ9ZlzE)G=Hs5Pi97+V
zZ?i95q1-WOiftTd5fOLts_h}{490q<rmv%DF4)M+qvhDf>5=rqcXrSXml5k^3M&`P
zaTbjm$<7zRz*na~9YGatfs6qSS)#Fz!G#~`Y76LsE|Xfm$!Kd6&sUq^adUHfYCay$
zmCsFcKEM3tv)1NeLF{~yRSqqu{Y*kdj3aHISLR7uQxl#phCA50RQ6*Al;K!Hq7(-1
z0iv~Li_MP6S)^^I`IQt7qR5CfsuG_R6M8Q&MB;IbE}HB8`|pD2D3VjWmo4XteBV7>
zR8!B9c1(KnuZ`11oEZWHXnP`#ZwwSu*rL1h6V}qLVQ-T7{arZPsLv!kb^oJTg(vm0
zr4;$crC|Oa(@eAq5&k{?$0{4mLNJv6D=>`UYUv#A2<!ikik8HR;6XvC8i(wDEKUCJ
z(T|>?tcp>`=$T>9y0zTr=OAre-EwERrIi(<kdVGn8jFB{j<WJGPkl=ZfSHAb@$Flb
zrKKe{cJ}r&^ISv~ZHYRTPb_7qtx3c3^BWs^_c55Hy0*5qhjt@9Jw1z!_G$M^G|zI2
z8T|HreSNfi2JK#zZKuR0g8?d0QBm87E<Q{uiHt<O2L7T)@7)g7u`IH({8N9_Nmn<;
z9|^2tWMZ0|`}y?vIO`m<+UAK>T3X7+#if&U#rUnmIAL*65MH$SR9O{d-W3xF&<a!t
z#=^u@*VBtGEM(4-2&N4Q2|0Y7`v5=Dy7BfN^$QB67o|m5iL6S1;qzdc%l^?3WUgG7
z03SbZ&F5^bGj4uf$5SGXyD20D$+J+&;ZoTrnC0^KB2W+<xpa$g`gRZqNMgdOmZPn!
zx!&$weQ%+NF!Tb&?;oBD%`nT0YUm6|&0?j=@i6U#ot=H|b81ACTCkc#>~}?1{#yZD
zzZ|LP(OR|26IbD~`;Eu>Bl(WxL??at4pBjCt9~|!gp@QgTg1D}y#>*I9u$>BelXRy
zn1ez3y4EF?m7lwi2VTdqHeCg9Y;MlXEk}gAAD|lr5FS|_e}kRP_gnzMH7}>%)hd@#
zYVn}Kjg;)hE1}s<Xs*6MV!N|p!9($PKD>_zPSdPVx~PINLUY~e*a}aK{*vh)&pJJI
zSs58qgsl#@B{w(urX;@ojmOMd3BX}D!TWZNb^5{gFGZ?}{+pxfw(^x+J0?24pnjaa
zNv`mVw5*N$OT};ijjWvvsjxyiCLUdm_iz%P@8PRp?qoV{gn#Z+B3y6p<b5{v@D}j(
zW9szoXd1tNc+~JlH+`(u2>!9p8v&CW^@v~NadA9p&)fpFwdcIIkFR~Y+GxEKS@J+i
zg1~SPrD$*9MmN$M6qM2#jQ=c@kRqg?W{{F+LA1WIyo^stSq3&^b|wzwg(`6ZYanKe
zK@fK-Nd~WAKL3Hwf$`+-j2KUWymglf>RMXJCMG7=Dl$3r+~}csN(iseWu!`8D>h(^
zOS1*|oYViEnfXsc3<;JUV0f9$?XtgY_##^7obGDPzI71WWSREUJ5j^iL9*(i{sR5W
zfqcYhK%^Orltv}(K~7_=n+q+O85y&(7}X|S&$k`2x8mhAqPSQLec1}1VW#?`%{Ed<
zJZlanZc%gYRUdqN2?o>vI7?*Nrk7urUl?g}H?nRPb&bs6Z>`gVmT+{q4;J^AlxS;w
zr)g5vL?E}N5jA^*#SPBAHI&=HC{avuQ!pN9V<qLJxTUzmc7{~B+j(aw*}Gj?<-1A?
z1RNM4m}_fol_Jh$m&<_180z5Q;OpwDzbk8r9otd(9pXs(pR>t3jh{C@NgSTZZJeiA
zS`uHbB#+xDM)wRyOb_iJMpcPD9-kb_)<6h6pXb8Hdg=m)Ng`hwiNSs_eAin1-wW=^
zUYt?SESn>b3Fi+NQhFU9E?Ub16Hww<IbH%@18?LuE5=nT{Hz!%STG+L#^7%W?I&B4
z&)q|obXjq)@~oa785dumbkF4l1obEAqCuxvqp($0Y>@%*UdY`#Tu#9+VxS!_(`pt3
z-0pbdIbQl6Qg<pIPa%DD(rbF}NDZY<`ne^LZSVgBDaq2P#RVxLAt6Hy0aHmi2uC3k
z!7pGsvb<n=m9sx_RXZ{|%J1));MB0k%;=LUNc#95pVj<`$M5jO)Py_srXno+3B#~u
zMaKWVx|gK{G-oXitFqIE3bU9G;ap+snMj8Q;Y65Gu2$E_EET*Ri7RA()w5FK_qT_m
z#eT=9&#L|mN40p#WcJ9(yfvKDPT57_gLv$CG#9)-XAXT{q1Ype2sCw%+I6?zyuJxT
zzYvYC>~b9ppiQ`sP7<%o@eJ8E@!BwTllW}Hq4TtaS3KFKLhjYDq`q`}0-<^+n4X4~
zUYtV;srzBQHJ9s9(<i%Es<40YjwVK&<bW<JfncHVAFhoy3&%N%=d-Va9ENh&3EoIf
zksz4H{YTeBQz-~fsKe<fyK1ywm>rB1R#4(moH&b$dVWXEs~6VI)H+l$L(PQxa4+xR
z&@a_oA06#jEcUqs;7YF4MG_g^WSo7p?-V)E`*8D&cV6OR^K<lHW=ixh)hB}ilC0+_
zeyb-Cay)oHT&UW(r>8#?|NN9Oy?%%>#Nz6+;5Dc099xi*F{%{b_pbu11f`AFY->K$
zB3=8~SSpk{llHyka<Cbpf~%gS3!g$;5AyPAVaP@ooN)?7UCC@W6Q9j<CM&4d(QP~J
z%gsgWKjH3yn*>dW^*+UFP;-YKV*nSQxDa%b(k3@2i(R@WQ}`}oo51e(yS41AUiB2M
z%Kt3)`i3jJXRo?qz>m-Q_MU{Xz<idkr%DIga0v}$y9r3siz;myF;rDeyf08r^+nh&
zZ7Q~6RRN{sY&HQ6<56dGAc2a2jxK3pLd~3c12U8IBh(<X$!xcWkeFr}6%T|+1r#W{
z|GOa4H!}upKK|G}>^s4TfYj6i{&W@3Y$vO)efzr#!v7aeG!_MnGo}x@6pdlN*4Ru=
z&Uh)<b@BcBmh_o>1rzWxh33VbY}1xIbe|ze9aQ(a3Igls$ePgS<z<w8JpdOGce%~Y
z-?nSfO@$nwt)<^we+aL5FKOiePV+cm^P>K1%|j%agTl}8r&PgX{tMiG6<EL^)fG^T
zw()L_7tkq6%ndrYP{o&WZVUvZ$PN_f2O-${l2S1P5WF9l#JLhN-OkQ^!(oFP=i{G_
z#ZBTh$EPnCl~&-Wh!FH|VpF77L*1NrUfA;9e(skiBcuJpLpfb*ytd4!Uf0`+Dx`l&
zzgPIbt<B>$lwTzCd*|0b{P0gH{`2Rxh}Us9f@RI`kAQMoF~rfO;54UMVP4ia+4*9X
z%;fLi{}d<*HvIXx#fwXU!X%p8mgb*UbJXmQ-@u0kITI9fVzeKGsxJmw#|XRnGfsan
zmk#YaKEP@rn2DR;l9$n2f!x}9>m^~?KV`8W2enbIa5d&t`nLd2WyXKo18z}R7dwEK
zLcPc3O8ZdcXvH&`!Si=Cjcj5BxL4IJ<x-=U3TPZ&Eur>z(n-y}mwZ#96;DEJiX~BS
z{uoK&weLw<)en$62^hpxhdhxLPXYa!_#?xpC$~UgNZ%@!Q_bBxVS3fOzRr8I-_weS
z=9Z>qYNs@ANk?<gj&J?ioT-M{Z26^6HTuH=O;0w0z3vaL5N{MxAsR^QN~3fXE3v-V
zeuYABjJN2<IVWL+c6F-SgK13vR~c9Lx#UI>{C0sTv!i7`^oJ`cOjv26a@DGSBotMJ
z{+~sS1YVkQVC{bUY0dp5WBLmNez~-GE6|&hlXJ1&Iw=|v9(rIR5+<N%E9QeCVg1Kx
z7$OWRXH;Tc03S>O{cHg96h=~!ZA^5!W4a73cSg{8Q5rv}%)HkTGIL!A-6u<&-{bB|
zrq09(<*tvYM#yESYm$pZsx^MSp94j$pR)L<p9!P$>Pc)$x%%IRt?E4-%`LWZ(hmFb
zmq2MS>#KcxExkhJENS|if=#faOsM<ETLc=cfaYh9pIV;GxqEf2^Xu9Od1xo}&c8E3
zSI_A4^Jt66&dgt&7tEG2S8D!QVi4-0ZFV04Yl7W{C`H~UA2br!8(&4uU{$#^3&$xj
ze>nU;<GQ0pRl7AwML?(#Q`Vpiby*Jmy>67?dsL^fJpIkE9U1+(YfjI>gHqBgVZXRd
zX3de~1u}w0rf-P_J}UrYpPy3@>LW=&BZyE66-1o3rdHT%ZF?O1>hTX9Dc;sm${Szj
zzq@8h)UOJC>bM$G;E?{T!E}hoqsg{syJV9@%;ra@&=5v{?lOvxxVLs;C?(kay&G-R
zN$S)Ejax-*)k>SSv1_?3IgzAt#z}1%T?YD!pQ1*Xx0}(cf{=3izMBP1Zk$nE!kYh!
zbx;r;c7`}2GDnco&!nFz=&WNhJl}stEHDV%Xb8p^IHUUg(<G1s-5@o$w`VBd?AxG<
z<w=u7ILi8!uW1VZjXjpxy-~1FXCt1Z!P$n)7b;<=U3%wr9-k-kcUCX$WU0Sp==1+z
z;SA10p7j04w8wak*!^oPj2P^ch-$8c@btzNKk>$KyhtzJk9}!b0TqzWlENy&XM!go
znIi$|kDDL7<mUf~T+$yKLz660u1i#t`f)}{YMwfXFz7}`b6;=X1jm`Z6d5h<eED|R
z#Mn3P6+W(OXm-2KPSDbcFZ(uPNWY$#G`F_DVsg2A;~~v;+Y5sik9sgQw_*@{i-b)K
zWY}+3GP`O;`QS5w#^pY-A!jC->`%pR66k_3iBnu~C+bqO!nLT!N5&&Gk<Te}QCtlX
zCxcu^kVWz@amLH@u@yU3|FmvHlOcLfBV5PhEJ(#M5i2&5i;@-o{I7tQ09txhAFBCG
zXK7OxhDfv)R7xiN$MS^5HeQ+~8(FPcirW_#k;I>HO(^Bz-xRPXE3}EMpc%GV&Jk3e
z46NfaYAak~LL6w>pGHtCTg<f&hMKWfR#xVcy4E^;wF0s83_KX!Vd4%xo)}OE)$QJa
zazOh5YT}py7EHpi+peoHzZv_1jyuKE@<6}k@gLHjWdiRC8ClO(49e6COH6iaN{eg5
z8zY?0(aUvYaiudxj;WD$wEQux(Mln@u2$}ERIB9W9At=u{S{Nrfp}vxYM(T5Vk-F2
zYIlJv8@0`e!iQGS6*uIC$Khrw?oAoJ_f@cz#VXaPb&2mO8h^ii-(W)b8>VI9wws^#
zn;_XUab=KfBnvT?EwN>n3%y|ExGkoNe|~t?tKjg_doGW0i(1t&w(pK}!NuGbH?~Yf
zgNz~p(1|QxLM^jen{a+#gr?lJg>+<{RkQITkkb8N<6d`Luq->g{96MrMT3z&_Y0c@
z=E-n(<8J$=lH)%)1tu3yx~%oLDZiFudnT}%E3raWG6{zM<duE+E1FT6&=s<+GrAGn
zp>K4^V7;K@pzn*l=?XbxuQOHbSqgR-;L6o5)csrlH^rw0*I^he0O_+HM;0KvBvG#2
ze#puy)p-@}|2V3nq!kn}q@<)~o3T;;H?T0}Ib<B8oW_E;hEE5R=yWAOTDpRVzr?cX
zF;e2Z&4-&8Oqc$h=v^$6&gpcvQ;ApKnzeofOh5}v5qO9zF3!k)AcY$6Qm62=e<AZ{
zQw+}7H4ekIH}?4X@>0ki4{o7g{nI{eKoRD0w5?a1i<+u@a`*KRbH7OcGuvd<C)+(S
z%j~W&EO$0q$Qx$eA46YM7>{-x&qb9(^O}(xe}88Cf4chWxTv1*eFauz5rL%}0ck1e
z6j-`jq+tQ2kq$u-q+<y|y1QGE?(PtzySwXmQ9p0}{_bo4+1<NyXJ^jLoH@^Pp6Skp
zYH}t-D19hB(}pG1evos0(~*}iI-l7*aUMk3^NFT8g1g+c5vNTrUJ{sAJB#VdQ&9_e
zGH6rWBXeBnnrnkZTCBhNb<1akDNl#yA~KXLt?sZ;!i|sfpU2<ezZWghA(MucG#Ji$
zyCjHg*D5T;xh_IK^V*E~<jT<4446Gvcbyf#Zbh`Af;$KXL)GmFA!FMg%7m$C&pOty
z24mn}hq^NJc&|_r#iPsk?!`ruHVtY`+A@|x<FBSnwvOaP#l>*U9&a`L+%0Mv8m}@0
zO$k-%pPL^!tq58i2a9<)-Ntktp??J83|muG3fE&fK)P8WkVe*(!P#=RMt#SBqpptY
zxH}W<<)yG-+wDs}|44-R)aV%3Ly_(CB#_9`V2;X3x(tjUU+7qByC{s6|9tw0E*fyT
zoXgJp*toAJkWuRvQOpxRilsKKm?uuy<Ui<rO2BRDiJ@CoNS>Aseq$#vclQ0cKZ~gY
z2@|J$`+`^zkb}3`RD9eT{BjE(*p|ykeDxK5MQHwEGc#J!B2q-wwEjiLaCOv}*G9Gs
z_i-D=OZP9s8AtW?k3wecJ}yT*nUJT*`z-c(P-MchIoNxgdTTbq_iBwBDsShtp6wpP
zzmCw%%=o@r4*?U7YTuI36gzv~wD3iY<@SJr(Zh|*(3yq)lvAC5Zc(H!bXz9TPbeZF
zu}@*aINTqK%c|&g_0C}La)xkg7TfEqwa=m<y$~s*_(|o*m-}Uu)jvl=2YK@S>jG`Y
zD<+8KUPV`yIa$`$cPzm3S01oK6I!|mOyNTr1drX2;`v=5S@H?W66JSGjSnU~!-&jp
zMPYq!>2&S&x2a7G%~-t?2`l+x4-H#(tBdUqf!8`4ZP^Tz@QO87h-UjWQ+7nftdlM-
z%EKG;%xFKpc|6+@1GJ#JC2-zqt^W0b2h{i^rEHEfB=(}|g!u{g=OH;lauQ_SeV^v%
z-@)H&2<v0pVyaL>$>(Nk=MS<1JIs(KcZu6Kgf1G+a>QcysM2+h-Y-Yv8QzwF+3lU?
zbRRnGBsqEGFq?gQg2wf8++Y~p$tZ%zKmWwAg^0;}S_ZIg*5z#nWLx9y*TLUD1V@H`
zr2-eQ@4q@oP4j%%FcV|-D3x%(=-g<1bvyY~8bkd|;~<Ed{I-$0?(pK}Vcoh9$L@pF
zl!b^_i`xLCzeeBPJZ;=PT7}T7`&21vEWK|q_p8fezS~NqL-)l2aS@peUX+qRMAlmk
z8rwilp4hDffEx8Z0?y0g*SEmOee{XOz0x%0`+7vZ@6pML;pSMu20|NulFD5a2H01S
z_=B>C;q5-n#DeZGITFtH7?_b2-(fY@pMIQe(yHd0ALk1QD{-Sy_pqis`AGn^3KJqG
zmMA*&xVO{4)hb4!y`L~|z3szI_VMOci>2Io6^TNm27et@!<O%x|F=!S^6{#)f)XrC
zw0CR${!qU!LKgLcN7o{uRUa|6q)0rC@V*h!Y1?tR=5{N&A93f`ub`-0t1j7Bq`bXE
z*`jWQ?H@b5ylTgebZ|^d%R;rpcH%qF%Qz!tQ?F^<uK|4B73HnzgijFVTts416+Yg9
zAp7QLFOOYJt7GHaa7f>6Scy8lc@T2rfEJ(R@UebXZK)jL+Fstx2zfaJ8S$y6-`)?j
z#VowWb#yHZ!r_q5->i<foKn*YAE=2f`^l}}?=qS@H5H0^*ATGF_)tez_rrt=-P-y^
z`e!Je#C)gd#9os+aVH5wsbpa)d;@lB9j||thsYhLDpZcYu1}d8UTAo#Cop#cE;6bl
z4$;%{jZ)XZ`0+Dv{>PU$T301w?}S8(&{4%h_;DpX%W$>u+9>38+6qy6#Y{`K+q>sZ
zu8nOxjGxAP79%BEKbTi!^iTH9uDQ6pgvZ2W7s6Z9X756w-hVhI64Z6*D(dQ=8X8`Z
zXkMCxxfV%di?2LkE+cq`B}lL?;`T!TTenk8m}5X)`F&6j{RsP8QyGf1)JK}pGD^c-
zdjqT4?y3idfyJFHFRv#Kp%jJ_`AJ&7#?McTvbtHf90a8of_m0j9Q$<TL^=>x^fdDe
zvtXBK%x7z4O-#sg_^XQ(s~7<dKZqKv=QL}H-&d?Wnb=#cu<`W3%-7xX9@XG9EHK9R
z`n2f46C&VvS+YzP$a))xeLCD{bFodGU&bTe-Vq;SSY-5Y><UIeoaErMt#Cb;;e;U^
zxuRR6&v==`ydtpt=rUTPxqkuwB-@3gtJ|YS;N@Y}=!W!Zyj~WU2!_5B(v!mW5~oHF
zq}ZK?At#aI2&DL7bQh8mxQ|SG+>hsl8<KN_%d4uGr=5d7A@q<}m}1%F^E{650pUkS
z70L9}h@Dm4igHcLz&7)hq6;6+epWc<I|>x1P!r1M8MZyN<}yn6!KGb_x<ZWjJO|XO
zKbc-AnPA0^bU5o#N;79XfiL*4^fQnsK(CgGu}75Iuyh$B5bN>FET=f3P-ya37w2+0
zVC-=LV~?hYgF?=i6z_5KA>)}`b9p&?FR6}!SK{J3-U#1`ep!0NYs8Lfc%a&@g@)M2
z<wL7neAm!y=Qo&)iMF3m{8<;7gYo<044)Y05uhx#o8l@A-psR@Ipf6$K0i7qox;Oy
z+LD@FQTX}2#Ts1dH~+3Lwm8;qgoS_BUkIUBB&hjOd%LHOep@Iu&tr%TE>+8?1NL$&
zJZ5(@xy#=3_(2z!A)J-|uX(ly2&q@KA{<4r?y>x0t13LfNv|H7>k@c)VG5GgmYyAm
zaNqX7^=1<E-$+$BGY&?dsurZZdKY5u6v}gBfR)65_6+8M=mJD|X`fwF%`9L8$>KIZ
z+|!gY7M}l+B2Wn99gwqtgp8b4cN5{PBD1!+E%6HWcuaow{%R7ViWrh-cj#^D>jnSm
zBuAshR%?udD*RQ?Zd94uQcRk0U2$VU=6*VUi!(HsM;Z$``HSoB!@GoYd$fX%ScfbT
zQ^CCFq&KC4^>3;@Z#^6gHwR2ry?y13#IQon5?jMH#+&zj>o(F@aIyI}4&PL|%<idb
zv^$+ODjyU1#RZ>`FH7TIkgY6H3Zr_O1^VC=?e*DlIvnI-07DNLc_eauq7fnP<gOF}
z0RbbO1^g0$t7iTK7fadn*{#z?{u|#EuEyfqt;gX7qgU7V1Vsxwm*a8|S*8Lb%$eqO
z%?K`B?HxW%k9-8-_SY}Cyj<-|P>FWC3z(?^0W(zIBh3VVeWg~^h(vB%1R!6!2~H`Y
zsMflvgn~{qR#vO?ZteBDh`A0?Y@U`-#hB`}*GjB<Ifs36UIo!dBhxRa=qMh<&Z~VS
z$NTz<iebFr8G%VZf&6*=V09QB-V|mUWgxtcjIrEVZPlnfB!_FNxR~W<-8-W5^Ye}P
zXNixxL(v~RcrY?v(<)e3!i-Edk7TN2qOUml14h(ewXhkFhr7H?03_%Zc(D0qJ=&vH
z2Z)@6;&<2tuoVehV~bo{i_hP;$?E6Q*L4r0X+2!S4YlwA5SX>WwA_1(?+gtMLqqqE
z`K~<cLe66a?bpICL<4-(MMMx@X|;Qr-oZ&u09G)t<j%gf7oYDxr&r6t!O_vvqYA>C
zO+UXhzM@WziJ4e5bvxM-e*HR|zPK-*CoM$z&|Nk$@Gi%{It52luYTrz5a$=@ADsb$
zUn%sdDzi+0B?1p{jt8FL`7>9f(TI)akD38c{d`M*AKudsuYW^Y?Kr?TI4%hGTU|kx
zkkYP{G~$242BgS9Uw!R(klx+m^!s)xAkikAt#shWXvUA<as?QIj{zv6tM}Cs;8X&(
z1H2-d?m)1DQu*Kd3{6x(U75Qj|GY~F-gPhRq~xYa{FOualle?>XW+n#8uaCluE8D#
z{?pP|VYC##|A2uqFu#=1eSN(XX^r<Ar;~jE)Y%aBzlXtCP2|<x^8j&>yMmAm*nl7O
z>sdl`d;ZZ^=%y*ek2<LSa|=)=V`#NoHpV~75CEpN-nZBk8%yZE>o(iWRkx4kemOOZ
zi}m|*BOiV$PF<%rn9wR27Z+z>Z5`@zxY7vZz{>u<wm!%L;Y~(ll8gMlIUvL4)hht6
z`*jIMt^=|{4o^7no|WR?dF235m!2FEiVEzVfEtrJi9<jCrycPI(5NuCK<P3@LH^qT
z?u&s+PycO@+pn5|Ta|);^)SNxcYk*U`hB2#T~yKD!l?dfz_lZbawo?(|EgZR<0!pP
z@Jl`ds1Xa@oheO(#NcZFF`Qq`SU+7TBJ5W5R~ZAC><ZHnMx20c`R~f#DPde37MLyl
z2boG4z~slG{+1ICbcgk9w!{iHK_}tJRYKUQ0C&&C3v~N{-z`B4h+lZG!W;x|>`Ff&
zDUobILX7gF(LX=a3o)(}+?%mSz#GmR$RWMem)<39$vMQc5hxNZTU}(~?i4A&s!fop
zu6`p_n8}qYKl2OJMM@B5C}m9RR%FAOVX|NnzlpN(wwMOr&gmmXZ2!Ot;*hDNJTd`;
zIT{81%2{X_^)^Fws)#t;1gS|JUiXBwt`qTOuM;)2YcZyQ5}sw1+>r2D)N6+rYKp4g
z^_G1I0EDO*C*&_7POOw*R}!TuX8dTi&&ndt%DxAR-A1Q4j6oi=nhB_7m5UW1i@11%
z?NiVaCoci#HQShyAe!G0(Q6k&!e@jIR7gkq{gyAetFoX|1qz*t{({@^cEa9lF=-u5
z8Hd}BgwQuFqQRGXzTbFD+f3M<LVBd)6k*4X$r(8YwC*~Hgt3zY9DT-!wF$4S(-)7A
zvsZ28wqNh=2<zFhLqx8UtJdzN(&s7;4}R3;_$vJ9v3+XPfs(?i%}=y~gtZN#XY~ND
zV$7SGqbT^b*)vhOZ5K5d=#QpK0+gXtK5HqwBL-m;wwx%EJ^r>w%jI!rtj?}a<e>gz
zrZdgvzSq<yeK8?Ut4yC{UIwh3AyJsy-19?iW0R2i{@mz+NiWN%sAlSTS_Ic}#P^o8
zGQ2_WzYepwg^(Vt^fcLDPEXXjJ@*=)nwuslOUcUe<ta01GU--pi7M_ggIX%#kM+iY
zM0q*Q+t_1@9yYI+kEPI#mJ}L7t!%vmS(oiDWMdeMeI+IgEMgY}!Z!cRC3wJ$N8m)S
z$S$VtUgR&}Q!7Xv!!wR@ctUNIZ@(pGYKPEQROzMF@DyqqnO0DMfimuB&~2zeEW3p9
z!m(N$)>;wK_XZK5{Za&uKCDjg8mR;#t3O2+5=U8dT|i%^89z@dVU&QTKD#vUzNX(W
zGgs8o2t-8=rDWp)EgReVq3hnS^|`dU)+L~Sbsi7Kp7{}CiHd8uxb7OMHj?`F7z|{c
zH)oEnV)jd&E|VKJYcm2ij)~Ix+R{?kK%D(?K@8&JkG_Z1y1{IizvkCuJ7CxeiLq0@
z$<2=#RSW%=imhGmN^qaS0?1oZA=#%>(R-FJEP8;+$n`2<AYA?^n+BtRpo6a(fzz#Q
zP|B)<Z$2j={~9G-pVtfyf%%-@aD@r-H+Xv-MQJy#_;_&ZjC{N)jpMF!dB$Ivh_G2|
zFu7?q@RRQz`)UfiJK_<)!V|kQDg8wqZS?(ige0Smfh|Kqt54+iZWvxh^n-ftgn4Mw
zB?6iF#<7e17i#ctXfnq-CC^L28Gm|Y6_^4{0c@D_DRgY&tL*Y%3ir2GP@>Gq;@mMW
zJJ;v5op_-hlW&GD9lA)qJ_|3_o)FJepa6O`&cn}%ebT?P$-5d%uiPV+v=H&MBMfov
zZP4C5o~Se@d+hs(;%Gp3Yi1r<0m~@AekM4)yQXAD=pIAglGzZcge5OH<V>`ml9*1X
z_NoCQDfBVTT$|OjksgT@rS%5!64P}L-)o$^*(HbU^H#mj&D4~EWf?LaLtKg(SB3NT
z+Gb#jd~bZd+u#4exH<uebb8(Hka;hyMco=9#CfvWX%Pf99#7r>X@(!m)6naN@|p3t
zG5qPw-iancQWViV8N>%c`2`)#_qlo(A`z@jNm%P**p%!<&4pn}H1p>R=V2cA8RfHr
z!}gLEk4SBBOKk8|@rp<t^`NaRd8w<i0)@pkLQmrA10lVxZV0FK*%`oQ2WT_P_(xDH
zpD)cG+E3sdrG^@)u4euE0{;2aZ2LODrYZ=)w24*po21+Ouy)huXz%Ed=63WRSK1a}
z&{|BmBSb%cH5mK$p>E&_<u{il%clKD3ho+Yc$FISJB}*(e4{qE=L#Si%yL)6pH4dM
zufL2={osj=o_qw+++=BAL>h9v@D(rZqOj$$pwT{QI~+q|PkVky{@t{or7kD{{*><9
z<^V<o36m>oi9o43>F?G1aVijziW;Na-)`D4_qAPri(ROJZi)Ulyorv_m!!|?W!+Qd
z1lgHk8&qH1^~R^%xI7%9P2tTs1{|+vnU+x0uY1=5Cm!0>Iy{tS_9d*KzUrX+;y1Y*
z(mE#i(o-&i8`Eir*zh25U^3n}mGWlbl)EqlhE{86gH8}VW*GH_p>j6GJ!faUC6Clv
z!l@mEM7Y^#FbvE%j|((rUquDm<z<R`R$^7^77aZV5?qX6|FsCugkr)Sa?os53|NPb
zfH>jX`!k6~2&i^;F%e&SzM$8O`b*{xdJ8k~5-N~4OoHu>gAL3K9;+B3PVl<w<N1@|
zzWCysP-2)M<Ty(Z+bTH0<5xbwVN>Gdo#>Cq*t2C|whr1f9*0X$n!c9J$3`)AGT5Ku
zWO?r7{WV7*(<QMX<LJqgaYcNeds?V5v3<Te`jBwv*STpBp7|*j&l7~0xIvy3RQ>eT
z$Ggv}Y-)4`&~yr_Ft)zOH1+tx_bDc7`WrKcZ@qAK-5>K&B#PROYtW4xCWQ%PolnVf
zMqxgo16&e!eqbFYw>9HuTIwHH#Yv|GG;C~bZT&(+vu>l){E)iOhSbudDR>GoN?^7n
z=aRC8FP``q<^0gq2~Bl-;iB@$@|x_&=9>8#b*V~H>RBDsR_H_ZnQ2(qxe@y*phM@9
z&~$||{cKjkgOMbV2#ghXXf#rB?H_VY@~*c2h1!^kWcsxfh&ip~aCd{JR&G|p<O<7A
zqyHRYXp|`KdZVB?e*J*t7Ws#@V#Fa%y7G5cRs{;4#l!0H>|}N^VV93yefJC76ec|+
z+KgA&WN|KuevoytZ#YVm8!7>ET1t(z8C?NqhN^NO{CBaO=(IY2cJi~YNL6}UfPQo-
zc}7Q|`D%(+e%?Y0u>0N+Gw}eKW~Se<-UywrYJ%pC39Js*Y&mbsPE$$*yYt@Cyxg#(
zZnGkiM!!NGBN?wKC+SKTVYg7uI?8L7lP@SI{&I40(hl2l)IiJf)1S%b9}pyH2OZIs
z?vu1ja9~OsCUG88V%<4^IPNs+thHJpZoH?O3D#l3yWD`!NZJFv^UwLEfnSyil-zUR
z<=WSQevScnRKJ#lP)HqCp8K_{0NdnFJ@;yw@c;iE?HyIaZWHF;0l~UlqrP(;=arhA
z45PTLG*Vxz!2JE?o?zWMzk9Uvd?j7eckbcFq{JQ+_~xDcKi{Z~6T&m?WViuG<^L3f
zv&`m6{_0mjB>&vbSH+-2YggLRk{Jd(8rYFU?j^i5b^v&X4m(pm6s4q}YiFHs$z+H$
z65G$?!Xh-deod{UPk~l&G0zQx$#LxOVH9L&3m@GF*+zlCAyYp-<koDp1dZ>~N*2bQ
zRToaaDDv8H1|jd#(^|!H_eebd+ak2llNelLW1Smjii+Wd<j+)u?QY+Rb9}?W&QNOC
zRzO%(q3<b`r(;pZeyOXdD0&k^+p`EWHKjj0v;d(>SpXtH8U@kbqoZHJ*odIZ2!K&D
zC<_HPF->XSyDjtzvME)l&p%?XT}ONMyDJI5sPsD7Ph&3^2ooha5Mr?TDLxMfQ1RT*
zmHa#eTil2>dOZX=2w?fT#BYV?cscdpF#3NvJ8Q4-I8fr!+@%V=IOb%ip3k2XD!?YD
zo)=Pz2{rlK7*d@bP}A{|moy9v&=2PTi9oEe{zg=o-@(wRskoy{Z7=jzaSkFmF9vk6
z>%AJNZU0;4Vmjl6MY7RfrXwqNXLNCZWScxdQ^}05d3zD)Mb@LSM~G6Od5N>+@Q6f(
zjO1}({;lfVH=_gS7_xk2-K<e3I_sOu4>V#zFRBMA@@%~p7q{OXa_sDSb1EeYk|z<*
ze!MUefgdN|xZVpK(b#)Xkt27$7$We3fO@is15(W;1-tgW1INATK(qd8nM3jU<(5>X
zGwOTP3LBMbd*@{IFP-FsS8Za@F*JKMu$_lotZUQsdA~Gj^LnbTI_af|?x)A6$WO=#
zF9?7<+Q5&plmt6CNtFir4QO@jL_x!^XZd#NCm@;0MykZkByambppYV!i|05!@r84i
zkdV$}%J~ak9Oxy(gsVm)2m=4W3D(W}PB=Wf7oNhRS(8m%q;wG(f)X_k`{I?T6#5NF
zthwd_S(QYRF1uw2`1^6;d^b;R@Tl^#lH<n3Y(C#m&`4Hri4}H<J^6&N84T`I4{h;x
z1Q~Q=6Z56dZ8(6KB5(44fUUSf0<7a5T2*eQ>9(tAX9&P1M05|O6bD$$><jWFKcJJu
ziE<`vjzu@Yf`eCqbja2euzT;Pjd`6DkpGv|`Ng!ZPbMHD+W7lX+d9&|o2IN$PqVZe
z*>cM?l2rD3xUjGGPO;k&KzW^~@0xF@$l_;299{^{v)R;cOA}%irA_t7nUSGp7tT<-
zMY~&xS&|#DR;c8riT*OE%tyfJIv)(?g(<+{jJTSpH{v8Z+?FcHIi~`k`oyfcwY`Te
z&hSyL^7?u$;V1rRrW;o`(h18#*%1lCCl4GpZY4;LJ`sU8q<#j;n+F|-hdn9Tlk-99
zPzD`lr*V*f*dNYXze-}*o5|8IqiO9W;okOK4g`CgJ3*wQj21h2QuM#pdDUOTc?~x9
zvQ$Xxu4y3bk>m4RtKXzBwp_&;13lICO{AK<wm86t$n={Gj^MEeVI7nuFnJH>#UikW
z!lhoKLV`=PB=31N_De-wy{EJJTJq;lKQuKhD0q@T*;j#ZnBu5DMkRruj8@U<Jpg-%
z8@#OUrMeVYo(=1AuTsYfIWRqzqdyGA!FQo6elp0J(B&35v^|ub#}QB#x<S+6kMykd
z(3FV*rQ69<s%eYmJjH=lTPM|v98zl?CX}fJP!_M&^{}r1$Oi<`Yu<k&rhYWQ8JN}e
z5F{hT-J9$T80rj#-qrf0>Q3)cH?A47J5z=4ifpbP9;p5jlp$(h+Luxa=T17IZ<RSN
zgNC|a8iN!(bsA4SWsIryE~Zni%A6_gy96x^r(N7oR$$?->?-TtLhHZ*>6~eA^bn7@
zzO>{ucB^Vojby6u%#iP&a6v2%Uu&gYk#*yP`FQ@B<2h7bCornPluR#9a#FTmZ4}?0
zN{rYR;uAE+yr#+%6#KAv2u`F@axf_0%TX`><Q*<TV&#02eZ3eA9eXOh_!Pp_ud?c*
zP*x9bNjydswQEV_P*+U(q38Lckr=|Rm)WO7vTVqpI`^XK4X%IY_xX1)F;Z}ySi)r-
zpKqm`B>7fW$W`Ypxe``-vNTp9w``+I<l`(3PazcS-Wvqz&A@VNG?XyH-Z~Ko`IY0m
zkmrY{@ap{0t#$#>liOtOI`QRa$>q*u=jLSoCCt~m*-GT4Kjo;nX@B-3a?DH0KBGuE
z*u4!s_-0ELZ<Z!*H}OE~XXJp3LIk%xwQ!bzxZn(-%#D$-3<7l!^e3}axmYl7)iteu
z_blBRKMFR7PU$|SW-Zm#ce;9OYc&i$Gu8Z%t_!57DPL&jMim5Pil^j~L^U7Du8dd9
z16CI4WS`>7*~#Qloavxxwk=t<Bo`L9Y}+}@zE&OcnN{D@LOsZ!c9-K_4jsBCs<&X}
zM-cZs%(+RtwU$oup7ys*vm@*OyO<kd>3kZZD_y8jhb7?uz!Ps;Mz2o~VR`%7EvRFG
zr9gC*?lyO>=S)J2D)E8UV~3t@rqGAcr}#d6+XZt@{dC-_X#~r2*GIP`b~x@K-edc&
z8!Zysv(gEB(RDd<h14PC%itqPRp;sCZ7WbORc5RUl;#Vx8y)8=wna<OXVYB0I2ziv
zt4?42GS@#e|0A?-p`ZS26as>)QC?1MVpm^BAfQ4xq_AmryX%u1;!m!bpu!a<-d1OW
znusV-8ehNT`L<}ZIYJnzzVpBFBubc-9vjO@rju_p<D;M2q*^-DK1e`BNv-c8PtthQ
z>L6qUk6Or^GpCL;g$RCEVBq9X7eR38bkCK6s7-H+u5%t<@j}wHI-K;*a=o--i#0xp
zsq<S#*jQz73yFF$dn0L~T1WIx()Bw~#p>LOeekdMf==p*FLZ2=gLTtRQVZfxwg4z;
zJco3gDr9>1FbDx1(pW`%W0jkSTdLk=zQ6{W&Ace(QJANl<<d~Pq(~v<v05rkY7&p=
zxMVi}CGg4;HOE&H@HPYFuL48y1wdgooQd!O*F^8mW6nux_;IW_Y<X{=4TP6Hd>vHl
z1@1M<9UPM&sbTQZ`zj%PvPawEJnWZ$ds*sry$p8!#AmUgipVIH{-z~TT{7(94~xvX
z&Rtr+(XAS@w7FHi<h~fBK2s^i>q8;*AEr`|_Ur10Y;m76mY!TE4!z2q`zavj4%@DX
zQ~+Dcr_w4>W=>2>zN}Ux{><k~8nItD@4xG)A?Y0CR#W`dyJg69jT?o9^lN~Y+#8h(
zaO=LNT;k1_!}iOYVDE);Ot`Uxp<-y4!{Rk*L1~F+2XbW*?HNtLDo()SMYa2$%%e7{
zS8AR?(oPd(dN(I-VxJWdEF)s1XQdZH58CEOz7KuPRp3~ytCJF@PKbuiZ%O5Er|=Gg
z7g4qZC<2>@cve)4lCsXQLp)VUzsiFBx$tmLuy>Fu3iK4G7)jNbEovDXmbOLioB?FO
z8Mt|xiqff~34>=mpd0X1YYf%KVaJVleMao?o~rciIX6nw@MgBrk@7$Tg~f=A#m{r5
zTV{x64K^$+hR{>H0v)0`tBfH!l?G57Z7DX77=g8iQcn(n)~7|pVk@k*1wN2c??d(A
zl2#i%6bA3OcoxV=-)%!WY5ocN87Iozxh0^W!b}pTDMwyPTv(?8t59?X$~3`Fl;|sD
z&a_L?DBih{Of)oN_l)SES*o9J_c@e;5rj?nyM}?}rHa*Y6$!ICs+Lff>v7y~v%rr{
z&|9O+)jwPc(S}Okv_znn-wa&!E;$Ua+oB0EX?IcNCG<^;r23w0^T^H9hBmJjw?-(^
zkMvmAh#d>wYJvb@KE1=RM6NFBgdIi3j0;byn&#1^H)F_QTvqa@Nimvhv?`T7-)nGJ
zdj&JDW)*IDM=9=|$NtM+r6rXG33+Qcw7xYh1u*V7D_qb!pQC^hsc->$StA&N$sc=v
zLx0yQUH-;xL@6Y8tKi*XepsIh_L(;WEy)bm4CxD)*zn1ve|}Bh2)u^&WmF-G9oeG)
zE|8+lC?S9gt4ZpJy(|Lb!pUC`2lb&vS3P~zh@SJE!3wSRNpx|ncb_#5BSF1;qcf#Y
zX~z&viCvkw*W#{Gl<Er34tVD2ZEZ~`6k|Cj=!Tb2MMpROEPgOEAp(e~Z4|RbZXC8R
zkwG%Ce8?)PAblZ`rhEs@dv*RZ<N^Ysjd4_^R}w{C@*-~=@o*TA#`zuVLMxWSY}ivc
zU!2R3+}MXu2Md}-<C)N(IhmpQ3MJ17#s9O_Fb1|7nUgK2gA_8uDHSaY6E}RIBsZ<b
zB29J>ykm%%p(c4wgNoOrWRFnb)oAWqY>L<Ig&u@6N0d@((kN})D1Z@{n}lk?<Aw%e
zZw1cvZGOX;_5L73Gtqzzid(PqT3+ys!{I7z)p|dBW`CVZv94e)z~n~pSQA8AMCbhB
zKr7uv=><pPCe*lAD$~jnA1-#2^Ig<7LUAxa^T1$&8OPm|=iIwh5|Saa0Ch=d>8!>~
zen7uDt%TKD0SEwo{-%O`71?z<E=L7v7g*@6m0Axc<DRa>2k~WlB#~n}=&0z9ZqPoe
zh&E7q*DT&>osaF@9t;+BT-pWeUgK<&3AiK`__@m>6nPD2R$IXpuZx&zZ9)|lh3K`_
z(!JhXNveikF#(DW!Wh5YLM5h3N|S*6h^TK-ycZfc-#ITVnb|5RX_ORY5`K<z*f}st
z!j{c+O8`>}iRB$)j=+BfrC0_#)H$W$#7`DA9JxTK+Oe^#LWAvs;4iq>Q|6-elrfsj
zl>uFuL^m;nIXmV$C;2f~N>GyLo5(YYl0{RNa@qGh%iE6F4m(s2cZijX>7k9Ry|m!K
ze1VaYTQBJJ7o~3ea`>K2`r9uL!iw=}N{O9sPcZiZeZ-`bYaxhF$R-`>0jiMrl&Ilc
zRZ?0tokg#Wi<Eo(p3)x4K{NkBI|%Zi%1Y(tF#~tGLSyWFyEav+g(Q0)Tc*3``;G<w
zU9N3xi{vvADU0chGbY7^^Y0lAjH+ecqFG*fH(-w!4hMwSwKh>hwPH8q_iKHxN>;ig
z-SIlCiz0*sb{<=vD%Fynm3d`(%BQ-ec|mjg<CePfRON*<4is`sG*KWfK(f%4U)RY7
z8$=Gzm-Li`%C^!4<y;0!C^YEW3fG_036e`SH^kAct{Pq)dp@1Q_2^@#rxMqv4Mqzz
z6oUhmTobETrcBF=?ch2Y!>*)_=OG7nABQGa^X6J<vIY96;88r-j&J|jnciX#2Bqg5
z04W@xonajOATrGX{QeLA`^tM)cv8-a$a*ZUuuogzDPClDS*QJAK~ah&f{nRo<*eMo
zoFfl$ip^9q|N9#@=n=H*B)FQRU`J-fy`kH1zZA=Y4vP7*kI*(QDI}_aN=^@m8}iRj
z(7F0>{41_t@}q}DE@kj&8}6eA8Db>o#=UE}MD=28*HlsF=ngw+)O%%T2Ne6O#nCMv
zOgsfqu<;--1@~3!tRuow*ttoTiKvhy)6tUh-r0{q&#C73^==F2^lp3(TCqCTuj(Tt
z@e}b{?MiWP#6MIB_-CTW0P_b!l=m=m9cSc@Y3I!>swy?4Y&sTBqlOP;-AWkWa!DWR
z-8yt|UzvXfgC$y>Eb9<N4_4_tYHUVs288I&$e8dF+ObxIPG_kcv$y!Y+S*6iCBu&O
zRQ4Dv{5?}$Z#5p@VnKA4m@Ty<Lkljzy2(bjfWk5%N)xHvR1Qta(vfe9`!!KUvx}PK
zUcvz5c?wBR+QpYkM3BPUE11G}S%hFD4Stjfym%b%Um!{h+g<oWROE?SX2+t4?ommV
zX*!~NDEu`(x$wxS)I4oaCE^Ia=fjv#hcE}nFs0RtWHQiBR(TEGRZPacwcB^`q}yba
zBcD!HOoco=g|>I+%6ZV^@h)y-zQ4uiEsASxtS)!`s$K5s9=~{suI#=cNUz1b9Ne9s
z*?ya4Gim1=yr4h(cvY$wPm^oe!9GT}O9OqIDB|W_(4vuNPMt~Gt&@VHb^JK%dbrS;
zQE%F&)%(r(q0z#oLe>)%JfHDQVNRvmL#U%AA#vg%TOay6;0znxwTZQpjEnFg0u@v2
z69E~K0Y~%%zW6p9els_!P0t3$6aBw?5uEnBbV>y@_)}`?w!a@oWfgKzSO)MjVPjz#
z{S6-lu=(6Yl>AHnPUx+BRy;d$@cs?I|MT&(vf1NTyfy4v-@N=7SxZ8#{zgu|NCR;A
z|1I`y4qAx{j8&PHm6h{vw1~SsGFAJt4F*=6$Uil6KoL_hVI69p6@1=Umt&~%)#BSf
zVVU#B;8(DU<2RM|J_?7DW6xnl@N46M384-_2~H)=R??8aH5a3<^TfV1EiDQY;Oaaf
zgUNJc5`Ka)mQ&N06%vl`mcg(_>kFr(*?<5u5S|1=bGL!H;)y}9caoQa1kWYgn9*c2
zZR1sfedn`$EoDi5)WhXQ9@zi*yO)3@hWlprS@nJ{+++W77P4sYW4Cjo6HGR6(Am}D
zt$-{B1HrH=Ksx38rPP0(vLUi;%4H5uv!m3+gw4aUNJ~kc%1~f==d`I3W8wheI(`7b
zUN%HFw6{vgS0G#uy93mPV~7D#fTzRTKY;T5J^&2%WiF*^uCDxH5%4Dh2o-ahS=gQ0
z+h0Zi!!yZ&um4dC6z)o~8l%t>{}1yA4t9u83^F6RaGY;wcpvlon($@2OSL05lu^p0
z1kO+>KqKO`X!z!^S?qD`3UuM!Rf5c>126!_{!m-h)YP0$ewgmJU@6SyWF<oW!R*^)
z-N$Rup{T#A^{bwv<;3M(|1lSUgjs^01uty>MY(~o`Wt)qeg8+n>o*Vw5FLQqzqSA}
zNWNo#$OXSR7aaRyycPe0_7{VIj9xoHNn_a-$Y{I^7pJqZ?O!Vs89D$q_`BeC65y|6
z>IKpNJ!1lB!I^Y-_721J|5|XdiJ@0AoaetLrG-EJU#_w&E+7nvrxH-=_&?qR3jx3!
zNc!(|2!Ka0hHm};ok4MTgoKr7{C_tA2V(qx-3I)>WmA*nnmn2Rs2cX~Z_ybv{ixcD
TGEsr^<?cy|$wLc8^u7Kc!*nZn

literal 0
HcmV?d00001

diff --git a/devices/hololens/images/aad-kioskmode.PNG b/devices/hololens/images/aad-kioskmode.PNG
new file mode 100644
index 0000000000000000000000000000000000000000..c058f2524149cbf2a3fd7e263f7747383284b106
GIT binary patch
literal 34758
zcmc$`WmH_<)-{*_g}XZeLU0dWI1~v4C%6-WL*edjMQ{iX!2&^pyE_Dj;O-8=Ngtkj
z`@Q$;?^nwh%|K3#lCyQKx#paka3uv93{+Co7cX95yniR9^5O*?6u90%Mg)F?d>GAu
zKQA3sWF%gcjgs#H4-m}6<;7pTsEk2-FaiOOQK0X%9ACVk2z~x}8MAd}`r<{X&U-0w
zH8=gE43HDKOk?fiil-~zfNi?G@#lzC5?t>8`if^6vev3K9Wegf;@iSAIe`ogw;l-J
zI1wm>y^Wrp7XGN{`*A5AIpEdvw*iTfk&)Z^CW?NmSGY#G{@T^StlP!*hyjz9B!U7q
zf;e_iIVKLj_&-<d=>NB_sKrmwk-M&DpZLvpqT%CSKaNa3g)Y~hPGGf)8*ST(b<)7m
z18wLQTJ|?e@mU55n2Ac~KJhXwCBNP~$+%mV>@AL|yonGBkmwp&2@3jGd%|2Z>k+71
zEQguOtNM2FMpK}7!o68>z&ldiyki89qb7#*UrleyxE&A}KfQTPP6O>U2su54);BeE
z&CioOJw0s~2fXqMUvx(Qr5sM_xza)V3O&bYO^}KD{lp4qaM8g6Jp=kkUF%G2y~c6J
zww**LH5~oJo}0V-+U4G43bz^N%nzMV3^HEByURVzs!u4(ZN7H;ve-fFD3YrlN4`jH
zt7F`6-eEs|keD`I_GrT8cV22c$M!d=>J0@Qk27UU39a4<T?Fmc8_J}~5;vc6fmsg-
z+X^*#ZNPVSRoseUW&!#}U0;061^&GC8jgSB3JNVjqglH@Vy&#J>pPsUuJpXN^{#4Z
zX<6IY$jd+8pDsz^GDWprtk21F1iB_5g}m76dP?Ar*9s>wWx6bjz$RM-`QU%ih=zWQ
zgie9}mIO3>f~KbP0wL%t5eKyME2;aq(K$)I&J1fS7N?cD!B0Jh6)<%sidRT}hE9&`
zisUJm;+++C#B3<!m04)ujc!IVeoap#(MD%58Zrh?233UiyLX#&{s*(=CY$}SjXEEJ
z(LloCU$c@#VEg=hZ%=1R^Hkg$5tP%czo58phz>C?jlnYqQ8luwg7V?gt0C7i3#K9M
zpw8uOHd}_+diPmGJ1-0zbpOdnnR@3V(z2EM;2n|e=%Aaf+YH)e0fDvPC5*)ySLuXC
z=3Rj#7mL8}-dJ4=V3ZuTde8fU<-QtE7dH~lE~%mg$;F1^?WIN}AsH;Ure?oL-%nCZ
zQ`3a5wtBNwj@N5>{YN2gYg?-HHwg6`drJ$JPd0PHS8vCnB2LnD_}}Kysc2+`OvYrb
z)!-J)+AVjEu&a1=1$du5jWfF;-E|F&<JeLjyPaK%lofN;yD#8$B#Boku{XQB5NSBy
z&UMf-Z2OJo$;241w0a|B!kT~S>FPRdj>MVt!Hf=OekgY<U<bAF0*iDu1X*|ZQ}kSu
zQWn)qOLU~qe?Y&nURp1WaI@SB`&W-stx%)}GzR-hh8s&O|1{P@pWn$XY+C#s`Ld=Y
z*KG}#L5oX>$w>#s=bvtmk*AX=mik8TS8b1-ImZFAF8|W2#`as`zCA7P*y}n2<?o+3
zH`#8PzsIa#A~_PXOkJ^UyAH%i(4po@^^g|Ldtz(9Ws6SblP3!OJEW5`*@iFsR~wx!
zl0afWMVj;TkmQa1cG^)<N(ruZOjg*RkIdQcmcjk8E!=-RdrCi?u#|)w3#hE8WpU9O
zY_w`t*a-ZdwT)61%4$F5s*^cT64jy7^>N4O`kEv*4eR<<>n)7Wtd9<wnC;ul8yg-M
z@&ya>V98q%$oS*ZDRb#4|4enKuqAA|y13{nkWYi2EDK-Y;~fgtR7cKx3%eX@x>tx}
zx4sgAta@b}ukLRZLa`nX&{L7GTsync_)fdWv65tPC`p56u}0S}i}Cn<*7+6E`9n<l
z*t<G}UgeJBx3WpC8o#mXrh$sLKlQX<vhI@=kUrQy`U}_Y`(7L(`zWq5;IMNx7}|aS
z-;+m4-rlx$bRiA)>M9yJg>I+Ro#ePz`^>3a5WQXA0J*L7+%z)Ae(z9QoFXKMM)ns9
zcyV<$8g$;TYKchsmDbIuoZaZ%(V%(TZq6Nkz|s<Gj$5HTbh{I|w@Vm4cB76<v-I(t
zq(F@ghO4U3IZ4jo>FLe5ug(%9u>WPv;l;;`e2MROB{};l?R}I(g7`8G7Ot07$|%8I
zXR$Z=M>yW4<h1q0CagaxYe?*zR+$lMhnT5P%xlW7F`|l+;Qp41;1GQfLHjGz^@ZM@
z=kQ8d+Ranwj`uhsadxWV)!NQDgN$jZI}W2E3<mR9BxC27qZIZCV%3>yi0u9Tu>_mg
z+@dq!)k9)<Q#)v5^AwRGw(SkCK*|BE?ZpY3jaZtlz%QFEi~7{USi`Yd%|%vvrkcaZ
z*sc)c-3lY(nF2b&DBUnx#lH@;>A_=u|15bd(eBfx=B|BG_g`m$aMxnq$X!phbjoGw
zc<B7==3mR9U`~oF-=U~MR?lp++0os_1~Sql`QRuUEb8uSUI=e_z_zL_q(LXL9lPF#
ze)@r)Sc`!Qa#)$?^7X8zAvpe5;UmQDE*-Lzj=}l&?jXztw2;*s)j`LZCfuw@n62rb
zIp?!N)46+%FjVLQsZJbwIR?*=)k67M-@{Z}bP<gx`AWL=%>oYhn_>jpYq3w3HT1b?
zGwvF$_*R0*eFnv7<M$#ViQoN9?WUuycgE|)ot;vtNQBX_YPyC4EI1z3u_>)dq9z#8
za<yVac4r#68!xS6WQ(5y1+6HC<(S94?g^1F$=jP;m8rPgZ%(PzOErz2@CSOM$)r~i
z*3f81;dZ<cA3eu<5B(E=xdeW1dqNEo+L)^C*<Gp<XdKaorNxfC2oNT(@X)0gZpb|;
zlfMz^`6HmGRDJ~pLzDRz{~cNsvH7XUchwLc2{S`HH#ykp#9U-o5wk~d<I`{21jB6(
z=(C^7Z^yIc6?M<x^-swB1?eJl@23bft1UrE>;^CbtGe~oL|0^oCjVGH%e*TUR6`bG
zIKEZ<PJ0SH2iLCeX(ue7*s<%9qPtcLBG)dxum(R;24}?3^!)%egQLUYWsTWrp|gF|
z26Y4Vx%ajs2(6vJ-@_}Jg>ZpS9*e&G$io$rQT@g-jF$Y_1u{CwY^aQt8qNqsZu5JY
zA8Im`cnt+Fp^@w#afEL-RqrmeQa1kZEhVB|%VDpm(kC5mJPsv`^vE&)BS_rlC9M8K
zvusc%akAhC|0Bye|ILf8GQB2ar{v$ie;aQNCT=Unen{h$Z&U&SBU}cz<KaYnSKfde
zdLj3#=!}1nvr})Gz0!9;(`k1KB<$%VbK(Qf>D13bUW?Y97AaI=y{Fs^GiN@sciUG<
zuhYPTTe7!5VJe+-Ku#mNRCj)S+5FjX_?nOq{V@7iPcUz6H<jPkZvKT7-PGBe8Fq45
z#!i`$OIxd^*Dgwwp7N@CbaAlOj_|N5x^88GjA@hzX?4;^lHSs@H2aYuU9-^p)w4?P
zxt|-DPDjKK=xK%Ml4ET9n)etzy$cZP`qhU5t=)x6yhhg}*nA<y2b+*KZiN&5Xr6^X
zCQIr1#1)ss>0Vc;ga{kc`9~>pIq;1xCsD^s8tb*8T7r*yP}?!4(%&A~WII<9e|tjD
zX6PH;LRLp=mQp4vX$74R{Y=fqOinhZ>)W|7uR8K17b?7Z^sN^-Fj?uXf3ZV9zgq7M
zc)2^?!rbU`9Bsk;vGoI4U{^yAaoZNl!*F0hSBt^MuVtP&*Q~AG5J$NJ<DD%TegV5L
zm|reQ1Sn+my>7@K6S4gxQ%lcK;E?86iz6Q3lRB5rb6zHw5DQlc-yMZV5#p3L^;H;4
zajT`DzZm7)&i%abS<{AWNP5cwgH~`_qJ*x1(}^=ItUW`?AaXWEtCS<;q(b%g=T%sq
zYG1Bro$x7IQ^=p5G{fa$jcr@`M69$7;$Ic`+rO|VW^&ZVm*>1zrr*Z9iL@V{v5vcx
zd<TR7<a*V*q_{rX1hwm_!6lcRGj)44MBvs7%dY-D3_tgXC)+qM-1o<u`}K#&iQjM;
z3sj~Df2nyrb*Y6z>40W3ncPFzrvzRUME=3-(mB1d2byniq=!+7+CF_+2cXkjvwQVz
zeE9wK$$@K^mdN2N<W7S$eiYqP$I@M1;vqH>NyA;qVH*|YzaD`WnOORwt)W92W$V31
z_nN{L2&m3Fe%Jb~^-Z4<e*gT6mKNsOw2-1zNua)>&htGBj~9zM6wY~C{(KFs!u^c0
zgN=`~&BXP?67(gXok4f&l_Y1;!H31jW5cgvVBrclNu<)C!0%M-3U)E0@pT(N+|7qW
zK?>7a2ReD90Ylr0gmYz*BPx%Tk1g|6ol8*rWvNRtcg^Vs5q_a!_`8@TSaq`9>SA!d
zW<&hZ7y7cY^eE~;qP1T=_x0YMJRvhSAtQAke;i++mLMfSazeZ-o_3|3qfW4~x3tP%
zfQ5L`yah2j@8GYY*UJ>-DNAG+3oPvzY&#c-2S~}%9e2W&+hN*&8)zT$N~t2QdC53`
zx+4uQJE>3i@bXuba(^c*4JU9_15vH}msJ0LWs<6%(r|!pE9?Q^cDgesT*TTazZho4
zXS+6<`j|3X$n7yA3ZIm4wEvkw02=Jmz>VT-7f6EFXq<bz<<NfT@=>|=6En-4_xp@I
zIsTvSuN!MgqvQXyO=drU{<TKm!-e*hC~<f?IIaA_6@Qzaea+9CPjEh~?CSfLsr*8-
z_5d+mpq*uktj}ypY}vMO3f*(q>La@IeR&`Aa(_^0=gtHRi{Y<Pc@*8gujZzt-w5$o
zp+Bx9(MyriU29}!E`_0UJ!<d`OAA4*S4<{<Onv_Jt+54vDZ7y6zbKw;zn<d;v$u{Y
z;|x)9bS=*<H1Kmd=@lP0-k6?-9{mX~(r6WBgE|*xFeLx5dFy}h4Z+s56z<x?%HZ38
zD4O=rB`WFyh++IYsq90Ou)^)vw)vBCW6d8_XC@ir_50S^r{_^#{fkyHgd-Jvg&f%`
z7C*nb2uL87kEBLgi7U7HdA&a=)vAVW4H8`7Pl7B+EIgkc1Ryb#(Pm?rsfEY^r*zmv
z{%Fl@FONcs8&~t+TbHp}M1PgU>LuSlb0gB8CJi`Z^H5?xwjqujr6B6$%_X{E+nzoQ
zyK?;qI{u5P6EY>!;<Io%0iLyWq<2bbgdcrb;K6(|;{1VPo}zk;_>3AY;l*+KEQL2;
ziU$gqeM}}Ewqbu>!x%GzFzRBWp?27U!Kv?a3B@B-Cyvk~gmZO2dy7uuO0NH1eR)DW
zd}5T|!|QElS3A;)cUDGsLTpCm?dMG&TXvgBQpb-idpmwS-Um5nr^2${#<+)f#MMaC
z?b)n^<vpmrQ3OXNhJQdGsqR}kLS9~tLr)c&xyE1tS+unZ7NIVa3Xsgm)#?<LAFMN#
zQHkw(sgt0s-@~1(j!2P1J&Z;3PUNGFkeO>cw(_3r*g$)I9<U-`jm+(u)v5(@dL-+%
z!cnwE-#k-G@0)2KUh*mo1^)s^{CzK~>bu(B>=7)d`*VR+xvh(xvGPD9d-3POs<#j&
zo#t@l<<G%*jAE5<VpXp#l$w7-b)((H(}a^W{t~46DnxuL=FWxg=;0U{@@Goz{07C|
z>}<YEWFqjfs2{upL0f{uz0-0IEJcE_(Zty+3w&MQlKRj{*k;<DgbkCZ(n?o-d#6zk
zE-<Jntz9;e*`euA;X;|%W((1m<1@BwTjAJAvS)1TD`S(66>#QyE%%iaBzN5dqJ4F3
zE4q(=5N=wxlIq2>NH$COM{)p>%tW0f;uT%iM#K}@-(ds1JOxs@=I*Fw5+$Q`_xQ~?
z*PUN&s;WQ9_=!g>O=aR<zmNTX&a!wNQ~GVGtXwQjWo5nZQ*kVpyNX(d<IC+6EBv`&
zLEA<C$0~i1)IkO^10soV6W9ICfq47VRdM&=uvcD25BC0Oy+5W~IL$i+7adQ7lS9c4
zW5y&V2fgiS2C*u^?dQBa94_&VYcpAi?LVj@6~+;4TdAS4BD~RdftVNNMLIg`(eZes
zd7XCoN(~OCYCm#S@*NmH*02^(xCQO<M3rwa4x6vMU@pJwn(agKVUIB~&)81!*-X^u
z?VglHu+>9S%d#JR7zhX@8*f)x%|@^taH4~TUcuvzxnRjuf9+9rxgl(J<#WamSX%bW
zByh<4bjwuK3)UzO7$g|Vn`swzJGe(Jk*Slu-r{5Ru%|hz5{;@nA~osx(Vu4QVC3@A
zX{EG#>Y8UJ+9r}MvOM)0Cuv8SBB!Gv54xyfvFmlESaPK{Z8t^oXAG%4@g~{;xa--U
z68XwxYo>%8xaa5iAyHHzM_6!YUUDD&)A)WU2DRImm;b4|<D~hDM_24=79(-OQ^(R9
zK~J7g7e^;&-2a8TKSPM`crpAar)>`BpWHnFcWsJ;7+TH!E6<jeyvB>1i5f*H+F!uZ
zq$lwjM_d3^ccs>O-1&(1B1kcieNV3*nxo*wzL*JstK_`^5SnrGXDNU+2oz<3KE+hJ
zs0pbt>VU5HXT+BTnWoG9wRsK<H#6Va*EcrP??>r`*YyhVtwrAJyvda*l&*+0pFc5F
zkH(CJ;}b_&gp*u-NNk^$zG$E~a(d&HqQsw>3M0*D%GGaaEC5gc2)#>`&HghN2>obt
zfdpb3#&pzH>!|3e?EXn<Cp{TKTY1uQ76HentI0+1nAk48tk%|-!#VORTODJ#g*fcm
zRXtC!&UWsRpOE_0BmAQ}=$N74$~@R6wkwfmr|_f17^@;J$oBmq91#$F_jVCeoM*U-
z44F(+5nyn9?@$&qk^QT+77%~zkcZSsyGZJjcU7DPR!;H~|5<3t?%c(YUH!m{+N882
ze;i^#PXn@@y6fW@Q{Ne<Y}!VbS-ElrCZbQ&EBv9^{o-`Nu1)$9^^Bh4Vr!^yrSeYZ
zUrCCOsGg&_&6g0#)vj+;uc^{;h!ov=`o&RiW{lUbS2?GikqgN&CfapXH#PB%U01cp
z`Xxe>BJw5KLlIa~B%-*j+TFdq5PA&_jqpa4PNHEd0{)nTgI}JzugSeFNeocBFT6L#
zv(Kz|wYPf_FRg?rkd9b<+aLq&J^93Q4&c#LPl{$XR_T%n`O59q-|Fc8@cI<weuEjk
zt2vPk_83=zp=q?~xh+?;;C_@Q2%og;G_lOulKxM|Nl==>?ZIqVDWwil!5Z7=<|BKX
zJ?tsFHp<#cimDa&sM1CFlEdMN9S^D@ojOPf<6-V)V0C1SJGxHM?`frklO`%V-Et${
zHb_b%y@RGg{g@nhNB-diSvO?|jfF&+OgK3``q1aHA&Bva)OgzFBcceVItcTn!klnE
zt9I0U{?7?1DUuacQ}W1m_a&X65a&Ci!WLz=H8&?Gl)LD!eg~QRrFtm=5yIOWsWHVq
zuB|N;tlHB(hm(t4R@R4_@EIZGJwg{-s~6{Ry%@)V`FwLS2a!bAl<mvGC%@4`o4Vi^
z-S=~2M#gRhtf|`k&b;2~8tQQSK6xdu>JZl1E^#UH$nU^A1)~wcxTba_!`gd3%-p1*
z>2g@lL`#LfaURb$f}gUQ!0g&!+`nq#H|XlbiB`_P_W(P<T&O*Sduw?jE6*HQHXs0V
zi|_kkmE7J?LdJ=_;$=CF=i*y^b}VBz_~{C&rl>@{$Xv_EmzqC4n0d<#0-ect*A~&J
zg7`DLy2~(rxva8SFEzd#GP@F6@~Wv^FSC5~UNJlhgP4mPNCdT0uYz3ul!u1ECmAo@
zU1`>R5=kmsh8>K1ynQ%I%2m!u;>R{A4QH-(Wq}c**<f$pBFcFXh*hseR+>%<E?IGy
z%`l)-@{(z!i+;jktAASyV){uE$a64jbW~NmtDYkw7$aJ2J7`m3xvn;x)kJ<U`=cXh
z4W83|41O9FVPpPyV0Ws3zL$M5NS<uUW0Kwweq`oAAPL<z$_1^wmkBD%czQf27_~bG
zGWl%NxjjP0;i+bDsqKY$qO~l`uYqn8rS8by#|E|Z-mxO%`0hv)m03vw1ip^*dGBAP
zpG-=PNJ8t^7B@4CmK}v|LKyMb_(j`@emkcZ4Y_TsyAv;1feABxieXY~PGq!S)gbrw
zauwo<9dQGX%4On?AEt5Y`R1nbdH1JCB0wdxMjOBBQUtznhscYT)P6s04Wr(&G`<|&
zK}JRE2`}bRYF@CV_~lmLfJItE5hZ6Q;#G}JCN3_ny*!x6OthilhiqWblLJow>nSWj
z1Lch8X{};Y188|5RKAA#+t#}tBEXg%-trt127&6=?t=CBp?6?~Bh4V7%3x|pjc)jW
zM!25Mnx`r5=6QmzK9cFbH>t52@W{P5=Z=n*E;;>Jj%CeG*`AYTmkYCVY>Awf+c6qV
z*Gl2^CHP|y<4#NZa054E)AYlM^^L-{i}9noP!Qtn`tf+aCWjr{_HagELv?}4%yJsE
z`X;qY)4r}FBr%f1Y6h-!#e)PZYq{t4f<3_xv^uc%LzBzu&F8U<$i$?La|vDO*6y2{
z(GSBPZ!-(ew|kZlJl2<Q;rU(qIJr6r1I6Z61VT)?3ruR63I)j6I;K~eoxTuRvyr#Q
zF4+Ajr9uex?5p(ZRr`=tiO83k+1bq$SkWcUXyEo@SywoEsgP18YL9m<f|;4<pm{XC
z0li5P9LeP~a<$A`s#&zns_mblLA5cSF<D<~aQTEv_FJQGj&;Z0dO(G)o4e9_gAL5>
zkse5HZ!z{#*K<3#;uPB4>ij}zRAh1%b{~Ji?{JPw?(JLnz`B}pFkfwECD7z0kW?5l
zf`EWvxIa}~q}NnSnf6Hi53v~5jsh@dpxX^BPGkezv6(B$9(A;{i7)MLTltjme8!1A
zlISSNq5E%be!rdR*Kr~aClmE)hV|awkz(aYNk1dK5ajgd3K1Kpz777#&E6PAaN5f6
z&B)grtqoFhPA8F35$8y+B36BO|C%36hW!prV>D3m4anJTo|~tq731wMq4(0y9Ou8A
z5{_N}c(O_lcO8ry@`_5M*(V2~W0~@gEdH`PBF$T)LwOuHQ4KS<J4E^~uimiW*U!*E
zmE(A%R)L`M6kzU8W*$hWv$7i3B1*{*T3;4=Z=l_Hf**x+B1sePs8l-CqtSRm4o6lP
zv?L?(?Vjn3)b8iN%W%Z7c9H>78fd^5vD21!aj(5U(6}z&ZTN-=i~Sym`C`87{cyrT
z_CD@uX74XXjre(Z^D<StK7s=MbE`Y)I}wu!#H|_MzEz9+#!v6kvgC3qo!jdA#X5ks
zmBfc?1@;BdfHJL5yUcZ*msWb@W@Fr_^~jAVSOJmAfRn~DZe8fi6>QLelzqFcVcs<I
z@~BoW?$Y^NEmO_!eZOlFabz@%@hd9{K<z;`V1#T&vsZoSmxW*>tXT!}aXon3iR@XT
zGl$s$qp-%@UA2&q7zO+KETNsj8St#Ht>u7VSJo2m(t(-sGOeKDM1Uott=M$80k4pF
z5c79*bd20x1JZLi@Pcj}$yH)!6S|G9ExKn73_GU6c8gv3l!#n&_DxWCIM82>5Yx-(
z#K@+md!!W>wr81)0<sK9P368aiEw6%{C)JmNS-DdA(Q7vC!%#d0FQvCAc02zC32zg
zVk!XoT`N~E8u@=cIWWMu{$35IJ_Q(33GzyO{$+~B`ug2Lpqt`hR8p%S{+S?bnSZ7l
zmvE-|WVr>;zdGQ#&9S?1eg3uox=$!_I^#bA;d<Ef%9H@4JTuuDY=68U{_{#WKDSfD
z&Cv`pfI{A8e8Z+&?}tetxO%iux6PP^$=uxFxI^Q9zS*C^h^JEUAv{CK_3MrgDK9Ut
zhv#&OMqh<dmr|Loz+$8G5cqn`WcvF@VnL@OpPEQOtpt>kf=?KL3K>RA#SFFi{j=lm
z<I3N?wj^>P7xa(c)%*cf%zZF)P2~P^FVOvBJGHPoC}x?6MH71@jc@iu@%-|#8>pZ-
zpKFGRHAVjgt6$kKlUTHH?H@!$L_F@YMu6(}SDBvB<EM)M?RE)~IJA&gCcRN}EuMAm
zOwflLdx{ZbkVL(=?ZtA7ry!?s-y@Dsf!Nj2f(HB8;0SJn+V%00$vb1G`sK&_YiEx?
zhgwoo5%-_--|uZW9mm9qA7?FmzGU_MbEw(qR9trG_J9u=Dw^Hsi=nL@+F11}Qykx@
zBu?Zgw5Rkv`2y8CzTTTGbi3SDmP&Q_JB)N~(?F%ZkBNy{?|EHTwp*Z>1yjfnd|o^&
zFL3x({|Or1u`vYowKfaJKv2?b^JzJj<@xlwv7IEYmq9y6B3LO$0+cT5t3SqU&<Y01
ztpI#Rm2CTsUboX#|4iF<)R>E0*GcV8nG1lZiXj(p$bJ_~(;rWd#cMs69TOR+4%9=e
zepma`lC{?JO5fEO7hAn`&@}U96HiC@R$fVlplj2R2$$;AvDq#+7uSuni9TM&kGhV0
z<x#G&{P@;-PAPI8kaRBZLJZG9{ZY6I043{tJf0V-|EF%nM>3j}=V!fMqtp9jj3FAw
z?O|eJ4=1Sx`xQFbgkKl+S=u$0du8UpVz@cS@#m&{4iggOxA^{PoF*YYNAG$f2sq7u
zy%K)x4#(40A(l6O`(3lrI0fupl_}E;qlm0B9oip^x<8t)rvE&aX_HBo7*DTAV>X(;
zt;m^^?R+pJ9~t)&6nCK8;_=b9;I)G<n0Ml*g(`)>W^04bT4%8R@uGn6382TCPZh<&
z0+dgQGZv~$BQyJm$Y;y+$bfY_DSFdpv%t&h40MmaU-M0Gr4rL*fqV(AYtT|_LRT~y
z-~QNZ-=_zDhs`k9x$@#nsa9TL^#{hU!;z*5fH268_n&E0jBdw~eOIR2a0!q8A*5Ze
z$wgkKm&NE?L{(=$`SpmcgbPt`FR(mf*$qT43R9FaCkhp*sNW+likgNI(9voQC9!gk
z`NO_AA1`X55yhmr8(l^c!}YyeZS}stY)pcyF(0R4wITPs_Jr%J^oB=7|FtE{P+P2$
zFHx@F;`B47(@JX1<#5iQ%XDye3;m7!*ViUMAhZJ_!@mQ;J1=DNSt@?$EA2Yl=&n#K
ztFxST<#yti)j>mq3`%0ICb(8`t{c4=-`>YVWCo1`Z}ag<Hb&7IL=t!@WikYvo%qUM
z(naaTgB2(}t>Mh9tV){R-CrFLQ5y!S^dnO?DUqa_NR48HxBc(8x{!k4_$;Rw^tAAj
z(E89uvqTN(Md~ZPZXJYMVS26dU*C=ok+5i1yr2+r!3Tm;+spsNjWcR!kaEdHzMR!w
zc9hcU@nS<>evgBvmtf*jl5XaGL3<@LFYnyPfitrZeCbe!E_<7CgZmD1!X_q0pM+9i
zS)}f~KqF$Ca{t7)6^a0JH_>2e(r2ZG;?XNi=@sGgkFx7GyGhNm^sQGiyN;#{+;M|o
zdNm>K_U<sCJWu-sL{tXtpGCLvC=e8Z0)=M<Vn_yIG@<m&$ltSBeR@B`KTTm9Kn!1E
z2>3;aIZOxfFX-`@)l1uBM4yV9gaypA&O4AbliBo!<-}sNOuj{!4A&d9dPeI-Pz7M&
zdfgw@DL0BUigTNdPU)o{TK>dm93(X`>9qYwNtWktHT(UfjRaE5LJN&T)J7$z8xF(d
zx-&aWRu&j!2>!CvuA4P3I!I(B#ipDqb(i@1o9oFkv51#jP`k1@V^XiCxWv3kLv?3<
z5$XN<O^egs#9pZAb4L7E7jRTpn@`|rLto~7v=k)O<RUIAWSSG3v_c1x=#B}f%xbob
zlTu{W12CD)D&|*J(RkG$7M{^Hd*#OC@F{SwrZo6IU1Vw7qT5HnGBPqKXMxbn^-Upz
zG#rl}=BAS1P6+^`W!@cb%U;{}oe^=0byY%BesSIOQnyNQF^{tbzSCH8*xUIZOVsbE
z5hW}(R4cqxlKR@uEEALs3=D*`*zvZ#BJ?8(Suf#9qE2yIcT;Y;5MZa%)Lsr(J6XOn
z2g<Lbt6JU8atS5!qHb^vV9D_S*#38X>Bi^3=N8M$^0QOBJO1mJ757pLQZ(^!VKBvr
z><bc6Uu}iV(G6Zt0CU$3dfvH^L%pJMg%>=b@bMpe7Tymm<fWJ>0Yf2;aNLzH=!}Yl
zMLDHc>UHX;R~_|V?_z-~B+XrN^glb88ozzf)%bG3My<p&lNH%OfCfqxf@OJ1*L>Kz
z^%qk214zBP*w3-g>xLRp9NSp>*|S4!^q+8u<Bx|R{!a6M%k2LXSa6;#JwZXz&nxg5
z`q)eTKmCZ{HVYOwdf+3@BL0O5I#=Ej`r`rH&+Y%uX8phES*#*KJ+O~nsTO?T_rCk-
zK1daKzljC*WdZCz-M?$BMzWr?hrjZm0qa>N9G8y6ZW(-`hL^@?*IN##v^qLE7x>Sx
z2dD;kT>!RBIS-NpBv+`tJ?Gft#$tmb67XanfO$q#MW`SqZ!IQXqm%P1{k2;?K8DFA
zGErMheCz+p!~ExH!7TG)XLW7OU(k8qa5#k%#i1IPl=S;w^<oteARhnvOGYm0Ltd;}
z*sCb|7zChzj**cOFp}G!Ly`z0cG&Cpaj)!_o9lfZ8#70%G61)b%C~p^S-wvsKs*Zu
zFjMBW%&GvRL2L7E{HfWi|6n;rxISk@bYj0K67F2U9kyNUi_ZH=Is$+E{)w1Lqbw?4
zF8QnIqjSCYJ?~dOJ4_)Vp;G-8(%Xw2zA;WtuN&xV*#w4&Qve(hwLP4prKhJ4tBPRq
z-rz3)5j3UHOXS(K6qDG;>$IzMp|<;MFi^h}q)y|tkpRF6^k9bd@pkN0E7|C7sdkO*
z%2WjlCY6YFChB6FFO}(FLPw5d=%tyg&`?CD%s_sMe3ppbSQ^-!OE#J92boco?ULYQ
zGCJv7WLE8;e&yxm?h(#zm|x#o1ONc^YawzL+5c>USVbIuGc&UU00??sA4}&!qI0D{
z{3mA{ecOs}=1sOb!vX^X;R_TpzUOZNXu?C#ND77_v;~{|fg%s&`AX|~t_%9zu*Ayc
zfq447x3*vr2p@k|H~|W1=$t>b5HS1f-2(Vluq`O@2uO`rXX(P8>SJbGH`E~*WFbIs
z+yC2u1<A-1@%}D)F$ZM5P~XP`gT|cg+5tc;q@{Ts)hq1#q|3KodI(HoF)d`6EQa;2
z^)_{q-JrFUR>yh{NIK@3R)g?EUHojF4h7~O9v=H+i$vFZySqiA@j$2cxVEmuIX6W{
zGlU9<s0CT9DEWe&yTfpH0kq`~d#^xZe|~;Gk>x&IV>#U!LBM>uGq+lmKr!Ul|2Nf)
z)^f;XjZ--YSSeR;GZlID!GuXjdFfzYebr&nF{+{D)34RmN^|X1=}}v{dU_*{+2vNe
zAy|~)UpxM{tFCmsn#*9HBm&wWO|B=rV=rgQ4a)O}SNmgW1-ah4Z@2)^js&M=qk&zs
zB70fEsa`&FhlpK2r7&f+5!^bLTL&(%p07$3MftzX7z8x;vA;Jlnozpia6DJK5pAI8
zo2L86a(xOiUh7{NN|nYvr;pbw2Nn>M(X07vdtp@4rUp%to{;?Z%9o$iXk3pMwK2Iq
z^=E^|v0p<%eeRF=02WT2FB`z8lgg5knsZy4<@&-cE0)vWbJU7eaP$nU`x}H^<hdj|
z8St*<*CH{8a)A7ZqZb7J<8^y(w9y-V$4zUp)aX1}45T{26&BYdil&DCo3jn)jSt~D
zZWSdqok1vq2C3X;kS3QSn$0-lelYi0y_UW%>|6qXG3B(0!|X8`;W*UW)nfi|ILZ_e
zbTK7z$!vGr!LjF10Q&3kCOFv!j?-GLOS?TJ!S#8om1>SZ3?Ssy0C&GPgoh{_Ya9T9
zU|977&H~u|d>8RcU;D;)rJMi}jin~nS>ry$fLYp@_?>th`Xqsi5w7)10mtp#BOdc#
zVmtn`BGN8^gYPcIYN{xwiJkFVh}gNVy<TRW!`9%QR|WGT=>w*{Cs43(D*BJ|T^Q>M
zfoFf{)Xl&R+PXppSc<i(3zAxQhtmaAW!~n=y)GxQbp!@;n=$rOut4d&>6Mqye=?DX
z^eV$!2z*zODu7L|{sv(PlPTxL8NVHISR|!|OVTS^sI!v+=9RYh5!;2+K3&OLi2?AT
zlwFL3q?~uk##Q9L%MxiJB&MRGYFVL{4B2)6=KJ@_1B?@s7){yt-JT3_k&Vm(k~UY*
z9q{QL%C(HeT%&WzlQl{nyY&r;Gnb(T@m35FOW^^K*j-~at5gp)q7ct{4K-lFk~lm3
zl@n+?B~ZX>zuui9>f4&xS41qmx!MtU$35hSBMj^@gim9cdVCXLTU6F27L2(HRS!3|
zl(CLLqytBJBiU50d_tX0`{-eMGIGii9BE^B;_(SA9KBTr<z5#IKr#IhUvp4uF<H>q
z?B;#itTMq+Wt~oZ#Ip(OlkZrpwMm14&k)<IJYzdQA-|PQ99NU@-{2X#(%RM?3p-Xm
zWHbmtR_1qyMeS0UrY&vapJL&pwcFnx{wXXvySaT_6QFyr*0TL3pT>LlCfNOx$?!#w
zRq|39*lc`_6WC_2W~}08;mes_PEfO`{wECLsMAo<LajF$bRo%D`9aagiOd?8J1cnn
z5ZbwRdy%@1GCoNN`kZ$PogCpsVUd!4Jr?ipsKyGk!8j4`yIosZh|t`}p$#rWN&(DB
zcVj-XJmK+yMCN3eUuEoP5!Sv$Wo)4EBEv!9&W74Ykx7sG={X#dn!pbhq2vcaD+K9+
z^!x>YTIfsYE?hE;R#n(Ln!+>9`65+FirvsL7bQ`?A6(zL;Vqe7au9(Kty|P*PEM}g
ze)J|05>w;l`RQR~ELxReynKK6XL-q;c_y6Qf1$=I8TRJ9S=ouP!1@b+hMqq@hrZp1
zW(dPB3z|=X9~o3M>JRCbtsx^c>Vp>K9$9*zpSE1i1f6QW&9`kih9@;zepT}cASq^M
zF)zBjPZ7hmhLM;`QOMiunn_Z4ZNB=v3tFMw2noK;RyzM}*qyu+iPZ@eZB{@|-V*sl
zzL*vGKP3_}b8HL_zl$pnY3dr~;+Ep^bD#09Ae<P3hP6_ZY{WPjL;)adjNl<g6;S~=
z>X5yOd~V-}2x{men{;rM8Om04EH2Ez7~XDvNs80tGKOFu$iP3vq(d>N`!p(FZdPiE
z%ny`7L|84~CBLM#OL#>)C|QpM>74tbYKyMC>VQv|q%oEW_*-$)+DT4{8O#qeKb!XV
zQ#T1=xas1fp^{(s_2ZDC!zU5Yb%Yfuzi7Y&?x+YkWx&_919qtgiEWlL7_!c=+BOR!
z(p#->*;N#C@VRuPAWJY`CWc1QHT@1BryD9F&H8P+nY6S79*g=?DK}BI5R0S6)_0Jg
ztZm|zo!`z$YDvOF2j&~59ZJvbxv&uvD0ronxw9)p#P74sGeCw0&-=4^lsMRAmaUB{
z>6CQmOW-cFl(NZ*#OO@|G=g;~gpUa93+{{hMmj4D3h2XrEH+=e_%Ga23D*}Aira^n
z5iOdhVBI`lQ8{jwH~7v^`F*9zT0Nb~B0*L+Hw`o>nl4NIXAlM-+3Xw#0_@&6&(wO>
z596(LXe`=xV&FOk!|SMBC3E7Oyw}<y935P%szIgb(a7nXWl<avxH<^ofjjdprt=uX
z5owde!Nww5;drtydXgm|9UK*JprsFt)KMYIlmfhCRm{<*w&1k^bMhua)}~ucM11fD
zisp8>p5@`^*N0r+7&sm9^rnbGCPV^x5;I|J&?t@q007cZv0y<WeeBRlj2e_Z>J40C
zaU)R6<L7!`Rr#+r@6N)lo#THT6v<&Bf$KX9Oq!6Xr+}2+EEyueaE#$$7*QqdXI>8J
z+klX8Wd^?tK7A7qtNmoBtJ++~*jm|w8#0TX7oRjP+{y4vW0<h&xRjqmI<OtrF8+(o
z<Am!I@`a&rWg5RV{23I>x?v#=<2HHiw_wuMIm<-6;fO9^)CFOnIE*uu90XT(n#`J6
zZ@44(v5=JG80B^Q?}U6iqlV+njOvH3;M4F<1SOIp<zB44aA`QJ7l4eUC^Ebv_v}08
zK)k7r<=LI9%!3g_*y&v~RG`EJRY9HoCT7?9FZ14z>s&9nu1Lq?w4Ou`RqEdSGyzD0
zsBn{3#@8&&>aYZL*dsSWTpWN?Jir=<9(m{_dQ}O05Txkq+RC&PELUhn>o|{`az3%r
zi@E5V9L{jWaS-f&-Oy`;8bh`&zrV_QezzMjFHx5dpeAvmDPrO`Zc@xB@nUQS;^^)g
zx4^aw=Z}8mQ)5-z4V&@-I9tYA_8%zfhSE?V7SU(sUV;ht9D}ia-JF4l>0{=fbb+c;
zFk6jmCv7ROxj1K$D<+DC6l<G9yVsmzD0B8@{!&;$C0XKD=Sd1(^Jij#DESFD5qIuS
z==Rtm?EfJvfN)H%Gzt;9b6CX8V<tE2I;uL8jeipj!>`l{)l(L7Ipkos@fc?e4vc2W
zd0pwh;pZ_Jz4hW@S4k?WV=pNB&ogIm-M9NSAHO2Uq-%ue8`pjhV%9i4C36n4k{|;r
z{+kUHWeI<ipMe1u?e<323?|I<yk+TQ5x@Q1*EprA#1v4%mRtIZsA+ku>q+$TR*6p^
zq^QCaVz+ANd)`;(S!+UGX!QbVY`UD=DD@0XrX<Dyg<NwpYl;M0^b@X`m5n(VrD~N?
zk>QIBnG<m4rYs`nPheBI=s1XplGR~}7ss>;L*P@{GugMJO(o{UR6JP9IWt}L@pO~o
zY~Nw$6&)(PB~^xaHlXJPdr8bX4AauugUb;Qzi#pvH&edh)l_J<CH_$zv;&)Eyza79
z;;lmTI>Id1(=U9WB*Bu0>fl>JBD6wSxJ~q(+`yILFY{qLVmFTe6wUt-hDLO_8vgea
zIlD@8QM(3Sogs<2-L|DSW!Zmip~Dok)xCin5}jh>o5W%e%wSRARKx#CthP0^D`WEe
zL@U1GlI`RCeE5A`H3bDk8$-@#D)96n45g`^l{QVHv)$fx+;{oIO><a#>OUF^HSA#t
z1ncWD*IcNzxtim_R3NedR0hZY+H<Z%&qcZDe+rcU@2d3w`{i&_d%GA8f8zhb4j5%H
z{V%2df7<@fnVv5d|LH6+$N{fjv;1dG|DzzFL_TN5jY)*j6P{7>g_tx<pRgLuz@^ih
z8H>ZER*Z$(qt42bS~n{5Orl`y=DMbkF3&m>;KamSs|l9EvIpQ3kNgo5+HthUL%z@i
zpH^qx*J`3+baHH0xdKhhNSmv@;3%8pml;uP*U<&LVapsX4&$+)glzoSm}^s{2$d^x
z{~GS+>I&U&rv^i#JiMqgG3(twasSb)4%A6-5yH=8FE24!g2ijttWp|hT4NI;$fP~a
zHSQqTg0H9IC6*4M`@59Z3(Y7%vDzJSm1e(sV^bfxH~%cs{fALGvw*v{W<@o-LByDC
zRzf9A<Ve1s6U^as_$C*gz^Fp=ad7ip92n0MOE0*@jy2h(vl0}jOsgULT0R4_ST$c9
zvBtWJ)Vp#cr_P;(T~~((^$PV(pW?s-jr{(%o3p;34C+myf52{b%dQ;yw&o#H;keW$
zw`=?dIrLxMT0lKdX~Y&G={$-R-S7+hX1#4w9s)vk8d)^%EhWqjkM}y43y*3xORvbs
zFcoANYrJyFGb*}zXTf?n+mS+%`}^RBYE3!osz{H@V7KMIZZFFgDXnqqeGK7|>%&)@
zvZ=_TTMSVuZBG&F(sFqgb-`}LCA+A;pnr=;&pQQhs4WhS$gZ|Z4q=RgMoF3=8ogM>
z=h@Ts(fqEDZ)}&E!zj2L^V}LwluEBH`F9PIMazaQL#I~0$#hX)Kvy4F0T~F*l`X3S
z7N30jOF+zS<V@2S|K_?)sd>oh5bRBHeWKenkm2}?!xQ%#s~`dq#k^a{_rssF=Lx$D
zm*#>O2sBgsBW!9nXGq^DygR@hxQd4siJ+CIgTHIOcsmkVfo$7*?F;aFUxdySiJPyb
zzqJQ9chtu6#L_wwepARo5?0p>&T=R0e1v*hn8dd~s-X%e>qgS}uxS*~T>s7QRurht
z9XJ&7_`cGE)1S#A6hh&Ku7QPB-_X#pG>PPo>wiD=-&+D#3SdZCWHK(_D_Kk#HP^A6
zKoxb<Rf$9knL<hU5;|Hm{h3Jq`d3L_ckx)Bn7%f0Nzny^TG>T0YoE3)KI_IrOJ`>J
zils%@Disor@%`-eo%k#TB!pABkgu9POH=Z<o^W+drf(kjd_B>v<1hyzT_eMmd)`2w
z#;|f#bJERuOex;f^@m=L?5xM)FsQ+~ni#>q9*85DX8tHWpdJrhsp#k6J3P*W9~i2Y
zY%xw%@+}B%ryGeZCR&y``a|$k^<Vor8UefBaISRUfA~GK(Q<yjc~Zx{m7J2m9{X<9
z8K*TLAEfthQs3{sB#Pv5w@ONo>Jw7UY%_;qMf)|4;FcoH0P!%?_Z>rKxt0G(_1}=A
zWZP_mdA0s|3zW=C=JTZ!6kW)J8gRS{tQq+GeO%7|siXE>x-qgY2jvNA*zlgL(Xk}^
z+^B`0n&@mVgv{{?FkNP8Aia-J?@1RhQR0#zV5v7}3gjr1G*1;F@F@Kqpdc`rb6jc;
z=lUMuSWf)Eh|br3?V#0}fIsgtDye5gDu}5*zgg{}b{bAZmoLofEq3RL74+mI_chsP
zy7FqkJMxhYcwOw%d%cp>SFb1g`%q&ed2=OqHfQej2|?1sAGD{XPoQSFz?ydN<YImo
zA^39FYpG=_2gA+fWMt1aDgs}b)h8VfOmYb?sD+ESS5_;SP!s_SbCsd2Zr|HL^NNYq
z<D!-<rmpWBbKS{SYwR|!+{bi+DxvAJzGhP*qCZ&{yPk0W1>I+KE7nrf(2)ENrnTQ2
z@cB8CG$XMJp>^H2J00<jr*;00|1OS~YG1w{Vcfrs4UkN8a&kOc#yWNulL6}3i}so6
zd-uX0tviD*BbMzw4@)EAMX};6*^siZw~Nz?QRKme6}9sqWbScLW(@7zGd!&jX0+6;
z-k;9E?NR27-mDix&e$rMCtrTarHou3LJ3l#S*egb)xb!4zZzj&0&mvZzP=4Q?JAeF
zKiei$lRc-MfK}2!+eXx_ibBS2xgZIOFbP)mwW(1NhMUPT;^rODT-U*07c5fmG-8nU
zkHCyNqUIx)JkzId@6>GA4r@xjA{^g?d7!^($@}h;B)?bDLc6YTwjYylw~~J|_%8*j
zD<jyxc6hBAy3Jj;wtKe0?{J7;CgMeuFQ<KDbyf*CTWKQmAxmWGfpP8h^i&L>VJaN9
zWH0d7V%n+3TwGmat|1cGLG}L(O&F2CRSV-jG5<BQqcV>L?%Na(wn5blKXzL-tKbBS
zL8BRAIysF{TDvN$U!N0gx{0~h-HcIX|0*In8Q4TZ!QB<<1E=0cx7$cmG-pk3;Xx`7
zVX!o+z{-%FgRf}_qswnaH^-UOM&j_NJzS;Fx<zT0QX&gTlsOP=2{ZTnq>1&(Q~Zqg
z<Z=|cCi;_DFhY)bP!=O?ew>v{{f(qjJ+qisdzUE4szQHD^kk50P}!LTzxH4s2$$T%
z1gkG$)uW0u)+#YP+@$RP(n?y}j2^slu{4e_x)|)C+^E!s4@efjYi%L{w&<%U9XVk0
z_@QHRd%m^J*hyssDAz^Gd5F!;#N0#(YhzOXC{%lJ$!9`u_0L{pw!S>Qx(c@QQ=!PB
z*ZiG_jhoLNnPa8U^=IA@?E5)z^59Lj`ly|9^A2irE>5sW&*htjv+~VpPSYWGu-g+H
zCT5Jiv9ioV90R;ZX=`2+E>*c@(D2G58c&~H*EEu%(ccG@W8Jx+GHGra6Mt&{lkR+p
zGnTLI%Du;<=3#1#z7i9EZxQ!;pK$zDgMOPVWjnlkI`O4Z&P^wFUIhhoEmc(g_B}Nz
z2+{OCA<zfA2lb5^tgVfT_or_9Dp~%qscCxWFSPls7SD%DvSd@H>I8SKkXI->9kX@J
z7^nV|C6$Z;Kq>pNNw&Q}kct1eRxT-loZiwRTx+)i1IT_8K;XR-tk~QhNt^p=fd{DJ
zet}3>`xeW~%ls~f#LowW0dW@+7Ruv)adtL-pt*ew@UCt*r#T{Q1++4-T`vyN(mC{c
z%0j#OD$rP#=<K9srGASCK@6qv#O*p43z-}oJiI+%Fvw6WJJ{d1%rseldc4<ca`_=r
z3kVWYrDKB$2ONNEDx1t>G=J)rN+dfA&}COn4(FTi`GthiM8(H|mHkyjA2JL0FS7TE
zky@UB)*1n_YVyVkK*-Yqy0f5z`}MJ&@FQSg(yaa*J=)dcd2LLd_6iy0AI<_mXUFr}
z_(SKyxH~^05Ti-+j2;`!f14ouskZg?q^xctkU7s%p^=;+?~fIRkMqhR-SQl5556v#
zeqYoj9%ZS6S&T<7J=5F}OW()-E{%y~V$(d7XUE{6pJ+88&_p}$)9>yZP7}<{p;#24
z$dZ{+(W|&`jfb_Ky$m!fAze+2>Zw?ss!c)u+0j2(oDlYiHGwH?mT4Z2R69KsMs=>(
zqZ-*Lu(`(jll8ns`@{_WBixQHAJzQR8T`465Wx@63lYQ}#c1FBy=YI$<$8f8uGXQC
z1fIiNwtQ`D6OS80P6FnZ$SqliQq}my%4TtAl=c4oiR->!o@PnS=ju60r+x%t!qczG
zej<DQ&=Y3oUtL`-S)%^qmu80V(+}+$rn^5!C7|fjX~C_bWSJI^t6!yB+z)>i>^uZb
zivbO$u_<Al^HV=|2EC%<7#1qIG%KK-Kpoa8LQu*?p{ruvA7o-ErGrrkF7Fm=D=`MO
z0JdlR+k3o>{n>IXA|fKzpeXG`fRJ{@QOpEu#k5s_0uB+IFE=-c@KPcT`7b2~oohTB
z(gDI7aKel)m}*t2Z2f)q9k{REB`_XWs}?Fe8_|{(07J&FJQ*zEj8CKKB>(6|c(VF{
zKcZ#|a95x(suoDK`8-}W4x?QUJ#fXa%mQTh9#;Xeh|dEtz#vKoB4RjcMNtT;=Q;+Q
zrv6KB{Mzm=(m7Kj$6-2w@F9ic<whT@V^i7+x|N}2|6s7Tp2?FUY>Ha&AvLlFseH}G
zn!N}E+P(E?#bI~%>BCnp3`Y&?F4HF0iU(@Mpy2iC{0vR7C+Qo7%n%S6X4mLEmn;sV
z;sUK^g$Ej?Oo>U0jf>G*fV-wW-MNBr+$*qf6=`JMN`P5{RTma-p^NeIrfL1<1eu7U
zqTx(#KK}#F`VYI$0cY#|+ALoi<d67}M_vCIjo&S~8I5Ys-4AIt9e&A_2@uX&+x?w5
z=R5SNlG?7^uxn5trF1aHl;3vPd|0c2BqmxT9@$r5U3Imd0<|++JkaS|1c&A2L3!Ig
zGEVWw5<<WQ@l87L{&TP-199(P!0iMW;{yo^WP1T$Kr9z(x@kfLoXjn)bR^;Qxdd^g
zu|9(*pttorv#L&z_WIEjP7@~|2515+<jELd@5yj*gec)JZZG##A4er+DSG<-0tQf<
zfRi=56Zw(u-x+ZsdwE_wmQ(#;g2st_Fq>wDm~TNlXMlOTflH1TU_c3%i+ddogW@Jp
zf$VoiGw!&1V&bgBF46@YFDpr)1|e>!0sk(|MC6}sY_CN?FajBXp|^i}aKFG;t=k+<
z<>oYOe?j4$x2a@p92lojs>w+qf43w0w>ZxoumQHwLz~0<0b^=!3{|;kJYZ|01r#Z5
zCXx|A4kQOWC*`ysgC^%j%%cHfav#jqm<)Dz&~0{8mg#2ra41q6q*po*m}EFJ9?pl@
zwYynJ1RTD>Uc~`qub0v)@zGGGa1)_wr$g>*(w!h0GXcb7;D0XM@dH9RIh`>h;4}Lt
zE&t;)!_9*0W570zG+9KiKLUn02hb<A5BYf`2_oqdupq^AJ+6S?YAHjOvk8zrKl<mb
z+6!#Yw`21|`rN?ec98cb#+Ok`kqPgf^4&NUqk1bHjJ9O`H;60eR{z{xpOl-%ELH3B
z0d^p5SPJpHi4SXzwQ~BLFj)qmg{}iEKcEb179_ApbZq#bGe8$ZsiDA5jtIk7nPPy3
zltPI3GgTp&^V0Xv3Y5L$*^(b%^Aq|{6`Vx_1*|~azFZx)-75LA(j;}#_BlW8wNQyb
zLB^j^=t9PsX-Rv`KLUE?PpB3izl-l1xg-|jQ<0e91u9-^&4fy;VGSS+UAa6fdQI=5
zkG19Imdxc>QxpfO>cll|quP~mN%S@~dF9;cqQ2OFpfVkAFRB;7jKLDplz3^14@+QF
zeIu(+e7iBnO9>obH0%ffJd4UQxO%Hm-c`EWqZuW6p{1K3@po?jrP-*jGH^xVpUDkG
zbh>#s08v|eoxz~A0&tiWNO#?wbHR1nin-*eOcAo{m(oh&(~EEp*lXeAJR!2@hr#uU
z|6R0o(!^1DVECLMaLf!yD>xg!<_HG7E4U6O3u6?5mYRD55z@!#)lv<P(~K{u{Y|#|
z%T%}HZ*$Ebfi*b3l+Gdv*&*e%E=o43W222>nFMmzL7CA;2S~(!h-+iAlw49K$5exv
z);fWWlF#TZ8xT4h$pxYp44>**@<P(hoN`pA1c4lFf4KN&XJKy6d~G9;jGSHOy{Q(E
z-1Qq(Kx^F8{}I3eGo#0)`Lmf35GKR`gVz61+*?M)(XH#+3GN<TLV(~N+!9D|cZbkH
zf;5fO1PLBIB)A3(?!jFfmmrP1yStp?-FvUK*T3(KamM)g#ek}AimsaS%<I0UTDENT
zHyytL06FSMY<NayzEa4+mSI(P`+b*3Us~{i9cWR7)jF@r5b2D=mm)~HUztI?ofAwV
zxj_Q!z=-P4ABV?)AKeaSb0mRXd0bG>@NtK5GQvm3B0~|kgCbb37g`@xgVOca=cfZ;
z6T13tRDmh4{>Gyzvh5Xdz3KtN({~@UJ~^1IjbupGQzqcbv(eea9cADhghAIjutmk?
zDNJ<Q8Lc9MiI~d5oAsnw$nZZ+tG;BmpOZN4$~6-5R>cb#{`ZnZ4-5m~H~o%a|1OCA
zKSoA?n+lnTfPhWzM>cNu($Y(<IwTh8seerk$%0UG#1)kW;Feh)`-fQR#H+=d5QNs&
zwT{he0W@Mcy|=`i(PBr}HB}1b;?nd_nIoOpaNy6yllZ5;l#Qu{Cyt<zE&TqG;JFX;
zTY#l{hqr?JuM!=wo^`j<Px?<e=H0&l7XW|cM%Y|mN0%_6kptf42N7<s!9@Nm2vC^9
zEA7M+)X@>69y)LO3H*v)E;N_^zbakw186A(f?CtHb%H=E3tWx6{C}VFt@Y_Z^>#*l
z!6!0R=l#;tnas;S(Vk%7PS#hDr{iOe<dB|_+?5yjf=|cGU;XzB1GLQ3@eG~>|AJ+n
zjwcWgY3-_PMHZQF|M5J68@l?!JvsMtJL2)loG_L#l%#D#&gX?8r}Br@AVh~7qq{WE
z<z0Z?`Cq4AONjY_uL)_@y0xd=XZuC9fU?ePp~p-6V5uVkl^fB<)+A}fGWZbuPUyAo
zp&jI6K&kPzk&N)+_rI^G)}2_;WVVTvSCoc@h%;(uf3sr<ChCt+Q$lm%DiQkZlzw77
z9|7ZoRUUI-Vy^dh$Z17^Y6siUPlvzlb?jopC-e&)32d=tTcH$^6V776r&@n+tLIda
ztc9vdxlWriZ6jyD^+?(7Vwi{kU>-G?1LEdIv)d@a>cymz(hZH<E{(e^r7a(baKfK$
zocc|%xuY>Wom)gfvn_SI=|IL@eVs1i73tZjP24SH5o-4kym7zaF-Z^~wJYqP^a^s!
z4#9OboBCcq<+{Q(6UP!*vU`~H3cSpX%rR#{#}eP;3)DX7^y;yg-W;EyHt0w-ntX)j
z(#s~j67s$)c{vj)fkPq&!_jcEe80#i!(Ay4gdsXEdkm_uaYPFA4x@g_<)mC$W<GXY
zO60t2{t<T6IZQl;`sTyf0^P`O3t=L_7obdHL8}n-vGx;x&)eHo(s4lw0!F!@Pa&A5
zYX^+KMNu18+8c?l4rF2%X_`O8zGFQaP$_+dhVNO>+T`Zg8D^<+wm7x%sJFd-nhWt<
z#RJ{!>Tn)kMN?6WdHxy$i5Lh9HT%W~8-$xPFesilyLA=D4}W}IAxjejmc#1@6E-u*
zM+I;$AZ0!oKHfbEL*~YLPB#bpHeO8*UZ4dUCEH(h;x%@4!^5$)KE{^zCM|#AzjL@$
zh12qEMu#S)O&YpSy6=V)YfZcv(?mV;PRVC^(v#e=xsDBWC#kxd_ibsmDwZDEC_vPu
z=-!q>hZFrI9!YA-Yy#f7LWk$9x8KemWLN5oC{`+z4S%8;Hp(oynpr)v=$;ZCiO)Q*
zOU7y~cJsB4^a*GU%u^93$^9icB(3Ydotocv3jLbTSGfw$uQ_wg#9N7oNOk%(mjv^e
zhQw=ZEmreMgS~%Sh<B|GFdr?(oI7;t4W5>_g>S^F)(k&)&#PNru1<)_d96KnrutZj
zPL0b|JUV>kb}cTr-YJ`$<m$zvPQM=&X85rGBK&Y1%}bz(Yrh}L*k@rE!Cor5<nDpO
zvauJrn{r_3Us$uhwDen>00|R77IYoJGk@>_WT!jmd>3zNmulBBowr=gJrju?Aj7vt
zn!P%mwFgRe?17@(F|c9<aLbCq=Dk1kI4yHoyiGWxm}Y+vJ%()hZsq|qh^>(fDs_65
z$YKNj{O#Y;f=sO>R3d+5^3@r%K(>YPIcF(?uA1qEt1?l)@`Z!5q$9tcHq_upT++xr
z_ZHW!{={9NQy3JCd*Gw}84gdsF{Tpo#H+HI=uDZe#M?S7+~lSaEjes?#07BIuvdYY
z9}m;!eP)ybqi(1T1>J}l<cVP2*t@Gn)}EsC$LhVe)y2tbWpAGwws`2#uwI@H9rN9s
zABNHR+~ET~{f9;Irax;A)bV;Xt`Rp6-obx9|NUi~$itFudB(SrT>=b$`gRYU|7OdL
zmc2t1^|`sijirSj&gB!b=oG~K63Bc7L8phX+Ftci%-WcLi14*sqS}iRA*!WjoN(r}
zJyb{EM=j~v{pLM}H<fM_MEv3Pat2f$DJm|@>c{JZCLhj=y#;@N7{8fS#Nr5eL|bt6
z#cvC_$RHbLCwe@A`0)2FC>o{;8l8v?5WcdzpxiXfC=pV4HsubMNNL=gEM)Mrl9y=1
zQA2Nk7P)YJxm4Smtwg=Wv2R~8lN)vHa1t~z2)iL82OXb_xKn&G*1^jJibb%XpV(Hj
z{KZ-fDKy3U)nC)2EZ_U@9Iob&gIbt+4YcMIy{*&ADIZUGb1QvUA8p@GO*v9=bo9+$
zQD&2iY1c}NXEO4KI#~?9pJ0iNru7o`vK;i<LeU%qplWhp`d~HmlhZJTO6{g*@yI4$
zz0Bu<t-HF8qiZ~2NR-E?c_A7`9xZUnO&(209mYMc!alqm2kU7hk8nTh3<^H2<#;5=
zRy#WvlDMgtrjGEsExhAxkzQabh%+Ck;2!cX$9WWpjDiiBM-0!Q)b#Ej^VXQJF$<2E
zFmA;6lR<e1;*+_&DN)W2bIJSNw#Lg5llbg1<1IaIrj*k~`2Xr~n2gVU`eS>Njh?5O
z{|b*heCgL)q=fzmC|6|EHGf~9<D&1zs-}*JcCle3`9vYBZ)FIRMiynF{YKO-Ic%U}
znI{~}QKY;2oG<^PzeQ2H&LMTGgf_J85A)CC4qOSVHr;yn=mpNr>6y8)6^FHvcLBl3
zpuL1qCY=(tgT*GQXqo=b`_o$XVf>$J#BtXGC+3u>xlUrQl{bast}WAQu{81su<f-T
zz#P9T)+)Lk<IFocD@INyZls0uHwI<r4uIBkG!x2ucXv80o5;feUTn;W`uTYxbiF5C
zLSmuOJEyr+naQx0i+CVC_tItKOb%e55OpS8o^(+FbeXBvfpQ}<1X`#zudEkEIP(T3
z=E1&*H!|00JPsl$7Kv^kk88(uF8d){u|-E?PX_#2BtpTTiO3Qrk$uczpdl&7x%nv?
z=$ABgjeYK1HA}1%C+coIA#J3gOa70hB{+g4_fUUK(9z<dQ<mAPwAEZ5J}|ZomyVz?
zJ&ClD$4>_V$`M-B2vuD?Fvq@MoYu`ssCUq-q}IBH?x_R5QQHiDMM9$5Plyieb2QZy
zsI;?}Ex**WEUYpw;IjLLdWHN6o`0!nn@h{wG^sR;jM0^5huf~d;0Px%p~ZQIw$3+s
z5e8zuX!pIp9jCGvGpuudr?XP@O{df_gCf%b1k3Aodu1`0;EQQFytEUmAm|KfIp{OX
z>20~aJZR(NOO0r67He=Yp4S>q7Lh6KH)je}(DWCuUV|tm3+wSci_+=<{|MfKnjyY>
zK2--wzIov51S0Kc{0U4DK5I=FX)LGr#>qh8Sc8C7cHI7KZjJRbge==ABO{8*(g`D8
z!{GjOAr}G}92%e~cFe=V<uNX+n8HOJ&yf;bqyKuugepv!gBo$n*XxUBhlMql+x}Ff
z0?9CFa)2!1je}$iN)R?aMN4ose}cFjMt3-MP9!w+VIU|_veFW+Y}g1<mT_Q`>aOp;
zVS}9(6xHoJfMh`Zzaxa(oz71f=38k*JV@gw>dZQN8k;J7GWzY{LsX<fX0^(w<Jfs>
z;JHf{7jd$6Q{zNbX%+XPIT{M>IM^{rhRf`VE7dYi=Pc;^EyVpC0h@dr_B&$NMXJT@
zTK&_&_jmTmFuV6t&5sXXY!@2U;z=4bXa9f$(O0{7?hdD$Fmoq_Oc$7-Y?jj135V12
z3p8^rxu-piYWz%gq7waa9Fv=Q%KJ0I2r#=~B;>qPE+dn|@SS6QY29zl)$n4Y;w*^)
zfz#IA*0|mL(|$C9;oH+(l|QBxMRmAw%nj6akq&bMj18f;m%CYg58vZR=n!DgJMVE#
zIKwc-sq^6w`*?vKV#CDsl2Wue8IJ>*becOAw@LST$KlA0i_IDLY>Q`PR~Ye@sFK=j
z?pq#}aBFJq%v#G!<#4Ud?SXBL`V{vF2fd9jU_t%@IKf5FQH;hO*Ra7uFCKp^)Ldbr
z*<`yBvM8Ef12)!y?`evqL*2A*|1?%7x*NNfybh-+JaKr&pb#^HF9;5vuM(?wlZqco
z)$Ah593EVH=l^F-q|qbf9U^KTMYr~iNZ-DpsE@Xsj-JchZ?rUrA)$v9*k8?g()Wjc
z=J4Bcx?pGLp#<>2Y@L(H$;KciXKeh|bz~GhLVPQNOj?OmP{jnJDZJogPbnRQLwB}>
z3}t94s)xEqRnX8Nj2}68ITGlBE;n9To^aG=&~SWHd`)d;wy{Q9D^bu|RWL)MbN)q<
z2~t(Q6L%e=E5HCTviY@r_vQC+C#7#g=v&blUJRxFKVkKpr)IC)m%(n>m=xO5)80;y
zX(4Y;(&heO_y7!plJ)+#68UzwuUkh^jNWzyPii5#Uz%8bmdc@Vo^~<0_supVrDz#0
zVJxJ~m%m<Ms;pe$bN5-kutfM;j@(c3R1uePHFE7%q7rMZ!YvVN?Wz0Q^DdhSh@N(<
zB9Izkex7Go_oKORvGKG2K`1C|7){<50d_v+K9Iysr4@5^Tv=}PU=9M9&DWH|WhR`k
z?sAiKajW@)9Pr$99z4$&`~Kzv&@fbKW!0%-wt^Y-22d&JrI}e{ICDP)kC*C@knv>8
z#B-!NXMLL1E&H;4Q^lI6Q^PS+V^i24wX0L8{Q}okQ|uRc?&}DO-4cF&XEr*J(d&)l
zi(-oUkJ(HRFOKx{cs6;k#n!#s;S6$1-f+Z(5>3u|FGyq{m6sxxMSDCQ$_A7xCssP_
z4i;;4+~hPcbYI)P?T_Io&Ivqe_xhx6-r0CGN5pB2HK?`P%MFfu)p6>yv*yq=H@K_g
zVoc^`<~CKwn|lt;{C=@FDz$irLq27a?!#XXu&*O4+w0pw9tC$OxYXG-0_G?5UQJxX
zMA?hp_b;eKoJZjFfmY4+z*=e9GmpzXU!Y9C)5wh=Bj=z4liUXBP)23cv2YGqBC3SQ
z{}kqnEO@L-KiwQ!N%pzN#M~U#$$hE2__C~jXk&ruOmo&E&7*MtG-Yq9TB|?LVeY9<
zyaTipE@zh=-(30ZClwVqA2%KMq_ang^_tY<L)Kjr1nuUNCU!RRUxM>&0<Tvi@S-w4
z|9rjU;V2E%@h7moq_jAi)JkmioV7MZ>3d8t9VbmHGDGY6nWY<F-xiqf<k{533rCh1
z34>0%vGsSHHiwGsiQU<PCzNzPy9@!Xf=d_1ix@-f@zw5xL#*wwtj7B8+x*>NxY0YU
z4Wiwx>s-_0#!4(GVLQd!EX>$Ne`L&!?M7(f>A(rIMm<(s-eJsYGF-nAntD?}fq3u}
z{vjF&$7#zk)$}?pUHS_c0ntk>m%cY*gIC@TG&NvDDT;G1;V&C8NhDCh9>>k8`hi5A
z)!zha95w@CrSu4wWJox)kqO2d6xn?SL|wOOnguA0vtuOYCsiHQ4Ho4mZk@j`x<)_k
zG+DK0qq#?rO{iy{tjSh=@jj=vwOuTDqz3)a@~v!}V$<Wk_JcOR@NLL`!1iz;MeHMz
zfd{J4oh+Aq5uv{FXq$CK#cAPHX%s@|o8gB|ibQk2fA<ntBrST|AIt6^K{2^4pA-Q#
zn&4{Eie+S#;!m?JYt%%ZQR1VflL>!oCHt~FiXzO_ZgwjuJeK}L<S5A12#-G#;KxSY
z=8D#Esiz9br~X1bZEj9l)MGV#@2<-g=Gl31<DeMmXD}<5%f&1i0d}3eNQGp6_7bC}
z%*%72;AK4hl9*lp{U&URBYv6xB)`Ftf6bPDDi4c_M^|9n_ATkY!7p-`cC>chs%HOt
zr}>2a#TpqE%W0lhttj8HvDS+q8SVPYl2U%JPKNIQ<jzo@LZVV30-FG~8BWTtX&;3R
z0L-^x)ZAxhkPrRDgIaVG@+z1bvl4~m+eIyReu0>Z*PjqmcrBIZbWYlMnjsHG#KIV^
z?zQ<JKho#CKVGT-vNO_#C_lopvqjbqlx*@fUfcL)eP37i>&hdB=P0iA$Lq*6);2~<
z7&B5#7LWEjHHd0&B(5mbeS)ga)gAH`>TEljLDNJX6fsL3!uP0Gg-lmPHA38k8NRyN
zFaEu?SPQNg09Su;vtI=$V943gJ0l#!v{xMmj;^Z?dq(A%A6))Kz}^dOy4p<UWn5}x
zctWX0v#>by1x-Rs-!T{{xsW*uNmDRS0AUQ6lZzN(8mmF_ty<))tntpAsI~x-D2IaY
zs!Llk?Sp+0EIDLdAwJKB7bv9LD~d|6#&PocM5S#x_2m)4u8$k8q~)TRfvR>hYE0_h
zbj4?U42{jSXnt4F%v?)h{CauCm&C<kK*jPNjk1A{EN6`ZS9d5}a<eDRD4so##WIr8
zYQA2p^D<39kg~;Mjqis0sG*aoJg1dxu|ch%1jy0~U@*VipD&DW?oLoyFy%Udo%T4c
zoVVBe2_VlcOb#ZiYEQ_;EUsG%(e3ouS=VX6`VV<OBn!CTahyygNGvQJH<;8YQ+XL(
zdB7gsb@87HHZ*|VZmJL?ZlMNGFtBj&J(2PmVd#bMM{kS?3b^)}wn@TVPb{az2}xg=
z1@GmGOK0n!Ja=)u;EOtqmj=F)J;}U;1+GcoScMO9xwX*^7n=?|gd%+#n*R_cX>W)1
z&tP{zY&@XZJqaW)tc$xa(;E^-G6<4}nkkq=;oYphyMay{Y!V_oi02shUk9!+GTx@8
z<ner>TR=hSSRWuIQj8}-K3SK(!HD2;9L7c(kw$Jq(0=9cLQp%c@ih1SkyAoJS*cNT
zKz#wNnOh#d*V6n2(L_(>yLC(H%_(zBr6s}NfzkZhGex@7gFVNpjblTFEW1GdV%g{6
z(x?0*XuNIWE<M8Xr!;nzW(EGTps4h7W;R>hBJ{Z=Emk!kT0S3ZX&diTj84hm)OJ_r
z(dq&(Np*RccIgWW!Do(yFV`yq)7>$(Kfm5e%!~0`kE3Y~{RX{>^o_vo4^-=JYH-^Q
ziasS{PRc<F#wN@-!lDqS&kSdS=aOm_=+eHz=meS47k%`<Nf3Z*cC-Bi8#U}WNT&>g
z1*A*-Vp~aJO0>PeIuUqadcs_3DF}-?K%3pb+IP}Ow;<!w<@xtEf4X|3IwK6qhDov<
zUX<TX!VP%LeEgROnZ@<|k<{YZQFILi0V47xOwLrZHDl((>+Hyp(Hhd0*Am0H4ZnBC
zOLEMe$AG5Zb^5y#ka<D=CBNRM-%O^of{naMcD*Y2Mt-JAq=s8sP9RH@4HE;MPIxex
zUu)eWs=zvZj(Awfu1dl<d3UntuX&a|vDr0_m+TS~Hk-nOeM|_SFUaij^k`Y?+$}_n
zYvJqBGHRMr++fS&Db4-;8!yX~6^R|*1~ip)(G0L~0n>AljQDl8RDAtD8rVA7D%^eE
z#&@<!!$*cWUliW`pcfa;Rhb-j&GB7=hTncBFG@_)Yj`?hCKGx}s-{bKZ1{mhFm763
zD~K%}Sccr%EpaW@ucw?c>c3|<sb2F(fLUz~QO!>9YZuy$kN()nxEQ?W)R<km{C<)|
z-#dI0^x9yuXy-0!^c*GrqcPdJ1zf1*%joG{z8n%q8Zw8du9hxX`6%Q<{QFTEUTw2y
zU=8?r^a{}qPB2N-F>sAjV%`Y%Wjn#DZsiO1)Ex&IRMayw?GLG}io^Iw9jjG{b9dMu
zv1Gp2gcX?1;aMqS@I=JBpC}d+Qe&y;Fg9LRyJOIf5aQsJMC0-W6a;PaU1t52s^YwS
zdmmX}_Lj3zJr+54y4l$;SG4D4XFCjyl2ui@zWM&bAX_0GXM23!YezHxJCoY0a4o;?
zzV9Kc^FV2Za1^@>#ilW7SpF}b;KTj*RtFPa%YhM<nE3`L4H>P3DQtrKa}--=L6oo;
zyn!rDLMD_7T?Yc%e-FTiAheV?OqWJrHFxCiyWTg|z2;cHBCcy?VEQQtHU$q-Dl<f0
za%w9@J;JOwi7y&hdET3@l2SmTvp~H(oQNPi9cbCh{D?Tr0mntBY~UrE5XnaBw0bY-
zwa_ReuUW9eQ}G(2qBY;Pukj4q7evNeU>U;=WS<)-CAzNn3JMFdgFt7sRLWUJIV$PK
zG82jj@ysiHnBf+B7?gp&o8wy?ATo77CgV8hI706GL<AUzFgWZ~@O4;)^zlY{`E1gx
zDN?v&FNdY;Zu#B3Aqc~eYNChNul<^m5a!fI5pr$=-(u7!!(a1e+KJ(io|>YX%lhJ`
z$h#SR4T7G2hF9CoY#sZ-ON=Ft%|5s|ht3!69hk=pz(5suL+N70@C>YquxOQW^~Qs_
z`ur1uO3VW(1Q;4$f50NDceT&8qRhHrN%-c-38f6UUnxosL=>skdN5yKaFX`BKVklt
zC=IS=bHpK5R=B9LYlgOt06}hSYx!NRoiQvo7U{U5@6=<r+r>znNYGfO5d~N=%q{m3
zf8Ux56|#ujjIO9PKYg9*<1HiDTw)$Zyfef5L7)9}sME=u88U#`Pz9Z9yyl_~T5=bn
zrrUIIM}~1#DAp<|gWkld$$+EA1f$Gbd*~Yi^`ui|(ASk1ThjL|HpZ&%?qt0f^%jpw
z1xuo%?Twv)3f#{kd`lpbTbc?aQMAE85N#40>rkJJ{o^W^^|&n6ylLQYP=<GtM}3A_
zPM>_t3z5U$dgUiZO17%gJ!O6t^kJ$?Q(YIvc2Th`bf7xN^}qcUW)^1eyR4ievb*Hv
zuxX@!Ju6c)uh0L)sWX%!T-q$2=5a@u#UYBqPk#4hZG?8-$jNkZf$4=nlrJ#TQ1&GC
z!^TKAG$&!8;~^rKPDo&szO2uejzK&VN)QQSNe|l`-j+@}oxb8WdwZQ>8bK)}8al^y
z>@E~BUkb!>|N7@A(lEkm>U}N7qf{N4xXO!FGKzG|{SN+GBv$TCzqIU2zz2rmW4jtl
z^=`cAloU;f^2C*&di^X_XtviAEnOcg)Vwd&%Du^XTy``)Y^nMacex3y(UQ3NqoF|e
zPSFHemej4X4jlR!Eg>G#&mq)@L4#tN$n{91C{IFRABl>Ijx%y?`X^2$kH@Tiy$TKR
zh*L`S!oNfAUeaVQS6>`V=QLb97TN?y2wV=HlevtkP!{gS;c}|ZK&k84fl$6Gk!W*p
z_-3+Ee>k4{oNjfDHZ^N0ZJ*fbFwfF?uVW@<1f{sBWDvWCEkbVT@kF6&-rMJ1&4Lj>
zx@^LYW(Rmn+qP!SR>ZHpK+Yj2UBOC%LlH));V0^bbz*T0rDAC`;A8=W@Xq6eL^tnr
z_XVc+G3yUrw_6+vz-azjKJir`F%%ruFYf&*?C$z>I|FMD?Cm0U^pR{MeqGQahCq<P
zaG*ile)MF>4p`Nmq`33u!LatUcjxUi*PRUis$HV1W}p7Ke<Q*wr#aX#>YA^*zhbf3
zr82UU99O$MB~e9M`&w)TQ80Xj0?znY(U2CcMK=RZT)dL~pCvb~r7H{!`4<fqOtM8+
zQ{T!R8;e*Bls9#WTr)`h$A(kIiVv@twJ8fbOFr<2dd@fpSnqk?9k(P%*hdZlE7$4P
zOA*Jc;nE~5s;V+XB_<6;>1k`#Lf-vWq@??%0ltWZo5RV4tZo}2P*6wLfh2#QI7`&t
zkL{^)fA7$!&xZ>}^@Wg#AK3h)aWFtS_Hn880inQmJ%L3$F`gTQ;zcstgG?uCYc-rI
zlyf?jtHRmz2sWz!_0@V@nNp$v)#g+T8iNSL^RDu@5V|{2enf|h);aB#3)+4qWjEEq
zrvWc<VPecJwINomNt>j@%03-SvYX6SgGXVqA3=z=do4DbLtEqdS>AX7=CZyY-ADqH
z)zIbbxBs><qo?HM1dftQ8!+iy9?nlX_H3~t_s~NSzf0Qr9Ha>8pD<a47x2`7oOZ8N
z`xFqa-u>-$RP6PpklFiPn#U`d&auQ85!alPDvB6HZ+>zEd6Wjb=`E){(gq}<sPyS2
zUcWjcDiPS_v5|!+XCqiQEu8-31=YaptU#%1wk*CFX}Vg<e1q%O>Kft50AlH9S2doB
z?#l|bt*dc1y1_Zl)6OkQ)W=i(-+M>(rZL<%Rh^ydWP#>7f?Ypvmz=46F7~F++{KMq
z+0rw1ECOI1J*4)KTE(+{ZXZvU<n^(l&l*i$B^|rm2GzDVZD`WJu6{|TFNnFM>HZG4
zbu^^yPZv;+(f5|XJy^`8c?%Sa%j29QrFgqr)eI{w1`D!&G~!(ULbo@&x?dC8AQc26
zAL;9zyU9kCF;4w9t+Jk9zv2==XgodQ;3zFNo_PW4eKy~3Gg3~w!{M~{7rM$s+HnFc
zhhZe_<FLUBgFg^oaaRmd2Jb(@-dWx&;)%Fm|68tlyNEkT9R<Afm7V@iG+5lG3b3sB
zUn|90OH*iA)Pi^&!Pr_6@@rSG@8J`A=!*6OiF{Iv_Z7#V=!2MLBKHb@r2cj#EjWz4
zHkFKi70B(d;?97ydM=W3b@qBad{j^htXuA+DhSIx?yWYgb2O{7ey^87ar;|S9c}8H
z+AH?MG(Bz_@joUqh@>CMCA^EkM?f1nFSwOx1hTyfcVQ!Bb(F@RV(2NES}34h8>^<A
z8v+}O@5A=XXw9U0g5qvJt<Gu5QEob55tw{#-7mBGK1vz6UM`B#-`Rr!BfP(`VWwI)
zeIHROZyFFXYwq98cxp!Y_BE)8_Hr<nMJO+oKq><Shwmlw{&~9vHm?$=lM0tD-(@fD
zvjOBOXH!x-RbE*(Kj!_|1md2XC*vZP_5XyL0!*g27kj;^1fR`h>)<Z@kE!lPzq9zf
zvvY{#(jf)e^XYQ0LU0i$v+puMX4vBiHit)x_XoMx&McZS<lBC|&ORQY^&fyO|4ygQ
znM)ORFf<_%<q)^+up%(|P~p9A%`QWP%b_B)u94JOO}d@PYZG^{u~D~NXX!?r#gk_J
z7=sf^jr^muVcE^sXp-pF*bOo_Xy%R4LmbSGepP>^gQ;<WSvqA11R9USl`Gq0j)@_Y
z{&t1&eS3_q0m@DYUyZ=ZIc@d5$6xR8RGYaPk}{TPoD|{+hhN1ikhpZlICc*2@vq$=
zW30j9{Zpe^RaX^rS1+-$5)316GYwDmH>!q$m8RzHJ>fG|pR-#0fghXHc_w=AhxvQ$
zwSZeIEI-wPZZACc==y{Dn|wCE$^Cr2z5DGpBcOs!Fsh$Y3wVNt(uKT|#8pyc8~~gq
zL0nsUkBpYDgs%Voq*6T1Y77d7-d7~YElTu5k7M620l5oW<B-DE^7b_a5s9-x%%Zy~
zE(a`3)GCS)#N_FSF1t#E^{-H6OS-Q2Ld&9H0gsO1?lIl8*^q}Y^Z`N&q=PX9t&_OZ
z1l{OUhN7az=~@VdbaU<e6gg>s=QR;y3GB{+Li(&{5zhF^Bn3Qe3ef{ebU(OU=RaoA
z_?w%#v29Yo23l+z&l+)KqN4@VBk+A}rk6&15%ra?-XcT=LIqBM2{+1MPpP<$b#ro;
z=Rx{dVy!(j;xJv8U;F!aYf~SGYA!0wOFE9t0S&?5)ls$&sj%KtE4Kdal<wUQM~XPu
z@P7GR1XL8*3ugAC-chAmq$sLk+AakQER-Gs8$1u+CxaIpC&Ic`LEc&R=^@Z6LkW)+
z?>Zmj!?=Ej2E+7q%e5%DAuzvlINMtOb|<aU{eT^9w&HqSQg2$-9L*U=lItYFM)R<4
znH5fVQhH&h80GFz4s8HdxP^fBfdAq%o6TN2-2UuP>a0@~BG$hTfyUAHxAjD=^Sh^X
zyX2LsojPaTB?u0mBwaOi-t$Th9k_=6G522K4QU13T#}7I-0bHWT-jDoC@yNW1!sTu
zbNLFVQkhL+1lV@hQ$F)6x8vv^hgFGjs|p88x_)q3ENk5Ex11{J2OH%WnFkNVhT5EP
z0uHsQE7QIppunC8t5)=+{}+4mU>t&v;d(llC`Ne4fcn}MUTzR|LNqI!{-aju0sK1s
znFSGjwRt9EiB#gJ>@Kmm>mQ0C>z&6j=r8bp5GA^w;>YLB!~WytBE%UY=k29ebStOg
zB1${&z48=v0L<j~{|A0WZAn)(EiLWn<ODcDoh@V$7x=2JuW#?|MF+5FfyX<wz1Z(h
z_={ZV7Xsg~tk&zRD<EW#T2@&J@HfC264-zW3X_6@;z^eRNRQfgbuLcElb=rM0ulH=
z>3L-FuGVoeFnB(!F2IbRKfTtE>?no*X{AXKH+Kpa_q%e*7@mHme)m7uW(HWdF+IJ!
z@Q8@Mw!Z!6w6pwPI7|jf`M+IaAsmpy#TK|x{yz@CR$;Aw0X+YYlsW(RVLal0!%hDy
zX7-P`XAOkR@$%)%$#va#4hB9*CByr7__a!4k!IE=;L*E0J9}?sl?Rnq1jzDp9ySwT
z&m80b0Q>$G1xQ?SeR8`nD8wb?>RN6LBw9^Z<Xr!BdBWO(P;%Ss?5ybeu=(S|Jy5=i
zD&dmo1lZMR2_J7G2g11G<mBWB6JXb{|CN-yA{La_mP9uMO8AdF2r>_{$hK@9@(lp}
zOe*SL_P~bL4*xfiCM$_a8E6A|A9Tx1p99ExFmPDnW+##0!I!55x==|6Mo%lS0t#pg
z_lHwObY!|cJw4By0euUQVV2Rc0AwPg{ZlhDJJ5jGZNTw%_5f(ho^x_?o>CG5w;T+>
zB?r?Lr>3TsfLOF}DL~2pjphDmT<3GJ38-D_v5bt2o;KLJmv{siM#>i~nyrB7=lli$
zSHnm+yMYmMxy2y))a>l;cEBz4?ur|bnM48Ai8eSKE-C{!+tB~@2|Zb5Fch4vCyVj}
z15~pCkIt{IFrPxrd_TbYveOr+i;?p4C*c!ox(SH=WK=e*0UP%3O&{5%+Ngv1hFv=+
z8UQSZt9OHh-3}<dua<$$yM&4EZ_dXMCV&tNyQJs>0P<%6nnPeuoJwT?2IaM%=meBP
z(ExJ`?01%&`wXDe+rQz{J?)tUaEq@p2cG0?0C(^UfMtctPu4B~^fU){twvpG-XDa3
zjInhGY0k=`)Bj_Yp#i|=YPrf(sS?VJbH;#6<xHGWB@GLBe#MM{%f$TmWk$WIb={w#
z1#~KTI;CmKPjWAx7GQOgO70brkUR-P*zLzItzvyXcDhdhK&h|X12DbkqSD2+Y=q{K
z6;k5#knkzBcC1KBq0B5pm2~kgz=%}Ux<B8bV}A&ITEdd<fFH)F7q}l4X?Q<UN8}|u
zr%_!>Xa*!qTf?|C;^XSQXvyn0cZR@_wFwJ)yb@TFS8CEyg8aQKoY@s9cl?FYJ~>%d
zEGaoz1vgUFMB8~d08I1!d$s>?>^<o(SRpaEefVR56wg_JHU|u(VLTE6L!otBMZkPv
zcu@K7_sn*?qt8l!sn9M7%1j80q>@VHF+Y1ON2f#%!!HCbEeoLMh1&sBi8#G-3h9#s
z2O(bA#rpK`?*n;oM-Sopw-Cuo+NpWHicfO)5`ll-`J;G<6ft4@X0Z`-80yN5Om$he
zqNUJ6*v5bm!3Q$Lcp)c?xmt&gyWUQ~)>E|>4WJ1ipcZuF13bfq|M3h@1@>`_Y;lEJ
zg!_V!_FDl~!3R-1vA0Co6_p$Tc8^2Gg9ONA_&Cj1+5<81Pl%FR%U|uyR29ZiM%sY_
zB8-wL1-hYzi|R|Y91XgOsO{X2xhm=10*jvhz#|U331DKS>LX+Q&=*gu8Q!h76u$L}
zE|}M1;7LvQtsDf~0c-Rn^7-}yU^~$=9WXr)(G5Z%F|tMm6l(tlOaVpXZBsBQlQj{q
zg5YGBUwhsx@aR^x;z#;qh3mENQ-Ich@<{diTknIYicW4w9O;WyKq*y>k@DQU2ypS>
zgD%-VCUUWKH#!WYa4T~FI?E^f6~G_014~U+s({uGHm!#NjHTDhtS4Ab8OM&x6cTUg
z!X2eKLBPLE^gsS(f=Avfogo0tJ(VNZ%k%zQG#AdCr2suEk@%>buNnMxMhfJY__BMs
ziO;>3#Mf3v?(1igz`Vu*kW-1JuZ{=~g`0KC_YDmx%QRgH0hjENJ_j4kk|~FtTCi&a
zjscZK^(5e9X*{OI0tfdWyW>!cS{d`O3|zK6-rKW7q;vYerPD$@^<!Y|7@@Zt+~o$b
zP+p`+fHIeMt0c#72c(ocOex&2?E%fE2M_|fJU=OqEeGVJ)c=Obf!lUZ{te0{1w_Qt
zFQ)W>>(|!WV6sljNVU~yroKKFlR6MD;Pvr~<HuRq6y)bndCnvF<$}#|V;}@j@9%V8
z$B0S#0?lE3S{k2?Hv6YFp!w1NhNTMyE>uIpxs_2Y!pmVV#hji^xCjd{8x_N@$W(cr
z96@v;;eE$B%>#rrF2^e$ny{i$am7fF^0lRJbaBF$@HYalEy#dG3Tt0N?NpyG@VNb(
z&V4eI;^G_Rbbgk;5i4T15#qe@v>9VBzq`wDF{7(Cf9R<;yS>Z!JerH?cXavoU;J)B
ztgPoh&@vuC(*AcC|NozSd?sc}SXkJD%X0u>ru8;W-C0|sN3aCce}JAgsI^=j9S!Yk
zaB%QLgxZ6ZXkg?E0LOZee;S_9?}nT+5bmn3c27-D>%q(K2CXI=0LL<bUIz%8Y0?u3
z23=pT?qQu*5-j0XNO+vdJ}!y)H2iGYXZ~lLQp7l!SR}%%c{l&54^RX*M0S!PkSqep
z+;$x_RzhtSX#tij$X&UcHquj%S7|x?XQ15izlK>f%0;Y+x^5LXIkj8}uw>9Akj5;h
z1FU^C&shnxC}Q2d?IHZ?tgEZrKG4(__pJ3bdiKv>%zV-5@mID;Kri@7EhZf6Qpo+l
zPWzO^C?%3wau4otATNTr!?yPKi&<a(*I)|vBR)P}xkyTgIMRhBIFIY5yIvbGm_J=)
zROgm7Uw8X4I65}+_@)0p1HhZr5SLt9a3eQ=rad~X{ga2V*-ZDj>IzmgD5s<EX*UpH
z%qLb(&9^fi5F_xEs`f#+b3D!P?T_bN1=>15(f7vI*4Fvz-l+qlTQ+E<oZz2x<a|W+
zLMb#PpRO{UENDt4RX7mnu|EPGoS^d-9<V7>Bp_u20ds;{x5G4O@34w<;(x*4K5TlE
z>FJ0Er-#fCPFF;Bndkf*8|b6xT^$iwBSq@yF-%$*459H-S=9|k896Pk2c`Cb4vdro
z>1K>Qs~E50;K;VzMZiIfdvSY{IlYo~gp1yBTgW<6p=?m}h18^l@`xJMgHI+9|I0F2
z%#n$3B=2m!3m|1$z(z$yrE(Nll0p)&U+4sssSuzGJO#AxfTp>3QDx~a4FNO$+39Np
z?3h-&RP3|qlD$_Rg1n@;sCS_jh$Jgh>kYNgV<L;oyvU@nk^&(~=OHWw|AIp5B#AC*
zLBnC3E{UHT@BD?6V~M+H_$$L+>21C^!ord%gHz14oIZ<erXfqa@Ci0z^~i!zOG*1L
zo4L^lq&EehbRca$4V(I;^>~+ti&giquGD*g0m$|?FhuslqwtaN{o+8xRQmdnj{9id
z=j-DG#Z@yS9-g&v>q{g{l-T!=>$%InEs>Xd7r2>pesO}W{V_j4WSQC}{qdF#bF(Cp
z%2bh%uiD|mDml*rf)X?NmowVXup-_(^TxqI4}w<fN2%NdvJ5V_w4oiH2Bw$NAowed
z$-28UAzZ%+OF9^ie<T|_uWrYqCU_?C`0Qs`P{Dq_CpXQ5FYUK^v6v&I0+%yFo(C46
zjb3XH*)n~Zb)8`yo@E+5voy=sqVETJ?_++n=pW7{{K;z?8WQCt9zRZ{Ohs<e0e8iq
zyeJ#w(Iue{`u+>g#q%SY86dFn_j?s3GT`aC!+F~0h+TmPp1uAM-3XI+CymVF&{y#D
z4+ot|eZ3Y9tZW?I>>W<Oo&1Tvb3+;?t@ELZ;qn?iBW37&O`47LI`7m9Ww34voJ;GV
z%{pfUZ>(WV_rin1qP@d!sT8iUJ_zDhVWgxecRyYsB{>HKhG)0_Y|DRu{w`Sp@N1w+
zYCfbH<&|vu>Pz{ixo9O}h@SHgmvsWALhY2G2IAyrQ()2vk67)tXqrRL_kqGjT;84r
zL__K5gZyG@g#O1XR|tOwPU(K+%J~z8IQ_a^34>@ItU7pLRlsNQ@Szn3<HRkRTYeqG
zN|Vd3pV0nRO(C09o%^pE&?>AD$tK=OFuk$jUDz@Wm!RIK49k>Lr_&0hiLSGj*{kMW
zzuhm1lhp#hiBl^0`sYJ|S(}*7l-)tp3E5*<OuqWcruwQwzerqd23#w=NRMFqN6z~K
zXXfafMR5)1(M6P>`ql4NAI7+UnZNj?{J`t|(2RXikGwU}Q%Lwzt)-_W`psv@?1Ks{
zOyS)3^XD|gwRnrGTd6Lu4p19g|305k^V<8M)ox*klc6?ql28j0tIt&m`y}@mCdoIm
zI>I|<3-2(BF1ds3=}O=M9vjJu$Bp;r)w{>zZ)Vvbg-gXlKMVKeoo{mJ`IC{k$CtT0
z?)33K|IC%_!y;2PJ<$@oUk}l<`hJc|uQPjlY{FM|6q!X(ZmFv-#z(;Tfb)2FiQ6+~
zhQ#54ytMMQJ&(tMM$}~)sbhK0@z1cOFszr*QVKTBxZIgGbo4SMRpUh+`B3M|=fUW+
z&BNnT=X37EKTUGK5Dgt5hI)4?!hGs?0*Kab29de=e{BhB&HLjLB|fyHl3kt1C|u=;
zI;;d-{{$Yym+#l@nIQ5BlabGa2a)_@l&gxK7u9Bvn*h6+N<zR}_EytAC>N>q0feZ;
zS)gn61Ut*n>VT<|x9dfVFAul;A?OwXuZb=;bAQQi6zHCGimHyD(~}c%1U&ze-U_?N
z3i^~6Fj!hwP2n106OjFw=lddFh?<Qu-tr;TOyO|pJRjXkr-FIt#)0CZ7IMJc*wnt{
z_z|lhj@<9d#`EtrmM)TE%3~0i%JuL9@fEFuqqE>j_9k>uHxOmt2DDK8@_zc@Os)|l
zJcbjoG&vYDGlWBJomloYI3b1?yW3cY*N^(6_H3hUOg%&O{JG}rQAeAyP;~twcT-yb
zdaRXZ3DIk6{(a87Z409QBvLIMiNB|y4vTl6*AiSc?n%Dx_6Ps+o_JUL@l)?Q*Usz5
z=bs%1{ite44*Utnk}{n4A8OZ-uTr)mV;=809S3TyXVMS725j|E_-+pZ8uagv5fpq4
zB5@K!L8k_M9haggaJH`p3Y={U#UuoK0UC^U6I%DwZs4@8{NV7$zz#bZyX^fkH2eFy
zNW{s(yr?7_lO5>5;c?ovnnSy|d;We)10U+d-}nwngVQM7FDWu%KLSUc`n`|}hvR<}
zOJ>r47`dPN!e@d$-<rhq*Mpe4U=>YB9F4hhAfU;3_&KiK!HU`^m3(5sNT0AFV0wB!
zT&CN8?C>-j^dWfKzdP?viN;J7yOP$nJ~}c2&yZ3JKhSCO-8P1nYQ8o58>&Cg8HcBR
z?Z8w1flNP3nTd@@js+RS4yJ_ZB|@<p%x-MEKiWZw(*Ka8QLB{aO>pM5m{hGD;(Y83
z6}Qr?Am1n!!BuJOUU?N*E=?6SmczHD_lpSSupvqZ-##3za|lOHt@hH;R=<YaX40;0
z=U6Ga*jmQ620ftPH%>MVigl3u<wTPDu>I>0!>H{5ccVijGgu8G7-E#HW4eA~zGcKI
zq<`q9LE-)lJ;EmAqUWB){xt$;gv`leT&r5|=CVVoTJf}*F7bU8`sX6&4Dq(J9}MLe
zIn107{9i_Dw6GN$Od~z(DJ7d?$hg;&D%5!2xy5HHZ+7cK1&E&K*1yu~epkB#>fCFG
z*h4v;!GdUgYR9%}&c3X^R6AV8CEMRN{4JNN9q`nSx|@=N%WbdqZPUgvdixYRuxYfu
zdY6`4%TtXTf^Z(m5CqiFQ+%FXL=6Os-VY~lCPL;ksTg4PL4_uGLrUyX1LkmP(LDl>
zFBlkZl);r3zB@^YVU$8MX1#4$knla12*7T5Y(J`3X6pN}ucmNizUD6UPmdqblHYod
zuV|F#4^Q(mV9JtQc6a-Ns2`i}H|Wd{Z0BdxATqhY?P3>rTW1Qrd}CF{yF(b42J?8S
zbf|Q6aoQCTA*Pmb$UQ}E7*MxLyn5GsV8vsJX)HP)NG@dA7RTz|(i+Xcu39b4{>FL?
z5%sW1x{RQaVf`VDZ9O?tAvY4RviU2g2A6hW=W;d9&m!~|0(ZL<hNO{$1&s0yo7M{#
zeYdu6geqn@#~KD+PS&_6e@X+j_w_SDx7B&N^g=UKXR5&u&sHgF-c`zxwEiMO7ZoFr
z8w>X{x-zh(8AaAYN&T>P8r>S`0JPq!3><Yoh@~oNrMS%2NW-_rD3N*B-zMj8#!@pI
z;$(XF73kX8&?XPNWo$1!=sGZxK4)xrsWp*Ub{r=9jpR%4N7+SR;ZPEdCHapvI;4@f
z;85{<fhDCkGPsvM{tEp!8G2chRwFsA^>EhELj~nFJCmwkFMLmr&O3tAnAJcE<GFTT
z%9k?T3x&&T+rdtith6>TDK5=7TR{Z1eNE-}(FATejkg}G`9($uRr>6$%^Iay;Yw>?
z`~at?9k6dNuz|!`{0KoaVPq*O{?qd}bybfHhRB^6Ig*1nT2-!YXLb4C;076~(@?WZ
zZj&38-&8|w)qjapWA_KMI8i5yCqrw1NL~0mvWeFBNP)>ronz&M3MeWun`VC<SgPxy
z5CV3=T%+*9h%U9l4nAD9nG(t-z^FC|qTooIniOXUEmGU)IS@!42xD2;vkm&BMZ5z2
zlc!t@H`>!*Bx%_=^aH7|-R#JYuw&UwB2~Rk?Y_mUYU1)qp-CnvzHCTFF5yd37N${J
z>R!SJIv#8L@!jed^5+8q%d(r}c}@JTz6~N7Oe}8Xp&^91rhl_T5_mv3(lw?27^%0*
zNHp1Jf&n-A1!iNFvc8ygHE8>&H60dOiVuv!tiH)njNaYPgH|8@s*%olAY9Gu{tO&N
zE}?hLADB;>L)pLO?9S>z738z$EPV%?(<-|QFXT{YG>Bkx*;q!om1Tx#>}GD%lWgSB
zArFl$(x6JOznlK7Uq$EM(u5KkzJNxO{x&5w2dQNK;hR%Fa)~v~-Uvc28m@otsnLM-
zERoU|tnRuV$#D~Y@q|{lW<AI4zYO<?Cn%nYoQwERaq&~4e;&9#9U5PX+8Zp<KWu?3
z(;3`Mng!2s%16zShSZnFPgIn{B@<0{%>1Jn7sITK8~MA_eSXuiKR*PUnf1PxHELju
zTl{#}_kyB+T&h>Gj(ekG#;TT+a&Krkq4?U@AI7VeX(+J=-9dyAHbt|#xljtE`9WGj
zvjh%T0(sbS=i?Aa{NSGZU4gk9#w!h5am7RyhN=~r63NF6zRi3FAMdJXZ$3||CY$&C
z6eF8CT>=Vd`7+DCH;dkIs~C1Q)PCxuYEpNQXlV8g%7hsO;-)tOb_KlK%wRL`)~A7l
zs*tZOFZF_jlTnrP13A%_qpX|C>Aa1Bw5wFp18Xa-f0|4KtyYramUAoRymQ?*?s?W<
z!#o=(?xg*swd_P4GW}{fpUf2nty#j#R5=Y>tTAC>VIw(?puG|E?T9QY))m+t$e~|_
zJqHQAUe=e#GvTfWULzF*FE0OmA2X<m&8k(cR9TwgwOvo@FrXdVSZ`s`%>fZfzgn8V
z9;{ulV?mC>+#SvTtW@OQ`Zp>-B^j8Z8MpMnTi*~5Bbl54aefbg@Q{?yVtv|vr~LQ@
zuss?_c+s~#=AW-XfQ%%Lf%Rn5=G!`4$kteBXuj^MSe~({`2`u-yIK*B(yd@eiR=$?
zDSF?T<@m7lzl^bc4K=mgqtQpm@4tX4Rgz5)u=swO{<0M6J<dnUIW!<Sai~G3P^~Cy
zRL1a|rh-pS=^Mq6N=b;lhJ}<eAE(hmJ!#7!K22}yELFt!KX;y@yr_9|hhVA8ije5n
z3jCksG_VlkjlTZ;aG2dTE48ZH43W+rJi~OnGzdi>RR6_52WjIcUCa|oQWT~beL?DO
zP5L97GHCV=?;xmBp&rnI67?i-(-lM-1e4jR|GG&^IQ0F}P)E%(PJ=5V9!h~s0_;17
zUW{VrUpYqhMp**^aYOM#gsomQvmJ3vJ}<H5fLLrvun3(?NLqqem3W2aE%N6|q7VC{
zBFBAiC~!B3-~BCNjWrGI=yD~Sv0w|r_ISN0R`bkUeog9Tpyj2(L5fw=c3_1T>K^ID
zvqW$C{NFY0DbaS{>rWKt&djL&P2H^6<mqovpd#TgEqkAo-B=p)?)|`EaU{;UIWD9Z
zgPVe&AAMUjYZ!*m$PPpY4-dV&zaAz5t;ojd-~3*9e1w5au1;u!035O^=DAScWa}R~
z6@1EV3;d)0YJk0YGQYdUs*lgj&p%lz*i4!!0dL}1IuP|nT9)$cLdZ?&g(DtPEpGX{
zs`idfYseJ7p?!c{9!bBI9VZrKV|oTIr5ZoMaX+7V@m$Rqk23P5gncdaN;=#N1KT+`
zEZC&;cB$R(Zs|t4`0&?X5fvnTTZuQFsP+?$aO(wD8J#PXq-p}<t^Dd`n#7usXYP$U
z&<%ddlw}G6zCOZt2@-P)Efcd}R>{7pN|3m3n^2(nrspz>-uuyIS}eDTLmZCPoCeYn
zy_R<JPBJ(!7}HGyZW`KoPd+%}2V6C@b;+!=TXTQ*YnoqP&zgh|bBxRDdM#2NE^;l}
zyCjkp)>7|$8;`YEPAeo_D6?G@ZllW-(W2tGT&6OOtUzw<pP+h<U+KSm^N=du4Yyxt
zpEtB<du|NzxR+mFM1FW)FwlfxO61}Wc{!&g)B-*9ed}T-**HJ`fWY3@{$|lRa^eOb
zMipu5gImQO<~9|0m4CV)@s{{2i<FFu=Rm)KrOuTMwItRRP930b-?5qn{2=GMA1)5&
z3)7|7ar-czru}@)*1m+|gol?|+I>8_79i&->8|y+2H7mUWS4BzW>@-4BqLYHp#GA7
z>KA3eUS{8q+zne>S?0?w_5S2y54anqd@Y!tT>kt?R|%+a;32UBrL6S8#V`)JBe|y^
zJP7_HjRfAzg!KRRyLQWecAt2<TQH@blyCp}T^PdEBgPje^?}u}glE8)+y~|NC6cCo
F{|8pcIb#3-

literal 0
HcmV?d00001


From 4ef3e6d7135d563f7d152a56b8244303e348b8d6 Mon Sep 17 00:00:00 2001
From: Payge Winfield <pawinfie@microsoft.com>
Date: Thu, 23 Jan 2020 15:51:46 -0800
Subject: [PATCH 46/96] removed en-us and fixed typo

---
 devices/hololens/TOC.md                       |  2 +-
 .../hololens-commercial-infrastructure.md     | 30 +++++++++----------
 .../hololens-licenses-requirements.md         | 20 ++++++-------
 3 files changed, 26 insertions(+), 26 deletions(-)

diff --git a/devices/hololens/TOC.md b/devices/hololens/TOC.md
index 54e3d65b15..d1c0ab596f 100644
--- a/devices/hololens/TOC.md
+++ b/devices/hololens/TOC.md
@@ -20,7 +20,7 @@
 ## [Deployment planning](hololens-requirements.md)
 ## [Commercial feature overview](hololens-commercial-features.md)
 ## [Lincense Requriements](hololens-licenses-requirements.md)
-## [Commercial Infrastructure Guidance](hololens-commercial-infrastructure)
+## [Commercial Infrastructure Guidance](hololens-commercial-infrastructure.md)
 ## [Unlock Windows Holographic for Business features](hololens1-upgrade-enterprise.md)
 ## [Configure HoloLens using a provisioning package](hololens-provisioning.md)
 ## [Enroll HoloLens in MDM](hololens-enroll-mdm.md)
diff --git a/devices/hololens/hololens-commercial-infrastructure.md b/devices/hololens/hololens-commercial-infrastructure.md
index bf37f7bea4..e6376ed2ee 100644
--- a/devices/hololens/hololens-commercial-infrastructure.md
+++ b/devices/hololens/hololens-commercial-infrastructure.md
@@ -31,9 +31,9 @@ Make sure that these ports and URLs are allowed on your network firewall. This w
 
 ### Remote Assist Specific Network Requirements
 
-1.	The recommended bandwidth for optimal performance of Remote Assist is 1.5Mbps. Detailed network requirements and additional information can be found [here](https://docs.microsoft.com/en-us/MicrosoftTeams/prepare-network).
+1.	The recommended bandwidth for optimal performance of Remote Assist is 1.5Mbps. Detailed network requirements and additional information can be found [here](https://docs.microsoft.com/MicrosoftTeams/prepare-network).
 **Please note, if you don’t network have network speeds of at least 1.5Mbps, Remote Assist will still work. However, quality may suffer.**
-1. Make sure that these ports and URLs are allowed on your network firewall. This will enable Microsoft Teams to function. The latest list can be found [here](https://docs.microsoft.com/en-us/office365/enterprise/urls-and-ip-address-ranges#skype-for-business-online-and-microsoft-teams).
+1. Make sure that these ports and URLs are allowed on your network firewall. This will enable Microsoft Teams to function. The latest list can be found [here](https://docs.microsoft.com/office365/enterprise/urls-and-ip-address-ranges#skype-for-business-online-and-microsoft-teams).
 
 ### Guides Specific Network Requirements
 Guides only require network access to download and use the app. 
@@ -45,15 +45,15 @@ This step is only necessary if your company plans on managing the HoloLens and m
 Please [HoloLens Licenses Requirements](hololens-licenses-requirements)for additional information.
 
 ### 2. Ensure that your company’s users are in Azure Active Directory (Azure AD).
-Instructions for adding users can be found [here](https://docs.microsoft.com/en-us/azure/active-directory/fundamentals/add-users-azure-active-directory).
+Instructions for adding users can be found [here](https://docs.microsoft.com/azure/active-directory/fundamentals/add-users-azure-active-directory).
 
 ### 3. We suggest that users who will be need similar licenses are added to a group.
-1. [Create a Group](https://docs.microsoft.com/en-us/azure/active-directory/fundamentals/active-directory-groups-create-azure-portal) 
+1. [Create a Group](https://docs.microsoft.com/azure/active-directory/fundamentals/active-directory-groups-create-azure-portal) 
 
-2. [Add users to groups](https://docs.microsoft.com/en-us/azure/active-directory/fundamentals/active-directory-groups-members-azure-portal)
+2. [Add users to groups](https://docs.microsoft.com/azure/active-directory/fundamentals/active-directory-groups-members-azure-portal)
 
 ### 4. Ensure that your company’s users (or group of users) are assigned the necessary licenses. 
-Directions for assigning licenses can be found [here](https://docs.microsoft.com/en-us/azure/active-directory/fundamentals/license-users-groups).
+Directions for assigning licenses can be found [here](https://docs.microsoft.com/azure/active-directory/fundamentals/license-users-groups).
 
 ### 5. **IMPORTANT:** Only do this step if users are expected to enroll their HoloLens/Mobile device onto the network. 
 These steps ensure that your company’s users (or a group of users) can add devices.
@@ -74,17 +74,17 @@ These steps ensure that your company’s users (or a group of users) can add dev
 As a note, auto-launching an app does not currently work for HoloLens.
 
 How to Set Up Kiosk Mode Using Microsoft Intune.
-#### 1. Sync Microsoft Store to Intune ([Here](https://docs.microsoft.com/en-us/intune/apps/windows-store-for-business))
+#### 1. Sync Microsoft Store to Intune ([Here](https://docs.microsoft.com/intune/apps/windows-store-for-business))
 
 #### 2.	Check your app settings
 
 1. Log into your Microsoft Store Business account
 1. **Manage** > **Products and Services** > **Apps and Software** > **Select the app you want to sync** > **Private Store Availability** > **Select “Everyone” or “Specific Groups”**
-1.	If you do not see your apps in **Intune** > **Client Apps** > **Apps** , you may have to [sync your apps](https://docs.microsoft.com/en-us/intune/apps/windows-store-for-business#synchronize-apps) again.
+1.	If you do not see your apps in **Intune** > **Client Apps** > **Apps** , you may have to [sync your apps](https://docs.microsoft.com/intune/apps/windows-store-for-business#synchronize-apps) again.
 
 #### 3.	Configuring Kiosk Mode using MDM
 
-Information on configuring Kiosk Mode in Intune can be found [here](https://docs.microsoft.com/en-us/hololens/hololens-kiosk#set-up-kiosk-mode-using-microsoft-intune-or-mdm-windows-10-version-1803)
+Information on configuring Kiosk Mode in Intune can be found [here](https://docs.microsoft.com/hololens/hololens-kiosk#set-up-kiosk-mode-using-microsoft-intune-or-mdm-windows-10-version-1803)
 
  >[!NOTE]
     >You can configure different users to have different Kiosk Mode experiences by using “Azure AD” as the “User logon type”. However, this option is only available in Multi-App kiosk mode. Multi-App kiosk mode will work with only one app as well as multiple apps.
@@ -95,19 +95,19 @@ If you are configuring Kiosk Mode on an MDM other than Intune, please check your
 
 ## Additional Intune Quick Links
 
-1.	[Create Profiles:](https://docs.microsoft.com/en-us/intune/configuration/device-profile-create) Profiles allow you to add and configure settings that will be pushed to the devices in your organization.
+1.	[Create Profiles:](https://docs.microsoft.com/intune/configuration/device-profile-create) Profiles allow you to add and configure settings that will be pushed to the devices in your organization.
 
-1. [CSPs (Confiruration Service Providers)](https://docs.microsoft.com/en-us/windows/client-management/mdm/configuration-service-provider-reference#csps-supported-in-hololens-devices) allows you to create and deploy management settings for the devices on your network. Some CSPs are supported by HoloLens devices. (See the list of CSPs for HoloLens [here](https://docs.microsoft.com/en-us/windows/client-management/mdm/configuration-service-provider-reference#csps-supported-in-hololens-devices).
+1. [CSPs (Configuration Service Providers)](https://docs.microsoft.com/windows/client-management/mdm/configuration-service-provider-reference#csps-supported-in-hololens-devices) allows you to create and deploy management settings for the devices on your network. Some CSPs are supported by HoloLens devices. (See the list of CSPs for HoloLens [here](https://docs.microsoft.com/windows/client-management/mdm/configuration-service-provider-reference#csps-supported-in-hololens-devices).
 
-1.	[Create Compliance Policy](https://docs.microsoft.com/en-us/intune/protect/create-compliance-policy)
+1.	[Create Compliance Policy](https://docs.microsoft.com/intune/protect/create-compliance-policy)
 
-1.	☐  Conditional Access allows/denies mobile devices and mobile applications from accessing company resources. Two documents you may find helpful are [Plan your CA Deployment](https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/plan-conditional-access) and [Best Practices](https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/best-practices).
+1.	☐  Conditional Access allows/denies mobile devices and mobile applications from accessing company resources. Two documents you may find helpful are [Plan your CA Deployment](https://docs.microsoft.com/azure/active-directory/conditional-access/plan-conditional-access) and [Best Practices](https://docs.microsoft.com/azure/active-directory/conditional-access/best-practices).
 
 ## Certificates and Authentication
 ### MDM Certificate Distribution
-If your company requires certificates, Intune supports PKCS, PFX, and SCEP. It is important to understand which certificate is right for your company. Please visit [here](https://docs.microsoft.com/en-us/intune/protect/certificates-configure) to determine which cert is best for you. If you plan to use certs for HoloLens Authentication, PFX or SCEP may be right for you.
+If your company requires certificates, Intune supports PKCS, PFX, and SCEP. It is important to understand which certificate is right for your company. Please visit [here](https://docs.microsoft.com/intune/protect/certificates-configure) to determine which cert is best for you. If you plan to use certs for HoloLens Authentication, PFX or SCEP may be right for you.
 
-Steps for SCEP can be found [here](https://docs.microsoft.com/en-us/intune/protect/certificates-profile-scep).
+Steps for SCEP can be found [here](https://docs.microsoft.com/intune/protect/certificates-profile-scep).
 
 ### Device Certificates
 Certificates can also be added to the HoloLens through package provisioning. Please see [HoloLens Provisioning](hololens-provisioning) for additional information.
diff --git a/devices/hololens/hololens-licenses-requirements.md b/devices/hololens/hololens-licenses-requirements.md
index 6254bd397b..15cc24419f 100644
--- a/devices/hololens/hololens-licenses-requirements.md
+++ b/devices/hololens/hololens-licenses-requirements.md
@@ -22,25 +22,25 @@ If you plan on using a Mobile Device Management system (MDM) to manage your Holo
 
 ## Mobile Device Management (MDM) Licenses Guidance
 
-If you plan on using an MDM other than Intune, an [Azure Active Directory Licenses](https://docs.microsoft.com/en-us/azure/active-directory/fundamentals/active-directory-whatis) is required.
+If you plan on using an MDM other than Intune, an [Azure Active Directory Licenses](https://docs.microsoft.com/azure/active-directory/fundamentals/active-directory-whatis) is required.
 
-If you plan on suing Intune as your MDM, you can acquire an [Enterprise Mobility + Security (EMS) suite (E3 or E5) licenses](https://www.microsoft.com/en-us/microsoft-365/enterprise-mobility-security/compare-plans-and-pricing). **Please note that Azure AD is included in both suites.** 
+If you plan on suing Intune as your MDM, you can acquire an [Enterprise Mobility + Security (EMS) suite (E3 or E5) licenses](https://www.microsoft.com/microsoft-365/enterprise-mobility-security/compare-plans-and-pricing). **Please note that Azure AD is included in both suites.** 
 
 ## Identify the licenses needed for your scenario and products
 
 ### Remote Assist License Requirements
-Make sure you have the required licensing and device. Updated licensing and product requirements can be found [here](https://docs.microsoft.com/en-us/dynamics365/mixed-reality/remote-assist/requirements).
+Make sure you have the required licensing and device. Updated licensing and product requirements can be found [here](https://docs.microsoft.com/dynamics365/mixed-reality/remote-assist/requirements).
 
-1.	[Remote Assist License](https://docs.microsoft.com/en-us/azure/active-directory/fundamentals/active-directory-whatis)
-1.	[Teams Freemium/Teams](https://products.office.com/en-us/microsoft-teams/free)
-1.	[Azure Active Directory (Azure AD) License](https://docs.microsoft.com/en-us/azure/active-directory/fundamentals/active-directory-whatis)
+1.	[Remote Assist License](https://docs.microsoft.com/azure/active-directory/fundamentals/active-directory-whatis)
+1.	[Teams Freemium/Teams](https://products.office.com/microsoft-teams/free)
+1.	[Azure Active Directory (Azure AD) License](https://docs.microsoft.com/azure/active-directory/fundamentals/active-directory-whatis)
 
 ### Guides License Requirements
-Updated licensing and device requirements can be found [here](https://docs.microsoft.com/en-us/dynamics365/mixed-reality/guides/requirements).
+Updated licensing and device requirements can be found [here](https://docs.microsoft.com/dynamics365/mixed-reality/guides/requirements).
 
-1.	[Azure Active Directory (Azure AD) License](https://docs.microsoft.com/en-us/azure/active-directory/fundamentals/active-directory-whatis)
-1.	[Power BI](https://powerbi.microsoft.com/en-us/desktop/)
-1.	[Guides](https://docs.microsoft.com/en-us/dynamics365/mixed-reality/guides/setup)
+1.	[Azure Active Directory (Azure AD) License](https://docs.microsoft.com/azure/active-directory/fundamentals/active-directory-whatis)
+1.	[Power BI](https://powerbi.microsoft.com/desktop/)
+1.	[Guides](https://docs.microsoft.com/dynamics365/mixed-reality/guides/setup)
 
 ### Scenario 1: Kiosk Mode
 If you are not planning to use an MDM to manage your device and you are planning to use a local account or an MSA as the login identity, you will not need any additional licenses. Kiosk mode can be accomplished using a provisioning packages.

From 45b93f0dcaaecdf19e0bfae7ceef83e16a44b124 Mon Sep 17 00:00:00 2001
From: Michael Niehaus <niehaus@live.com>
Date: Fri, 24 Jan 2020 10:50:06 +0000
Subject: [PATCH 47/96] Update existing-devices.md

Edited the note about USMT to indicate that there isn't a good way to do state migration, while maintaining the comment about USMT not supporting AAD Join.
---
 windows/deployment/windows-autopilot/existing-devices.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/deployment/windows-autopilot/existing-devices.md b/windows/deployment/windows-autopilot/existing-devices.md
index a5c02be0ef..60c7ebc084 100644
--- a/windows/deployment/windows-autopilot/existing-devices.md
+++ b/windows/deployment/windows-autopilot/existing-devices.md
@@ -215,7 +215,7 @@ See the following examples.
    - Click **Next**.
 
      >[!NOTE]
-     >The Autopilot for existing devices task sequence will result in an Azure Active Directory Domain (AAD) joined device. The User State Migration Toolkit (USMT) does not support AAD joined or hybrid AAD joined devices.
+     >Because the Autopilot for existing devices task sequence completes while in Windows PE, User State Migration Toolkit (USMT) data migration is not supported as there is no way to restore the user state into the new OS.  Also, the User State Migration Toolkit (USMT) does not support Azure AD-joined devices.
 
 7. On the Include Updates page, choose one of the three available options. This selection is optional.
 8. On the Install applications page, add applications if desired. This is optional.

From 0a3fd6eef4e46efea466aa59bbf058e483b260f1 Mon Sep 17 00:00:00 2001
From: MaratMussabekov <48041687+MaratMussabekov@users.noreply.github.com>
Date: Fri, 24 Jan 2020 16:11:49 +0500
Subject: [PATCH 48/96] Update password-must-meet-complexity-requirements.md

---
 .../password-must-meet-complexity-requirements.md             | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/windows/security/threat-protection/security-policy-settings/password-must-meet-complexity-requirements.md b/windows/security/threat-protection/security-policy-settings/password-must-meet-complexity-requirements.md
index e66ecad727..20fd54f909 100644
--- a/windows/security/threat-protection/security-policy-settings/password-must-meet-complexity-requirements.md
+++ b/windows/security/threat-protection/security-policy-settings/password-must-meet-complexity-requirements.md
@@ -49,7 +49,7 @@ The rules that are included in the Windows Server password complexity requiremen
 
 Enabling the default Passfilt.dll may cause some additional Help Desk calls for locked-out accounts because users might not be used to having passwords that contain characters other than those found in the alphabet. However, this policy setting is liberal enough that all users should be able to abide by the requirements with a minor learning curve.
 
-Additional settings that can be included in a custom Passfilt.dll are the use of non–upper-row characters. Upper-row characters are those typed by pressing and holding the SHIFT key and then pressing any of the keys on the number row of the keyboard (between 1 and 0).
+Additional settings that can be included in a custom Passfilt.dll are the use of non–upper-row characters. Upper-row characters are those typed by pressing and holding the SHIFT key and then pressing any of the keys on the number row of the keyboard (from 1 through 9 and 0).
 
 ### Possible values
 
@@ -100,7 +100,7 @@ When combined with a [Minimum password length](minimum-password-length.md) of 8,
 
 If the default password complexity configuration is retained, additional Help Desk calls for locked-out accounts could occur because users might not be accustomed to passwords that contain non-alphabetical characters, or they might have problems entering passwords that contain accented characters or symbols on keyboards with different layouts. However, all users should be able to comply with the complexity requirement with minimal difficulty.
 
-If your organization has more stringent security requirements, you can create a custom version of the Passfilt.dll file that allows the use of arbitrarily complex password strength rules. For example, a custom password filter might require the use of non-upper-row symbols. (Upper-row symbols are those that require you to press and hold the SHIFT key and then press any of the keys on the number row of the keyboard, between 1 and 0.) A custom password filter might also perform a dictionary check to verify that the proposed password does not contain common dictionary words or fragments.
+If your organization has more stringent security requirements, you can create a custom version of the Passfilt.dll file that allows the use of arbitrarily complex password strength rules. For example, a custom password filter might require the use of non-upper-row symbols. (Upper-row symbols are those that require you to press and hold the SHIFT key and then press any of the keys on the number row of the keyboard, from 1 through 9 and 0.) A custom password filter might also perform a dictionary check to verify that the proposed password does not contain common dictionary words or fragments.
 
 The use of ALT key character combinations can greatly enhance the complexity of a password. However, such stringent password requirements can result in additional Help Desk requests. Alternatively, your organization could consider a requirement for all administrator passwords to use ALT characters in the 0128–0159 range. (ALT characters outside of this range can represent standard alphanumeric characters that would not add additional complexity to the password.)
 

From 06ced32b25aa68b48fc5f324ac99e8097ba918d0 Mon Sep 17 00:00:00 2001
From: John Liu <49762389+ShenLanJohn@users.noreply.github.com>
Date: Fri, 24 Jan 2020 10:34:03 -0800
Subject: [PATCH 49/96] CAT Auto Pulish for Windows Release Messages -
 CAT_AutoPublish_20200124091729 (#1932) (#1933)

Co-authored-by: Direesh Kumar Kandakatla <direek@microsoft.com>

Co-authored-by: Direesh Kumar Kandakatla <direek@microsoft.com>
---
 .../resolved-issues-windows-10-1607.yml            |  4 ++--
 ...es-windows-7-and-windows-server-2008-r2-sp1.yml |  4 ++--
 .../resolved-issues-windows-server-2008-sp2.yml    |  4 ++--
 ...tus-windows-10-1607-and-windows-server-2016.yml |  4 ++--
 ...us-windows-7-and-windows-server-2008-r2-sp1.yml | 14 ++++++++++++--
 .../status-windows-server-2008-sp2.yml             |  4 ++--
 6 files changed, 22 insertions(+), 12 deletions(-)

diff --git a/windows/release-information/resolved-issues-windows-10-1607.yml b/windows/release-information/resolved-issues-windows-10-1607.yml
index b586fa4b0e..829cea21b4 100644
--- a/windows/release-information/resolved-issues-windows-10-1607.yml
+++ b/windows/release-information/resolved-issues-windows-10-1607.yml
@@ -32,7 +32,7 @@ sections:
   - type: markdown
     text: "
       <table border ='0'><tr><td width='65%'>Summary</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>Date resolved</td></tr>
-      <tr><td><div id='61msg'></div><b>Windows may not start on certain Lenovo and Fujitsu laptops with less than 8GB of RAM</b><br>Windows may fail to start on certain Lenovo and Fujitsu laptops that have less than 8 GB of RAM.<br><br><a href = '#61msgdesc'>See details ></a></td><td>OS Build 14393.2608<br><br>November 13, 2018<br><a href ='https://support.microsoft.com/help/4467691' target='_blank'>KB4467691</a></td><td>Resolved External<br></td><td>January 23, 2020 <br>08:10 AM PT</td></tr>
+      <tr><td><div id='61msg'></div><b>Windows may not start on certain Lenovo and Fujitsu laptops with less than 8GB of RAM</b><br>Windows may fail to start on certain Lenovo and Fujitsu laptops that have less than 8 GB of RAM.<br><br><a href = '#61msgdesc'>See details ></a></td><td>OS Build 14393.2608<br><br>November 13, 2018<br><a href ='https://support.microsoft.com/help/4467691' target='_blank'>KB4467691</a></td><td>Resolved External<br></td><td>January 23, 2020 <br>02:08 PM PT</td></tr>
       <tr><td><div id='351msg'></div><b>Intermittent issues when printing</b><br>The print spooler service may intermittently have issues completing a print job and results print job failure.<br><br><a href = '#351msgdesc'>See details ></a></td><td>OS Build 14393.3206<br><br>September 23, 2019<br><a href ='https://support.microsoft.com/help/4522010' target='_blank'>KB4522010</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4519998' target='_blank'>KB4519998</a></td><td>October 08, 2019 <br>10:00 AM PT</td></tr>
       <tr><td><div id='336msg'></div><b>IME may become unresponsive or have High CPU usage</b><br>Some Input Method Editor (IME) including ChsIME.EXE and ChtIME.EXE, may become unresponsive or may have high CPU usage.<br><br><a href = '#336msgdesc'>See details ></a></td><td>OS Build 14393.3204<br><br>September 10, 2019<br><a href ='https://support.microsoft.com/help/4516044' target='_blank'>KB4516044</a></td><td>Resolved<br><a href = '' target='_blank'></a></td><td>September 17, 2019 <br>04:47 PM PT</td></tr>
       <tr><td><div id='301msg'></div><b>Apps and scripts using the NetQueryDisplayInformation API may fail with error</b><br>Applications and scripts that call NetQueryDisplayInformation may fail to return results after the first page of data.<br><br><a href = '#301msgdesc'>See details ></a></td><td>OS Build 14393.3053<br><br>June 18, 2019<br><a href ='https://support.microsoft.com/help/4503294' target='_blank'>KB4503294</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4516044' target='_blank'>KB4516044</a></td><td>September 10, 2019 <br>10:00 AM PT</td></tr>
@@ -89,6 +89,6 @@ sections:
   - type: markdown
     text: "
       <table border ='0'><tr><td width='65%'>Details</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>History</td></tr>
-      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='61msgdesc'></div><b>Windows may not start on certain Lenovo and Fujitsu laptops with less than 8GB of RAM</b><div>After installing <a href=\"https://support.microsoft.com/help/4467691\" rel=\"noopener noreferrer\" target=\"_blank\">KB4467691</a>, Windows may fail to start on certain Lenovo and Fujitsu laptops that have less than 8 GB of RAM.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1607; Windows 10 Enterprise LTSC 2016</li><li>Server: Windows Server 2016</li></ul><div></div><div><strong>Workaround:</strong> Restart the affected machine using the Unified Extensible Firmware Interface (UEFI). Disable Secure Boot and then restart.</div><div><br></div><div>If BitLocker is enabled on your machine, you may have to go through BitLocker recovery after Secure Boot has been disabled.</div><div><br></div><div><strong>Resolution:</strong> Lenovo and Fujitsu are aware of this issue. Please contact your OEM to ask if there is a firmware update available for your device.</div><br><a href ='#61msg'>Back to top</a></td><td>OS Build 14393.2608<br><br>November 13, 2018<br><a href ='https://support.microsoft.com/help/4467691' target='_blank'>KB4467691</a></td><td>Resolved External<br></td><td>Last updated:<br>January 23, 2020 <br>08:10 AM PT<br><br>Opened:<br>November 13, 2018 <br>10:00 AM PT</td></tr>
+      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='61msgdesc'></div><b>Windows may not start on certain Lenovo and Fujitsu laptops with less than 8GB of RAM</b><div>After installing <a href=\"https://support.microsoft.com/help/4467691\" rel=\"noopener noreferrer\" target=\"_blank\">KB4467691</a>, Windows may fail to start on certain Lenovo and Fujitsu laptops that have less than 8 GB of RAM.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1607; Windows 10 Enterprise LTSC 2016</li><li>Server: Windows Server 2016</li></ul><div></div><div><strong>Workaround:</strong> Restart the affected machine using the Unified Extensible Firmware Interface (UEFI). Disable Secure Boot and then restart.</div><div><br></div><div>If BitLocker is enabled on your machine, you may have to go through BitLocker recovery after Secure Boot has been disabled.</div><div><br></div><div><strong>Resolution:</strong> Lenovo and Fujitsu are aware of this issue. Please contact your OEM to ask if there is a firmware update available for your device.</div><br><a href ='#61msg'>Back to top</a></td><td>OS Build 14393.2608<br><br>November 13, 2018<br><a href ='https://support.microsoft.com/help/4467691' target='_blank'>KB4467691</a></td><td>Resolved External<br></td><td>Last updated:<br>January 23, 2020 <br>02:08 PM PT<br><br>Opened:<br>November 13, 2018 <br>10:00 AM PT</td></tr>
       </table>
       "
diff --git a/windows/release-information/resolved-issues-windows-7-and-windows-server-2008-r2-sp1.yml b/windows/release-information/resolved-issues-windows-7-and-windows-server-2008-r2-sp1.yml
index caeed9779b..9856117a73 100644
--- a/windows/release-information/resolved-issues-windows-7-and-windows-server-2008-r2-sp1.yml
+++ b/windows/release-information/resolved-issues-windows-7-and-windows-server-2008-r2-sp1.yml
@@ -32,7 +32,7 @@ sections:
   - type: markdown
     text: "
       <table border ='0'><tr><td width='65%'>Summary</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>Date resolved</td></tr>
-      <tr><td><div id='374msg'></div><b>MSRT might fail to install and be re-offered from Windows Update or WSUS </b><br>The November 2019 update for Windows Malicious Software Removal Tool (MSRT) might fail to install from WU/WSUS.<br><br><a href = '#374msgdesc'>See details ></a></td><td><br><a href ='' target='_blank'></a></td><td>Resolved<br><a href = '' target='_blank'></a></td><td>January 23, 2020 <br>08:10 AM PT</td></tr>
+      <tr><td><div id='374msg'></div><b>MSRT might fail to install and be re-offered from Windows Update or WSUS </b><br>The November 2019 update for Windows Malicious Software Removal Tool (MSRT) might fail to install from WU/WSUS.<br><br><a href = '#374msgdesc'>See details ></a></td><td><br><a href ='' target='_blank'></a></td><td>Resolved<br><a href = '' target='_blank'></a></td><td>January 23, 2020 <br>02:08 PM PT</td></tr>
       <tr><td><div id='351msg'></div><b>Intermittent issues when printing</b><br>The print spooler service may intermittently have issues completing a print job and results print job failure.<br><br><a href = '#351msgdesc'>See details ></a></td><td>September 24, 2019<br><a href ='https://support.microsoft.com/help/4516048' target='_blank'>KB4516048</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4519976' target='_blank'>KB4519976</a></td><td>October 08, 2019 <br>10:00 AM PT</td></tr>
       <tr><td><div id='329msg'></div><b>You may receive an error when opening or using the Toshiba Qosmio AV Center</b><br>Toshiba Qosmio AV Center may error when opening and you may also receive an error in Event Log related to cryptnet.dll.<br><br><a href = '#329msgdesc'>See details ></a></td><td>August 13, 2019<br><a href ='https://support.microsoft.com/help/4512506' target='_blank'>KB4512506</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4516048' target='_blank'>KB4516048</a></td><td>September 24, 2019 <br>10:00 AM PT</td></tr>
       <tr><td><div id='307msg'></div><b>Windows updates that are SHA-2 signed may not be offered for Symantec and Norton AV</b><br>Windows updates that are SHA-2 signed are not available with Symantec or Norton antivirus program installed<br><br><a href = '#307msgdesc'>See details ></a></td><td>August 13, 2019<br><a href ='https://support.microsoft.com/help/4512506' target='_blank'>KB4512506</a></td><td>Resolved External<br></td><td>August 27, 2019 <br>02:29 PM PT</td></tr>
@@ -55,7 +55,7 @@ sections:
   - type: markdown
     text: "
       <table border ='0'><tr><td width='65%'>Details</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>History</td></tr>
-      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='374msgdesc'></div><b>MSRT might fail to install and be re-offered from Windows Update or WSUS </b><div>The November 2019 update for Windows Malicious Software Removal Tool (MSRT) might fail to install from Windows Update (WU), Windows Server Update Services (WSUS) or Configuration Manager and might be re-offered. If you use WU or WSUS, you might also receive the following error in the WindowsUpdate.log, “Misc&nbsp;&nbsp;WARNING: Digital Signatures on file C:\\Windows\\SoftwareDistribution\\Download\\XXXX are not trusted: Error 0x800b0109”. If you use Configuration Manager, you might also receive the following error in the WUAHandler.log, \"Failed to download updates to the WUAgent datastore. Error = 0x800b0109.&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;WUAHandler&nbsp;&nbsp;&nbsp;14/11/2019 16:33:23&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;980 (0x03D4)\". <strong>Note</strong> All Configuration Manager information&nbsp;also applies to System Center Configuration Manager (SCCM) and Microsoft Endpoint Configuration Manager.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 7 SP1</li><li>Server: Windows Server 2008 R2 SP1; Windows Server 2008 SP2</li></ul><div></div><div><strong>Resolution:</strong> This issue was resolved in the December 2019 release of Windows Malicious Software Removal Tool (MSRT).</div><br><a href ='#374msg'>Back to top</a></td><td><br><a href ='' target='_blank'></a></td><td>Resolved<br><a href = '' target='_blank'></a></td><td>Resolved:<br>January 23, 2020 <br>08:10 AM PT<br><br>Opened:<br>November 15, 2019 <br>05:59 PM PT</td></tr>
+      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='374msgdesc'></div><b>MSRT might fail to install and be re-offered from Windows Update or WSUS </b><div>The November 2019 update for Windows Malicious Software Removal Tool (MSRT) might fail to install from Windows Update (WU), Windows Server Update Services (WSUS) or Configuration Manager and might be re-offered. If you use WU or WSUS, you might also receive the following error in the WindowsUpdate.log, “Misc&nbsp;&nbsp;WARNING: Digital Signatures on file C:\\Windows\\SoftwareDistribution\\Download\\XXXX are not trusted: Error 0x800b0109”. If you use Configuration Manager, you might also receive the following error in the WUAHandler.log, \"Failed to download updates to the WUAgent datastore. Error = 0x800b0109.&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;WUAHandler&nbsp;&nbsp;&nbsp;14/11/2019 16:33:23&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;980 (0x03D4)\". <strong>Note</strong> All Configuration Manager information&nbsp;also applies to System Center Configuration Manager (SCCM) and Microsoft Endpoint Configuration Manager.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 7 SP1</li><li>Server: Windows Server 2008 R2 SP1; Windows Server 2008 SP2</li></ul><div></div><div><strong>Resolution:</strong> This issue was resolved in the December 2019 release of Windows Malicious Software Removal Tool (MSRT).</div><br><a href ='#374msg'>Back to top</a></td><td><br><a href ='' target='_blank'></a></td><td>Resolved<br><a href = '' target='_blank'></a></td><td>Resolved:<br>January 23, 2020 <br>02:08 PM PT<br><br>Opened:<br>November 15, 2019 <br>05:59 PM PT</td></tr>
       </table>
       "
 
diff --git a/windows/release-information/resolved-issues-windows-server-2008-sp2.yml b/windows/release-information/resolved-issues-windows-server-2008-sp2.yml
index 47535347c0..8f891fdf1a 100644
--- a/windows/release-information/resolved-issues-windows-server-2008-sp2.yml
+++ b/windows/release-information/resolved-issues-windows-server-2008-sp2.yml
@@ -32,7 +32,7 @@ sections:
   - type: markdown
     text: "
       <table border ='0'><tr><td width='65%'>Summary</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>Date resolved</td></tr>
-      <tr><td><div id='374msg'></div><b>MSRT might fail to install and be re-offered from Windows Update or WSUS </b><br>The November 2019 update for Windows Malicious Software Removal Tool (MSRT) might fail to install from WU/WSUS.<br><br><a href = '#374msgdesc'>See details ></a></td><td><br><a href ='' target='_blank'></a></td><td>Resolved<br><a href = '' target='_blank'></a></td><td>January 23, 2020 <br>08:10 AM PT</td></tr>
+      <tr><td><div id='374msg'></div><b>MSRT might fail to install and be re-offered from Windows Update or WSUS </b><br>The November 2019 update for Windows Malicious Software Removal Tool (MSRT) might fail to install from WU/WSUS.<br><br><a href = '#374msgdesc'>See details ></a></td><td><br><a href ='' target='_blank'></a></td><td>Resolved<br><a href = '' target='_blank'></a></td><td>January 23, 2020 <br>02:08 PM PT</td></tr>
       <tr><td><div id='327msg'></div><b>Issues manually installing updates by double-clicking the .msu file</b><br>You may encounter issues manually installing updates by double-clicking the .msu file and may receive an error.<br><br><a href = '#327msgdesc'>See details ></a></td><td>September 10, 2019<br><a href ='https://support.microsoft.com/help/4474419' target='_blank'>KB4474419</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4474419' target='_blank'>KB4474419</a></td><td>September 23, 2019 <br>10:00 AM PT</td></tr>
       <tr><td><div id='351msg'></div><b>Intermittent issues when printing</b><br>The print spooler service may intermittently have issues completing a print job and results print job failure.<br><br><a href = '#351msgdesc'>See details ></a></td><td>September 24, 2019<br><a href ='https://support.microsoft.com/help/4516030' target='_blank'>KB4516030</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4520002' target='_blank'>KB4520002</a></td><td>October 08, 2019 <br>10:00 AM PT</td></tr>
       <tr><td><div id='252msg'></div><b>Devices starting using PXE from a WDS or SCCM servers may fail to start</b><br>Devices that start up using PXE images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"<br><br><a href = '#252msgdesc'>See details ></a></td><td>June 11, 2019<br><a href ='https://support.microsoft.com/help/4503273' target='_blank'>KB4503273</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4512499' target='_blank'>KB4512499</a></td><td>August 17, 2019 <br>02:00 PM PT</td></tr>
@@ -53,7 +53,7 @@ sections:
   - type: markdown
     text: "
       <table border ='0'><tr><td width='65%'>Details</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>History</td></tr>
-      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='374msgdesc'></div><b>MSRT might fail to install and be re-offered from Windows Update or WSUS </b><div>The November 2019 update for Windows Malicious Software Removal Tool (MSRT) might fail to install from Windows Update (WU), Windows Server Update Services (WSUS) or Configuration Manager and might be re-offered. If you use WU or WSUS, you might also receive the following error in the WindowsUpdate.log, “Misc&nbsp;&nbsp;WARNING: Digital Signatures on file C:\\Windows\\SoftwareDistribution\\Download\\XXXX are not trusted: Error 0x800b0109”. If you use Configuration Manager, you might also receive the following error in the WUAHandler.log, \"Failed to download updates to the WUAgent datastore. Error = 0x800b0109.&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;WUAHandler&nbsp;&nbsp;&nbsp;14/11/2019 16:33:23&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;980 (0x03D4)\". <strong>Note</strong> All Configuration Manager information&nbsp;also applies to System Center Configuration Manager (SCCM) and Microsoft Endpoint Configuration Manager.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 7 SP1</li><li>Server: Windows Server 2008 R2 SP1; Windows Server 2008 SP2</li></ul><div></div><div><strong>Resolution:</strong> This issue was resolved in the December 2019 release of Windows Malicious Software Removal Tool (MSRT).</div><br><a href ='#374msg'>Back to top</a></td><td><br><a href ='' target='_blank'></a></td><td>Resolved<br><a href = '' target='_blank'></a></td><td>Resolved:<br>January 23, 2020 <br>08:10 AM PT<br><br>Opened:<br>November 15, 2019 <br>05:59 PM PT</td></tr>
+      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='374msgdesc'></div><b>MSRT might fail to install and be re-offered from Windows Update or WSUS </b><div>The November 2019 update for Windows Malicious Software Removal Tool (MSRT) might fail to install from Windows Update (WU), Windows Server Update Services (WSUS) or Configuration Manager and might be re-offered. If you use WU or WSUS, you might also receive the following error in the WindowsUpdate.log, “Misc&nbsp;&nbsp;WARNING: Digital Signatures on file C:\\Windows\\SoftwareDistribution\\Download\\XXXX are not trusted: Error 0x800b0109”. If you use Configuration Manager, you might also receive the following error in the WUAHandler.log, \"Failed to download updates to the WUAgent datastore. Error = 0x800b0109.&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;WUAHandler&nbsp;&nbsp;&nbsp;14/11/2019 16:33:23&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;980 (0x03D4)\". <strong>Note</strong> All Configuration Manager information&nbsp;also applies to System Center Configuration Manager (SCCM) and Microsoft Endpoint Configuration Manager.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 7 SP1</li><li>Server: Windows Server 2008 R2 SP1; Windows Server 2008 SP2</li></ul><div></div><div><strong>Resolution:</strong> This issue was resolved in the December 2019 release of Windows Malicious Software Removal Tool (MSRT).</div><br><a href ='#374msg'>Back to top</a></td><td><br><a href ='' target='_blank'></a></td><td>Resolved<br><a href = '' target='_blank'></a></td><td>Resolved:<br>January 23, 2020 <br>02:08 PM PT<br><br>Opened:<br>November 15, 2019 <br>05:59 PM PT</td></tr>
       </table>
       "
 
diff --git a/windows/release-information/status-windows-10-1607-and-windows-server-2016.yml b/windows/release-information/status-windows-10-1607-and-windows-server-2016.yml
index 3dba1c748b..4a3d572494 100644
--- a/windows/release-information/status-windows-10-1607-and-windows-server-2016.yml
+++ b/windows/release-information/status-windows-10-1607-and-windows-server-2016.yml
@@ -60,7 +60,7 @@ sections:
   - type: markdown
     text: "<div>This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.</div><br>
       <table border ='0'><tr><td width='65%'>Summary</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>Last updated</td></tr>
-      <tr><td><div id='61msg'></div><b>Windows may not start on certain Lenovo and Fujitsu laptops with less than 8GB of RAM</b><br>Windows may fail to start on certain Lenovo and Fujitsu laptops that have less than 8 GB of RAM.<br><br><a href = '#61msgdesc'>See details ></a></td><td>OS Build 14393.2608<br><br>November 13, 2018<br><a href ='https://support.microsoft.com/help/4467691' target='_blank'>KB4467691</a></td><td>Resolved External<br></td><td>January 23, 2020 <br>08:10 AM PT</td></tr>
+      <tr><td><div id='61msg'></div><b>Windows may not start on certain Lenovo and Fujitsu laptops with less than 8GB of RAM</b><br>Windows may fail to start on certain Lenovo and Fujitsu laptops that have less than 8 GB of RAM.<br><br><a href = '#61msgdesc'>See details ></a></td><td>OS Build 14393.2608<br><br>November 13, 2018<br><a href ='https://support.microsoft.com/help/4467691' target='_blank'>KB4467691</a></td><td>Resolved External<br></td><td>January 23, 2020 <br>02:08 PM PT</td></tr>
       <tr><td><div id='364msg'></div><b>TLS connections might fail or timeout</b><br>Transport Layer Security (TLS) connections might fail or timeout when connecting or attempting a resumption.<br><br><a href = '#364msgdesc'>See details ></a></td><td>OS Build 14393.3274<br><br>October 08, 2019<br><a href ='https://support.microsoft.com/help/4519998' target='_blank'>KB4519998</a></td><td>Mitigated External<br></td><td>November 05, 2019 <br>03:36 PM PT</td></tr>
       <tr><td><div id='195msg'></div><b>Certain operations performed on a Cluster Shared Volume may fail</b><br>Operations performed on files or folders on a CSV may fail with the error: STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5).<br><br><a href = '#195msgdesc'>See details ></a></td><td>OS Build 14393.2724<br><br>January 08, 2019<br><a href ='https://support.microsoft.com/help/4480961' target='_blank'>KB4480961</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>April 25, 2019 <br>02:00 PM PT</td></tr>
       <tr><td><div id='36msg'></div><b>Cluster service may fail if the minimum password length is set to greater than 14</b><br>The cluster service may fail to start if “Minimum Password Length” is configured with greater than 14 characters.<br><br><a href = '#36msgdesc'>See details ></a></td><td>OS Build 14393.2639<br><br>November 27, 2018<br><a href ='https://support.microsoft.com/help/4467684' target='_blank'>KB4467684</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>April 25, 2019 <br>02:00 PM PT</td></tr>
@@ -97,7 +97,7 @@ sections:
   - type: markdown
     text: "
       <table border ='0'><tr><td width='65%'>Details</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>History</td></tr>
-      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='61msgdesc'></div><b>Windows may not start on certain Lenovo and Fujitsu laptops with less than 8GB of RAM</b><div>After installing <a href=\"https://support.microsoft.com/help/4467691\" rel=\"noopener noreferrer\" target=\"_blank\">KB4467691</a>, Windows may fail to start on certain Lenovo and Fujitsu laptops that have less than 8 GB of RAM.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1607; Windows 10 Enterprise LTSC 2016</li><li>Server: Windows Server 2016</li></ul><div></div><div><strong>Workaround:</strong> Restart the affected machine using the Unified Extensible Firmware Interface (UEFI). Disable Secure Boot and then restart.</div><div><br></div><div>If BitLocker is enabled on your machine, you may have to go through BitLocker recovery after Secure Boot has been disabled.</div><div><br></div><div><strong>Resolution:</strong> Lenovo and Fujitsu are aware of this issue. Please contact your OEM to ask if there is a firmware update available for your device.</div><br><a href ='#61msg'>Back to top</a></td><td>OS Build 14393.2608<br><br>November 13, 2018<br><a href ='https://support.microsoft.com/help/4467691' target='_blank'>KB4467691</a></td><td>Resolved External<br></td><td>Last updated:<br>January 23, 2020 <br>08:10 AM PT<br><br>Opened:<br>November 13, 2018 <br>10:00 AM PT</td></tr>
+      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='61msgdesc'></div><b>Windows may not start on certain Lenovo and Fujitsu laptops with less than 8GB of RAM</b><div>After installing <a href=\"https://support.microsoft.com/help/4467691\" rel=\"noopener noreferrer\" target=\"_blank\">KB4467691</a>, Windows may fail to start on certain Lenovo and Fujitsu laptops that have less than 8 GB of RAM.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1607; Windows 10 Enterprise LTSC 2016</li><li>Server: Windows Server 2016</li></ul><div></div><div><strong>Workaround:</strong> Restart the affected machine using the Unified Extensible Firmware Interface (UEFI). Disable Secure Boot and then restart.</div><div><br></div><div>If BitLocker is enabled on your machine, you may have to go through BitLocker recovery after Secure Boot has been disabled.</div><div><br></div><div><strong>Resolution:</strong> Lenovo and Fujitsu are aware of this issue. Please contact your OEM to ask if there is a firmware update available for your device.</div><br><a href ='#61msg'>Back to top</a></td><td>OS Build 14393.2608<br><br>November 13, 2018<br><a href ='https://support.microsoft.com/help/4467691' target='_blank'>KB4467691</a></td><td>Resolved External<br></td><td>Last updated:<br>January 23, 2020 <br>02:08 PM PT<br><br>Opened:<br>November 13, 2018 <br>10:00 AM PT</td></tr>
       <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='36msgdesc'></div><b>Cluster service may fail if the minimum password length is set to greater than 14</b><div>After installing <a href=\"https://support.microsoft.com/help/4467684\" target=\"_blank\">KB4467684</a>, the cluster service may fail to start with the error \"2245 (NERR_PasswordTooShort)\" if the Group Policy \"Minimum Password Length\" is configured with greater than 14 characters.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1607; Windows 10 Enterprise LTSC 2016</li><li>Server: Windows Server 2016</li></ul><div></div><div><strong>Workaround:</strong> Set the domain default \"Minimum Password Length\" policy to less than or equal to 14 characters.</div><div><br></div><div><strong>Next steps:</strong> Microsoft is working on a resolution and will provide an update in an upcoming release.</div><br><a href ='#36msg'>Back to top</a></td><td>OS Build 14393.2639<br><br>November 27, 2018<br><a href ='https://support.microsoft.com/help/4467684' target='_blank'>KB4467684</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>Last updated:<br>April 25, 2019 <br>02:00 PM PT<br><br>Opened:<br>November 27, 2018 <br>10:00 AM PT</td></tr>
       </table>
       "
diff --git a/windows/release-information/status-windows-7-and-windows-server-2008-r2-sp1.yml b/windows/release-information/status-windows-7-and-windows-server-2008-r2-sp1.yml
index 4a7f56ecb1..f88f58ac4c 100644
--- a/windows/release-information/status-windows-7-and-windows-server-2008-r2-sp1.yml
+++ b/windows/release-information/status-windows-7-and-windows-server-2008-r2-sp1.yml
@@ -60,7 +60,8 @@ sections:
   - type: markdown
     text: "<div>This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.</div><br>
       <table border ='0'><tr><td width='65%'>Summary</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>Last updated</td></tr>
-      <tr><td><div id='374msg'></div><b>MSRT might fail to install and be re-offered from Windows Update or WSUS </b><br>The November 2019 update for Windows Malicious Software Removal Tool (MSRT) might fail to install from WU/WSUS.<br><br><a href = '#374msgdesc'>See details ></a></td><td><br><a href ='' target='_blank'></a></td><td>Resolved<br><a href = '' target='_blank'></a></td><td>January 23, 2020 <br>08:10 AM PT</td></tr>
+      <tr><td><div id='384msg'></div><b>Custom wallpaper displays as black</b><br>Using a custom image set to \"Stretch\" might not display as expected.<br><br><a href = '#384msgdesc'>See details ></a></td><td>January 14, 2020<br><a href ='https://support.microsoft.com/help/4534310' target='_blank'>KB4534310</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>January 24, 2020 <br>09:15 AM PT</td></tr>
+      <tr><td><div id='374msg'></div><b>MSRT might fail to install and be re-offered from Windows Update or WSUS </b><br>The November 2019 update for Windows Malicious Software Removal Tool (MSRT) might fail to install from WU/WSUS.<br><br><a href = '#374msgdesc'>See details ></a></td><td><br><a href ='' target='_blank'></a></td><td>Resolved<br><a href = '' target='_blank'></a></td><td>January 23, 2020 <br>02:08 PM PT</td></tr>
       <tr><td><div id='364msg'></div><b>TLS connections might fail or timeout</b><br>Transport Layer Security (TLS) connections might fail or timeout when connecting or attempting a resumption.<br><br><a href = '#364msgdesc'>See details ></a></td><td>October 08, 2019<br><a href ='https://support.microsoft.com/help/4519976' target='_blank'>KB4519976</a></td><td>Mitigated External<br></td><td>November 05, 2019 <br>03:36 PM PT</td></tr>
       <tr><td><div id='310msg'></div><b>IA64 and x64 devices may fail to start after installing updates</b><br>After installing updates released on or after August 13, 2019, IA64 and x64 devices using EFI Boot may fail to start.<br><br><a href = '#310msgdesc'>See details ></a></td><td>August 13, 2019<br><a href ='https://support.microsoft.com/help/4512506' target='_blank'>KB4512506</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>August 17, 2019 <br>12:59 PM PT</td></tr>
       </table>
@@ -73,12 +74,21 @@ sections:
         <div>
         </div> 
       "
+- title: January 2020
+- items:
+  - type: markdown
+    text: "
+      <table border ='0'><tr><td width='65%'>Details</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>History</td></tr>
+      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='384msgdesc'></div><b>Custom wallpaper displays as black</b><div>After installing <a href='https://support.microsoft.com/help/4534310' target='_blank'>KB4534310</a>, your desktop wallpaper when set to \"Stretch\" might display as black.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 7 SP1</li><li>Server: Windows Server 2008 R2 SP1</li></ul><div></div><div><strong>Workaround:</strong> To mitigate the issue, you can do one of the following:</div><ul><li>Set your custom image to an option other than \"Stretch\", such as “Fill”, “Fit”, “Tile”, or “Center”, or</li><li>Choose a custom wallpaper that matches the resolution of your desktop.</li></ul><div></div><div><strong>Next steps: </strong>We are working on a resolution and estimate a solution will be available in mid-February&nbsp;for organizations who have purchased Windows 7 <a href=\"https://techcommunity.microsoft.com/t5/windows-it-pro-blog/how-to-get-extended-security-updates-for-eligible-windows/ba-p/917807\" target=\"_blank\" rel=\"noopener noreferrer\">Extended Security Updates (ESU)</a>.</div><br><a href ='#384msg'>Back to top</a></td><td>January 14, 2020<br><a href ='https://support.microsoft.com/help/4534310' target='_blank'>KB4534310</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>Last updated:<br>January 24, 2020 <br>09:15 AM PT<br><br>Opened:<br>January 24, 2020 <br>09:15 AM PT</td></tr>
+      </table>
+      "
+
 - title: November 2019
 - items:
   - type: markdown
     text: "
       <table border ='0'><tr><td width='65%'>Details</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>History</td></tr>
-      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='374msgdesc'></div><b>MSRT might fail to install and be re-offered from Windows Update or WSUS </b><div>The November 2019 update for Windows Malicious Software Removal Tool (MSRT) might fail to install from Windows Update (WU), Windows Server Update Services (WSUS) or Configuration Manager and might be re-offered. If you use WU or WSUS, you might also receive the following error in the WindowsUpdate.log, “Misc&nbsp;&nbsp;WARNING: Digital Signatures on file C:\\Windows\\SoftwareDistribution\\Download\\XXXX are not trusted: Error 0x800b0109”. If you use Configuration Manager, you might also receive the following error in the WUAHandler.log, \"Failed to download updates to the WUAgent datastore. Error = 0x800b0109.&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;WUAHandler&nbsp;&nbsp;&nbsp;14/11/2019 16:33:23&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;980 (0x03D4)\". <strong>Note</strong> All Configuration Manager information&nbsp;also applies to System Center Configuration Manager (SCCM) and Microsoft Endpoint Configuration Manager.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 7 SP1</li><li>Server: Windows Server 2008 R2 SP1; Windows Server 2008 SP2</li></ul><div></div><div><strong>Resolution:</strong> This issue was resolved in the December 2019 release of Windows Malicious Software Removal Tool (MSRT).</div><br><a href ='#374msg'>Back to top</a></td><td><br><a href ='' target='_blank'></a></td><td>Resolved<br><a href = '' target='_blank'></a></td><td>Resolved:<br>January 23, 2020 <br>08:10 AM PT<br><br>Opened:<br>November 15, 2019 <br>05:59 PM PT</td></tr>
+      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='374msgdesc'></div><b>MSRT might fail to install and be re-offered from Windows Update or WSUS </b><div>The November 2019 update for Windows Malicious Software Removal Tool (MSRT) might fail to install from Windows Update (WU), Windows Server Update Services (WSUS) or Configuration Manager and might be re-offered. If you use WU or WSUS, you might also receive the following error in the WindowsUpdate.log, “Misc&nbsp;&nbsp;WARNING: Digital Signatures on file C:\\Windows\\SoftwareDistribution\\Download\\XXXX are not trusted: Error 0x800b0109”. If you use Configuration Manager, you might also receive the following error in the WUAHandler.log, \"Failed to download updates to the WUAgent datastore. Error = 0x800b0109.&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;WUAHandler&nbsp;&nbsp;&nbsp;14/11/2019 16:33:23&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;980 (0x03D4)\". <strong>Note</strong> All Configuration Manager information&nbsp;also applies to System Center Configuration Manager (SCCM) and Microsoft Endpoint Configuration Manager.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 7 SP1</li><li>Server: Windows Server 2008 R2 SP1; Windows Server 2008 SP2</li></ul><div></div><div><strong>Resolution:</strong> This issue was resolved in the December 2019 release of Windows Malicious Software Removal Tool (MSRT).</div><br><a href ='#374msg'>Back to top</a></td><td><br><a href ='' target='_blank'></a></td><td>Resolved<br><a href = '' target='_blank'></a></td><td>Resolved:<br>January 23, 2020 <br>02:08 PM PT<br><br>Opened:<br>November 15, 2019 <br>05:59 PM PT</td></tr>
       <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='364msgdesc'></div><b>TLS connections might fail or timeout</b><div>Updates for Windows released October 8, 2019 or later provide protections, tracked by <a href=\"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1318\" rel=\"noopener noreferrer\" target=\"_blank\">CVE-2019-1318</a>, against an attack that could allow unauthorized access to information or data within TLS connections.&nbsp;This type of attack is known as a man-in-the-middle exploit.&nbsp;Windows might fail to connect to TLS clients and servers that do not support Extended Master Secret for resumption (<a href=\"https://tools.ietf.org/html/rfc7627\" rel=\"noopener noreferrer\" target=\"_blank\">RFC 7627</a>). Lack of RFC support might cause one or more of the following errors or logged events:</div><ul><li>\"The request was aborted: Could not create SSL/TLS secure Channel\"</li><li>SCHANNEL event 36887 is logged in the System event log with the description, \"A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 20.​\"</li></ul><div></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1</li><li>Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2</li></ul><div></div><div><br></div><div><strong>Next Steps: </strong>Connections between two devices running any supported version of Windows should not have this issue when fully updated.&nbsp;There is no update for Windows needed for this issue.&nbsp;These changes are required to address a security issue and security compliance. For information, see <a href=\"https://support.microsoft.com/help/4528489\" rel=\"noopener noreferrer\" target=\"_blank\">KB4528489</a>.</div><br><a href ='#364msg'>Back to top</a></td><td>October 08, 2019<br><a href ='https://support.microsoft.com/help/4519976' target='_blank'>KB4519976</a></td><td>Mitigated External<br></td><td>Last updated:<br>November 05, 2019 <br>03:36 PM PT<br><br>Opened:<br>November 05, 2019 <br>03:36 PM PT</td></tr>
       </table>
       "
diff --git a/windows/release-information/status-windows-server-2008-sp2.yml b/windows/release-information/status-windows-server-2008-sp2.yml
index 28cf31facc..2ea115dab7 100644
--- a/windows/release-information/status-windows-server-2008-sp2.yml
+++ b/windows/release-information/status-windows-server-2008-sp2.yml
@@ -60,7 +60,7 @@ sections:
   - type: markdown
     text: "<div>This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.</div><br>
       <table border ='0'><tr><td width='65%'>Summary</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>Last updated</td></tr>
-      <tr><td><div id='374msg'></div><b>MSRT might fail to install and be re-offered from Windows Update or WSUS </b><br>The November 2019 update for Windows Malicious Software Removal Tool (MSRT) might fail to install from WU/WSUS.<br><br><a href = '#374msgdesc'>See details ></a></td><td><br><a href ='' target='_blank'></a></td><td>Resolved<br><a href = '' target='_blank'></a></td><td>January 23, 2020 <br>08:10 AM PT</td></tr>
+      <tr><td><div id='374msg'></div><b>MSRT might fail to install and be re-offered from Windows Update or WSUS </b><br>The November 2019 update for Windows Malicious Software Removal Tool (MSRT) might fail to install from WU/WSUS.<br><br><a href = '#374msgdesc'>See details ></a></td><td><br><a href ='' target='_blank'></a></td><td>Resolved<br><a href = '' target='_blank'></a></td><td>January 23, 2020 <br>02:08 PM PT</td></tr>
       <tr><td><div id='364msg'></div><b>TLS connections might fail or timeout</b><br>Transport Layer Security (TLS) connections might fail or timeout when connecting or attempting a resumption.<br><br><a href = '#364msgdesc'>See details ></a></td><td>October 08, 2019<br><a href ='https://support.microsoft.com/help/4520002' target='_blank'>KB4520002</a></td><td>Mitigated External<br></td><td>November 05, 2019 <br>03:36 PM PT</td></tr>
       </table>
       "
@@ -77,7 +77,7 @@ sections:
   - type: markdown
     text: "
       <table border ='0'><tr><td width='65%'>Details</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>History</td></tr>
-      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='374msgdesc'></div><b>MSRT might fail to install and be re-offered from Windows Update or WSUS </b><div>The November 2019 update for Windows Malicious Software Removal Tool (MSRT) might fail to install from Windows Update (WU), Windows Server Update Services (WSUS) or Configuration Manager and might be re-offered. If you use WU or WSUS, you might also receive the following error in the WindowsUpdate.log, “Misc&nbsp;&nbsp;WARNING: Digital Signatures on file C:\\Windows\\SoftwareDistribution\\Download\\XXXX are not trusted: Error 0x800b0109”. If you use Configuration Manager, you might also receive the following error in the WUAHandler.log, \"Failed to download updates to the WUAgent datastore. Error = 0x800b0109.&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;WUAHandler&nbsp;&nbsp;&nbsp;14/11/2019 16:33:23&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;980 (0x03D4)\". <strong>Note</strong> All Configuration Manager information&nbsp;also applies to System Center Configuration Manager (SCCM) and Microsoft Endpoint Configuration Manager.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 7 SP1</li><li>Server: Windows Server 2008 R2 SP1; Windows Server 2008 SP2</li></ul><div></div><div><strong>Resolution:</strong> This issue was resolved in the December 2019 release of Windows Malicious Software Removal Tool (MSRT).</div><br><a href ='#374msg'>Back to top</a></td><td><br><a href ='' target='_blank'></a></td><td>Resolved<br><a href = '' target='_blank'></a></td><td>Resolved:<br>January 23, 2020 <br>08:10 AM PT<br><br>Opened:<br>November 15, 2019 <br>05:59 PM PT</td></tr>
+      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='374msgdesc'></div><b>MSRT might fail to install and be re-offered from Windows Update or WSUS </b><div>The November 2019 update for Windows Malicious Software Removal Tool (MSRT) might fail to install from Windows Update (WU), Windows Server Update Services (WSUS) or Configuration Manager and might be re-offered. If you use WU or WSUS, you might also receive the following error in the WindowsUpdate.log, “Misc&nbsp;&nbsp;WARNING: Digital Signatures on file C:\\Windows\\SoftwareDistribution\\Download\\XXXX are not trusted: Error 0x800b0109”. If you use Configuration Manager, you might also receive the following error in the WUAHandler.log, \"Failed to download updates to the WUAgent datastore. Error = 0x800b0109.&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;WUAHandler&nbsp;&nbsp;&nbsp;14/11/2019 16:33:23&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;980 (0x03D4)\". <strong>Note</strong> All Configuration Manager information&nbsp;also applies to System Center Configuration Manager (SCCM) and Microsoft Endpoint Configuration Manager.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 7 SP1</li><li>Server: Windows Server 2008 R2 SP1; Windows Server 2008 SP2</li></ul><div></div><div><strong>Resolution:</strong> This issue was resolved in the December 2019 release of Windows Malicious Software Removal Tool (MSRT).</div><br><a href ='#374msg'>Back to top</a></td><td><br><a href ='' target='_blank'></a></td><td>Resolved<br><a href = '' target='_blank'></a></td><td>Resolved:<br>January 23, 2020 <br>02:08 PM PT<br><br>Opened:<br>November 15, 2019 <br>05:59 PM PT</td></tr>
       <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='364msgdesc'></div><b>TLS connections might fail or timeout</b><div>Updates for Windows released October 8, 2019 or later provide protections, tracked by <a href=\"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1318\" rel=\"noopener noreferrer\" target=\"_blank\">CVE-2019-1318</a>, against an attack that could allow unauthorized access to information or data within TLS connections.&nbsp;This type of attack is known as a man-in-the-middle exploit.&nbsp;Windows might fail to connect to TLS clients and servers that do not support Extended Master Secret for resumption (<a href=\"https://tools.ietf.org/html/rfc7627\" rel=\"noopener noreferrer\" target=\"_blank\">RFC 7627</a>). Lack of RFC support might cause one or more of the following errors or logged events:</div><ul><li>\"The request was aborted: Could not create SSL/TLS secure Channel\"</li><li>SCHANNEL event 36887 is logged in the System event log with the description, \"A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 20.​\"</li></ul><div></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1</li><li>Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2</li></ul><div></div><div><br></div><div><strong>Next Steps: </strong>Connections between two devices running any supported version of Windows should not have this issue when fully updated.&nbsp;There is no update for Windows needed for this issue.&nbsp;These changes are required to address a security issue and security compliance. For information, see <a href=\"https://support.microsoft.com/help/4528489\" rel=\"noopener noreferrer\" target=\"_blank\">KB4528489</a>.</div><br><a href ='#364msg'>Back to top</a></td><td>October 08, 2019<br><a href ='https://support.microsoft.com/help/4520002' target='_blank'>KB4520002</a></td><td>Mitigated External<br></td><td>Last updated:<br>November 05, 2019 <br>03:36 PM PT<br><br>Opened:<br>November 05, 2019 <br>03:36 PM PT</td></tr>
       </table>
       "

From 97411f280dcebd685f58ab900f79b27ca03494f7 Mon Sep 17 00:00:00 2001
From: Evan Miller <v-evmill@microsoft.com>
Date: Fri, 24 Jan 2020 13:00:26 -0800
Subject: [PATCH 50/96] Updating Bloom to Start Gesture on Kiosk page

@scooley @yannisle
Updated the terms at top of doc to include new terms for HL2.
Doc also seems suspect of need of overhaul of instruction on need for XML files with Intune but I want to confirm before making those edits.
---
 devices/hololens/hololens-kiosk.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/devices/hololens/hololens-kiosk.md b/devices/hololens/hololens-kiosk.md
index 1ca366ecf5..d0dbb126b7 100644
--- a/devices/hololens/hololens-kiosk.md
+++ b/devices/hololens/hololens-kiosk.md
@@ -20,7 +20,7 @@ In Windows 10, version 1803, you can configure your HoloLens devices to run as m
 
 When HoloLens is configured as a multi-app kiosk, only the allowed apps are available to the user. The benefit of a multi-app kiosk, or fixed-purpose device, is to provide an easy-to-understand experience for individuals by putting in front of them only the things they need to use, and removing from their view the things they don’t need to access. 
 
-Single-app kiosk mode starts the specified app when the user signs in, and restricts the user's ability to launch new apps or change the running app. When single-app kiosk mode is enabled for HoloLens, the bloom gesture and Cortana are disabled, and placed apps aren't shown in the user's surroundings. 
+Single-app kiosk mode starts the specified app when the user signs in, and restricts the user's ability to launch new apps or change the running app. When single-app kiosk mode is enabled for HoloLens, the [start gestures](https://docs.microsoft.com/hololens/hololens2-basic-usage#start-gesture) (including [Bloom](https://docs.microsoft.com/hololens/hololens1-basic-usage) on HoloLens (1st Gen)) and Cortana are disabled, and placed apps aren't shown in the user's surroundings. 
 
 The following table lists the device capabilities in the different kiosk modes.
 

From ba45d82ba8f7bdd7c55edb0927a202a10956b19b Mon Sep 17 00:00:00 2001
From: Yannis Lempidakis <51840946+yannisle@users.noreply.github.com>
Date: Fri, 24 Jan 2020 15:46:46 -0800
Subject: [PATCH 51/96] Changes for proxy URLs

---
 devices/hololens/hololens-offline.md | 129 +++++++++++++++++++++++++--
 1 file changed, 122 insertions(+), 7 deletions(-)

diff --git a/devices/hololens/hololens-offline.md b/devices/hololens/hololens-offline.md
index 6ee4fb35c1..d14743559b 100644
--- a/devices/hololens/hololens-offline.md
+++ b/devices/hololens/hololens-offline.md
@@ -17,13 +17,11 @@ appliesto:
 - HoloLens 2
 ---
 
-# Use HoloLens offline
+Some HoloLens components, apps, and related services transfer data to Microsoft network endpoints. This article lists different endpoints and URLs that need to be whitelisted in your network configuratiion (e.g. proxy or firewall) for those components to be functional.    
 
-HoloLens support a limited set of offline experiences for connectivity conscious customers and for customers who have environmental limits on connectivity.
+# Near-offline setup
 
-## Near-offline setup
-
-HoloLens need a network connection to go through initial device set up.  If your corporate network has network restrictions, the following URLs will need to be available:
+HoloLens supports a limited set of offline experiences for customers who have network environment restrictions. However, HoloLens needs network connection to go through initial device set up and the following URLs have to be enabled:
 
 | Purpose | URL |
 |------|------|
@@ -35,9 +33,126 @@ HoloLens need a network connection to go through initial device set up.  If your
 | MSA | https://login.live.com/ppsecure/inlineconnect.srf?id=80600 |
 | MSA Pin | https://account.live.com/msangc?fl=enroll |
 
-Additional references:
+# Use HoloLens online 
+
+To take full advantage of HoloLens functionality, the following endpoints need to be enabled in your network configuration.
+
+
+| Purpose | URL |
+|------|------|
+| Azure                                               | wd-prod-fe.cloudapp.azure.com                                       |   |   |   
+|                                                     | ris-prod-atm.trafficmanager.net                                     |   |   |   |
+|                                                     | validation-v2.sls.trafficmanager.net                                |   |   |   |
+| Azure AD Multi-Factor Authentication                | https://secure.aadcdn.microsoftonline-p.com                         |   |   |   |
+| Intune and MDM Configurations                       | activation-v2.sls.microsoft.com/*                                   |   |   |   |
+|                                                     | cdn.onenote.net                                                     |   |   |   |
+|                                                     | client.wns.windows.com                                              |   |   |   |
+|                                                     | crl.microsoft.com/pki/crl/*                                         |   |   |   |
+|                                                     | ctldl.windowsupdate.com                                             |   |   |   |
+|                                                     | *displaycatalog.mp.microsoft.com                                    |   |   |   |
+|                                                     | dm3p.wns.windows.com                                                |   |   |   |
+|                                                     | *microsoft.com/pkiops/*                                             |   |   |   |
+|                                                     | ocsp.digicert.com/*                                                 |   |   |   |
+|                                                     | r.manage.microsoft.com                                              |   |   |   |
+|                                                     | tile-service.weather.microsoft.com                                  |   |   |   |
+|                                                     | settings-win.data.microsoft.com                                     |   |   |   |
+| Certificates                                        | activation-v2.sls.microsoft.com/*                                   |   |   |   |
+|                                                     | crl.microsoft.com/pki/crl/*                                         |   |   |   |
+|                                                     | ocsp.digicert.com/*                                                 |   |   |   |
+|                                                     | www.microsoft.com/pkiops/*                                          |   |   |   |
+| Cortana and Search                                  | store-images.*microsoft.com                                         |   |   |   |
+|                                                     | www.bing.com/client                                                 |   |   |   |
+|                                                     | www.bing.com                                                        |   |   |   |
+|                                                     | www.bing.com/proactive                                              |   |   |   |
+|                                                     | www.bing.com/threshold/xls.aspx                                     |   |   |   |
+|                                                     | exo-ring.msedge.net                                                 |   |   |   |
+|                                                     | fp.msedge.net                                                       |   |   |   |
+|                                                     | fp-vp.azureedge.net                                                 |   |   |   |
+|                                                     | odinvzc.azureedge.net                                               |   |   |   |
+|                                                     | spo-ring.msedge.net                                                 |   |   |   |
+| Device Authentication                               | login.live.com*                                                     |   |   |   |
+| Device metadata                                     | dmd.metaservices.microsoft.com                                      |   |   |   |
+| Location                                            | inference.location.live.net                                         |   |   |   |
+|                                                     | location-inference-westus.cloudapp.net                              |   |   |   |
+| Diagnostic Data                                     | v10.events.data.microsoft.com                                       |   |   |   |
+|                                                     | v10.vortex-win.data.microsoft.com/collect/v1                        |   |   |   |
+|                                                     | www.microsoft.com                                                   |   |   |   |
+|                                                     | co4.telecommand.telemetry.microsoft.com                             |   |   |   |
+|                                                     | cs11.wpc.v0cdn.net                                                  |   |   |   |
+|                                                     | cs1137.wpc.gammacdn.net                                             |   |   |   |
+|                                                     | modern.watson.data.microsoft.com*                                   |   |   |   |
+|                                                     | watson.telemetry.microsoft.com                                      |   |   |   |
+| Licensing                                           | licensing.mp.microsoft.com                                          |   |   |   |
+| Microsoft Account                                   | login.msa.akadns6.net                                               |   |   |   |
+|                                                     | us.configsvc1.live.com.akadns.net                                   |   |   |   |
+| Microsoft Edge                                      | iecvlist.microsoft.com                                              |   |   |   |
+| Microsoft forward link redirection service (FWLink) | go.microsoft.com                                                    |   |   |   |
+| Microsoft Store                                     | *.wns.windows.com                                                   |   |   |   |
+|                                                     | storecatalogrevocation.storequality.microsoft.com                   |   |   |   |
+|                                                     | img-prod-cms-rt-microsoft-com*                                      |   |   |   |
+|                                                     | store-images.microsoft.com                                          |   |   |   |
+|                                                     | .md.mp.microsoft.com -- @Ezeugo Anukem this is TLS v1.2 not HTTP(S) |   |   |   |
+|                                                     | *displaycatalog.mp.microsoft.com                                    |   |   |   |
+|                                                     | pti.store.microsoft.com                                             |   |   |   |
+|                                                     | storeedgefd.dsx.mp.microsoft.com                                    |   |   |   |
+|                                                     | markets.books.microsoft.com                                         |   |   |   |
+|                                                     | share.microsoft.com                                                 |   |   |   |
+| Network Connection Status Indicator (NCSI)          | www.msftconnecttest.com*                                            |   |   |   |
+| Office                                              | *.c-msedge.net                                                      |   |   |   |
+|                                                     | *.e-msedge.net                                                      |   |   |   |
+|                                                     | *.s-msedge.net                                                      |   |   |   |
+|                                                     | nexusrules.officeapps.live.com                                      |   |   |   |
+|                                                     | ocos-office365-s2s.msedge.net                                       |   |   |   |
+|                                                     | officeclient.microsoft.com                                          |   |   |   |
+|                                                     | outlook.office365.com                                               |   |   |   |
+|                                                     | client-office365-tas.msedge.net                                     |   |   |   |
+|                                                     | www.office.com                                                      |   |   |   |
+|                                                     | onecollector.cloudapp.aria                                          |   |   |   |
+|                                                     | v10.events.data.microsoft.com/onecollector/1.0/                     |   |   |   |
+|                                                     | self.events.data.microsoft.com                                      |   |   |   |
+|                                                     | to-do.microsoft.com                                                 |   |   |   |
+| OneDrive                                            | g.live.com/1rewlive5skydrive/*                                      |   |   |   |
+|                                                     | msagfx.live.com                                                     |   |   |   |
+|                                                     | oneclient.sfx.ms                                                    |   |   |   |
+| Photos App                                          | evoke-windowsservices-tas.msedge.net                                |   |   |   |
+| Settings                                            | cy2.settings.data.microsoft.com.akadns.net                          |   |   |   |
+|                                                     | settings.data.microsoft.com                                         |   |   |   |
+|                                                     | settings-win.data.microsoft.com                                     |   |   |   |
+| Windows Defender                                    | wdcp.microsoft.com                                                  |   |   |   |
+|                                                     | definitionupdates.microsoft.com                                     |   |   |   |
+|                                                     | go.microsoft.com                                                    |   |   |   |
+|                                                     | *smartscreen.microsoft.com                                          |   |   |   |
+|                                                     | smartscreen-sn3p.smartscreen.microsoft.com                          |   |   |   |
+|                                                     | unitedstates.smartscreen-prod.microsoft.com                         |   |   |   |
+| Windows Spotlight                                   | *.search.msn.com                                                    |   |   |   |
+|                                                     | arc.msn.com                                                         |   |   |   |
+|                                                     | g.msn.com*                                                          |   |   |   |
+|                                                     | query.prod.cms.rt.microsoft.com                                     |   |   |   |
+|                                                     | ris.api.iris.microsoft.com                                          |   |   |   |
+| Windows Update                                      | *.prod.do.dsp.mp.microsoft.com                                      |   |   |   |
+|                                                     | cs9.wac.phicdn.net                                                  |   |   |   |
+|                                                     | emdl.ws.microsoft.com                                               |   |   |   |
+|                                                     | *.dl.delivery.mp.microsoft.com                                      |   |   |   |
+|                                                     | *.windowsupdate.com                                                 |   |   |   |
+|                                                     | *.delivery.mp.microsoft.com                                         |   |   |   |
+|                                                     | *.update.microsoft.com                                              |   |   |   |
+
+
+
+## References
+
+>[!NOTE]
+> If you are deploying D365 Remote Assist, you will have to enable the endpoints on this [list] (https://docs.microsoft.com/en-us/office365/enterprise/urls-and-ip-address-ranges#skype-for-business-online-and-microsoft-teams) 
+
+- [Configure Windows diagnostic data in your organization] (https://docs.microsoft.com/en-us/windows/privacy/configure-windows-diagnostic-data-in-your-organization)
+- [Manage connection endpoints for Windows 10 Enterprise, version 1903] (https://docs.microsoft.com/en-us/windows/privacy/manage-windows-1903-endpoints)
+- [Manage connections from Windows 10 operating system components to Microsoft services] (https://docs.microsoft.com/en-us/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services)
+- [Manage connections from Windows 10 operating system components to Microsoft services using Microsoft Intune MDM Server] (https://docs.microsoft.com/en-us/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-mdm)
+- [Intune network configuration requirements and bandwidth] (https://docs.microsoft.com/en-us/intune/fundamentals/network-bandwidth-use#network-communication-requirements)
+- [Network endpoints for Microsoft Intune] (https://docs.microsoft.com/en-us/intune/fundamentals/intune-endpoints)
+- [Office 365 URLs and IP address ranges] (https://docs.microsoft.com/en-us/office365/enterprise/urls-and-ip-address-ranges)
+- [Prerequisites for Azure AD Connect] (https://docs.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-install-prerequisites)
 
-- [Technical reference for AAD related IP ranges and URLs](https://docs.microsoft.com/office365/enterprise/urls-and-ip-address-ranges)
 
 ## HoloLens limitations
 

From 1863700420456cae08eb6807125901b29225a795 Mon Sep 17 00:00:00 2001
From: Yannis Lempidakis <51840946+yannisle@users.noreply.github.com>
Date: Fri, 24 Jan 2020 15:52:57 -0800
Subject: [PATCH 52/96] Update devices/hololens/hololens-offline.md

Co-Authored-By: Trond B. Krokli <38162891+illfated@users.noreply.github.com>
---
 devices/hololens/hololens-offline.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/devices/hololens/hololens-offline.md b/devices/hololens/hololens-offline.md
index d14743559b..de65b98837 100644
--- a/devices/hololens/hololens-offline.md
+++ b/devices/hololens/hololens-offline.md
@@ -141,7 +141,7 @@ To take full advantage of HoloLens functionality, the following endpoints need t
 
 ## References
 
->[!NOTE]
+> [!NOTE]
 > If you are deploying D365 Remote Assist, you will have to enable the endpoints on this [list] (https://docs.microsoft.com/en-us/office365/enterprise/urls-and-ip-address-ranges#skype-for-business-online-and-microsoft-teams) 
 
 - [Configure Windows diagnostic data in your organization] (https://docs.microsoft.com/en-us/windows/privacy/configure-windows-diagnostic-data-in-your-organization)

From 6db34b9d0ee4f57cb73709a001bb666a9043b373 Mon Sep 17 00:00:00 2001
From: ImranHabib <47118050+joinimran@users.noreply.github.com>
Date: Mon, 27 Jan 2020 12:30:13 +0500
Subject: [PATCH 53/96] Details updation

Updated the note and details to reflect the correct information

Problem: https://github.com/MicrosoftDocs/windows-itpro-docs/issues/5867
---
 .../microsoft-defender-atp/enable-controlled-folders.md       | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/enable-controlled-folders.md b/windows/security/threat-protection/microsoft-defender-atp/enable-controlled-folders.md
index 40cbdce038..1d64f68ed0 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/enable-controlled-folders.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/enable-controlled-folders.md
@@ -101,11 +101,13 @@ Use the [./Vendor/MSFT/Policy/Config/ControlledFolderAccessProtectedFolders](htt
     * **Enable** - Malicious and suspicious apps will not be allowed to make changes to files in protected folders. A notification will be provided in the Windows event log
     * **Disable (Default)** - The Controlled folder access feature will not work. All apps can make changes to files in protected folders.
     * **Audit Mode** - If a malicious or suspicious app attempts to make a change to a file in a protected folder, the change will be allowed but will be recorded in the Windows event log. This allows you to assess the impact of this feature on your organization.
+    * **Block disk modification only** - Attempts by untrusted apps to write to disk sectors. The Windows event log will record these attempts under Applications and Services Logs > Microsoft > Windows > Windows Defender > Operational > ID 1123.
+    * **Audit disk modification only** - Only attempts to write to protected disk sectors will be recorded in the Windows event log (under Applications and Services Logs > Microsoft > Windows > Windows Defender > Operational > ID 1124). Attempts to modify or delete files in protected folders will not be recorded.
 
       ![Screenshot of group policy option with Enabled and then Enable selected in the drop-down](../images/cfa-gp-enable.png)
 
 > [!IMPORTANT]
-> To fully enable controlled folder access, you must set the Group Policy option to **Enabled** and also select **Enable** in the options drop-down menu.
+> To fully enable controlled folder access, you must set the Group Policy option to **Enabled** and select **Block** in the options drop-down menu.
 
 ## PowerShell
 

From b72de47773f741fafe41df5852e239115c65ded3 Mon Sep 17 00:00:00 2001
From: VLG17 <41186174+VLG17@users.noreply.github.com>
Date: Mon, 27 Jan 2020 12:00:04 +0200
Subject: [PATCH 54/96] Add note about firewall and RDP (exclude note about
 Office on VMs)

https://github.com/MicrosoftDocs/windows-itpro-docs/issues/5632
---
 .../threat-protection/microsoft-defender-atp/evaluation-lab.md | 3 ---
 1 file changed, 3 deletions(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/evaluation-lab.md b/windows/security/threat-protection/microsoft-defender-atp/evaluation-lab.md
index 925e7e0ce3..8db207b179 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/evaluation-lab.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/evaluation-lab.md
@@ -130,9 +130,6 @@ You can also use [Advanced hunting](advanced-hunting-query-language.md) to query
 > [!NOTE]
 > The connection to the test machines is done using RDP. Make sure that your firewall settings allow RDP connections.
 
-> [!NOTE]
-> Microsoft Office needs to be installed on the test machines for all the simulations to work.
-
 1. Connect to your machine and run an attack simulation by selecting **Connect**. 
 
     ![Image of the connect button for test machines](images/test-machine-table.png)

From c15ddfcac2e27a4f9367aff01357646de01faae4 Mon Sep 17 00:00:00 2001
From: ImranHabib <47118050+joinimran@users.noreply.github.com>
Date: Mon, 27 Jan 2020 16:46:08 +0500
Subject: [PATCH 55/96] Update
 windows/security/threat-protection/microsoft-defender-atp/enable-controlled-folders.md

Co-Authored-By: Trond B. Krokli <38162891+illfated@users.noreply.github.com>
---
 .../microsoft-defender-atp/enable-controlled-folders.md         | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/enable-controlled-folders.md b/windows/security/threat-protection/microsoft-defender-atp/enable-controlled-folders.md
index 1d64f68ed0..5874f3b38e 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/enable-controlled-folders.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/enable-controlled-folders.md
@@ -104,7 +104,7 @@ Use the [./Vendor/MSFT/Policy/Config/ControlledFolderAccessProtectedFolders](htt
     * **Block disk modification only** - Attempts by untrusted apps to write to disk sectors. The Windows event log will record these attempts under Applications and Services Logs > Microsoft > Windows > Windows Defender > Operational > ID 1123.
     * **Audit disk modification only** - Only attempts to write to protected disk sectors will be recorded in the Windows event log (under Applications and Services Logs > Microsoft > Windows > Windows Defender > Operational > ID 1124). Attempts to modify or delete files in protected folders will not be recorded.
 
-      ![Screenshot of group policy option with Enabled and then Enable selected in the drop-down](../images/cfa-gp-enable.png)
+      ![Screenshot of the group policy option Enabled and Audit Mode selected in the drop-down](../images/cfa-gp-enable.png)
 
 > [!IMPORTANT]
 > To fully enable controlled folder access, you must set the Group Policy option to **Enabled** and select **Block** in the options drop-down menu.

From 4ee9315b85cd44ff9c69e065b18fc093ee30784b Mon Sep 17 00:00:00 2001
From: Payge Winfield <pawinfie@microsoft.com>
Date: Mon, 27 Jan 2020 09:09:09 -0800
Subject: [PATCH 56/96] Typo fixes

---
 devices/hololens/hololens-commercial-infrastructure.md | 2 +-
 devices/hololens/hololens-licenses-requirements.md     | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/devices/hololens/hololens-commercial-infrastructure.md b/devices/hololens/hololens-commercial-infrastructure.md
index e6376ed2ee..7105736b73 100644
--- a/devices/hololens/hololens-commercial-infrastructure.md
+++ b/devices/hololens/hololens-commercial-infrastructure.md
@@ -101,7 +101,7 @@ If you are configuring Kiosk Mode on an MDM other than Intune, please check your
 
 1.	[Create Compliance Policy](https://docs.microsoft.com/intune/protect/create-compliance-policy)
 
-1.	☐  Conditional Access allows/denies mobile devices and mobile applications from accessing company resources. Two documents you may find helpful are [Plan your CA Deployment](https://docs.microsoft.com/azure/active-directory/conditional-access/plan-conditional-access) and [Best Practices](https://docs.microsoft.com/azure/active-directory/conditional-access/best-practices).
+1.	 Conditional Access allows/denies mobile devices and mobile applications from accessing company resources. Two documents you may find helpful are [Plan your CA Deployment](https://docs.microsoft.com/azure/active-directory/conditional-access/plan-conditional-access) and [Best Practices](https://docs.microsoft.com/azure/active-directory/conditional-access/best-practices).
 
 ## Certificates and Authentication
 ### MDM Certificate Distribution
diff --git a/devices/hololens/hololens-licenses-requirements.md b/devices/hololens/hololens-licenses-requirements.md
index 15cc24419f..5f9912ee60 100644
--- a/devices/hololens/hololens-licenses-requirements.md
+++ b/devices/hololens/hololens-licenses-requirements.md
@@ -24,7 +24,7 @@ If you plan on using a Mobile Device Management system (MDM) to manage your Holo
 
 If you plan on using an MDM other than Intune, an [Azure Active Directory Licenses](https://docs.microsoft.com/azure/active-directory/fundamentals/active-directory-whatis) is required.
 
-If you plan on suing Intune as your MDM, you can acquire an [Enterprise Mobility + Security (EMS) suite (E3 or E5) licenses](https://www.microsoft.com/microsoft-365/enterprise-mobility-security/compare-plans-and-pricing). **Please note that Azure AD is included in both suites.** 
+If you plan on using Intune as your MDM, you can acquire an [Enterprise Mobility + Security (EMS) suite (E3 or E5) licenses](https://www.microsoft.com/microsoft-365/enterprise-mobility-security/compare-plans-and-pricing). **Please note that Azure AD is included in both suites.** 
 
 ## Identify the licenses needed for your scenario and products
 

From 3bc9785db4ee010963b75acd7e4d519aa9ba8971 Mon Sep 17 00:00:00 2001
From: Payge Winfield <pawinfie@microsoft.com>
Date: Mon, 27 Jan 2020 09:13:07 -0800
Subject: [PATCH 57/96] Fixed Authoring and Links

---
 devices/hololens/hololens-commercial-infrastructure.md | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/devices/hololens/hololens-commercial-infrastructure.md b/devices/hololens/hololens-commercial-infrastructure.md
index 7105736b73..4170c2e397 100644
--- a/devices/hololens/hololens-commercial-infrastructure.md
+++ b/devices/hololens/hololens-commercial-infrastructure.md
@@ -3,8 +3,8 @@ title: Infrastructure Guidelines for HoloLens
 description: 
 ms.prod: hololens
 ms.sitesec: library
-author: Payge Winfield
-ms.author:
+author: pawinfie
+ms.author: pawinfie
 audience: ITPro
 ms.topic: article
 ms.localizationpriority: high
@@ -42,7 +42,7 @@ Guides only require network access to download and use the app.
 This step is only necessary if your company plans on managing the HoloLens and mixed reality apps.
 
 ### 1. Ensure that you have an Azure AD License. 
-Please [HoloLens Licenses Requirements](hololens-licenses-requirements)for additional information.
+Please [HoloLens Licenses Requirements](hololens-licenses-requirements.md)for additional information.
 
 ### 2. Ensure that your company’s users are in Azure Active Directory (Azure AD).
 Instructions for adding users can be found [here](https://docs.microsoft.com/azure/active-directory/fundamentals/add-users-azure-active-directory).
@@ -110,4 +110,4 @@ If your company requires certificates, Intune supports PKCS, PFX, and SCEP. It i
 Steps for SCEP can be found [here](https://docs.microsoft.com/intune/protect/certificates-profile-scep).
 
 ### Device Certificates
-Certificates can also be added to the HoloLens through package provisioning. Please see [HoloLens Provisioning](hololens-provisioning) for additional information.
+Certificates can also be added to the HoloLens through package provisioning. Please see [HoloLens Provisioning](hololens-provisioning.md) for additional information.

From d1857a1572974344f88e38df7a2bb9ae57f5f347 Mon Sep 17 00:00:00 2001
From: Payge Winfield <pawinfie@microsoft.com>
Date: Mon, 27 Jan 2020 09:30:25 -0800
Subject: [PATCH 58/96] Changed author information

---
 devices/hololens/hololens-commercial-infrastructure.md | 2 +-
 devices/hololens/hololens-licenses-requirements.md     | 6 +++---
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/devices/hololens/hololens-commercial-infrastructure.md b/devices/hololens/hololens-commercial-infrastructure.md
index 4170c2e397..bb42c8d351 100644
--- a/devices/hololens/hololens-commercial-infrastructure.md
+++ b/devices/hololens/hololens-commercial-infrastructure.md
@@ -10,7 +10,7 @@ ms.topic: article
 ms.localizationpriority: high
 ms.date: 1/23/2020
 ms.reviewer: 
-manager: 
+manager: bradke
 appliesto:
 - HoloLens (1st gen)
 - HoloLens 2
diff --git a/devices/hololens/hololens-licenses-requirements.md b/devices/hololens/hololens-licenses-requirements.md
index 5f9912ee60..6d33228879 100644
--- a/devices/hololens/hololens-licenses-requirements.md
+++ b/devices/hololens/hololens-licenses-requirements.md
@@ -3,14 +3,14 @@ title: Licenses for Mixed Reality Deployment
 description: 
 ms.prod: hololens
 ms.sitesec: library
-author: Payge Winfield
-ms.author:
+author: pawinfie
+ms.author: pawinfie
 audience: ITPro
 ms.topic: article
 ms.localizationpriority: high
 ms.date: 1/23/2020
 ms.reviewer: 
-manager: 
+manager: bradke
 appliesto:
 - HoloLens (1st gen)
 - HoloLens 2

From 2505d74067b17f6f5f7f1314f31107ed554bc746 Mon Sep 17 00:00:00 2001
From: John Liu <49762389+ShenLanJohn@users.noreply.github.com>
Date: Mon, 27 Jan 2020 12:17:59 -0800
Subject: [PATCH 59/96] CAT Auto Pulish for Windows Release Messages -
 20200127120903 (#1947)

* update with hybrid support

* CAT Auto Pulish for Windows Release Messages - CAT_AutoPublish_20200127110202 (#1945)

Co-authored-by: Direesh Kumar Kandakatla <direek@microsoft.com>

Co-authored-by: Greg Lindsay <greg.lindsay@microsoft.com>
Co-authored-by: Direesh Kumar Kandakatla <direek@microsoft.com>
---
 .../deployment/windows-autopilot/user-driven.md    |  2 +-
 .../resolved-issues-windows-10-1903.yml            | 14 --------------
 ...us-windows-7-and-windows-server-2008-r2-sp1.yml |  4 ++--
 3 files changed, 3 insertions(+), 17 deletions(-)

diff --git a/windows/deployment/windows-autopilot/user-driven.md b/windows/deployment/windows-autopilot/user-driven.md
index e8fdb8a2c2..45520df78e 100644
--- a/windows/deployment/windows-autopilot/user-driven.md
+++ b/windows/deployment/windows-autopilot/user-driven.md
@@ -28,7 +28,7 @@ Windows Autopilot user-driven mode is designed to enable new Windows 10 devices
 
 After completing those simple steps, the remainder of the process is completely automated, with the device being joined to the organization, enrolled in Intune (or another MDM service), and fully configured as defined by the organization.  Any additional prompts during the Out-of-Box Experience (OOBE) can be suppressed; see [Configuring Autopilot Profiles](profiles.md) for options that are available.
 
-Today, Windows Autopilot user-driven mode supports joining devices to Azure Active Directory.  Support for Hybrid Azure Active Directory Join (with devices joined to an on-premises Active Directory domain) will be available in a future Windows 10 release.  See [Introduction to device management in Azure Active Directory](https://docs.microsoft.com/azure/active-directory/device-management-introduction) for more information about the differences between these two join options.
+Today, Windows Autopilot user-driven mode supports Azure Active Directory and Hybrid Azure Active Directory joined devices.  See [What is a device identity](https://docs.microsoft.com/azure/active-directory/devices/overview) for more information about these two join options.
 
 ## Available user-driven modes
 
diff --git a/windows/release-information/resolved-issues-windows-10-1903.yml b/windows/release-information/resolved-issues-windows-10-1903.yml
index f6f7b30864..0554cb4e28 100644
--- a/windows/release-information/resolved-issues-windows-10-1903.yml
+++ b/windows/release-information/resolved-issues-windows-10-1903.yml
@@ -37,7 +37,6 @@ sections:
       <tr><td><div id='225msg'></div><b>Unable to discover or connect to Bluetooth devices using some Realtek adapters</b><br>Microsoft has identified compatibility issues with some versions of Realtek Bluetooth radio drivers.<br><br><a href = '#225msgdesc'>See details ></a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Resolved External<br></td><td>November 15, 2019 <br>05:59 PM PT</td></tr>
       <tr><td><div id='317msg'></div><b>Updates may fail to install and you may receive Error 0x80073701</b><br>Installation of updates may fail and you may receive error code 0x80073701.<br><br><a href = '#317msgdesc'>See details ></a></td><td>OS Build 18362.145<br><br>May 29, 2019<br><a href ='https://support.microsoft.com/help/4497935' target='_blank'>KB4497935</a></td><td>Resolved<br><a href = '' target='_blank'></a></td><td>November 12, 2019 <br>08:11 AM PT</td></tr>
       <tr><td><div id='228msg'></div><b>Intel Audio displays an intcdaud.sys notification</b><br>Devices with a range of Intel Display Audio device drivers may experience battery drain.<br><br><a href = '#228msgdesc'>See details ></a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Resolved External<br></td><td>November 12, 2019 <br>08:04 AM PT</td></tr>
-      <tr><td><div id='226msg'></div><b>Gamma ramps, color profiles, and night light settings do not apply in some cases</b><br>Microsoft has identified some scenarios where gamma ramps, color profiles and night light settings may stop working.<br><br><a href = '#226msgdesc'>See details ></a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4505903' target='_blank'>KB4505903</a></td><td>July 26, 2019 <br>02:00 PM PT</td></tr>
       <tr><td><div id='358msg'></div><b>Unable to discover or connect to Bluetooth devices using some Qualcomm adapters</b><br>Microsoft has identified compatibility issues with some versions of Qualcomm Bluetooth radio drivers.<br><br><a href = '#358msgdesc'>See details ></a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4517389' target='_blank'>KB4517389</a></td><td>October 08, 2019 <br>10:00 AM PT</td></tr>
       <tr><td><div id='338msg'></div><b>Safeguard on certain devices with some Intel and Broadcom Wi-Fi adapters</b><br>Some devices with Intel Centrino 6205/6235 and Broadcom 802.11ac Wi-Fi cards may experience compatibility issues.<br><br><a href = '#338msgdesc'>See details ></a></td><td>N/A <br><br><a href ='' target='_blank'></a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4522355' target='_blank'>KB4522355</a></td><td>October 24, 2019 <br>10:00 AM PT</td></tr>
       <tr><td><div id='248msg'></div><b>dGPU occasionally disappear from device manager on Surface Book 2</b><br>Some apps or games may close or fail to open on Surface Book 2 devices with Nvidia dGPU.<br><br><a href = '#248msgdesc'>See details ></a></td><td>OS Build 18362.145<br><br>May 29, 2019<br><a href ='https://support.microsoft.com/help/4497935' target='_blank'>KB4497935</a></td><td>Resolved<br><a href = '' target='_blank'></a></td><td>October 18, 2019 <br>04:33 PM PT</td></tr>
@@ -54,8 +53,6 @@ sections:
       <tr><td><div id='236msg'></div><b>Windows Sandbox may fail to start with error code “0x80070002”</b><br>Windows Sandbox may fail to start on devices in which the operating system language was changed between updates.<br><br><a href = '#236msgdesc'>See details ></a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4512941' target='_blank'>KB4512941</a></td><td>August 30, 2019 <br>10:00 AM PT</td></tr>
       <tr><td><div id='252msg'></div><b>Devices starting using PXE from a WDS or SCCM servers may fail to start</b><br>Devices that start up using PXE images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"<br><br><a href = '#252msgdesc'>See details ></a></td><td>OS Build 18362.175<br><br>June 11, 2019<br><a href ='https://support.microsoft.com/help/4503293' target='_blank'>KB4503293</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4512941' target='_blank'>KB4512941</a></td><td>August 30, 2019 <br>10:00 AM PT</td></tr>
       <tr><td><div id='306msg'></div><b>MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices</b><br>You may receive an error on MacOS when trying to access network shares via CIFS or SMBv1 on certain Windows devices.<br><br><a href = '#306msgdesc'>See details ></a></td><td>OS Build 18362.175<br><br>June 11, 2019<br><a href ='https://support.microsoft.com/help/4503293' target='_blank'>KB4503293</a></td><td>Resolved External<br></td><td>August 09, 2019 <br>07:03 PM PT</td></tr>
-      <tr><td><div id='227msg'></div><b>Display brightness may not respond to adjustments</b><br>Devices configured with certain Intel display drivers may experience a driver compatibility issue.<br><br><a href = '#227msgdesc'>See details ></a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4505903' target='_blank'>KB4505903</a></td><td>July 26, 2019 <br>02:00 PM PT</td></tr>
-      <tr><td><div id='249msg'></div><b>RASMAN service may stop working and result in the error “0xc0000005”</b><br>The RASMAN service may stop working with VPN profiles configured as an Always On VPN connection.<br><br><a href = '#249msgdesc'>See details ></a></td><td>OS Build 18362.145<br><br>May 29, 2019<br><a href ='https://support.microsoft.com/help/4497935' target='_blank'>KB4497935</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4505903' target='_blank'>KB4505903</a></td><td>July 26, 2019 <br>02:00 PM PT</td></tr>
       </table>
       "
 
@@ -116,15 +113,6 @@ sections:
       </table>
       "
 
-- title: June 2019
-- items:
-  - type: markdown
-    text: "
-      <table border ='0'><tr><td width='65%'>Details</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>History</td></tr>
-      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='249msgdesc'></div><b>RASMAN service may stop working and result in the error “0xc0000005”</b><div>The Remote Access Connection Manager (RASMAN) service may stop working and you may receive the error “0xc0000005” on devices where the diagnostic data level is manually configured to the non-default setting of 0.&nbsp;You may also receive an error in the<strong> Application section </strong>of <strong>Windows Logs</strong> <strong>in</strong>&nbsp;<strong>Event Viewer&nbsp;</strong>with Event ID 1000 referencing “svchost.exe_RasMan” and “rasman.dll”.</div><div><br></div><div>This issue only occurs when a VPN profile is configured as an Always On VPN (AOVPN) connection with or without device tunnel. This does not affect manual only VPN profiles or connections.</div><div><br></div><div><strong>Affected platforms</strong></div><ul><li>Client: Windows 10, version 1903</li></ul><div></div><div><strong>Resolution:</strong>&nbsp;This issue was resolved in <a href='https://support.microsoft.com/help/4505903' target='_blank'>KB4505903</a>.</div><br><a href ='#249msg'>Back to top</a></td><td>OS Build 18362.145<br><br>May 29, 2019<br><a href ='https://support.microsoft.com/help/4497935' target='_blank'>KB4497935</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4505903' target='_blank'>KB4505903</a></td><td>Resolved:<br>July 26, 2019 <br>02:00 PM PT<br><br>Opened:<br>June 28, 2019 <br>05:01 PM PT</td></tr>
-      </table>
-      "
-
 - title: May 2019
 - items:
   - type: markdown
@@ -133,8 +121,6 @@ sections:
       <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='231msgdesc'></div><b>Intermittent loss of Wi-Fi connectivity</b><div>Some older devices may experience loss of Wi-Fi connectivity due to an outdated Qualcomm driver. An updated Wi-Fi driver should be available from your device manufacturer (OEM).</div><div><br></div><div>To safeguard your upgrade experience, we have applied a hold on devices with affected Qualcomm driver from being offered Windows 10, version 1903 or Windows 10, version 1909, until&nbsp;the updated driver is installed.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1909; Windows 10, version 1903</li></ul><div></div><div><strong>Resolution:&nbsp;</strong>This issue was resolved with an updated Qualcomm Wifi driver and the safeguard hold has been removed. Please note, it can take up to 48 hours before you can update to offered Windows 10, version 1909 or Windows 10, version 1903.</div><br><a href ='#231msg'>Back to top</a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Resolved External<br></td><td>Last updated:<br>November 22, 2019 <br>04:10 PM PT<br><br>Opened:<br>May 21, 2019 <br>07:13 AM PT</td></tr>
       <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='225msgdesc'></div><b>Unable to discover or connect to Bluetooth devices using some Realtek adapters</b><div>Microsoft has identified compatibility issues with some driver versions for Bluetooth radios made by Realtek. To safeguard your update experience, we have applied a compatibility hold on devices with affected driver versions for Realtek Bluetooth radios from being offered Windows 10, version 1903 or Windows Server, version 1903 until the driver has been updated.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1909; Windows 10, version 1903</li><li>Server: Windows 10, version 1909; Windows Server, version 1903</li></ul><div></div><div><strong>Resolution:&nbsp;</strong>This issue was resolved with an updated driver for the affected Realtek Bluetooth radio and the safeguard hold has been removed. Please note, it can take up to 48 hours before you can update to offered Windows 10, version 1909 or Windows 10, version 1903.</div><br><a href ='#225msg'>Back to top</a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Resolved External<br></td><td>Last updated:<br>November 15, 2019 <br>05:59 PM PT<br><br>Opened:<br>May 21, 2019 <br>07:29 AM PT</td></tr>
       <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='228msgdesc'></div><b>Intel Audio displays an intcdaud.sys notification</b><div>Microsoft and Intel have identified an issue with a range of Intel Display Audio device drivers that may result in higher than normal battery drain.&nbsp;If you see an <strong>intcdaud.sys</strong> notification or “What needs your attention” notification when trying to update to Windows 10, version 1903, you have an affected Intel Audio Display device driver installed on your machine (intcdaud.sys, versions 10.25.0.3 through 10.25.0.8).</div><div>&nbsp;&nbsp;</div><div>To safeguard your update experience, we have applied a compatibility hold on devices with drivers from being offered Windows 10, version 1903 until&nbsp;updated device drivers have been installed.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903; Windows 10, version 1809</li></ul><div></div><div><strong>Resolution:&nbsp;</strong>This issue was resolved with updated drivers from your device manufacturer (OEM) or Intel. The safeguard hold has been removed.</div><div><br></div><div><strong>Note </strong>If you are still experiencing the issue described, please contact your device manufacturer (OEM).</div><br><a href ='#228msg'>Back to top</a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Resolved External<br></td><td>Last updated:<br>November 12, 2019 <br>08:04 AM PT<br><br>Opened:<br>May 21, 2019 <br>07:22 AM PT</td></tr>
-      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='226msgdesc'></div><b>Gamma ramps, color profiles, and night light settings do not apply in some cases</b><div>Microsoft has identified some scenarios where gamma ramps, color profiles and night light settings may stop working.</div><div><br></div><div>Microsoft has identified some scenarios in which these features may have issues or stop working, for example:</div><ul><li>Connecting to (or disconnecting from) an external monitor, dock, or projector</li><li>Rotating the screen</li><li>Updating display drivers or making other display mode changes</li><li>Closing full screen applications</li><li>Applying custom color profiles</li><li>Running applications that rely on custom gamma ramps</li></ul><div></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903</li></ul><div></div><div><strong>Resolution:&nbsp;</strong>This issue was resolved in&nbsp;<a href='https://support.microsoft.com/help/4505903' target='_blank'>KB4505903</a> and the safeguard hold has been removed.</div><br><a href ='#226msg'>Back to top</a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4505903' target='_blank'>KB4505903</a></td><td>Resolved:<br>July 26, 2019 <br>02:00 PM PT<br><br>Opened:<br>May 21, 2019 <br>07:28 AM PT</td></tr>
       <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='236msgdesc'></div><b>Windows Sandbox may fail to start with error code “0x80070002”</b><div>Windows Sandbox may fail to start with \"ERROR_FILE_NOT_FOUND (0x80070002)\" on devices in which the operating system language is changed during the update process when installing Windows 10, version 1903.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903</li></ul><div></div><div><strong>Resolution:</strong>&nbsp;This issue was resolved in <a href='https://support.microsoft.com/help/4512941' target='_blank'>KB4512941</a>.</div><br><a href ='#236msg'>Back to top</a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4512941' target='_blank'>KB4512941</a></td><td>Resolved:<br>August 30, 2019 <br>10:00 AM PT<br><br>Opened:<br>May 24, 2019 <br>04:20 PM PT</td></tr>
-      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='227msgdesc'></div><b>Display brightness may not respond to adjustments</b><div>Microsoft and Intel have identified a driver compatibility issue on devices configured with certain Intel display drivers. After updating to Windows 10, version 1903, brightness settings may sometime appear as if changes applied took effect, yet the actual display brightness doesn't change.</div><div><br></div><div>To safeguard your update experience, we have applied a compatibility hold on devices with certain Intel drivers from being offered Windows 10, version 1903, until&nbsp;this issue is resolved.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903</li></ul><div></div><div><strong>Resolution:&nbsp;</strong>This issue was resolved in <a href='https://support.microsoft.com/help/4505903' target='_blank'>KB4505903</a> and the safeguard hold has been removed. Please ensure you have applied the resolving update before attempting to update to the Windows 10 May 2019 Update (version 1903). Please note, it can take up to 48 hours for the safeguard to be removed.</div><br><a href ='#227msg'>Back to top</a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4505903' target='_blank'>KB4505903</a></td><td>Resolved:<br>July 26, 2019 <br>02:00 PM PT<br><br>Opened:<br>May 21, 2019 <br>07:56 AM PT</td></tr>
       </table>
       "
diff --git a/windows/release-information/status-windows-7-and-windows-server-2008-r2-sp1.yml b/windows/release-information/status-windows-7-and-windows-server-2008-r2-sp1.yml
index f88f58ac4c..1db3c602ad 100644
--- a/windows/release-information/status-windows-7-and-windows-server-2008-r2-sp1.yml
+++ b/windows/release-information/status-windows-7-and-windows-server-2008-r2-sp1.yml
@@ -60,7 +60,7 @@ sections:
   - type: markdown
     text: "<div>This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.</div><br>
       <table border ='0'><tr><td width='65%'>Summary</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>Last updated</td></tr>
-      <tr><td><div id='384msg'></div><b>Custom wallpaper displays as black</b><br>Using a custom image set to \"Stretch\" might not display as expected.<br><br><a href = '#384msgdesc'>See details ></a></td><td>January 14, 2020<br><a href ='https://support.microsoft.com/help/4534310' target='_blank'>KB4534310</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>January 24, 2020 <br>09:15 AM PT</td></tr>
+      <tr><td><div id='384msg'></div><b>Custom wallpaper displays as black</b><br>Using a custom image set to \"Stretch\" might not display as expected.<br><br><a href = '#384msgdesc'>See details ></a></td><td>January 14, 2020<br><a href ='https://support.microsoft.com/help/4534310' target='_blank'>KB4534310</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>January 26, 2020 <br>06:01 PM PT</td></tr>
       <tr><td><div id='374msg'></div><b>MSRT might fail to install and be re-offered from Windows Update or WSUS </b><br>The November 2019 update for Windows Malicious Software Removal Tool (MSRT) might fail to install from WU/WSUS.<br><br><a href = '#374msgdesc'>See details ></a></td><td><br><a href ='' target='_blank'></a></td><td>Resolved<br><a href = '' target='_blank'></a></td><td>January 23, 2020 <br>02:08 PM PT</td></tr>
       <tr><td><div id='364msg'></div><b>TLS connections might fail or timeout</b><br>Transport Layer Security (TLS) connections might fail or timeout when connecting or attempting a resumption.<br><br><a href = '#364msgdesc'>See details ></a></td><td>October 08, 2019<br><a href ='https://support.microsoft.com/help/4519976' target='_blank'>KB4519976</a></td><td>Mitigated External<br></td><td>November 05, 2019 <br>03:36 PM PT</td></tr>
       <tr><td><div id='310msg'></div><b>IA64 and x64 devices may fail to start after installing updates</b><br>After installing updates released on or after August 13, 2019, IA64 and x64 devices using EFI Boot may fail to start.<br><br><a href = '#310msgdesc'>See details ></a></td><td>August 13, 2019<br><a href ='https://support.microsoft.com/help/4512506' target='_blank'>KB4512506</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>August 17, 2019 <br>12:59 PM PT</td></tr>
@@ -79,7 +79,7 @@ sections:
   - type: markdown
     text: "
       <table border ='0'><tr><td width='65%'>Details</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>History</td></tr>
-      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='384msgdesc'></div><b>Custom wallpaper displays as black</b><div>After installing <a href='https://support.microsoft.com/help/4534310' target='_blank'>KB4534310</a>, your desktop wallpaper when set to \"Stretch\" might display as black.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 7 SP1</li><li>Server: Windows Server 2008 R2 SP1</li></ul><div></div><div><strong>Workaround:</strong> To mitigate the issue, you can do one of the following:</div><ul><li>Set your custom image to an option other than \"Stretch\", such as “Fill”, “Fit”, “Tile”, or “Center”, or</li><li>Choose a custom wallpaper that matches the resolution of your desktop.</li></ul><div></div><div><strong>Next steps: </strong>We are working on a resolution and estimate a solution will be available in mid-February&nbsp;for organizations who have purchased Windows 7 <a href=\"https://techcommunity.microsoft.com/t5/windows-it-pro-blog/how-to-get-extended-security-updates-for-eligible-windows/ba-p/917807\" target=\"_blank\" rel=\"noopener noreferrer\">Extended Security Updates (ESU)</a>.</div><br><a href ='#384msg'>Back to top</a></td><td>January 14, 2020<br><a href ='https://support.microsoft.com/help/4534310' target='_blank'>KB4534310</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>Last updated:<br>January 24, 2020 <br>09:15 AM PT<br><br>Opened:<br>January 24, 2020 <br>09:15 AM PT</td></tr>
+      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='384msgdesc'></div><b>Custom wallpaper displays as black</b><div>After installing <a href='https://support.microsoft.com/help/4534310' target='_blank'>KB4534310</a>, your desktop wallpaper when set to \"Stretch\" might display as black.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 7 SP1</li><li>Server: Windows Server 2008 R2 SP1</li></ul><div></div><div><strong>Workaround:</strong> To mitigate the issue, you can do one of the following:</div><ul><li>Set your custom image to an option other than \"Stretch\", such as “Fill”, “Fit”, “Tile”, or “Center”, or</li><li>Choose a custom wallpaper that matches the resolution of your desktop.</li></ul><div></div><div><strong>Next steps: </strong>We are working on a resolution and estimate a solution will be available mid-February, which will be released to all customers running Windows 7 and Windows Server 2008 R2 SP1.</div><br><a href ='#384msg'>Back to top</a></td><td>January 14, 2020<br><a href ='https://support.microsoft.com/help/4534310' target='_blank'>KB4534310</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>Last updated:<br>January 26, 2020 <br>06:01 PM PT<br><br>Opened:<br>January 24, 2020 <br>09:15 AM PT</td></tr>
       </table>
       "
 

From ecf43e471fcdb4f2bbf8cb71ca5ae1598f50ad3e Mon Sep 17 00:00:00 2001
From: Yannis Lempidakis <51840946+yannisle@users.noreply.github.com>
Date: Mon, 27 Jan 2020 15:57:38 -0800
Subject: [PATCH 60/96] Update hololens-offline.md

---
 devices/hololens/hololens-offline.md | 27 +++++++++++++--------------
 1 file changed, 13 insertions(+), 14 deletions(-)

diff --git a/devices/hololens/hololens-offline.md b/devices/hololens/hololens-offline.md
index de65b98837..aecf36fd16 100644
--- a/devices/hololens/hololens-offline.md
+++ b/devices/hololens/hololens-offline.md
@@ -1,5 +1,5 @@
 ---
-title: Use HoloLens offline
+title: Manage connection endpoints for HoloLens 
 description: To set up HoloLens, you'll need to connect to a Wi-Fi network
 keywords: hololens, offline, OOBE
 audience: ITPro
@@ -19,7 +19,7 @@ appliesto:
 
 Some HoloLens components, apps, and related services transfer data to Microsoft network endpoints. This article lists different endpoints and URLs that need to be whitelisted in your network configuratiion (e.g. proxy or firewall) for those components to be functional.    
 
-# Near-offline setup
+## Near-offline setup
 
 HoloLens supports a limited set of offline experiences for customers who have network environment restrictions. However, HoloLens needs network connection to go through initial device set up and the following URLs have to be enabled:
 
@@ -33,7 +33,7 @@ HoloLens supports a limited set of offline experiences for customers who have ne
 | MSA | https://login.live.com/ppsecure/inlineconnect.srf?id=80600 |
 | MSA Pin | https://account.live.com/msangc?fl=enroll |
 
-# Use HoloLens online 
+## Use HoloLens online 
 
 To take full advantage of HoloLens functionality, the following endpoints need to be enabled in your network configuration.
 
@@ -91,7 +91,7 @@ To take full advantage of HoloLens functionality, the following endpoints need t
 |                                                     | storecatalogrevocation.storequality.microsoft.com                   |   |   |   |
 |                                                     | img-prod-cms-rt-microsoft-com*                                      |   |   |   |
 |                                                     | store-images.microsoft.com                                          |   |   |   |
-|                                                     | .md.mp.microsoft.com -- @Ezeugo Anukem this is TLS v1.2 not HTTP(S) |   |   |   |
+|                                                     | .md.mp.microsoft.com                                                |   |   |
 |                                                     | *displaycatalog.mp.microsoft.com                                    |   |   |   |
 |                                                     | pti.store.microsoft.com                                             |   |   |   |
 |                                                     | storeedgefd.dsx.mp.microsoft.com                                    |   |   |   |
@@ -142,16 +142,15 @@ To take full advantage of HoloLens functionality, the following endpoints need t
 ## References
 
 > [!NOTE]
-> If you are deploying D365 Remote Assist, you will have to enable the endpoints on this [list] (https://docs.microsoft.com/en-us/office365/enterprise/urls-and-ip-address-ranges#skype-for-business-online-and-microsoft-teams) 
-
-- [Configure Windows diagnostic data in your organization] (https://docs.microsoft.com/en-us/windows/privacy/configure-windows-diagnostic-data-in-your-organization)
-- [Manage connection endpoints for Windows 10 Enterprise, version 1903] (https://docs.microsoft.com/en-us/windows/privacy/manage-windows-1903-endpoints)
-- [Manage connections from Windows 10 operating system components to Microsoft services] (https://docs.microsoft.com/en-us/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services)
-- [Manage connections from Windows 10 operating system components to Microsoft services using Microsoft Intune MDM Server] (https://docs.microsoft.com/en-us/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-mdm)
-- [Intune network configuration requirements and bandwidth] (https://docs.microsoft.com/en-us/intune/fundamentals/network-bandwidth-use#network-communication-requirements)
-- [Network endpoints for Microsoft Intune] (https://docs.microsoft.com/en-us/intune/fundamentals/intune-endpoints)
-- [Office 365 URLs and IP address ranges] (https://docs.microsoft.com/en-us/office365/enterprise/urls-and-ip-address-ranges)
-- [Prerequisites for Azure AD Connect] (https://docs.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-install-prerequisites)
+> If you are deploying D365 Remote Assist, you will have to enable the endpoints on this [list](https://docs.microsoft.com/office365/enterprise/urls-and-ip-address-ranges#skype-for-business-online-and-microsoft-teams) 
+- [Configure Windows diagnostic data in your organization](https://docs.microsoft.com/windows/privacy/configure-windows-diagnostic-data-in-your-organization)
+- [Manage connection endpoints for Windows 10 Enterprise, version 1903](https://docs.microsoft.com/windows/privacy/manage-windows-1903-endpoints)
+- [Manage connections from Windows 10 operating system components to Microsoft services](https://docs.microsoft.com/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services)
+- [Manage connections from Windows 10 operating system components to Microsoft services using Microsoft Intune MDM Server](https://docs.microsoft.com/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-mdm)
+- [Intune network configuration requirements and bandwidth](https://docs.microsoft.com/intune/fundamentals/network-bandwidth-use#network-communication-requirements)
+- [Network endpoints for Microsoft Intune](https://docs.microsoft.com/intune/fundamentals/intune-endpoints)
+- [Office 365 URLs and IP address ranges](https://docs.microsoft.com/office365/enterprise/urls-and-ip-address-ranges)
+- [Prerequisites for Azure AD Connect](https://docs.microsoft.com/azure/active-directory/hybrid/how-to-connect-install-prerequisites)
 
 
 ## HoloLens limitations

From 76d875391e2e243a0e9071897fa2586b3cc4a371 Mon Sep 17 00:00:00 2001
From: ImranHabib <47118050+joinimran@users.noreply.github.com>
Date: Tue, 28 Jan 2020 05:45:34 +0500
Subject: [PATCH 61/96] Update
 windows/security/threat-protection/microsoft-defender-atp/enable-controlled-folders.md

Co-Authored-By: Trond B. Krokli <38162891+illfated@users.noreply.github.com>
---
 .../microsoft-defender-atp/enable-controlled-folders.md         | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/enable-controlled-folders.md b/windows/security/threat-protection/microsoft-defender-atp/enable-controlled-folders.md
index 5874f3b38e..b112db0822 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/enable-controlled-folders.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/enable-controlled-folders.md
@@ -101,7 +101,7 @@ Use the [./Vendor/MSFT/Policy/Config/ControlledFolderAccessProtectedFolders](htt
     * **Enable** - Malicious and suspicious apps will not be allowed to make changes to files in protected folders. A notification will be provided in the Windows event log
     * **Disable (Default)** - The Controlled folder access feature will not work. All apps can make changes to files in protected folders.
     * **Audit Mode** - If a malicious or suspicious app attempts to make a change to a file in a protected folder, the change will be allowed but will be recorded in the Windows event log. This allows you to assess the impact of this feature on your organization.
-    * **Block disk modification only** - Attempts by untrusted apps to write to disk sectors. The Windows event log will record these attempts under Applications and Services Logs > Microsoft > Windows > Windows Defender > Operational > ID 1123.
+    * **Block disk modification only** - Attempts by untrusted apps to write to disk sectors will be logged in Windows Event log. These logs can be found in **Applications and Services Logs** > Microsoft > Windows > Windows Defender > Operational > ID 1123.
     * **Audit disk modification only** - Only attempts to write to protected disk sectors will be recorded in the Windows event log (under Applications and Services Logs > Microsoft > Windows > Windows Defender > Operational > ID 1124). Attempts to modify or delete files in protected folders will not be recorded.
 
       ![Screenshot of the group policy option Enabled and Audit Mode selected in the drop-down](../images/cfa-gp-enable.png)

From a30b298dc381238f74efbf932975bf183aef240d Mon Sep 17 00:00:00 2001
From: ImranHabib <47118050+joinimran@users.noreply.github.com>
Date: Tue, 28 Jan 2020 05:45:56 +0500
Subject: [PATCH 62/96] Update
 windows/security/threat-protection/microsoft-defender-atp/enable-controlled-folders.md

Co-Authored-By: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com>
---
 .../microsoft-defender-atp/enable-controlled-folders.md         | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/enable-controlled-folders.md b/windows/security/threat-protection/microsoft-defender-atp/enable-controlled-folders.md
index b112db0822..b4ab6ff563 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/enable-controlled-folders.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/enable-controlled-folders.md
@@ -102,7 +102,7 @@ Use the [./Vendor/MSFT/Policy/Config/ControlledFolderAccessProtectedFolders](htt
     * **Disable (Default)** - The Controlled folder access feature will not work. All apps can make changes to files in protected folders.
     * **Audit Mode** - If a malicious or suspicious app attempts to make a change to a file in a protected folder, the change will be allowed but will be recorded in the Windows event log. This allows you to assess the impact of this feature on your organization.
     * **Block disk modification only** - Attempts by untrusted apps to write to disk sectors will be logged in Windows Event log. These logs can be found in **Applications and Services Logs** > Microsoft > Windows > Windows Defender > Operational > ID 1123.
-    * **Audit disk modification only** - Only attempts to write to protected disk sectors will be recorded in the Windows event log (under Applications and Services Logs > Microsoft > Windows > Windows Defender > Operational > ID 1124). Attempts to modify or delete files in protected folders will not be recorded.
+    * **Audit disk modification only** - Only attempts to write to protected disk sectors will be recorded in the Windows event log (under **Applications and Services Logs** > **Microsoft** > **Windows** > **Windows Defender** > **Operational** > **ID 1124**). Attempts to modify or delete files in protected folders will not be recorded.
 
       ![Screenshot of the group policy option Enabled and Audit Mode selected in the drop-down](../images/cfa-gp-enable.png)
 

From 6cd020755d20f5104d8e3f72b513babeb454f11f Mon Sep 17 00:00:00 2001
From: VLG17 <41186174+VLG17@users.noreply.github.com>
Date: Tue, 28 Jan 2020 12:09:34 +0200
Subject: [PATCH 63/96] Note about request hash vs certificate hash.

https://github.com/MicrosoftDocs/windows-itpro-docs/issues/5657
---
 .../hello-for-business/hello-hybrid-key-whfb-settings-pki.md   | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/windows/security/identity-protection/hello-for-business/hello-hybrid-key-whfb-settings-pki.md b/windows/security/identity-protection/hello-for-business/hello-hybrid-key-whfb-settings-pki.md
index 41d11386b2..bbe8176263 100644
--- a/windows/security/identity-protection/hello-for-business/hello-hybrid-key-whfb-settings-pki.md
+++ b/windows/security/identity-protection/hello-for-business/hello-hybrid-key-whfb-settings-pki.md
@@ -55,6 +55,9 @@ Sign-in a certificate authority or management workstations with _Domain Admin_ e
 7. On the **Cryptography** tab, select **Key Storage Provider** from the **Provider Category** list.  Select **RSA** from the **Algorithm name** list.  Type **2048** in the **Minimum key size** text box.  Select **SHA256** from the **Request hash** list.  Click **OK**. 
 8. Close the console.
 
+>[!NOTE]
+>Don't confuse the **Request hash** algorithm with the hash argorithm of the certificate.
+
 #### Configure Certificate Superseding for the Domain Controller Authentication (Kerberos) Certificate Template
 
 Many domain controllers may have an existing domain controller certificate.  The Active Directory Certificate Services provides a default certificate template for domain controllers--the domain controller certificate template.  Later releases provided a new certificate template--the domain controller authentication certificate template.  These certificate templates were provided prior to update of the Kerberos specification that stated Key Distribution Centers (KDCs) performing certificate authentication needed to include the **KDC Authentication** extension.  

From ef9954826439bfe4c4bb2959d357cb27b8a8ee83 Mon Sep 17 00:00:00 2001
From: VLG17 <41186174+VLG17@users.noreply.github.com>
Date: Tue, 28 Jan 2020 13:00:02 +0200
Subject: [PATCH 64/96] add info about newer Operating Systems

https://github.com/MicrosoftDocs/windows-itpro-docs/issues/5672
---
 ...onfigure-encryption-types-allowed-for-kerberos.md | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/windows/security/threat-protection/security-policy-settings/network-security-configure-encryption-types-allowed-for-kerberos.md b/windows/security/threat-protection/security-policy-settings/network-security-configure-encryption-types-allowed-for-kerberos.md
index 1ada850d3b..37700da3a6 100644
--- a/windows/security/threat-protection/security-policy-settings/network-security-configure-encryption-types-allowed-for-kerberos.md
+++ b/windows/security/threat-protection/security-policy-settings/network-security-configure-encryption-types-allowed-for-kerberos.md
@@ -20,7 +20,7 @@ ms.date: 04/19/2017
 # Network security: Configure encryption types allowed for Kerberos
 
 **Applies to**
--   Windows 10
+-   Windows 2000 Server, Windows XP, Windows Server 2003, Windows Vista, Windows 7, Windows 8, Windows 8.1, Windows 10, Windows Server 2008, Windows Server 2008 R2, Windows Server 2012, Windows Server 2012 R2
 
 Describes the best practices, location, values and security considerations for the **Network security: Configure encryption types allowed for Kerberos** security policy setting.
 
@@ -35,11 +35,11 @@ The following table lists and explains the allowed encryption types.
  
 | Encryption type | Description and version support |
 | - | - |
-| DES_CBC_CRC | Data Encryption Standard with Cipher Block Chaining using the Cyclic Redundancy Check function<br/>Supported in Windows 2000 Server, Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008. The Windows 7, Windows 10 and Windows Server 2008 R2 operating systems do not support DES by default. |
-| DES_CBC_MD5| Data Encryption Standard with Cipher Block Chaining using the Message-Digest algorithm 5 checksum function<br/>Supported in Windows 2000 Server, Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008. The Windows 7, Windows 10 and Windows Server 2008 R2 operating systems do not support DES by default. |
-| RC4_HMAC_MD5| Rivest Cipher 4 with Hashed Message Authentication Code using the Message-Digest algorithm 5 checksum function<br/>Supported in Windows 2000 Server, Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, Windows 10 and Windows Server 2008 R2.|
-| AES128_HMAC_SHA1| Advanced Encryption Standard in 128 bit cipher block with Hashed Message Authentication Code using the Secure Hash Algorithm (1).<br/>Not supported in Windows 2000 Server, Windows XP, or Windows Server 2003. Supported in Windows Vista, Windows Server 2008, Windows 7, Windows 10 and Windows Server 2008 R2. |
-| AES256_HMAC_SHA1| Advanced Encryption Standard in 256 bit cipher block with Hashed Message Authentication Code using the Secure Hash Algorithm (1).<br/>Not supported in Windows 2000 Server, Windows XP, or Windows Server 2003. Supported in Windows Vista, Windows Server 2008, Windows 7, Windows 10 and Windows Server 2008 R2. |
+| DES_CBC_CRC | Data Encryption Standard with Cipher Block Chaining using the Cyclic Redundancy Check function<br/>Supported in Windows 2000 Server, Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008. The Windows 7, Windows 10, Windows Server 2008 R2 and later operating systems do not support DES by default. |
+| DES_CBC_MD5| Data Encryption Standard with Cipher Block Chaining using the Message-Digest algorithm 5 checksum function<br/>Supported in Windows 2000 Server, Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008. The Windows 7, Windows 10, Windows Server 2008 R2 and later operating systems do not support DES by default. |
+| RC4_HMAC_MD5| Rivest Cipher 4 with Hashed Message Authentication Code using the Message-Digest algorithm 5 checksum function<br/>Supported in Windows 2000 Server, Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, Windows 10, Windows Server 2008 R2, Windows Server 2012 and Windows Server 2012 R2.|
+| AES128_HMAC_SHA1| Advanced Encryption Standard in 128 bit cipher block with Hashed Message Authentication Code using the Secure Hash Algorithm (1).<br/>Not supported in Windows 2000 Server, Windows XP, or Windows Server 2003. Supported in Windows Vista, Windows Server 2008, Windows 7, Windows 10, Windows Server 2008 R2, Windows Server 2012 and Windows Server 2012 R2. |
+| AES256_HMAC_SHA1| Advanced Encryption Standard in 256 bit cipher block with Hashed Message Authentication Code using the Secure Hash Algorithm (1).<br/>Not supported in Windows 2000 Server, Windows XP, or Windows Server 2003. Supported in Windows Vista, Windows Server 2008, Windows 7, Windows 10, Windows Server 2008 R2, Windows Server 2012 and Windows Server 2012 R2. |
 | Future encryption types| Reserved by Microsoft for additional encryption types that might be implemented.|
 
 ### Possible values

From 66f1092f83b2c64a3337fb646fe14e48ef17e8bc Mon Sep 17 00:00:00 2001
From: VARADHARAJAN K <3296790+RAJU2529@users.noreply.github.com>
Date: Tue, 28 Jan 2020 18:04:47 +0530
Subject: [PATCH 65/96] removed invalid link and replaced by new link

as per user report #5870.So  i removed invalid link  and replaced  new link

removed link
*https://go.microsoft.com/fwlink/?LinkID=158931*

added new link
*https://www.microsoft.com/en-us/download/details.aspx?id=13975*
---
 mdop/agpm/resources-for-agpm.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/mdop/agpm/resources-for-agpm.md b/mdop/agpm/resources-for-agpm.md
index 3ebc42e3e4..36935b703f 100644
--- a/mdop/agpm/resources-for-agpm.md
+++ b/mdop/agpm/resources-for-agpm.md
@@ -19,7 +19,7 @@ ms.date: 08/30/2016
 
 ### Documents for download
 
--   [Advanced Group Policy Management 4.0 documents](https://go.microsoft.com/fwlink/?LinkID=158931)
+-   [Advanced Group Policy Management 4.0 documents](https://www.microsoft.com/en-us/download/details.aspx?id=139751)
 
 ### Microsoft Desktop Optimization Pack resources
 

From 9d47e5e81da88ee8f5cd5d10665eef1e68b0d977 Mon Sep 17 00:00:00 2001
From: VARADHARAJAN K <3296790+RAJU2529@users.noreply.github.com>
Date: Tue, 28 Jan 2020 20:09:55 +0530
Subject: [PATCH 66/96] removed the video configuration file, added new link

its my own issue ,  i added below link

*https://www.youtube.com/embed/KYVptkpsOqs*
---
 .../windows-autopilot/windows-autopilot-requirements.md    | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/windows/deployment/windows-autopilot/windows-autopilot-requirements.md b/windows/deployment/windows-autopilot/windows-autopilot-requirements.md
index b93eba2709..338d548271 100644
--- a/windows/deployment/windows-autopilot/windows-autopilot-requirements.md
+++ b/windows/deployment/windows-autopilot/windows-autopilot-requirements.md
@@ -121,8 +121,11 @@ Specific scenarios will then have additional requirements.  Generally, there are
 See [Windows Autopilot Scenarios](windows-autopilot-scenarios.md) for additional details.
 
 For a walkthrough for some of these and related steps, see this video:
-<br>&nbsp;<br>
-<iframe width="560" height="315" src="https://www.youtube-nocookie.com/embed/KYVptkpsOqs" frameborder="0" allow="autoplay; encrypted-media" allowfullscreen></iframe> 
+
+</br>
+
+<iframe width="560" height="315" src="https://www.youtube.com/embed/KYVptkpsOqs" frameborder="0" allow="accelerometer; autoplay; encrypted-media" gyroscope; picture-in-picture" allowfullscreen></iframe>
+
 
 There are no additional hardware requirements to use Windows 10 Autopilot, beyond the [requirements to run Windows 10](https://www.microsoft.com/windows/windows-10-specifications).
 

From 0ab4ea1297c765e1b631a8b4f1aa73356131237e Mon Sep 17 00:00:00 2001
From: John Liu <49762389+ShenLanJohn@users.noreply.github.com>
Date: Tue, 28 Jan 2020 10:10:18 -0800
Subject: [PATCH 67/96] CAT Auto Pulish for Windows Release Messages -
 CAT_AutoPublish_20200128080053 (#1952) (#1953)

Co-authored-by: Direesh Kumar Kandakatla <direek@microsoft.com>

Co-authored-by: Direesh Kumar Kandakatla <direek@microsoft.com>
---
 .../status-windows-7-and-windows-server-2008-r2-sp1.yml       | 4 ++--
 windows/release-information/windows-message-center.yml        | 1 +
 2 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/windows/release-information/status-windows-7-and-windows-server-2008-r2-sp1.yml b/windows/release-information/status-windows-7-and-windows-server-2008-r2-sp1.yml
index 1db3c602ad..a5cd7e2724 100644
--- a/windows/release-information/status-windows-7-and-windows-server-2008-r2-sp1.yml
+++ b/windows/release-information/status-windows-7-and-windows-server-2008-r2-sp1.yml
@@ -60,7 +60,7 @@ sections:
   - type: markdown
     text: "<div>This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.</div><br>
       <table border ='0'><tr><td width='65%'>Summary</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>Last updated</td></tr>
-      <tr><td><div id='384msg'></div><b>Custom wallpaper displays as black</b><br>Using a custom image set to \"Stretch\" might not display as expected.<br><br><a href = '#384msgdesc'>See details ></a></td><td>January 14, 2020<br><a href ='https://support.microsoft.com/help/4534310' target='_blank'>KB4534310</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>January 26, 2020 <br>06:01 PM PT</td></tr>
+      <tr><td><div id='384msg'></div><b>Custom wallpaper displays as black</b><br>Using a custom image set to \"Stretch\" might not display as expected.<br><br><a href = '#384msgdesc'>See details ></a></td><td>January 14, 2020<br><a href ='https://support.microsoft.com/help/4534310' target='_blank'>KB4534310</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>January 27, 2020 <br>12:27 PM PT</td></tr>
       <tr><td><div id='374msg'></div><b>MSRT might fail to install and be re-offered from Windows Update or WSUS </b><br>The November 2019 update for Windows Malicious Software Removal Tool (MSRT) might fail to install from WU/WSUS.<br><br><a href = '#374msgdesc'>See details ></a></td><td><br><a href ='' target='_blank'></a></td><td>Resolved<br><a href = '' target='_blank'></a></td><td>January 23, 2020 <br>02:08 PM PT</td></tr>
       <tr><td><div id='364msg'></div><b>TLS connections might fail or timeout</b><br>Transport Layer Security (TLS) connections might fail or timeout when connecting or attempting a resumption.<br><br><a href = '#364msgdesc'>See details ></a></td><td>October 08, 2019<br><a href ='https://support.microsoft.com/help/4519976' target='_blank'>KB4519976</a></td><td>Mitigated External<br></td><td>November 05, 2019 <br>03:36 PM PT</td></tr>
       <tr><td><div id='310msg'></div><b>IA64 and x64 devices may fail to start after installing updates</b><br>After installing updates released on or after August 13, 2019, IA64 and x64 devices using EFI Boot may fail to start.<br><br><a href = '#310msgdesc'>See details ></a></td><td>August 13, 2019<br><a href ='https://support.microsoft.com/help/4512506' target='_blank'>KB4512506</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>August 17, 2019 <br>12:59 PM PT</td></tr>
@@ -79,7 +79,7 @@ sections:
   - type: markdown
     text: "
       <table border ='0'><tr><td width='65%'>Details</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>History</td></tr>
-      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='384msgdesc'></div><b>Custom wallpaper displays as black</b><div>After installing <a href='https://support.microsoft.com/help/4534310' target='_blank'>KB4534310</a>, your desktop wallpaper when set to \"Stretch\" might display as black.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 7 SP1</li><li>Server: Windows Server 2008 R2 SP1</li></ul><div></div><div><strong>Workaround:</strong> To mitigate the issue, you can do one of the following:</div><ul><li>Set your custom image to an option other than \"Stretch\", such as “Fill”, “Fit”, “Tile”, or “Center”, or</li><li>Choose a custom wallpaper that matches the resolution of your desktop.</li></ul><div></div><div><strong>Next steps: </strong>We are working on a resolution and estimate a solution will be available mid-February, which will be released to all customers running Windows 7 and Windows Server 2008 R2 SP1.</div><br><a href ='#384msg'>Back to top</a></td><td>January 14, 2020<br><a href ='https://support.microsoft.com/help/4534310' target='_blank'>KB4534310</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>Last updated:<br>January 26, 2020 <br>06:01 PM PT<br><br>Opened:<br>January 24, 2020 <br>09:15 AM PT</td></tr>
+      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='384msgdesc'></div><b>Custom wallpaper displays as black</b><div>After installing <a href='https://support.microsoft.com/help/4534310' target='_blank'>KB4534310</a>, your desktop wallpaper when set to \"Stretch\" might display as black.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 7 SP1</li><li>Server: Windows Server 2008 R2 SP1</li></ul><div></div><div><strong>Workaround:</strong> To mitigate the issue, you can do one of the following:</div><ul><li>Set your custom image to an option other than \"Stretch\", such as “Fill”, “Fit”, “Tile”, or “Center”, or</li><li>Choose a custom wallpaper that matches the resolution of your desktop.</li></ul><div></div><div><strong>Next steps: </strong>We are working on a resolution and estimate a solution will be available mid-February, which will be released to all customers running Windows 7 and Windows Server 2008 R2 SP1.</div><br><a href ='#384msg'>Back to top</a></td><td>January 14, 2020<br><a href ='https://support.microsoft.com/help/4534310' target='_blank'>KB4534310</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>Last updated:<br>January 27, 2020 <br>12:27 PM PT<br><br>Opened:<br>January 24, 2020 <br>09:15 AM PT</td></tr>
       </table>
       "
 
diff --git a/windows/release-information/windows-message-center.yml b/windows/release-information/windows-message-center.yml
index 671d2a1748..7cd86d392d 100644
--- a/windows/release-information/windows-message-center.yml
+++ b/windows/release-information/windows-message-center.yml
@@ -50,6 +50,7 @@ sections:
     text: "
       <table border ='0'><tr><td width='80%'>Message</td><td width='20%'>Date</td></tr>
       
+      <tr><td id='385'><a href = 'https://support.microsoft.com/help/4532695' target='_blank'><b>January 2020 Windows 10, version 1909 \"D\" optional release is available.</b></a><a class='docon docon-link heading-anchor' aria-labelledby='385' href='#385'></a><br><div>The January<strong> </strong>2020 optional monthly “D” release for Windows 10, version 1909 and Windows 10, version 1903 is now available. For more information on the different types of monthly quality updates, see our <a href=\"https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Windows-10-update-servicing-cadence/ba-p/222376\" rel=\"noopener noreferrer\" target=\"_blank\">Windows 10 update servicing cadence primer</a>. Follow&nbsp;<a href=\"https://twitter.com/windowsupdate\" rel=\"noopener noreferrer\" target=\"_blank\">@WindowsUpdate</a>&nbsp;for the latest on the availability of this release.</div></td><td>January 28, 2020 <br>08:00 AM PT</td></tr>
       <tr><td id='383'><b>January 2020 Windows \"C\" optional release is available.</b><a class='docon docon-link heading-anchor' aria-labelledby='383' href='#383'></a><br><div>The January 2020 optional monthly “C” release for all supported versions of Windows is now available. For more information on the different types of monthly quality updates, see our <a href=\"https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Windows-10-update-servicing-cadence/ba-p/222376\" rel=\"noopener noreferrer\" target=\"_blank\">Windows 10 update servicing cadence primer</a>. Follow&nbsp;<a href=\"https://twitter.com/windowsupdate\" rel=\"noopener noreferrer\" target=\"_blank\">@WindowsUpdate</a>&nbsp;for the latest on the availability of this release.</div></td><td>January 23, 2020 <br>12:00 PM PT</td></tr>
       <tr><td id='382'><a href = 'https://www.microsoft.com/en-us/microsoft-365/blog/2020/01/14/windows-7-support-ends-today-and-windows-10-is-better-than-ever/' target='_blank'><b>Windows 7 has reached end of support</b></a><a class='docon docon-link heading-anchor' aria-labelledby='382' href='#382'></a><br><div>Windows&nbsp;7 reached end of support on January 14, 2020. If your organization has&nbsp;not yet been able to complete your transition from Windows 7 to Windows 10, and want to continue to receive security updates while you complete your upgrade projects, please read <a href=\"https://techcommunity.microsoft.com/t5/windows-it-pro-blog/how-to-get-extended-security-updates-for-eligible-windows/ba-p/917807\" rel=\"noopener noreferrer\" target=\"_blank\">How to get Extended Security Updates for eligible Windows devices</a>. For more information on end of service dates for currently supported versions of Windows 10, see the&nbsp;<a href=\"https://support.microsoft.com/help/13853/windows-lifecycle-fact-sheet\" rel=\"noopener noreferrer\" target=\"_blank\">Windows lifecycle fact sheet</a>.</div></td><td>January 15, 2020 <br>10:00 AM PT</td></tr>
       <tr><td id='379'><a href = 'https://support.microsoft.com/help/4528760' target='_blank'><b>Take action: January 2020 security update available for all supported versions of Windows</b></a><a class='docon docon-link heading-anchor' aria-labelledby='379' href='#379'></a><br><div>The January 2020 security update release, referred to as our “B” release, is now available for Windows 10, version 1909 and all supported versions of Windows. We recommend that you install these updates promptly. For more information on the different types of monthly quality updates, see our <a href=\"https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Windows-10-update-servicing-cadence/ba-p/222376\" rel=\"noopener noreferrer\" target=\"_blank\">Windows 10 update servicing cadence primer</a>. To be informed about the latest updates and releases, follow us on Twitter&nbsp;<a href=\"https://twitter.com/windowsupdate\" rel=\"noopener noreferrer\" target=\"_blank\">@WindowsUpdate</a>.</div></td><td>January 14, 2020 <br>08:00 AM PT</td></tr>

From ecdd8296eb7e69e0efb8c9cf5e14814fa7897ca7 Mon Sep 17 00:00:00 2001
From: Denise Vangel-MSFT <deniseb@microsoft.com>
Date: Tue, 28 Jan 2020 10:51:58 -0800
Subject: [PATCH 68/96] Update resources-for-agpm.md

---
 mdop/agpm/resources-for-agpm.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/mdop/agpm/resources-for-agpm.md b/mdop/agpm/resources-for-agpm.md
index 36935b703f..bd2fe5372b 100644
--- a/mdop/agpm/resources-for-agpm.md
+++ b/mdop/agpm/resources-for-agpm.md
@@ -19,7 +19,7 @@ ms.date: 08/30/2016
 
 ### Documents for download
 
--   [Advanced Group Policy Management 4.0 documents](https://www.microsoft.com/en-us/download/details.aspx?id=139751)
+-   [Advanced Group Policy Management 4.0 documents](https://www.microsoft.com/download/details.aspx?id=13975)
 
 ### Microsoft Desktop Optimization Pack resources
 

From 5c9a9a1bb5a0d7aea1ca5c86c0060b59e9c70364 Mon Sep 17 00:00:00 2001
From: Yannis Lempidakis <51840946+yannisle@users.noreply.github.com>
Date: Tue, 28 Jan 2020 11:08:38 -0800
Subject: [PATCH 69/96] Update hololens-offline.md

---
 devices/hololens/hololens-offline.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/devices/hololens/hololens-offline.md b/devices/hololens/hololens-offline.md
index aecf36fd16..4c468667f9 100644
--- a/devices/hololens/hololens-offline.md
+++ b/devices/hololens/hololens-offline.md
@@ -33,9 +33,9 @@ HoloLens supports a limited set of offline experiences for customers who have ne
 | MSA | https://login.live.com/ppsecure/inlineconnect.srf?id=80600 |
 | MSA Pin | https://account.live.com/msangc?fl=enroll |
 
-## Use HoloLens online 
+## Endpoint configuration
 
-To take full advantage of HoloLens functionality, the following endpoints need to be enabled in your network configuration.
+In addition to the list above, to take full advantage of HoloLens functionality, the following endpoints need to be enabled in your network configuration.
 
 
 | Purpose | URL |

From b1d47dada5bdb8a6c9f62902686e68a7b181292b Mon Sep 17 00:00:00 2001
From: Payge Winfield <pawinfie@microsoft.com>
Date: Tue, 28 Jan 2020 12:44:21 -0800
Subject: [PATCH 70/96] changed image file name

---
 .../hololens/hololens-commercial-infrastructure.md  |   4 ++--
 .../images/{AzureAD1.PNG => azure-ad-image.PNG}     | Bin
 2 files changed, 2 insertions(+), 2 deletions(-)
 rename devices/hololens/images/{AzureAD1.PNG => azure-ad-image.PNG} (100%)

diff --git a/devices/hololens/hololens-commercial-infrastructure.md b/devices/hololens/hololens-commercial-infrastructure.md
index bb42c8d351..ad23e185ee 100644
--- a/devices/hololens/hololens-commercial-infrastructure.md
+++ b/devices/hololens/hololens-commercial-infrastructure.md
@@ -36,7 +36,7 @@ Make sure that these ports and URLs are allowed on your network firewall. This w
 1. Make sure that these ports and URLs are allowed on your network firewall. This will enable Microsoft Teams to function. The latest list can be found [here](https://docs.microsoft.com/office365/enterprise/urls-and-ip-address-ranges#skype-for-business-online-and-microsoft-teams).
 
 ### Guides Specific Network Requirements
-Guides only require network access to download and use the app. 
+Guides only require network access to download and use the app.
 
 ## Azure Active Directory Guidance
 This step is only necessary if your company plans on managing the HoloLens and mixed reality apps.
@@ -64,7 +64,7 @@ These steps ensure that your company’s users (or a group of users) can add dev
 1.	Option 2: Give selected users/groups permission to join devices to Azure AD
 **Sign in to the Azure portal as an administrator** > **Azure Active Directory** > **Devices** > **Device Settings** >
 **Set Users may join devices to Azure AD to *Selected***
-![Image that shows Configuration of Azure AD Joined Devices](images/AzureAD1.png)
+![Image that shows Configuration of Azure AD Joined Devices](images/azure-ad-image.png)
 
 1.	Option 3: You can block all users from joining their devices to the domain. This means that all devices will need to be manually enrolled by your IT department. 
 
diff --git a/devices/hololens/images/AzureAD1.PNG b/devices/hololens/images/azure-ad-image.PNG
similarity index 100%
rename from devices/hololens/images/AzureAD1.PNG
rename to devices/hololens/images/azure-ad-image.PNG

From 4bc100eecdc82bc9e7cbacc8f8f7bab74107bf84 Mon Sep 17 00:00:00 2001
From: John Kaiser <35939694+CoveMiner@users.noreply.github.com>
Date: Thu, 30 Jan 2020 15:45:02 -1000
Subject: [PATCH 71/96] Update
 enable-surface-keyboard-for-windows-pe-deployment.md

Moves some note info to procedure.
---
 .../enable-surface-keyboard-for-windows-pe-deployment.md    | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

diff --git a/devices/surface/enable-surface-keyboard-for-windows-pe-deployment.md b/devices/surface/enable-surface-keyboard-for-windows-pe-deployment.md
index d8b89bcd23..4169a48f4c 100644
--- a/devices/surface/enable-surface-keyboard-for-windows-pe-deployment.md
+++ b/devices/surface/enable-surface-keyboard-for-windows-pe-deployment.md
@@ -98,9 +98,6 @@ To support Surface Laptop 3 with Intel Processor, import the following folders:
 - SurfaceUpdate\SurfaceSerialHub
 - SurfaceUpdate\SurfaceHotPlug
 - SurfaceUpdate\Itouch
-   
-> [!NOTE]
-> For Surface Laptop 3 with Intel processor, the model is Surface Laptop 3. The remaining Surface Laptop drivers are located in the \MDT Deployment Share\Out-of-Box Drivers\Windows10\X64\Surface Laptop 3 folder.
 
 6. Verify that the WindowsPEX64 folder now contains the imported drivers. The folder should resemble the following:  
 
@@ -120,7 +117,8 @@ To support Surface Laptop 3 with Intel Processor, import the following folders:
 
 9. Verify that you have configured the remaining Surface Laptop drivers by using either a selection profile or a **DriverGroup001** variable.  
    - For Surface Laptop (1st Gen), the model is **Surface Laptop**. The remaining Surface Laptop drivers should reside in the \MDT Deployment Share\Out-of-Box Drivers\Windows10\X64\Surface Laptop folder as shown in the figure that follows this list.
-   - For Surface Laptop 2, the model is **Surface Laptop 2**. The remaining Surface Laptop drivers should reside in the \MDT Deployment Share\Out-of-Box Drivers\Windows10\X64\Surface Laptop 2 folder.  
+   - For Surface Laptop 2, the model is **Surface Laptop 2**. The remaining Surface Laptop drivers should reside in the \MDT Deployment Share\Out-of-Box Drivers\Windows10\X64\Surface Laptop 2 folder. 
+   - For Surface Laptop 3 with Intel processor, the model is Surface Laptop 3. The remaining Surface Laptop drivers are located in the \MDT Deployment Share\Out-of-Box Drivers\Windows10\X64\Surface Laptop 3 folder.
 
    ![Image that shows the regular Surface Laptop (1st Gen) drivers in the Surface Laptop folder of the Deployment Workbench](./images/surface-laptop-keyboard-5.png)
 

From 464308df83eb3c9631c09b30df42086833b6bfe5 Mon Sep 17 00:00:00 2001
From: amirsc3 <42802974+amirsc3@users.noreply.github.com>
Date: Fri, 31 Jan 2020 10:34:18 +0200
Subject: [PATCH 72/96] Update manage-auto-investigation.md

Small typo fix
---
 .../microsoft-defender-atp/manage-auto-investigation.md         | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/manage-auto-investigation.md b/windows/security/threat-protection/microsoft-defender-atp/manage-auto-investigation.md
index 9614834d72..32343d94bd 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/manage-auto-investigation.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/manage-auto-investigation.md
@@ -35,7 +35,7 @@ You can use the following operations to customize the list of automated investig
 
 
 **Triggering alert**</br>
-The alert the initiated the automated investigation.
+The alert that initiated the automated investigation.
 
 **Status**</br>
 An automated investigation can be in one of the following status:

From 48575038bb73545e3a545034e352b67e72d0385b Mon Sep 17 00:00:00 2001
From: Tudor Dobrila <tudor.dobrila@microsoft.com>
Date: Fri, 31 Jan 2020 11:50:40 -0800
Subject: [PATCH 73/96] Release notes for 1912-2

---
 .../microsoft-defender-atp/mac-preferences.md | 54 +++++++++++++++++++
 .../microsoft-defender-atp/mac-whatsnew.md    |  6 +++
 2 files changed, 60 insertions(+)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-preferences.md b/windows/security/threat-protection/microsoft-defender-atp/mac-preferences.md
index 85deccc918..b9a690f1e2 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/mac-preferences.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/mac-preferences.md
@@ -80,6 +80,18 @@ Specify whether the antivirus engine runs in passive mode. Passive mode has the
 | **Possible values** | false (default) <br/> true |
 | **Comments** | Available in Microsoft Defender ATP version 100.67.60 or higher. |
 
+#### Exclusion merge policy
+
+Specify the merge policy for exclusions. This can be a combination of administrator-defined and user-defined exclusions (`merge`) or only administrator-defined exclusions (`admin_only`). This setting can be used to restrict local users from defining their own exclusions.
+
+|||
+|:---|:---|
+| **Domain** | `com.microsoft.wdav` |
+| **Key** | exclusionsMergePolicy |
+| **Data type** | String |
+| **Possible values** | merge (default) <br/> admin_only |
+| **Comments** | Available in Microsoft Defender ATP version 100.83.73 or higher. |
+
 #### Scan exclusions
 
 Specify entities excluded from being scanned. Exclusions can be specified by full paths, extensions, or file names.
@@ -160,6 +172,18 @@ Specify threats by name that are not blocked by Microsoft Defender ATP for Mac.
 | **Key** | allowedThreats |
 | **Data type** | Array of strings |
 
+#### Disallowed threat actions
+
+Restricts the actions that the local user of a device can take when threats are detected. The actions included in this list are not displayed in the user interface.
+
+|||
+|:---|:---|
+| **Domain** | `com.microsoft.wdav` |
+| **Key** | disallowedThreatActions |
+| **Data type** | Array of strings |
+| **Possible values** | allow (restricts users from allowing threats) <br/> restore (restricts users from restoring threats from the quarantine) |
+| **Comments** | Available in Microsoft Defender ATP version 100.83.73 or higher. |
+
 #### Threat type settings
 
 Specify how certain threat types are handled by Microsoft Defender ATP for Mac.
@@ -197,6 +221,18 @@ Specify what action to take when a threat of the type specified in the preceding
 | **Data type** | String |
 | **Possible values** | audit (default) <br/> block <br/> off |
 
+#### Threat type settings merge policy
+
+Specify the merge policy for threat type settings. This can be a combination of administrator-defined and user-defined settings (`merge`) or only administrator-defined settings (`admin_only`). This setting can be used to restrict local users from defining their own settings for different threat types.
+
+|||
+|:---|:---|
+| **Domain** | `com.microsoft.wdav` |
+| **Key** | threatTypeSettingsMergePolicy |
+| **Data type** | String |
+| **Possible values** | merge (default) <br/> admin_only |
+| **Comments** | Available in Microsoft Defender ATP version 100.83.73 or higher. |
+
 ### Cloud-delivered protection preferences
 
 Configure the cloud-driven protection features of Microsoft Defender ATP for Mac.
@@ -483,10 +519,17 @@ The following configuration profile contains entries for all settings described
                 <string>pdf</string>
             </dict>
         </array>
+        <key>exclusionsMergePolicy</key>
+        <string>merge</string>
         <key>allowedThreats</key>
         <array>
             <string>EICAR-Test-File (not a virus)</string>
         </array>
+        <key>disallowedThreatActions</key>
+        <array>
+            <string>allow</string>
+            <string>restore</string>
+        </array>
         <key>threatTypeSettings</key>
         <array>
             <dict>
@@ -502,6 +545,8 @@ The following configuration profile contains entries for all settings described
                 <string>audit</string>
             </dict>
         </array>
+        <key>threatTypeSettingsMergePolicy</key>
+        <string>merge</string>
     </dict>
     <key>cloudService</key>
     <dict>
@@ -594,10 +639,17 @@ The following configuration profile contains entries for all settings described
                             <string>pdf</string>
                         </dict>
                     </array>
+                    <key>exclusionsMergePolicy</key>
+                    <string>merge</string>
                     <key>allowedThreats</key>
                     <array>
                         <string>EICAR-Test-File (not a virus)</string>
                     </array>
+                    <key>disallowedThreatActions</key>
+                    <array>
+                        <string>allow</string>
+                        <string>restore</string>
+                    </array>
                     <key>threatTypeSettings</key>
                     <array>
                         <dict>
@@ -613,6 +665,8 @@ The following configuration profile contains entries for all settings described
                             <string>audit</string>
                         </dict>
                     </array>
+                    <key>threatTypeSettingsMergePolicy</key>
+                    <string>merge</string>
                 </dict>
                 <key>cloudService</key>
                 <dict>
diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-whatsnew.md b/windows/security/threat-protection/microsoft-defender-atp/mac-whatsnew.md
index 43323ca96d..34df1f32fc 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/mac-whatsnew.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/mac-whatsnew.md
@@ -19,6 +19,12 @@ ms.topic: conceptual
 
 # What's new in Microsoft Defender Advanced Threat Protection for Mac
 
+## 100.83.73
+
+- Added more controls for IT administrators around [management of exclusions](mac-preferences.md#exclusion-merge-policy), [management of threat type settings](mac-preferences.md#threat-type-settings-merge-policy), and [disallowed threat actions](mac-preferences.md#disallowed-threat-actions)
+- When Full Disk Access is not enabled on the device, a warning is now displayed in the status menu
+- Performance improvements & bug fixes
+
 ## 100.82.60
 
 - Addressed an issue where the product fails to start following a definition update.

From fe7bf75245720cf9e8d75271d768f68193db79e7 Mon Sep 17 00:00:00 2001
From: Manika Dhiman <v-madhi@microsoft.com>
Date: Fri, 31 Jan 2020 14:21:50 -0800
Subject: [PATCH 74/96] Update enterprisemodernappmanagement-csp.md

Updated format of the deployment options list and added the description of ExcludeAppFromLayoutModification.
---
 .../mdm/enterprisemodernappmanagement-csp.md  | 22 +++++++++----------
 1 file changed, 11 insertions(+), 11 deletions(-)

diff --git a/windows/client-management/mdm/enterprisemodernappmanagement-csp.md b/windows/client-management/mdm/enterprisemodernappmanagement-csp.md
index 08d6a9c53b..2bd46c1280 100644
--- a/windows/client-management/mdm/enterprisemodernappmanagement-csp.md
+++ b/windows/client-management/mdm/enterprisemodernappmanagement-csp.md
@@ -492,17 +492,17 @@ Supported operation is Execute, Add, Delete, and Get.
 <a href="" id="appinstallation-packagefamilyname-hostedinstall"></a>**AppInstallation/*PackageFamilyName*/HostedInstall**  
 Required. Command to perform an install of an app package from a hosted location (this can be a local drive, a UNC, or https data source).
 
-DeploymentOptions:
-ForceApplicationShutdown
-DevelopmentMode 
-InstallAllResources
-ForceTargetApplicationShutdown 
-ForceUpdateToAnyVersion
-DeferRegistration="1" - If the app is in use at time of installation.  This stages the files for an app update and completes the registration of the app update after the app closes. Available latest insider flight of 20H1
-StageOnly="1"  - Stages the files for an app installation or update without installing the app. Available in 1803
-LicenseUri="\\server\license.lic" - option is deploying an offline license from the Microsoft Store for Business. Available in 1607 
-ValidateDependencies="1" - ValidateDependencies is used at provisioning/staging time. If it is set to 1, deployment will perform the same dependency validation during staging that we would normally do at registration time, failing and rejecting the provision request if the dependencies are not present. Available in the latest Insider flight of 20H1
-ExcludeAppFromLayoutModification="1" - (need to check with dev on the actual functionality). Available in 1809 
+The following is list of available deployment options: 
+- ForceApplicationShutdown
+- DevelopmentMode 
+- InstallAllResources
+- ForceTargetApplicationShutdown 
+- ForceUpdateToAnyVersion
+- DeferRegistration="1". If the app is in use at the time of installation. This stages the files for an app update and completes the registration of the app update after the app closes. Available in the latest insider flight of 20H1.
+- StageOnly="1". Stages the files for an app installation or update without installing the app. Available in 1803.
+- LicenseUri="\\server\license.lic". Deploys an offline license from the Microsoft Store for Business. Available in 1607. 
+- ValidateDependencies="1". This is used at provisioning/staging time. If it is set to 1, deployment will perform the same dependency validation during staging that we would normally do at registration time, failing and rejecting the provision request if the dependencies are not present. Available in the latest insider flight of 20H1.
+- ExcludeAppFromLayoutModification="1". Sets that the app will be provisioned on all devices and will be able to retain the apps provisioned without pinning them to start layout. Available in 1809.
 
 Supported operation is Execute, Add, Delete, and Get.
 

From 8956c68076c6c3e7e4e390e3e6a8941048da5a51 Mon Sep 17 00:00:00 2001
From: Manika Dhiman <v-madhi@microsoft.com>
Date: Fri, 31 Jan 2020 14:26:39 -0800
Subject: [PATCH 75/96] Update enterprisemodernappmanagement-csp.md

---
 .../client-management/mdm/enterprisemodernappmanagement-csp.md  | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/client-management/mdm/enterprisemodernappmanagement-csp.md b/windows/client-management/mdm/enterprisemodernappmanagement-csp.md
index 2bd46c1280..1c440edf96 100644
--- a/windows/client-management/mdm/enterprisemodernappmanagement-csp.md
+++ b/windows/client-management/mdm/enterprisemodernappmanagement-csp.md
@@ -492,7 +492,7 @@ Supported operation is Execute, Add, Delete, and Get.
 <a href="" id="appinstallation-packagefamilyname-hostedinstall"></a>**AppInstallation/*PackageFamilyName*/HostedInstall**  
 Required. Command to perform an install of an app package from a hosted location (this can be a local drive, a UNC, or https data source).
 
-The following is list of available deployment options: 
+The following list shows the supported deployment options: 
 - ForceApplicationShutdown
 - DevelopmentMode 
 - InstallAllResources

From b5e6e739e6211898a8b4d4a812202b7178d11710 Mon Sep 17 00:00:00 2001
From: Denise Vangel-MSFT <deniseb@microsoft.com>
Date: Fri, 31 Jan 2020 15:16:44 -0800
Subject: [PATCH 76/96] Update deployment-vdi-windows-defender-antivirus.md

---
 ...ployment-vdi-windows-defender-antivirus.md | 199 ++++++++++++------
 1 file changed, 129 insertions(+), 70 deletions(-)

diff --git a/windows/security/threat-protection/windows-defender-antivirus/deployment-vdi-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/deployment-vdi-windows-defender-antivirus.md
index b5a79ca055..ad266974fa 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/deployment-vdi-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/deployment-vdi-windows-defender-antivirus.md
@@ -1,6 +1,6 @@
 ---
-title: Windows Defender Antivirus VDI deployment guide
-description: Learn how to deploy Windows Defender Antivirus in a VDI environment for the best balance between protection and performance.
+title: Windows Defender Antivirus Virtual Desktop Infrastructure deployment guide
+description: Learn how to deploy Windows Defender Antivirus in a virtual desktop environment for the best balance between protection and performance.
 keywords: vdi, hyper-v, vm, virtual machine, windows defender, antivirus, av, virtual desktop, rds, remote desktop
 search.product: eADQiWindows 10XVcnh
 ms.pagetype: security
@@ -12,7 +12,7 @@ ms.localizationpriority: medium
 author: denisebmsft
 ms.author: deniseb
 ms.custom: nextgen
-ms.date: 09/03/2018
+ms.date: 01/31/2020
 ms.reviewer: 
 manager: dansimp
 ---
@@ -25,13 +25,13 @@ manager: dansimp
 
 In addition to standard on-premises or hardware configurations, you can also use Windows Defender Antivirus in a remote desktop (RDS) or virtual desktop infrastructure (VDI) environment.
 
-See the [Microsoft Desktop virtualization site](https://www.microsoft.com/server-cloud/products/virtual-desktop-infrastructure/) for more details on Microsoft Remote Desktop Services and VDI support.
+See [Windows Virtual Desktop Documentation](https://docs.microsoft.com/azure/virtual-desktop) for more details on Microsoft Remote Desktop Services and VDI support.
 
 For Azure-based virtual machines, you can also review the [Install Endpoint Protection in Azure Security Center](https://docs.microsoft.com/azure/security-center/security-center-install-endpoint-protection) topic.
 
 With the ability to easily deploy updates to VMs running in VDIs, we've shortened this guide to focus on how you can get updates on your machines quickly and easily. You no longer need to create and seal golden images on a periodic basis, as updates are expanded into their component bits on the host server and then downloaded directly to the VM when it's turned on.
 
-This guide will show you how to configure your VMs for optimal protection and performance, including how to:
+This guide describes how to configure your VMs for optimal protection and performance, including how to:
 
 - [Set up a dedicated VDI file share for security intelligence updates](#set-up-a-dedicated-vdi-file-share)
 - [Randomize scheduled scans](#randomize-scheduled-scans)
@@ -41,64 +41,93 @@ This guide will show you how to configure your VMs for optimal protection and pe
 - [Scan out-of-date machines or machines that have been offline for a while](#scan-vms-that-have-been-offline)
 - [Apply exclusions](#exclusions)
 
-You can also download the whitepaper [Windows Defender Antivirus on Virtual Desktop Infrastructure](https://demo.wd.microsoft.com/Content/wdav-testing-vdi-ssu.pdf) which looks at the new shared security intelligence update feature, alongside performance testing and guidance on how you can test antivirus performance on your own VDI.
+You can also download the whitepaper [Windows Defender Antivirus on Virtual Desktop Infrastructure](https://demo.wd.microsoft.com/Content/wdav-testing-vdi-ssu.pdf), which looks at the new shared security intelligence update feature, alongside performance testing and guidance on how you can test antivirus performance on your own VDI.
 
 > [!IMPORTANT]
-> While the VDI can be hosted on Windows Server 2012 or Windows Server 2016, the virtual machines (VMs) should be running Windows 10, 1607 at a minimum, due to increased protection technologies and features that are unavailable in earlier versions of Windows.
-
-
-> [!NOTE]
-> There are performance and feature improvements to the way in which Windows Defender AV operates on virtual machines in Windows 10 Insider Preview, build 18323 (and later). We'll identify in this guide if you need to be using an Insider Preview build; if it isn't specified, then the minimum required version for the best protection and performance is Windows 10 1607.
-
-
+> Although the VDI can be hosted on Windows Server 2012 or Windows Server 2016, the virtual machines (VMs) should be running Windows 10, 1607 at a minimum, due to increased protection technologies and features that are unavailable in earlier versions of Windows.<br/>There are performance and feature improvements to the way in which Windows Defender AV operates on virtual machines in Windows 10 Insider Preview, build 18323 (and later). We'll identify in this guide if you need to be using an Insider Preview build; if it isn't specified, then the minimum required version for the best protection and performance is Windows 10 1607.
 
 ### Set up a dedicated VDI file share
 
-In Windows 10, version 1903, we introduced the shared security intelligence feature. This offloads the unpackaging of downloaded security intelligence updates onto a host machine - thus saving previous CPU, disk, and memory resources on individual machines.
+In Windows 10, version 1903, we introduced the shared security intelligence feature. This offloads the unpackaging of downloaded security intelligence updates onto a host machine - thus saving previous CPU, disk, and memory resources on individual machines. You can set this feature with [Intune](https://docs.microsoft.com/intune/fundamentals/what-is-intune), Group Policy, or PowerShell.
 
-You can set this feature with Intune, Group Policy, or PowerShell.
+> [!TIP]
+> If you don't already have Intune, [try it for free](https://docs.microsoft.com/intune/fundamentals/free-trial-sign-up)! 
 
-Open the Intune management portal either by searching for Intune on https://portal.azure.com or going to https://devicemanagement.microsoft.com and logging in.
+Open the Intune Management Portal either by searching for Intune on [https://portal.azure.com](https://portal.azure.com) or going to [https://devicemanagement.microsoft.com](https://devicemanagement.microsoft.com) and logging in.
 
-1. To create a group with only the devices or users you specify:
-1. Go to **Groups**. Click **New group**. Use the following values:
-    1. Group type: **Security**
-    2. Group name: **VDI test VMs**
-    3. Group description: *Optional*
-    4. Membership type: **Assigned**
-    
-1. Add the devices or users you want to be a part of this test and then click **Create** to save the group. It’s a good idea to create a couple of groups, one with VMs running the latest Insider Preview build and with the shared security intelligence update feature enabled, and another with VMs that are running Windows 10 1809 or earlier versions. This will help when you create dashboards to test the performance changes.
+#### To create a group with only the devices or users you specify
 
-1. To create a group that will include any machine in your tenant that is a VM, even when they are newly created:
+1. Go to **Groups** > **New group**. 
+
+2. Specify the following values:
+   - Group type: **Security**
+   - Group name: **VDI test VMs**
+   - Group description: *Optional*
+   - Membership type: **Assigned**
+
+3. Add the devices or users you want to be a part of this test and then click **Create** to save the group. 
+
+It’s a good idea to create a couple of groups, one with VMs running the latest Insider Preview build and with the shared security intelligence update feature enabled, and another with VMs that are running Windows 10 1809 or earlier versions. This will help when you create dashboards to test the performance changes.
+
+#### To create a group that will include any machine in your tenant that is a VM, even when they are newly created
+
+1. Go to **Groups** > **New group**. 
+
+2. Specify the following values:
+   - Group type: **Security**
+   - Group name: **VDI test VMs**
+   - Group description: *Optional*
+   - Membership type: **Dynamic Device**
+
+3. Click **Simple rule**, and select **deviceModel**, **Equals**, and enter **Virtual Machine**. 
+
+4. Click **Add query** and then **Create** to save the group.
+
+5. Go to **Device configuration**, then **Profiles**. You can modify an existing custom profile or create a new one. 
+
+#### Create a new device configuration profile
+
+In this example, we create a new device configuration profile by clicking **Create profile**.
 
-1. Go to **Groups**. Click **New group**. Use the following values:
-    1. Group type: **Security**
-    2. Group name: **VDI test VMs**
-    3. Group description: *Optional*
-    4. Membership type: **Dynamic Device**
-1. Click **Simple rule**, and select **deviceModel**, **Equals**, and enter **Virtual Machine**. Click **Add query** and then **Create** to save the group.
-1. Go to **Device configuration**, then **Profiles**. You can modify an existing custom profile or create a new one. In this demo I’m going to create a new one by clicking **Create profile**.
 1. Name it, choose **Windows 10 and later** as the Platform and – most importantly – select **Custom** as the profile type.
-1. The **Custom OMA-URI Settings** blade is opened automatically. Click **Add** then enter the following values:
-    1. Name: **VDI shared sig location**
-    1. Description: *Optional*
-    1. OMA-URI: **./Vendor/MSFT/Defender/SharedSignatureRoot**
-    1. Data type: **String**
-    1. Value: **\\<sharedlocation\>\wdav-update\** (see the [Download and unpackage](#download-and-unpackage-the-latest-updates) section for what this will be)
-1. Click **Ok** to close the details blade, then **OK** again to close the **Custom OMA-URI Settings** blade. Click **Create** to save the new profile. The profile details page now appears.
-1. Click **Assignments**. The **Include** tab is automatically selected. In the drop-down menu, select **Selected Groups**, then click **Select groups to include**. Click the **VDI test VMs** group and then **Select**. 
-1. Click **Evaluate** to see how many users/devices will be impacted. If the number makes sense, click **Save**. If the number doesn’t make sense, go back to the groups blade and confirm the group contains the right users or devices.
-1. The profile will now be deployed to the impacted devices. Note that this may take some time.
+
+2. The **Custom OMA-URI Settings** blade is opened automatically. Click **Add** then enter the following values:
+   - Name: **VDI shared sig location**
+   - Description: *Optional*
+   - OMA-URI: **./Vendor/MSFT/Defender/SharedSignatureRoot**
+   - Data type: **String**
+   - `\\<sharedlocation\>\wdav-update\` (see the [Download and unpackage](#download-and-unpackage-the-latest-updates) section for what this will be)
+
+3. Click **Ok** to close the details blade, then **OK** again to close the **Custom OMA-URI Settings** blade. 
+
+4. Click **Create** to save the new profile. The profile details page now appears.
+
+5. Click **Assignments**. The **Include** tab is automatically selected. In the drop-down menu, select **Selected Groups**, then click **Select groups to include**. Click the **VDI test VMs** group and then **Select**. 
+
+6. Click **Evaluate** to see how many users/devices will be impacted. If the number makes sense, click **Save**. If the number doesn’t make sense, go back to the groups blade and confirm the group contains the right users or devices.
+
+The profile will now be deployed to the impacted devices. This may take some time.
 
 #### Use Group Policy to enable the shared security intelligence feature:
-1. On your Group Policy management computer, open the Group Policy Management Console, right-click the Group Policy Object you want to configure and click Edit.
-1. In the **Group Policy Management Editor** go to **Computer configuration**.
-1. Click **Administrative templates**.
-1. Expand the tree to **Windows components > Windows Defender Antivirus > Security Intelligence Updates**
-1. Double-click Define security intelligence location for VDI clients and set the option to Enabled. A field automatically appears, enter *\\<sharedlocation\>\wdav-update *(see the [Download and unpackage](#download-and-unpackage-the-latest-updates) section for what this will be). Click **OK**.
-1. Deploy the GPO to the VMs you want to test.
 
-#### Use PowerShell to enable the shared security intelligence feature:
+1. On your Group Policy management computer, open the Group Policy Management Console, right-click the Group Policy Object you want to configure, and then click **Edit**.
+
+2. In the **Group Policy Management Editor** go to **Computer configuration**.
+
+3. Click **Administrative templates**.
+
+4. Expand the tree to **Windows components** > **Windows Defender Antivirus** > **Security Intelligence Updates**.
+
+5. Double-click **Define security intelligence location for VDI clients**, and then set the option to **Enabled**. A field automatically appears.
+
+6. Enter `\\<sharedlocation\>\wdav-update` (see the [Download and unpackage](#download-and-unpackage-the-latest-updates) section for what this will be). 
+
+7. Click **OK**.
+
+8. Deploy the GPO to the VMs you want to test.
+
+#### Use PowerShell to enable the shared security intelligence feature
+
 Use the following cmdlet to enable the feature. You’ll need to then push this as you normally would push PowerShell-based configuration policies onto the VMs:
     
 ```PowerShell
@@ -108,6 +137,7 @@ Set-MpPreference -SharedSignaturesPath \\<shared location>\wdav-update
 See the [Download and unpackage](#download-and-unpackage-the-latest-updates) section for what the \<shared location\> will be.
 
 ### Download and unpackage the latest updates
+
 Now you can get started on downloading and installing new updates. We’ve created a sample PowerShell script for you below. This script is the easiest way to download new updates and get them ready for your VMs. You should then set the script to run at a certain time on the management machine by using a scheduled task (or, if you’re familiar with using PowerShell scripts in Azure, Intune, or SCCM, you could also use those).
 
 ```PowerShell
@@ -126,27 +156,39 @@ cmd /c "cd $vdmpath & c: & mpam-fe.exe /x"
 
 You can set a scheduled task to run once a day so that whenever the package is downloaded and unpacked then the VMs will receive the new update. 
 We suggest starting with once a day – but you should experiment with increasing or decreasing the frequency to understand the impact. 
-Note that security intelligence packages are typically published once every three to four hours, so setting a frequency shorter than four hours isn’t advised as it will increase the network overhead on your management machine for no benefit.
+
+Security intelligence packages are typically published once every three to four hours. Setting a frequency shorter than four hours isn’t advised because it will increase the network overhead on your management machine for no benefit.
 
 #### Set a scheduled task to run the powershell script
+
 1. On the management machine, open the Start menu and type **Task Scheduler**. Open it and select **Create task…** on the side panel.
-1. Enter the name as **Security intelligence unpacker**. Go to the **Trigger** tab. Click **New…** Select **Daily** and click **OK**.
-1. Go to the **Actions** tab. Click **New…** Enter **PowerShell** in the **Program/Script** field. Enter 
 
-    *-ExecutionPolicy Bypass c:\wdav-update\vdmdlunpack.ps1* 
+2. Enter the name as **Security intelligence unpacker**. Go to the **Trigger** tab. Click **New…** Select **Daily** and click **OK**.
 
-in the **Add arguments** field. Click **OK**. You can choose to configure additional settings if you wish. Click OK to save the scheduled task.
+3. Go to the **Actions** tab. Click **New…** Enter **PowerShell** in the **Program/Script** field. Enter `-ExecutionPolicy Bypass c:\wdav-update\vdmdlunpack.ps1` in the **Add arguments** field. Click **OK**. 
+
+4. You can choose to configure additional settings if you wish. 
+
+5. Click **OK** to save the scheduled task.
  
 
 You can initiate the update manually by right-clicking on the task and clicking **Run**.
 
 #### Download and unpackage manually
+
 If you would prefer to do everything manually, this what you would need to do to replicate the script’s behavior:
-1. Create a new folder on the system root called *wdav_update* to store intelligence updates, for example, create the folder *c:\wdav_update*
-1. Create a subfolder under *wdav_update* with a GUID name, such as *{00000000-0000-0000-0000-000000000000}*; for example *c:\wdav_update\{00000000-0000-0000-0000-000000000000}* (note, in the script we set it so the last 12 digits of the GUID are the year, month, day, and time when the file was downloaded so that a new folder is created each time. You can change this so that the file is downloaded to the same folder each time)
-1. Download a security intelligence package from https://www.microsoft.com/wdsi/definitions  into the GUID folder. The file should be named *mpam-fe.exe*.
-1. Open a cmd prompt window and navigate to the GUID folder you created. Use the **/X** extraction command to extract the files, for example **mpam-fe.exe /X**.
-Note: The VMs will pick up the updated package whenever a new GUID folder is created with an extracted update package or whenever an existing folder is updated with a new extracted package.
+
+1. Create a new folder on the system root called `wdav_update` to store intelligence updates, for example, create the folder `c:\wdav_update`.
+
+2. Create a subfolder under *wdav_update* with a GUID name, such as `{00000000-0000-0000-0000-000000000000}`; for example `c:\wdav_update\{00000000-0000-0000-0000-000000000000}`.
+
+  Note: In the script we set it so the last 12 digits of the GUID are the year, month, day, and time when the file was downloaded so that a new folder is created each time. You can change this so that the file is downloaded to the same folder each time.
+
+3. Download a security intelligence package from [https://www.microsoft.com/wdsi/definitions](https://www.microsoft.com/wdsi/definitions)  into the GUID folder. The file should be named `mpam-fe.exe`.
+
+4. Open a cmd prompt window and navigate to the GUID folder you created. Use the **/X** extraction command to extract the files, for example `mpam-fe.exe /X`.
+
+   Note: The VMs will pick up the updated package whenever a new GUID folder is created with an extracted update package or whenever an existing folder is updated with a new extracted package.
 
 ### Randomize scheduled scans
 
@@ -161,17 +203,23 @@ See [Schedule scans](scheduled-catch-up-scans-windows-defender-antivirus.md) for
 You can specify the type of scan that should be performed during a scheduled scan.
 Quick scans are the preferred approach as they are designed to look in all places where malware needs to reside to be active.
 
-1. Expand the tree to **Windows components > Windows Defender > Scan** and configure the following setting:  
+1. Expand the tree to **Windows components > Windows Defender > Scan**.
 
-    - Double-click **Specify the scan type to use for a scheduled scan** and set the option to **Enabled** and **Quick scan**. Click **OK**.
+2. Double-click **Specify the scan type to use for a scheduled scan** and set the option to **Enabled** and **Quick scan**. 
+
+3. Click **OK**.
 
 ### Prevent notifications
 
 Sometimes, Windows Defender Antivirus notifications may be sent to or persist across multiple sessions. In order to minimize this problem, you can use the lock down the Windows Defender Antivirus user interface.
 
-1. Expand the tree to **Windows components > Windows Defender > Client Interface** and configure the following settings:
+1. Expand the tree to **Windows components > Windows Defender > Client Interface**. 
 
-   - Double-click **Suppress all notifications** and set the option to **Enabled**. Click **OK**. This prevents notifications from Windows Defender AV appearing in the action center on Windows 10 when scans or remediation is performed.
+2. Double-click **Suppress all notifications** and set the option to **Enabled**. 
+
+3. Click **OK**. 
+
+This prevents notifications from Windows Defender AV appearing in the action center on Windows 10 when scans or remediation is performed.
 
 ### Disable scans after an update
 
@@ -180,25 +228,36 @@ This setting will prevent a scan from occurring after receiving an update. You c
 > [!IMPORTANT]
 > Running scans after an update will help ensure your VMs are protected with the latest Security intelligence updates. Disabling this option will reduce the protection level of your VMs and should only be used when first creating or deploying the base image.
 
-1. Expand the tree to **Windows components > Windows Defender > Signature Updates** and configure the following setting:
+1. Expand the tree to **Windows components > Windows Defender > Signature Updates**. 
 
-   - Double-click **Turn on scan after signature update** and set the option to **Disabled**. Click **OK**. This prevents a scan from running immediately after an update.
+2. Double-click **Turn on scan after signature update** and set the option to **Disabled**. 
+
+3. Click **OK**. 
+
+This prevents a scan from running immediately after an update.
 
 ### Scan VMs that have been offline 
 
-1. Expand the tree to **Windows components > Windows Defender > Scan** and configure the following setting:
+1. Expand the tree to **Windows components > Windows Defender > Scan**. 
 
-1. Double-click the **Turn on catch-up quick scan** setting and set the option to **Enabled**. Click **OK**. This forces a scan if the VM has missed two or more consecutive scheduled scans.
+2. Double-click the **Turn on catch-up quick scan** setting and set the option to **Enabled**. 
+
+3. Click **OK**. 
+
+This forces a scan if the VM has missed two or more consecutive scheduled scans.
 
 
 ### Enable headless UI mode
-- Double-click **Enable headless UI mode** and set the option to **Enabled**. Click **OK**. This hides the entire Windows Defender AV user interface from users.
 
+1. Double-click **Enable headless UI mode** and set the option to **Enabled**. 
 
+2. Click **OK**. 
+
+This hides the entire Windows Defender AV user interface from users.
 
 ### Exclusions
-On Windows Server 2016, Windows Defender Antivirus will automatically deliver the right exclusions for servers running a VDI environment. However, if you are running an older Windows server version, you can refer to the exclusions that are applied on this page:
-- [Configure Windows Defender Antivirus exclusions on Windows Server](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-antivirus/configure-server-exclusions-windows-defender-antivirus)
+
+On Windows Server 2016, Windows Defender Antivirus will automatically deliver the right exclusions for servers running a VDI environment. However, if you are running an older Windows server version, see [Configure Windows Defender Antivirus exclusions on Windows Server](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-antivirus/configure-server-exclusions-windows-defender-antivirus).
 
 
 ## Additional resources

From 5a73ab43bc04654c25ca38fc228eea4be4d80d57 Mon Sep 17 00:00:00 2001
From: Dani Halfin <daniha@microsoft.com>
Date: Mon, 3 Feb 2020 08:41:27 +0200
Subject: [PATCH 77/96] Fixing build warnings

---
 devices/hololens/hololens-offline.md | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/devices/hololens/hololens-offline.md b/devices/hololens/hololens-offline.md
index 4c468667f9..e3b11960b1 100644
--- a/devices/hololens/hololens-offline.md
+++ b/devices/hololens/hololens-offline.md
@@ -17,6 +17,8 @@ appliesto:
 - HoloLens 2
 ---
 
+# Manage connection endpoints for HoloLens 
+
 Some HoloLens components, apps, and related services transfer data to Microsoft network endpoints. This article lists different endpoints and URLs that need to be whitelisted in your network configuratiion (e.g. proxy or firewall) for those components to be functional.    
 
 ## Near-offline setup
@@ -59,7 +61,7 @@ In addition to the list above, to take full advantage of HoloLens functionality,
 | Certificates                                        | activation-v2.sls.microsoft.com/*                                   |   |   |   |
 |                                                     | crl.microsoft.com/pki/crl/*                                         |   |   |   |
 |                                                     | ocsp.digicert.com/*                                                 |   |   |   |
-|                                                     | www.microsoft.com/pkiops/*                                          |   |   |   |
+|                                                     | https://www.microsoft.com/pkiops/*                                          |   |   |   |
 | Cortana and Search                                  | store-images.*microsoft.com                                         |   |   |   |
 |                                                     | www.bing.com/client                                                 |   |   |   |
 |                                                     | www.bing.com                                                        |   |   |   |
@@ -76,7 +78,7 @@ In addition to the list above, to take full advantage of HoloLens functionality,
 |                                                     | location-inference-westus.cloudapp.net                              |   |   |   |
 | Diagnostic Data                                     | v10.events.data.microsoft.com                                       |   |   |   |
 |                                                     | v10.vortex-win.data.microsoft.com/collect/v1                        |   |   |   |
-|                                                     | www.microsoft.com                                                   |   |   |   |
+|                                                     | https://www.microsoft.com                                                   |   |   |   |
 |                                                     | co4.telecommand.telemetry.microsoft.com                             |   |   |   |
 |                                                     | cs11.wpc.v0cdn.net                                                  |   |   |   |
 |                                                     | cs1137.wpc.gammacdn.net                                             |   |   |   |
@@ -106,7 +108,7 @@ In addition to the list above, to take full advantage of HoloLens functionality,
 |                                                     | officeclient.microsoft.com                                          |   |   |   |
 |                                                     | outlook.office365.com                                               |   |   |   |
 |                                                     | client-office365-tas.msedge.net                                     |   |   |   |
-|                                                     | www.office.com                                                      |   |   |   |
+|                                                     | https://www.office.com                                                      |   |   |   |
 |                                                     | onecollector.cloudapp.aria                                          |   |   |   |
 |                                                     | v10.events.data.microsoft.com/onecollector/1.0/                     |   |   |   |
 |                                                     | self.events.data.microsoft.com                                      |   |   |   |

From 0cce48ddf0ee28a4a579de9d72e9f573a9e4bbc6 Mon Sep 17 00:00:00 2001
From: Dani Halfin <daniha@microsoft.com>
Date: Mon, 3 Feb 2020 08:42:43 +0200
Subject: [PATCH 78/96] Fixing build warnings

---
 .../access-control/active-directory-accounts.md                 | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/identity-protection/access-control/active-directory-accounts.md b/windows/security/identity-protection/access-control/active-directory-accounts.md
index c712073a39..0665f58b3c 100644
--- a/windows/security/identity-protection/access-control/active-directory-accounts.md
+++ b/windows/security/identity-protection/access-control/active-directory-accounts.md
@@ -480,7 +480,7 @@ Each default local account in Active Directory has a number of account settings
 <td><p>Use DES encryption types for this account</p></td>
 <td><p>Provides support for the Data Encryption Standard (DES). DES supports multiple levels of encryption, including Microsoft Point-to-Point Encryption (MPPE) Standard (40-bit and 56-bit), MPPE standard (56-bit), MPPE Strong (128-bit), Internet Protocol security (IPSec) DES (40-bit), IPSec 56-bit DES, and IPSec Triple DES (3DES).</p>
 <div class="alert">
-<strong>Note</strong><br/><p>DES is not enabled by default in Windows Server operating systems starting with Windows Server 2008 R2, nor in Windows client operating systems starting with Windows 7. For these operating systems, computers will not use DES-CBC-MD5 or DES-CBC-CRC cipher suites by default. If your environment requires DES, then this setting might affect compatibility with client computers or services and applications in your environment. For more information, see <a href="http://blogs.technet.com/b/askds/archive/2010/10/19/hunting-down-des-in-order-to-securely-deploy-kerberos.aspx" data-raw-source="[Hunting down DES in order to securely deploy Kerberos](http://blogs.technet.com/b/askds/archive/2010/10/19/hunting-down-des-in-order-to-securely-deploy-kerberos.aspx)">Hunting down DES in order to securely deploy Kerberos</a>.</p>
+<strong>Note</strong><br/><p>DES is not enabled by default in Windows Server operating systems starting with Windows Server 2008 R2, nor in Windows client operating systems starting with Windows 7. For these operating systems, computers will not use DES-CBC-MD5 or DES-CBC-CRC cipher suites by default. If your environment requires DES, then this setting might affect compatibility with client computers or services and applications in your environment. For more information, see <a href="https://blogs.technet.com/b/askds/archive/2010/10/19/hunting-down-des-in-order-to-securely-deploy-kerberos.aspx" data-raw-source="[Hunting down DES in order to securely deploy Kerberos](https://blogs.technet.com/b/askds/archive/2010/10/19/hunting-down-des-in-order-to-securely-deploy-kerberos.aspx)">Hunting down DES in order to securely deploy Kerberos</a>.</p>
 </div>
 <div>
 

From d98db80b6a051b9008ad5eab17c1006d7940d0e5 Mon Sep 17 00:00:00 2001
From: Dani Halfin <daniha@microsoft.com>
Date: Mon, 3 Feb 2020 08:44:03 +0200
Subject: [PATCH 79/96] Fixing build warnings

---
 mdop/agpm/resources-for-agpm.md | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/mdop/agpm/resources-for-agpm.md b/mdop/agpm/resources-for-agpm.md
index bd2fe5372b..5aa2774df3 100644
--- a/mdop/agpm/resources-for-agpm.md
+++ b/mdop/agpm/resources-for-agpm.md
@@ -23,15 +23,15 @@ ms.date: 08/30/2016
 
 ### Microsoft Desktop Optimization Pack resources
 
--   [Microsoft Desktop Optimization Pack (MDOP) for Software Assurance TechCenter](https://go.microsoft.com/fwlink/?LinkID=159870) (http://www.microsoft.com/technet/mdop): Links to MDOP videos and resources.
+-   [Microsoft Desktop Optimization Pack (MDOP) for Software Assurance TechCenter](https://go.microsoft.com/fwlink/?LinkID=159870) (https://www.microsoft.com/technet/mdop): Links to MDOP videos and resources.
 
 -   [Enterprise products: MDOP](https://go.microsoft.com/fwlink/?LinkID=160297): Overviews and information about the benefits of applications in MDOP.
 
 ### Group Policy resources
 
--   [Group Policy TechCenter](https://go.microsoft.com/fwlink/?LinkID=145531) (http://www.microsoft.com/grouppolicy): Links to Group Policy documentation, tools, and downloads.
+-   [Group Policy TechCenter](https://go.microsoft.com/fwlink/?LinkID=145531) (https://www.microsoft.com/grouppolicy): Links to Group Policy documentation, tools, and downloads.
 
--   [Group Policy Team Blog](https://go.microsoft.com/fwlink/?LinkID=75192) (http://blogs.technet.com/GroupPolicy): Stay current on the latest news about Group Policy with articles by the Group Policy Team and other experts.
+-   [Group Policy Team Blog](https://go.microsoft.com/fwlink/?LinkID=75192) (https://blogs.technet.com/GroupPolicy): Stay current on the latest news about Group Policy with articles by the Group Policy Team and other experts.
 
 -   [Group Policy Forum](https://go.microsoft.com/fwlink/?LinkID=145532): Do you have questions about Group Policy or AGPM? You can post your questions to the forum, and receive answers from the experts.
 

From 7fdeba732a42fa6b192a1ccceba2a62c5df96e0e Mon Sep 17 00:00:00 2001
From: amirsc3 <42802974+amirsc3@users.noreply.github.com>
Date: Mon, 3 Feb 2020 14:43:38 +0200
Subject: [PATCH 80/96] Update configure-proxy-internet.md

Added AutoIR URLs which should have been included in the article.
Added a note explaining settings-win URL is only needed for machines running 1803 and earlier.
Added a note mentioning the need to ensure Antivirus URLs are not blocked when using Defender Antivirus in combination with Defender ATP.
Changed a few words later on referring to MDATP Client Analyzer
---
 .../configure-proxy-internet.md                  | 16 ++++++++++------
 1 file changed, 10 insertions(+), 6 deletions(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-proxy-internet.md b/windows/security/threat-protection/microsoft-defender-atp/configure-proxy-internet.md
index 162531b03e..4d260cc63d 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/configure-proxy-internet.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/configure-proxy-internet.md
@@ -105,14 +105,18 @@ See [Netsh Command Syntax, Contexts, and Formatting](https://docs.microsoft.com/
 If a proxy or firewall is blocking all traffic by default and allowing only specific domains through or HTTPS scanning (SSL inspection) is enabled, make sure that the following URLs are not blocked by default. Do not disable security monitoring or inspection of these URLs, but allow them as you would other internet traffic. They permit communication with Microsoft Defender ATP service in port 80 and 443:
 
 > [!NOTE]
-> URLs that include v20 in them are only needed if you have Windows 10, version 1803 or later machines. For example, ```us-v20.events.data.microsoft.com``` is only needed if the machine is on Windows 10, version 1803 or later.
+> settings-win.data.microsoft.com is only needed if you have Windows 10 machines running version 1803 or earlier.<br>
+> URLs that include v20 in them are only needed if you have Windows 10 machines running version 1803 or later. For example, ```us-v20.events.data.microsoft.com``` is needed for a Windows 10 machine running version 1803 or later and onboarded to US Data Storage region.
 
  Service location | Microsoft.com DNS record
 -|-
 Common URLs for all locations | ```crl.microsoft.com```<br> ```ctldl.windowsupdate.com``` <br>```events.data.microsoft.com```<br>```notify.windows.com```<br> ```settings-win.data.microsoft.com```
-European Union | ```eu.vortex-win.data.microsoft.com``` <br> ```eu-v20.events.data.microsoft.com``` <br> ```usseu1northprod.blob.core.windows.net```  <br>```usseu1westprod.blob.core.windows.net``` <br> ```winatp-gw-neu.microsoft.com``` <br> ```winatp-gw-weu.microsoft.com``` <br>```wseu1northprod.blob.core.windows.net``` <br>```wseu1westprod.blob.core.windows.net``` 
-United Kingdom | ```uk.vortex-win.data.microsoft.com``` <br>```uk-v20.events.data.microsoft.com``` <br>```ussuk1southprod.blob.core.windows.net``` <br>```ussuk1westprod.blob.core.windows.net``` <br>```winatp-gw-uks.microsoft.com``` <br>```winatp-gw-ukw.microsoft.com``` <br>```wsuk1southprod.blob.core.windows.net``` <br>```wsuk1westprod.blob.core.windows.net``` 
-United States | ```us.vortex-win.data.microsoft.com``` <br> ```ussus1eastprod.blob.core.windows.net``` <br> ```ussus1westprod.blob.core.windows.net``` <br> ```ussus2eastprod.blob.core.windows.net``` <br> ```ussus2westprod.blob.core.windows.net``` <br> ```ussus3eastprod.blob.core.windows.net``` <br> ```ussus3westprod.blob.core.windows.net``` <br> ```ussus4eastprod.blob.core.windows.net``` <br> ```ussus4westprod.blob.core.windows.net``` <br> ```us-v20.events.data.microsoft.com``` <br> ```winatp-gw-cus.microsoft.com``` <br> ```winatp-gw-eus.microsoft.com``` <br> ```wsus1eastprod.blob.core.windows.net``` <br> ```wsus1westprod.blob.core.windows.net``` <br> ```wsus2eastprod.blob.core.windows.net``` <br> ```wsus2westprod.blob.core.windows.net```
+European Union | ```eu.vortex-win.data.microsoft.com``` <br> ```eu-v20.events.data.microsoft.com``` <br> ```usseu1northprod.blob.core.windows.net```  <br>```usseu1westprod.blob.core.windows.net``` <br> ```winatp-gw-neu.microsoft.com``` <br> ```winatp-gw-weu.microsoft.com``` <br>```wseu1northprod.blob.core.windows.net``` <br>```wseu1westprod.blob.core.windows.net``` <br>```automatedirstrprdweu.blob.core.windows.net``` <br>```automatedirstrprdneu.blob.core.windows.net```
+United Kingdom | ```uk.vortex-win.data.microsoft.com``` <br>```uk-v20.events.data.microsoft.com``` <br>```ussuk1southprod.blob.core.windows.net``` <br>```ussuk1westprod.blob.core.windows.net``` <br>```winatp-gw-uks.microsoft.com``` <br>```winatp-gw-ukw.microsoft.com``` <br>```wsuk1southprod.blob.core.windows.net``` <br>```wsuk1westprod.blob.core.windows.net``` <br>```automatedirstrprduks.blob.core.windows.net``` <br>```automatedirstrprdukw.blob.core.windows.net```  
+United States | ```us.vortex-win.data.microsoft.com``` <br> ```ussus1eastprod.blob.core.windows.net``` <br> ```ussus1westprod.blob.core.windows.net``` <br> ```ussus2eastprod.blob.core.windows.net``` <br> ```ussus2westprod.blob.core.windows.net``` <br> ```ussus3eastprod.blob.core.windows.net``` <br> ```ussus3westprod.blob.core.windows.net``` <br> ```ussus4eastprod.blob.core.windows.net``` <br> ```ussus4westprod.blob.core.windows.net``` <br> ```us-v20.events.data.microsoft.com``` <br> ```winatp-gw-cus.microsoft.com``` <br> ```winatp-gw-eus.microsoft.com``` <br> ```wsus1eastprod.blob.core.windows.net``` <br> ```wsus1westprod.blob.core.windows.net``` <br> ```wsus2eastprod.blob.core.windows.net``` <br> ```wsus2westprod.blob.core.windows.net``` <br> ```automatedirstrprdcus.blob.core.windows.net``` <br> ```automatedirstrprdeus.blob.core.windows.net```
+
+> [!NOTE]
+> If you are using Windows Defender Antivirus in your environment, please refer to the following article for details on allowing connections to the Windows Defender Antivirus cloud service: https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-antivirus/configure-network-connections-windows-defender-antivirus
 
 If a proxy or firewall is blocking anonymous traffic, as Microsoft Defender ATP sensor is connecting from system context, make sure anonymous traffic is permitted in the previously listed URLs.
 
@@ -139,9 +143,9 @@ You can find the Azure IP range on [Microsoft Azure Datacenter IP Ranges](https:
 
 Verify the proxy configuration completed successfully, that WinHTTP can discover and communicate through the proxy server in your environment, and that the proxy server allows traffic to the Microsoft Defender ATP service URLs.
 
-1. Download the [connectivity verification tool](https://aka.ms/mdatpanalyzer) to the PC where Microsoft Defender ATP sensor is running on.
+1. Download the [MDATP Client Analyzer tool](https://aka.ms/mdatpanalyzer) to the PC where Microsoft Defender ATP sensor is running on.
 
-2. Extract the contents of MDATPClientAnalyzer on the machine.
+2. Extract the contents of MDATPClientAnalyzer.zip on the machine.
 
 3. Open an elevated command-line:
 

From 279239df89fc8ab9afc57182a3543b26a5b415d3 Mon Sep 17 00:00:00 2001
From: Greg Lindsay <greg.lindsay@microsoft.com>
Date: Mon, 3 Feb 2020 09:40:30 -0800
Subject: [PATCH 81/96] Update
 replace-a-windows-7-computer-with-a-windows-10-computer.md

---
 .../replace-a-windows-7-computer-with-a-windows-10-computer.md  | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/deployment/deploy-windows-mdt/replace-a-windows-7-computer-with-a-windows-10-computer.md b/windows/deployment/deploy-windows-mdt/replace-a-windows-7-computer-with-a-windows-10-computer.md
index f02158277d..f9d1c1f252 100644
--- a/windows/deployment/deploy-windows-mdt/replace-a-windows-7-computer-with-a-windows-10-computer.md
+++ b/windows/deployment/deploy-windows-mdt/replace-a-windows-7-computer-with-a-windows-10-computer.md
@@ -45,7 +45,7 @@ When preparing for the computer replace, you need to create a folder in which to
 2. Create and share the **E:\\MigData** folder by running the following three commands in an elevated Windows PowerShell prompt:
    ``` powershell
    New-Item -Path E:\MigData -ItemType directory
-   New-SmbShare ?Name MigData$ ?Path E:\MigData 
+   New-SmbShare -Name MigData$ -Path E:\MigData 
    -ChangeAccess EVERYONE
    icacls E:\MigData /grant '"MDT_BA":(OI)(CI)(M)'
    ```

From bfc106698511cacfc914ff3eb742ffdfb4eea809 Mon Sep 17 00:00:00 2001
From: Tudor Dobrila <tudor.dobrila@microsoft.com>
Date: Tue, 4 Feb 2020 14:41:54 +0530
Subject: [PATCH 82/96] Clarify process exclusions

---
 .../microsoft-defender-atp/mac-preferences.md | 22 +++++++++++++++++--
 1 file changed, 20 insertions(+), 2 deletions(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-preferences.md b/windows/security/threat-protection/microsoft-defender-atp/mac-preferences.md
index b9a690f1e2..315ec0f230 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/mac-preferences.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/mac-preferences.md
@@ -150,9 +150,9 @@ Specify content excluded from being scanned by file extension.
 | **Possible values** | valid file extensions |
 | **Comments** | Applicable only if *$type* is *excludedFileExtension* |
 
-##### Name of excluded content
+##### Process excluded from the scan
 
-Specify content excluded from being scanned by file name.
+Specify a process for which all file activity is excluded from scanning. The process can be specified either by its name (e.g. `cat`) or full path (e.g. `/bin/cat`).
 
 |||
 |:---|:---|
@@ -407,6 +407,10 @@ The following configuration profile will:
 ### Intune profile
 
 ```XML
+<?xml version="1.0" encoding="utf-8"?>
+<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
+<plist version="1">
+    <dict>
         <key>PayloadUUID</key>
         <string>C4E6A782-0C8D-44AB-A025-EB893987A295</string>
         <key>PayloadType</key>
@@ -475,6 +479,8 @@ The following configuration profile will:
                 </dict>
             </dict>
         </array>
+    </dict>
+</plist>
 ```
 
 ## Full configuration profile example
@@ -518,6 +524,12 @@ The following configuration profile contains entries for all settings described
                 <key>extension</key>
                 <string>pdf</string>
             </dict>
+            <dict>
+                <key>$type</key>
+                <string>excludedFileName</string>
+                <key>name</key>
+                <string>cat</string>
+            </dict>
         </array>
         <key>exclusionsMergePolicy</key>
         <string>merge</string>
@@ -638,6 +650,12 @@ The following configuration profile contains entries for all settings described
                             <key>extension</key>
                             <string>pdf</string>
                         </dict>
+                        <dict>
+                            <key>$type</key>
+                            <string>excludedFileName</string>
+                            <key>name</key>
+                            <string>cat</string>
+                        </dict>
                     </array>
                     <key>exclusionsMergePolicy</key>
                     <string>merge</string>

From c018eb4141eff19a642ae28762c51936a2cc8b31 Mon Sep 17 00:00:00 2001
From: VLG17 <41186174+VLG17@users.noreply.github.com>
Date: Tue, 4 Feb 2020 12:57:31 +0200
Subject: [PATCH 83/96] removed outdated information

https://github.com/MicrosoftDocs/windows-itpro-docs/issues/5781
---
 .../review-scan-results-windows-defender-antivirus.md    | 9 ---------
 1 file changed, 9 deletions(-)

diff --git a/windows/security/threat-protection/windows-defender-antivirus/review-scan-results-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/review-scan-results-windows-defender-antivirus.md
index ad189470ba..d0f31c4c8d 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/review-scan-results-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/review-scan-results-windows-defender-antivirus.md
@@ -36,15 +36,6 @@ After an Windows Defender Antivirus scan completes, whether it is an [on-demand]
 
 See [How to monitor Endpoint Protection status](https://docs.microsoft.com/configmgr/protect/deploy-use/monitor-endpoint-protection).
 
-## Use the Windows Security app to review scan results
-
-1. Open the Windows Security app by clicking the shield icon in the task bar or searching the start menu for **Defender**.
-
-2. Click the **Virus & threat protection** tile (or the shield icon on the left menu bar) and then the **Scan history** label.
-
-    - Click **See full history** for any of the sections to see previous detections and the action taken. You can also clear the list.
-    - Information about the last scan is displayed at the bottom of the page.
-
 ## Use PowerShell cmdlets to review scan results
 
 The following cmdlet will return each detection on the endpoint. If there are multiple detections of the same threat, each detection will be listed separately, based on the time of each detection:

From dfe693ac25bf30cc91af155d90840a53bebdb8e5 Mon Sep 17 00:00:00 2001
From: ImranHabib <47118050+joinimran@users.noreply.github.com>
Date: Tue, 4 Feb 2020 20:20:52 +0500
Subject: [PATCH 84/96] Cosmatic Changes

The period was missing at the end of the statement.
---
 .../microsoft-defender-atp/enable-controlled-folders.md         | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/enable-controlled-folders.md b/windows/security/threat-protection/microsoft-defender-atp/enable-controlled-folders.md
index e6e2a56c92..f78270d508 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/enable-controlled-folders.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/enable-controlled-folders.md
@@ -98,7 +98,7 @@ Use the [./Vendor/MSFT/Policy/Config/ControlledFolderAccessProtectedFolders](htt
 3. Expand the tree to **Windows components > Windows Defender Antivirus > Windows Defender Exploit Guard > Controlled folder access**.
 
 4. Double-click the **Configure Controlled folder access** setting and set the option to **Enabled**. In the options section you must specify one of the following:
-    * **Enable** - Malicious and suspicious apps will not be allowed to make changes to files in protected folders. A notification will be provided in the Windows event log
+    * **Enable** - Malicious and suspicious apps will not be allowed to make changes to files in protected folders. A notification will be provided in the Windows event log.
     * **Disable (Default)** - The Controlled folder access feature will not work. All apps can make changes to files in protected folders.
     * **Audit Mode** - If a malicious or suspicious app attempts to make a change to a file in a protected folder, the change will be allowed but will be recorded in the Windows event log. This allows you to assess the impact of this feature on your organization.
     * **Block disk modification only** - Attempts by untrusted apps to write to disk sectors will be logged in Windows Event log. These logs can be found in **Applications and Services Logs** > Microsoft > Windows > Windows Defender > Operational > ID 1123.

From 6e74656ee995d5f732162e93324c56d15d961411 Mon Sep 17 00:00:00 2001
From: Tom Bolds <thombo@microsoft.com>
Date: Tue, 4 Feb 2020 12:01:36 -0800
Subject: [PATCH 85/96] Updating attribute descriptions

Fixing some attribute descriptions and adding doNotTransition and forceCompatView.
---
 ...terprise-mode-schema-version-1-guidance.md | 43 +++++++++++++++----
 1 file changed, 35 insertions(+), 8 deletions(-)

diff --git a/browsers/internet-explorer/ie11-deploy-guide/enterprise-mode-schema-version-1-guidance.md b/browsers/internet-explorer/ie11-deploy-guide/enterprise-mode-schema-version-1-guidance.md
index 81e964a54b..541b86ede1 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/enterprise-mode-schema-version-1-guidance.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/enterprise-mode-schema-version-1-guidance.md
@@ -163,27 +163,54 @@ This table includes the attributes used by the Enterprise Mode schema.
 </tr>
 <tr>
 <td>exclude</td>
-<td>Specifies the domain or path is excluded from applying Enterprise Mode. This attribute is only supported on the &lt;domain&gt; and &lt;path&gt; elements in the &lt;emie&gt; section.
-<p><b>Example</b>
+<td>Specifies the domain or path is excluded from applying Enterprise Mode. This attribute is only supported on the &lt;domain&gt; and &lt;path&gt; elements in the &lt;emie&gt; section. If this attribute is absent, it is defaulted to false.
+<p><b>Example</b></p>
 <pre class="syntax">
 &lt;emie&gt;
   &lt;domain exclude=&quot;false&quot;&gt;fabrikam.com
     &lt;path exclude=&quot;true&quot;&gt;/products&lt;/path&gt;
   &lt;/domain&gt;
 &lt;/emie&gt;</pre><p>
-Where <a href="https://fabrikam.com" data-raw-source="https://fabrikam.com">https://fabrikam.com</a> uses IE8 Enterprise Mode, but <a href="https://fabrikam.com/products" data-raw-source="https://fabrikam.com/products">https://fabrikam.com/products</a> does not.</td>
-<td>Internet Explorer 11 and Microsoft Edge</td>
+Where <a href="https://fabrikam.com" data-raw-source="https://fabrikam.com">https://fabrikam.com</a> uses IE8 Enterprise Mode, but <a href="https://fabrikam.com/products" data-raw-source="https://fabrikam.com/products">https://fabrikam.com/products</a> does not.</p></td>
+<td>Internet Explorer 11</td>
 </tr>
 <tr>
 <td>docMode</td>
 <td>Specifies the document mode to apply. This attribute is only supported on &lt;domain&gt; or &lt;path&gt; elements in the &lt;docMode&gt; section.
-<p><b>Example</b>
+<p><b>Example</b></p>
 <pre class="syntax">
 &lt;docMode&gt;
-  &lt;domain exclude=&quot;false&quot;&gt;fabrikam.com
-    &lt;path docMode=&quot;7&quot;&gt;/products&lt;/path&gt;
+  &lt;domain&gt;fabrikam.com
+    &lt;path docMode=&quot;9&quot;&gt;/products&lt;/path&gt;
   &lt;/domain&gt;
-&lt;/docMode&gt;</pre></td>
+&lt;/docMode&gt;</pre><p>
+Where <a href="https://fabrikam.com" data-raw-source="https://fabrikam.com">https://fabrikam.com</a> loads in IE11 document mode, but <a href="https://fabrikam.com/products" data-raw-source="https://fabrikam.com/products">https://fabrikam.com/products</a> uses IE9 document mode.</p></td>
+<td>Internet Explorer 11</td>
+</tr>
+<tr>
+<td>doNotTransition</td>
+<td>Specifies that the page should load in the current browser, otherwise it will open in IE11. This attribute is supported on all &lt;domain&gt; or &lt;path&gt; elements. If this attribute is absent, it is defaulted to false.
+<p><b>Example</b></p>
+<pre class="syntax">
+&lt;emie&gt;
+  &lt;domain doNotTransition=&quot;false&quot;&gt;fabrikam.com
+    &lt;path doNotTransition=&quot;true&quot;&gt;/products&lt;/path&gt;
+  &lt;/domain&gt;
+&lt;/emie&gt;</pre><p>
+Where <a href="https://fabrikam.com" data-raw-source="https://fabrikam.com">https://fabrikam.com</a> opens in the IE11 browser, but <a href="https://fabrikam.com/products" data-raw-source="https://fabrikam.com/products">https://fabrikam.com/products</a> loads in the current browser (eg. Microsoft Edge).</p></td>
+<td>Internet Explorer 11 and Microsoft Edge</td>
+</tr>
+<tr>
+<td>forceCompatView</td>
+<td>Specifies that the page should load in IE7 document mode (Compat View). This attribute is only supported on &lt;domain&gt; or &lt;path&gt; elements in the &lt;emie&gt; section. If the page is also configured to load in Enterprise Mode, it will load in IE7 Enterprise Mode. Otherwise (exclude=&quot;true&quot;), it will load in IE11's IE7 document mode. If this attribute is absent, it is defaulted to false.
+<p><b>Example</b></p>
+<pre class="syntax">
+&lt;emie&gt;
+  &lt;domain exclude=&quot;true&quot;&gt;fabrikam.com
+    &lt;path forceCompatView=&quot;true&quot;&gt;/products&lt;/path&gt;
+  &lt;/domain&gt;
+&lt;/emie&gt;</pre><p>
+Where <a href="https://fabrikam.com" data-raw-source="https://fabrikam.com">https://fabrikam.com</a> does not use Enterprise Mode, but <a href="https://fabrikam.com/products" data-raw-source="https://fabrikam.com/products">https://fabrikam.com/products</a> uses IE7 Enterprise Mode.</p></td>
 <td>Internet Explorer 11</td>
 </tr>
 </table>

From 185a6f86608648e30a9636687967b6ddc69ba4d0 Mon Sep 17 00:00:00 2001
From: Cern McAtee <cmcatee@microsoft.com>
Date: Tue, 4 Feb 2020 12:22:34 -0800
Subject: [PATCH 86/96] Removed MSfB topic & added redirect to json

---
 .openpublishing.redirection.json              |  5 ++
 ...k-with-partner-microsoft-store-business.md | 83 -------------------
 2 files changed, 5 insertions(+), 83 deletions(-)
 delete mode 100644 store-for-business/work-with-partner-microsoft-store-business.md

diff --git a/.openpublishing.redirection.json b/.openpublishing.redirection.json
index f8f2090d66..680be938be 100644
--- a/.openpublishing.redirection.json
+++ b/.openpublishing.redirection.json
@@ -14012,6 +14012,11 @@
 "redirect_document_id": false
 },
 {
+"source_path": "store-for-business/work-with-partner-microsoft-store-business.md",
+"redirect_url": "https://docs.microsoft.com/microsoft-365/commerce/manage-partners",
+"redirect_document_id": false
+},
+{
 "source_path": "windows/manage/windows-10-mobile-and-mdm.md",
 "redirect_url": "https://docs.microsoft.com/windows/client-management/windows-10-mobile-and-mdm",
 "redirect_document_id": true
diff --git a/store-for-business/work-with-partner-microsoft-store-business.md b/store-for-business/work-with-partner-microsoft-store-business.md
deleted file mode 100644
index e2829a08cb..0000000000
--- a/store-for-business/work-with-partner-microsoft-store-business.md
+++ /dev/null
@@ -1,83 +0,0 @@
----
-title: Work with solution providers in Microsoft Store for Business and Education (Windows 10)
-description: You can work with Microsoft-certified solution providers to purchase and manage products and services for your organization or school.
-keywords: partner, solution provider
-ms.prod: w10
-ms.mktglfcycl: manage
-ms.sitesec: library
-ms.pagetype: store
-author: TrudyHa
-ms.author: TrudyHa
-ms.topic: conceptual
-ms.date: 10/12/2018
-ms.reviewer: 
-manager: dansimp
----
-
-# Working with solution providers in Microsoft Store for Business
-
-You can work with Microsoft-certified solution providers to purchase and manage products and services for your organization or school. There's a few steps involved in getting the things set up. 
-
-The process goes like this:
-- Admins find and contact a solution provider using **Find a solution provider** in Microsoft Store for Business. 
-- Solution providers send a request from Partner center to customers to become their solution provider.
-- Customers accept the invitation in Microsoft Store for Business and start working with the solution provider.
-- Customers can manage settings for the relationship with Partner in Microsoft Store for Business. 
-
-## What can a solution provider do for my organization or school?
-
-There are several ways that a solution provider can work with you. Solution providers will choose one of these when they send their request to work as a partner with you.
-
-| Solution provider function | Description | 
-| ------ | ------------------- | 
-| Reseller | Solution providers sell Microsoft products to your organization or school. |
-| Delegated administrator | Solution provider manages products and services for your organization or school. In Azure Active Directory (AD), the Partner will be a Global Administrator for tenant. This allows them to manage services like creating user accounts, assigning and managing licenses, and password resets. |
-| Reseller & delegated administrator | Solution providers that sell and manage Microsoft products and services to your organization or school. |
-| Partner | You can give your solution provider a user account in your tenant, and they work on your behalf with other Microsoft services. |
-| Microsoft Products & Services Agreement (MPSA) partner | If you've worked with multiple solution providers through the MPSA program, you can allow partners to see purchases made by each other. |
-| OEM PC partner | Solution providers can upload device IDs for PCs that you're [managing with Autopilot](https://docs.microsoft.com/microsoft-store/add-profile-to-devices).   |
-| Line-of-business (LOB) partner | Solution providers can develop, submit, and manage LOB apps specific for your organization or school. |
-
-## Find a solution provider
-
-You can find partner in Microsoft Store for Business and Education. 
-
-1. Sign in to [Microsoft Store for Business](https://businessstore.microsoft.com/) or [Microsoft Store for Education](https://educationstore.microsoft.com/).
-2. Select **Find a solution provider**.
-
-    ![Image shows Find a solution provider option in Microsoft Store for Business.](images/msfb-find-partner.png)
-
-3. Refine the list, or search for a solution provider. 
-
-    ![Image shows Find a solution provider option in Microsoft Store for Business.](images/msfb-provider-list.png)
-
-4. When you find a solution provider you're interested in working with, click **Contact**.
-5. Complete and send the form.
-
-The solution provider will get in touch with you. You'll have a chance to learn more about them. If you decide to work with the solution provider, they will send you an email invitation from Partner Center. 
-
-## Work with a solution provider
-
-Once you've found a solution provider and decided to work with them, they'll send you an invitation to work together from Partner Center. In Microsoft Store for Business or Education, you'll need to accept the invitation. After that, you can manage their permissions.
-
-**To accept a solution provider invitation**
-1. **Follow email link** - You'll receive an email with a link to accept the solution provider invitation from your solution provider. The link will take you to Microsoft Store for Business or Education.
-2. **Accept invitation** - On **Accept Partner Invitation**, select **Authorize** to accept the invitation, accept terms of the Microsoft Cloud Agreement, and start working with the solution provider. 
-
-![Image shows accepting an invitation from a solution provider in Microsoft Store for Business.](images/msft-accept-partner.png)
- 
-## Delegate admin privileges
-
-Depending on the request made by the solution provider, part of accepting the invitation will include agreeing to give delegated admin privileges to the solution provider. This will happen when the solution provider request includes acting as a delegated administrator. For more information, see [Delegated admin privileges in Azure AD](https://docs.microsoft.com/partner-center/customers_revoke_admin_privileges#delegated-admin-privileges-in-azure-ad). 
-
-If you don't want to delegate admin privileges to the solution provider, you'll need to cancel the invitation instead of accepting it. 
-
-If you delegate admin privileges to a solution provider, you can remove that later. 
-
-**To remove delegate admin privileges**
-1. Sign in to [Microsoft Store for Business](https://businessstore.microsoft.com/) or [Microsoft Store for Education](https://educationstore.microsoft.com/).
-2. Select **Partner**
-3. Choose the Partner you want to manage.
-4. Select **Remove Delegated Permissions**. 
-
-The solution provider will still be able to work with you, for example, as a Reseller. 

From 58d82a4ee8cd97e65b475c41eb01d30ffd52dd5e Mon Sep 17 00:00:00 2001
From: Cern McAtee <cmcatee@microsoft.com>
Date: Tue, 4 Feb 2020 12:23:49 -0800
Subject: [PATCH 87/96] Updated MSfB TOC

---
 store-for-business/TOC.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/store-for-business/TOC.md b/store-for-business/TOC.md
index fe8f3b7411..bdfb8ea979 100644
--- a/store-for-business/TOC.md
+++ b/store-for-business/TOC.md
@@ -24,7 +24,7 @@
 ### [Manage Windows device deployment with Windows Autopilot Deployment](add-profile-to-devices.md)
 ### [Microsoft Store for Business and Education PowerShell module - preview](microsoft-store-for-business-education-powershell-module.md)
 ### [Manage software purchased with Microsoft Products and Services agreement in Microsoft Store for Business](manage-mpsa-software-microsoft-store-for-business.md)
-### [Working with solution providers in Microsoft Store for Business](work-with-partner-microsoft-store-business.md)
+### [Working with solution providers](work-with-partner-microsoft-store-business.md)
 ## [Billing and payments](billing-payments-overview.md)
 ### [Understand your invoice](billing-understand-your-invoice-msfb.md)
 ### [Payment methods](payment-methods.md)

From 9ebf0b1bd6c897e2ee89456c049090189598751b Mon Sep 17 00:00:00 2001
From: Tom Bolds <thombo@microsoft.com>
Date: Tue, 4 Feb 2020 16:59:27 -0800
Subject: [PATCH 88/96] Update
 browsers/internet-explorer/ie11-deploy-guide/enterprise-mode-schema-version-1-guidance.md

Co-Authored-By: Trond B. Krokli <38162891+illfated@users.noreply.github.com>
---
 .../enterprise-mode-schema-version-1-guidance.md                | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/browsers/internet-explorer/ie11-deploy-guide/enterprise-mode-schema-version-1-guidance.md b/browsers/internet-explorer/ie11-deploy-guide/enterprise-mode-schema-version-1-guidance.md
index 541b86ede1..485ce9751e 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/enterprise-mode-schema-version-1-guidance.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/enterprise-mode-schema-version-1-guidance.md
@@ -163,7 +163,7 @@ This table includes the attributes used by the Enterprise Mode schema.
 </tr>
 <tr>
 <td>exclude</td>
-<td>Specifies the domain or path is excluded from applying Enterprise Mode. This attribute is only supported on the &lt;domain&gt; and &lt;path&gt; elements in the &lt;emie&gt; section. If this attribute is absent, it is defaulted to false.
+<td>Specifies the domain or path excluded from applying Enterprise Mode. This attribute is only supported on the &lt;domain&gt; and &lt;path&gt; elements in the &lt;emie&gt; section. If this attribute is absent, it defaults to false.
 <p><b>Example</b></p>
 <pre class="syntax">
 &lt;emie&gt;

From 85f5639766977766979062041ae7b5e56caa3f17 Mon Sep 17 00:00:00 2001
From: Tom Bolds <thombo@microsoft.com>
Date: Tue, 4 Feb 2020 17:00:08 -0800
Subject: [PATCH 89/96] Update
 browsers/internet-explorer/ie11-deploy-guide/enterprise-mode-schema-version-1-guidance.md

Co-Authored-By: Trond B. Krokli <38162891+illfated@users.noreply.github.com>
---
 .../enterprise-mode-schema-version-1-guidance.md                | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/browsers/internet-explorer/ie11-deploy-guide/enterprise-mode-schema-version-1-guidance.md b/browsers/internet-explorer/ie11-deploy-guide/enterprise-mode-schema-version-1-guidance.md
index 485ce9751e..39b6b5c5f6 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/enterprise-mode-schema-version-1-guidance.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/enterprise-mode-schema-version-1-guidance.md
@@ -202,7 +202,7 @@ Where <a href="https://fabrikam.com" data-raw-source="https://fabrikam.com">http
 </tr>
 <tr>
 <td>forceCompatView</td>
-<td>Specifies that the page should load in IE7 document mode (Compat View). This attribute is only supported on &lt;domain&gt; or &lt;path&gt; elements in the &lt;emie&gt; section. If the page is also configured to load in Enterprise Mode, it will load in IE7 Enterprise Mode. Otherwise (exclude=&quot;true&quot;), it will load in IE11's IE7 document mode. If this attribute is absent, it is defaulted to false.
+<td>Specifies that the page should load in IE7 document mode (Compat View). This attribute is only supported on &lt;domain&gt; or &lt;path&gt; elements in the &lt;emie&gt; section. If the page is also configured to load in Enterprise Mode, it will load in IE7 Enterprise Mode. Otherwise (exclude=&quot;true&quot;), it will load in IE11's IE7 document mode. If this attribute is absent, it defaults to false.
 <p><b>Example</b></p>
 <pre class="syntax">
 &lt;emie&gt;

From 7b6896b07a80200f9c5b5fe8c499c56a35e37e6e Mon Sep 17 00:00:00 2001
From: Tom Bolds <thombo@microsoft.com>
Date: Tue, 4 Feb 2020 17:00:48 -0800
Subject: [PATCH 90/96] Update
 browsers/internet-explorer/ie11-deploy-guide/enterprise-mode-schema-version-1-guidance.md

Co-Authored-By: Trond B. Krokli <38162891+illfated@users.noreply.github.com>
---
 .../enterprise-mode-schema-version-1-guidance.md               | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/browsers/internet-explorer/ie11-deploy-guide/enterprise-mode-schema-version-1-guidance.md b/browsers/internet-explorer/ie11-deploy-guide/enterprise-mode-schema-version-1-guidance.md
index 39b6b5c5f6..1325dee181 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/enterprise-mode-schema-version-1-guidance.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/enterprise-mode-schema-version-1-guidance.md
@@ -177,7 +177,8 @@ Where <a href="https://fabrikam.com" data-raw-source="https://fabrikam.com">http
 <tr>
 <td>docMode</td>
 <td>Specifies the document mode to apply. This attribute is only supported on &lt;domain&gt; or &lt;path&gt; elements in the &lt;docMode&gt; section.
-<p><b>Example</b></p>
+<br />
+<p><b>Example:</b></p>
 <pre class="syntax">
 &lt;docMode&gt;
   &lt;domain&gt;fabrikam.com

From e97fc1422ebf9a702a9832c45c50a09ac6976aaa Mon Sep 17 00:00:00 2001
From: Tom Bolds <thombo@microsoft.com>
Date: Tue, 4 Feb 2020 17:00:58 -0800
Subject: [PATCH 91/96] Update
 browsers/internet-explorer/ie11-deploy-guide/enterprise-mode-schema-version-1-guidance.md

Co-Authored-By: Trond B. Krokli <38162891+illfated@users.noreply.github.com>
---
 .../enterprise-mode-schema-version-1-guidance.md               | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/browsers/internet-explorer/ie11-deploy-guide/enterprise-mode-schema-version-1-guidance.md b/browsers/internet-explorer/ie11-deploy-guide/enterprise-mode-schema-version-1-guidance.md
index 1325dee181..b1ae41d9cf 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/enterprise-mode-schema-version-1-guidance.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/enterprise-mode-schema-version-1-guidance.md
@@ -204,7 +204,8 @@ Where <a href="https://fabrikam.com" data-raw-source="https://fabrikam.com">http
 <tr>
 <td>forceCompatView</td>
 <td>Specifies that the page should load in IE7 document mode (Compat View). This attribute is only supported on &lt;domain&gt; or &lt;path&gt; elements in the &lt;emie&gt; section. If the page is also configured to load in Enterprise Mode, it will load in IE7 Enterprise Mode. Otherwise (exclude=&quot;true&quot;), it will load in IE11's IE7 document mode. If this attribute is absent, it defaults to false.
-<p><b>Example</b></p>
+<br />
+<p><b>Example:</b></p>
 <pre class="syntax">
 &lt;emie&gt;
   &lt;domain exclude=&quot;true&quot;&gt;fabrikam.com

From e3b25a5e12655642509192f03ffb74b28b196490 Mon Sep 17 00:00:00 2001
From: Tom Bolds <thombo@microsoft.com>
Date: Tue, 4 Feb 2020 17:01:39 -0800
Subject: [PATCH 92/96] Update
 browsers/internet-explorer/ie11-deploy-guide/enterprise-mode-schema-version-1-guidance.md

Co-Authored-By: Trond B. Krokli <38162891+illfated@users.noreply.github.com>
---
 .../enterprise-mode-schema-version-1-guidance.md                | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/browsers/internet-explorer/ie11-deploy-guide/enterprise-mode-schema-version-1-guidance.md b/browsers/internet-explorer/ie11-deploy-guide/enterprise-mode-schema-version-1-guidance.md
index b1ae41d9cf..37d2ae3ec4 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/enterprise-mode-schema-version-1-guidance.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/enterprise-mode-schema-version-1-guidance.md
@@ -190,7 +190,7 @@ Where <a href="https://fabrikam.com" data-raw-source="https://fabrikam.com">http
 </tr>
 <tr>
 <td>doNotTransition</td>
-<td>Specifies that the page should load in the current browser, otherwise it will open in IE11. This attribute is supported on all &lt;domain&gt; or &lt;path&gt; elements. If this attribute is absent, it is defaulted to false.
+<td>Specifies that the page should load in the current browser, otherwise it will open in IE11. This attribute is supported on all &lt;domain&gt; or &lt;path&gt; elements. If this attribute is absent, it defaults to false.
 <p><b>Example</b></p>
 <pre class="syntax">
 &lt;emie&gt;

From 49be1abcfd4e8778aacf35d68738eca17942316e Mon Sep 17 00:00:00 2001
From: Tom Bolds <thombo@microsoft.com>
Date: Tue, 4 Feb 2020 17:01:46 -0800
Subject: [PATCH 93/96] Update
 browsers/internet-explorer/ie11-deploy-guide/enterprise-mode-schema-version-1-guidance.md

Co-Authored-By: Trond B. Krokli <38162891+illfated@users.noreply.github.com>
---
 .../enterprise-mode-schema-version-1-guidance.md               | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/browsers/internet-explorer/ie11-deploy-guide/enterprise-mode-schema-version-1-guidance.md b/browsers/internet-explorer/ie11-deploy-guide/enterprise-mode-schema-version-1-guidance.md
index 37d2ae3ec4..5eb935b07e 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/enterprise-mode-schema-version-1-guidance.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/enterprise-mode-schema-version-1-guidance.md
@@ -164,7 +164,8 @@ This table includes the attributes used by the Enterprise Mode schema.
 <tr>
 <td>exclude</td>
 <td>Specifies the domain or path excluded from applying Enterprise Mode. This attribute is only supported on the &lt;domain&gt; and &lt;path&gt; elements in the &lt;emie&gt; section. If this attribute is absent, it defaults to false.
-<p><b>Example</b></p>
+<br />
+<p><b>Example:</b></p>
 <pre class="syntax">
 &lt;emie&gt;
   &lt;domain exclude=&quot;false&quot;&gt;fabrikam.com

From ff473cd3cf134d354baa7009397026dd69a01ce8 Mon Sep 17 00:00:00 2001
From: Tom Bolds <thombo@microsoft.com>
Date: Tue, 4 Feb 2020 17:04:08 -0800
Subject: [PATCH 94/96] Update enterprise-mode-schema-version-1-guidance.md

---
 .../enterprise-mode-schema-version-1-guidance.md               | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/browsers/internet-explorer/ie11-deploy-guide/enterprise-mode-schema-version-1-guidance.md b/browsers/internet-explorer/ie11-deploy-guide/enterprise-mode-schema-version-1-guidance.md
index 5eb935b07e..09160baadd 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/enterprise-mode-schema-version-1-guidance.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/enterprise-mode-schema-version-1-guidance.md
@@ -192,7 +192,8 @@ Where <a href="https://fabrikam.com" data-raw-source="https://fabrikam.com">http
 <tr>
 <td>doNotTransition</td>
 <td>Specifies that the page should load in the current browser, otherwise it will open in IE11. This attribute is supported on all &lt;domain&gt; or &lt;path&gt; elements. If this attribute is absent, it defaults to false.
-<p><b>Example</b></p>
+<br />
+<p><b>Example:</b></p>
 <pre class="syntax">
 &lt;emie&gt;
   &lt;domain doNotTransition=&quot;false&quot;&gt;fabrikam.com

From 300db65ea30024608c1e0e76f7dec282643e3ec1 Mon Sep 17 00:00:00 2001
From: Thomas Raya <v-thraya@microsoft.com>
Date: Wed, 5 Feb 2020 09:09:00 -0800
Subject: [PATCH 95/96] remove en-us from docs link

---
 .../microsoft-defender-atp/configure-proxy-internet.md          | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-proxy-internet.md b/windows/security/threat-protection/microsoft-defender-atp/configure-proxy-internet.md
index 4d260cc63d..c8ddf79198 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/configure-proxy-internet.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/configure-proxy-internet.md
@@ -116,7 +116,7 @@ United Kingdom | ```uk.vortex-win.data.microsoft.com``` <br>```uk-v20.events.dat
 United States | ```us.vortex-win.data.microsoft.com``` <br> ```ussus1eastprod.blob.core.windows.net``` <br> ```ussus1westprod.blob.core.windows.net``` <br> ```ussus2eastprod.blob.core.windows.net``` <br> ```ussus2westprod.blob.core.windows.net``` <br> ```ussus3eastprod.blob.core.windows.net``` <br> ```ussus3westprod.blob.core.windows.net``` <br> ```ussus4eastprod.blob.core.windows.net``` <br> ```ussus4westprod.blob.core.windows.net``` <br> ```us-v20.events.data.microsoft.com``` <br> ```winatp-gw-cus.microsoft.com``` <br> ```winatp-gw-eus.microsoft.com``` <br> ```wsus1eastprod.blob.core.windows.net``` <br> ```wsus1westprod.blob.core.windows.net``` <br> ```wsus2eastprod.blob.core.windows.net``` <br> ```wsus2westprod.blob.core.windows.net``` <br> ```automatedirstrprdcus.blob.core.windows.net``` <br> ```automatedirstrprdeus.blob.core.windows.net```
 
 > [!NOTE]
-> If you are using Windows Defender Antivirus in your environment, please refer to the following article for details on allowing connections to the Windows Defender Antivirus cloud service: https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-antivirus/configure-network-connections-windows-defender-antivirus
+> If you are using Windows Defender Antivirus in your environment, please refer to the following article for details on allowing connections to the Windows Defender Antivirus cloud service: https://docs.microsoft.com/windows/security/threat-protection/windows-defender-antivirus/configure-network-connections-windows-defender-antivirus
 
 If a proxy or firewall is blocking anonymous traffic, as Microsoft Defender ATP sensor is connecting from system context, make sure anonymous traffic is permitted in the previously listed URLs.
 

From 694987b5c48b3b4fdf913937863d7f17e69f411b Mon Sep 17 00:00:00 2001
From: John Liu <49762389+ShenLanJohn@users.noreply.github.com>
Date: Wed, 5 Feb 2020 10:21:36 -0800
Subject: [PATCH 96/96] CAT Auto Pulish for Windows Release Messages -
 CAT_AutoPublish_20200205094458 (#1981)

Co-authored-by: Direesh Kumar Kandakatla <direek@microsoft.com>
---
 ...ndows-7-and-windows-server-2008-r2-sp1.yml |  4 +--
 .../windows-message-center.yml                | 29 ++++---------------
 2 files changed, 7 insertions(+), 26 deletions(-)

diff --git a/windows/release-information/status-windows-7-and-windows-server-2008-r2-sp1.yml b/windows/release-information/status-windows-7-and-windows-server-2008-r2-sp1.yml
index a5cd7e2724..10ac2c6e75 100644
--- a/windows/release-information/status-windows-7-and-windows-server-2008-r2-sp1.yml
+++ b/windows/release-information/status-windows-7-and-windows-server-2008-r2-sp1.yml
@@ -60,7 +60,7 @@ sections:
   - type: markdown
     text: "<div>This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.</div><br>
       <table border ='0'><tr><td width='65%'>Summary</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>Last updated</td></tr>
-      <tr><td><div id='384msg'></div><b>Custom wallpaper displays as black</b><br>Using a custom image set to \"Stretch\" might not display as expected.<br><br><a href = '#384msgdesc'>See details ></a></td><td>January 14, 2020<br><a href ='https://support.microsoft.com/help/4534310' target='_blank'>KB4534310</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>January 27, 2020 <br>12:27 PM PT</td></tr>
+      <tr><td><div id='384msg'></div><b>Custom wallpaper displays as black</b><br>Using a custom image set to \"Stretch\" might not display as expected.<br><br><a href = '#384msgdesc'>See details ></a></td><td>January 14, 2020<br><a href ='https://support.microsoft.com/help/4534310' target='_blank'>KB4534310</a></td><td>Mitigated<br><a href = 'https://support.microsoft.com/help/4539601' target='_blank'>KB4539601</a></td><td>January 27, 2020 <br>12:27 PM PT</td></tr>
       <tr><td><div id='374msg'></div><b>MSRT might fail to install and be re-offered from Windows Update or WSUS </b><br>The November 2019 update for Windows Malicious Software Removal Tool (MSRT) might fail to install from WU/WSUS.<br><br><a href = '#374msgdesc'>See details ></a></td><td><br><a href ='' target='_blank'></a></td><td>Resolved<br><a href = '' target='_blank'></a></td><td>January 23, 2020 <br>02:08 PM PT</td></tr>
       <tr><td><div id='364msg'></div><b>TLS connections might fail or timeout</b><br>Transport Layer Security (TLS) connections might fail or timeout when connecting or attempting a resumption.<br><br><a href = '#364msgdesc'>See details ></a></td><td>October 08, 2019<br><a href ='https://support.microsoft.com/help/4519976' target='_blank'>KB4519976</a></td><td>Mitigated External<br></td><td>November 05, 2019 <br>03:36 PM PT</td></tr>
       <tr><td><div id='310msg'></div><b>IA64 and x64 devices may fail to start after installing updates</b><br>After installing updates released on or after August 13, 2019, IA64 and x64 devices using EFI Boot may fail to start.<br><br><a href = '#310msgdesc'>See details ></a></td><td>August 13, 2019<br><a href ='https://support.microsoft.com/help/4512506' target='_blank'>KB4512506</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>August 17, 2019 <br>12:59 PM PT</td></tr>
@@ -79,7 +79,7 @@ sections:
   - type: markdown
     text: "
       <table border ='0'><tr><td width='65%'>Details</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>History</td></tr>
-      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='384msgdesc'></div><b>Custom wallpaper displays as black</b><div>After installing <a href='https://support.microsoft.com/help/4534310' target='_blank'>KB4534310</a>, your desktop wallpaper when set to \"Stretch\" might display as black.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 7 SP1</li><li>Server: Windows Server 2008 R2 SP1</li></ul><div></div><div><strong>Workaround:</strong> To mitigate the issue, you can do one of the following:</div><ul><li>Set your custom image to an option other than \"Stretch\", such as “Fill”, “Fit”, “Tile”, or “Center”, or</li><li>Choose a custom wallpaper that matches the resolution of your desktop.</li></ul><div></div><div><strong>Next steps: </strong>We are working on a resolution and estimate a solution will be available mid-February, which will be released to all customers running Windows 7 and Windows Server 2008 R2 SP1.</div><br><a href ='#384msg'>Back to top</a></td><td>January 14, 2020<br><a href ='https://support.microsoft.com/help/4534310' target='_blank'>KB4534310</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>Last updated:<br>January 27, 2020 <br>12:27 PM PT<br><br>Opened:<br>January 24, 2020 <br>09:15 AM PT</td></tr>
+      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='384msgdesc'></div><b>Custom wallpaper displays as black</b><div>After installing <a href='https://support.microsoft.com/help/4534310' target='_blank'>KB4534310</a>, your desktop wallpaper when set to \"Stretch\" might display as black.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 7 SP1</li><li>Server: Windows Server 2008 R2 SP1</li></ul><div></div><div><strong>Workaround:</strong> To mitigate the issue, you can do one of the following:</div><ul><li>Set your custom image to an option other than \"Stretch\", such as “Fill”, “Fit”, “Tile”, or “Center”, or</li><li>Choose a custom wallpaper that matches the resolution of your desktop.</li></ul><div></div><div><strong>Next steps: </strong>We are working on a resolution and estimate a solution will be available mid-February, which will be released to all customers running Windows 7 and Windows Server 2008 R2 SP1.</div><br><a href ='#384msg'>Back to top</a></td><td>January 14, 2020<br><a href ='https://support.microsoft.com/help/4534310' target='_blank'>KB4534310</a></td><td>Mitigated<br><a href = 'https://support.microsoft.com/help/4539601' target='_blank'>KB4539601</a></td><td>Last updated:<br>January 27, 2020 <br>12:27 PM PT<br><br>Opened:<br>January 24, 2020 <br>09:15 AM PT</td></tr>
       </table>
       "
 
diff --git a/windows/release-information/windows-message-center.yml b/windows/release-information/windows-message-center.yml
index 7cd86d392d..6cba12b21c 100644
--- a/windows/release-information/windows-message-center.yml
+++ b/windows/release-information/windows-message-center.yml
@@ -38,11 +38,11 @@ sections:
       image: 
         src: http://docs.microsoft.com/media/common/i_article.svg
       title: What’s new in Windows 10, version 1909
-    - href: https://docs.microsoft.com/windows/windows-10/release-information
-      html: Visit the Windows 10 release information page >
+    - href: https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Windows-10-update-servicing-cadence/ba-p/222376
+      html: Learn more >
       image: 
-        src: https://docs.microsoft.com/media/common/i_download-monitor.svg
-      title: Find a list of currently supported versions and previous releases
+        src: https://docs.microsoft.com/media/common/i_investigate.svg
+      title: Windows 10 update servicing cadence
 
 - title: Recent announcements
 - items:
@@ -50,6 +50,7 @@ sections:
     text: "
       <table border ='0'><tr><td width='80%'>Message</td><td width='20%'>Date</td></tr>
       
+      <tr><td id='387'><b>Windows Search shows blank box</b><a class='docon docon-link heading-anchor' aria-labelledby='387' href='#387'></a><br><div>We are aware of a temporary server-side issue causing Windows search to show a blank box. This issue has been resolved&nbsp;for most users and in some cases, you might need to restart your device. We are working diligently to fully resolve the issue and will provide an update once resolved.&nbsp;</div></td><td>February 05, 2020 <br>09:32 AM PT</td></tr>
       <tr><td id='385'><a href = 'https://support.microsoft.com/help/4532695' target='_blank'><b>January 2020 Windows 10, version 1909 \"D\" optional release is available.</b></a><a class='docon docon-link heading-anchor' aria-labelledby='385' href='#385'></a><br><div>The January<strong> </strong>2020 optional monthly “D” release for Windows 10, version 1909 and Windows 10, version 1903 is now available. For more information on the different types of monthly quality updates, see our <a href=\"https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Windows-10-update-servicing-cadence/ba-p/222376\" rel=\"noopener noreferrer\" target=\"_blank\">Windows 10 update servicing cadence primer</a>. Follow&nbsp;<a href=\"https://twitter.com/windowsupdate\" rel=\"noopener noreferrer\" target=\"_blank\">@WindowsUpdate</a>&nbsp;for the latest on the availability of this release.</div></td><td>January 28, 2020 <br>08:00 AM PT</td></tr>
       <tr><td id='383'><b>January 2020 Windows \"C\" optional release is available.</b><a class='docon docon-link heading-anchor' aria-labelledby='383' href='#383'></a><br><div>The January 2020 optional monthly “C” release for all supported versions of Windows is now available. For more information on the different types of monthly quality updates, see our <a href=\"https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Windows-10-update-servicing-cadence/ba-p/222376\" rel=\"noopener noreferrer\" target=\"_blank\">Windows 10 update servicing cadence primer</a>. Follow&nbsp;<a href=\"https://twitter.com/windowsupdate\" rel=\"noopener noreferrer\" target=\"_blank\">@WindowsUpdate</a>&nbsp;for the latest on the availability of this release.</div></td><td>January 23, 2020 <br>12:00 PM PT</td></tr>
       <tr><td id='382'><a href = 'https://www.microsoft.com/en-us/microsoft-365/blog/2020/01/14/windows-7-support-ends-today-and-windows-10-is-better-than-ever/' target='_blank'><b>Windows 7 has reached end of support</b></a><a class='docon docon-link heading-anchor' aria-labelledby='382' href='#382'></a><br><div>Windows&nbsp;7 reached end of support on January 14, 2020. If your organization has&nbsp;not yet been able to complete your transition from Windows 7 to Windows 10, and want to continue to receive security updates while you complete your upgrade projects, please read <a href=\"https://techcommunity.microsoft.com/t5/windows-it-pro-blog/how-to-get-extended-security-updates-for-eligible-windows/ba-p/917807\" rel=\"noopener noreferrer\" target=\"_blank\">How to get Extended Security Updates for eligible Windows devices</a>. For more information on end of service dates for currently supported versions of Windows 10, see the&nbsp;<a href=\"https://support.microsoft.com/help/13853/windows-lifecycle-fact-sheet\" rel=\"noopener noreferrer\" target=\"_blank\">Windows lifecycle fact sheet</a>.</div></td><td>January 15, 2020 <br>10:00 AM PT</td></tr>
@@ -92,25 +93,5 @@ sections:
       <tr><td id='297'><b>Windows 10, version 1903 starting to roll out to devices running Windows 10, version 1803 and earlier</b><a class='docon docon-link heading-anchor' aria-labelledby='297' href='#297'></a><br><div>We are now beginning to build and train the machine learning (ML) based rollout process to update devices running Windows 10, version 1803 (the April 2018 Update) and earlier versions of Windows 10, to ensure we can continue to service these devices and provide the latest updates, security updates, and improvements.</div></td><td>June 18, 2019 <br>02:00 PM PT</td></tr>
       <tr><td id='298'><b>Windows 10, version 1903 available by selecting “Check for updates”</b><a class='docon docon-link heading-anchor' aria-labelledby='298' href='#298'></a><br><div>Windows 10, version 1903 is now available for any user who manually selects “Check for updates” via Windows Update. The recommended servicing status is Semi-Annual Channel.</div></td><td>June 06, 2019 <br>06:00 PM PT</td></tr>
       <tr><td id='262'><a href = 'https://blogs.windows.com/windowsexperience/2019/05/21/how-to-get-the-windows-10-may-2019-update/#1P75kJB6T5OhySyo.97' target='_blank'><b>Windows 10, version 1903 rollout begins</b></a><a class='docon docon-link heading-anchor' aria-labelledby='262' href='#262'></a><br>The Windows 10 May 2019 Update (Windows 10, version 1903) is available today to commercial customers via Windows Server Update Services (WSUS), Windows Update for Business, and the Volume Licensing Service Center (VLSC)—and to end users who manually select “Check for updates.” We are slowly throttling up availability while we carefully monitor data and feedback.</td><td>May 21, 2019 <br>10:00 AM PT</td></tr>
-      <tr><td id='264'><a href = 'https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/What-s-new-in-Windows-Update-for-Business-in-Windows-10-version/ba-p/622064' target='_blank'><b>What’s new in Windows Update for Business</b></a><a class='docon docon-link heading-anchor' aria-labelledby='264' href='#264'></a><br>We are enhancing and expanding the capabilities of Windows Update for Business to make the move to the cloud even easier. From simplified branch readiness options to better control over deadlines and reboots, read about the enhancements to Windows Update for Business as a part of Windows 10, version 1903. </td><td>May 21, 2019 <br>10:00 AM PT</td></tr>
-      <tr><td id='265'><a href = 'https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/What-s-new-for-IT-pros-in-Windows-10-version-1903/ba-p/622024' target='_blank'><b>What’s new for businesses and IT pros in Windows 10</b></a><a class='docon docon-link heading-anchor' aria-labelledby='265' href='#265'></a><br>Explore the newest capabilities for businesses and IT in the latest feature update in the areas of intelligent security, simplified updates, flexible management, and enhanced productivity. </td><td>May 21, 2019 <br>10:00 AM PT</td></tr>
-      <tr><td id='294'><a href = 'https://docs.microsoft.com/windows/deployment/update/servicing-stack-updates' target='_blank'><b>Reminder: Install the latest SSU for a smoother update experience </b></a><a class='docon docon-link heading-anchor' aria-labelledby='294' href='#294'></a><br><div>We strongly recommend that you install the latest servicing stack update (SSU) before installing any Windows update; especially as an SSU may be a prerequisite for some updates. If you have difficulty installing Windows updates, verify that you have installed the latest SSU package for your version of Windows and then try installing the update again. Links to the latest SSU are always provided in the “How to get this update” section of each update KB article (e.g., <a href='https://support.microsoft.com/help/4494441' target='_blank'>KB4494441</a>).  For more information about SSUs, see our <a href='https://docs.microsoft.com/windows/deployment/update/servicing-stack-updates' target='_blank'>Servicing stack updates</a> guidance.</div></td><td>May 14, 2019 <br>10:00 AM PT</td></tr>
-      <tr><td id='295'><a href = 'https://blogs.technet.microsoft.com/msrc/2019/05/14/prevent-a-worm-by-updating-remote-desktop-services-cve-2019-0708/' target='_blank'><b>Take action: Update Remote Desktop Services on older versions of Windows</b></a><a class='docon docon-link heading-anchor' aria-labelledby='295' href='#295'></a><br><div>Today, we released fixes for a critical wormable, remote code execution vulnerability (<a href='https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708' target='_blank'>CVE-2019-0708</a>) in Remote Desktop Services—formerly known as Terminal Services. This vulnerability affects Windows 7, Windows Server 2008 R2, and earlier versions of Windows nearing end of support. It does not affect Windows 8, Windows Server 2012, or newer operating systems. While we have not observed attacks exploiting this vulnerability, affected systems should be patched with priority. Here is what you need to know:<br> <br>
-<strong>Call to action:</strong>
-<ul>
-<li>	If you are running a supported version of Windows and have automatic updates enabled, you are automatically protected and do not need to take any action. </li>
-<li>	If you are managing updates on behalf of your organization, you should download the latest updates from the <a href='https://portal.msrc.microsoft.com/' target='_blank'>Microsoft Security Update Guide</a> and apply them to your Windows 7, Windows Server 2008 R2, and Windows Server 2008 devices as soon as possible.</li>
-</ul>
-Given the potential impact to customers and their businesses, we have also released <a href='https://support.microsoft.com/help/4500705' target='_blank'>security updates for Windows XP and Windows Server 2003</a>, even though these operating systems have reached end of support (except by custom support agreements). While we recommend that you upgrade to the current version of Windows to benefit from the latest security protections, these updates are available from the Microsoft Update Catalog only. For more information, see <a href='https://support.microsoft.com/help/4500705' target='_blank'>KB4500705</a>.
- </div>
-</td><td>May 14, 2019 <br>10:00 AM PT</td></tr>
-      <tr><td id='293'><a href = 'https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Windows-10-update-servicing-cadence/ba-p/222376' target='_blank'><b>Reminder: Windows 10  update servicing cadence</b></a><a class='docon docon-link heading-anchor' aria-labelledby='293' href='#293'></a><br><div>This month we received questions about the cadence of updates we released in April and May 2019. Here's a quick recap of our releases and servicing cadence: <br>
- <ul>
-<li>	April 9, 2019 was the regular Update Tuesday release for all versions of Windows.</li> 
-<li>	May 1, 2019 was an \\\"optional,\\\" out of band non-security update (OOB) for Windows 10, version 1809. It was released to Microsoft Catalog and WSUS, providing a critical fix for our OEM partners.</li>
-<li>	May 3, 2019 was the \\\"optional\\\" Windows 10, version 1809 \\\"C\\\" release for April. This update contained important <a href='https://support.microsoft.com/help/4470918/updates-for-may-2019-japan-era-change' target='_blank'>Japanese era</a> packages for commercial customers to preview. It was released later than expected and mistakenly targeted as \\\"required\\\" (instead of \\\"optional\\\") for consumers, which pushed the update out to customers and required a reboot. Within 24 hours of receiving customer reports, we corrected the targeting logic and mitigated the issue.</li>
- </ul>
- For more information about the Windows 10  update servicing cadence, please see the <a href='https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Windows-10-update-servicing-cadence/ba-p/222376' target='_blank'>Window IT Pro blog</a>.</div>
-</td><td>May 10, 2019 <br>10:00 AM PT</td></tr>
       </table>
       "