From 2868cfe7f75a9c28d2b64f10d49d9bb6019c7181 Mon Sep 17 00:00:00 2001
From: DocsPreview <49669258+DocsPreview@users.noreply.github.com>
Date: Sun, 16 Apr 2023 23:54:58 -0700
Subject: [PATCH 01/22] Update check-release-health.md

---
 windows/deployment/update/check-release-health.md | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/windows/deployment/update/check-release-health.md b/windows/deployment/update/check-release-health.md
index c73105ae1b..bb1a8ef402 100644
--- a/windows/deployment/update/check-release-health.md
+++ b/windows/deployment/update/check-release-health.md
@@ -54,6 +54,14 @@ To be informed about the latest updates and releases, follow [@WindowsUpdate](ht
 
    ![A screenshot showing issue details.](images/WRH-known-issue-detail.png)
 
+## Sign up for email notifications 
+
+You have the option to sign up for email notifications about Windows known issues and  information updates, such as a change in status, new workarounds, and resolutions released. To subscribe, go to the [Windows release health page](https://admin.microsoft.com/Adminportal/Home?#/windowsreleasehealth), select **Preferences > Email**, click **Send me email notifications about Windows release health**, and then specify: 
+- Up to two email addresses. Each admin can set their Preferences. The limit of two email addresses is per admin account. 
+- Which Windows versions you want to be notified about. If your organization has multiple versions of Windows, we recommend selecting all that apply. 
+Lastly, don’t forget to click on **Save**. It might take up to 8 hours for these changes to take effect. 
+**Note:** If one known issue affects more than one version of Windows, you will receive only one email, even if you sign up for multiple Windows versions. We won’t send duplicate emails. 
+
 ## Status definitions
 
 In the **Windows release health** experience, every known issue is assigned as status. Those statuses are defined as follows:

From 83bd2a0bc073a58d26a3666e796978cd2233304b Mon Sep 17 00:00:00 2001
From: DocsPreview <49669258+DocsPreview@users.noreply.github.com>
Date: Mon, 17 Apr 2023 00:52:13 -0700
Subject: [PATCH 02/22] Update check-release-health.md

---
 windows/deployment/update/check-release-health.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/windows/deployment/update/check-release-health.md b/windows/deployment/update/check-release-health.md
index bb1a8ef402..b14769c0b8 100644
--- a/windows/deployment/update/check-release-health.md
+++ b/windows/deployment/update/check-release-health.md
@@ -60,6 +60,7 @@ You have the option to sign up for email notifications about Windows known issue
 - Up to two email addresses. Each admin can set their Preferences. The limit of two email addresses is per admin account. 
 - Which Windows versions you want to be notified about. If your organization has multiple versions of Windows, we recommend selecting all that apply. 
 Lastly, don’t forget to click on **Save**. It might take up to 8 hours for these changes to take effect. 
+
 **Note:** If one known issue affects more than one version of Windows, you will receive only one email, even if you sign up for multiple Windows versions. We won’t send duplicate emails. 
 
 ## Status definitions

From df95c285b85691c1debaa090c66f3b40b7e264b5 Mon Sep 17 00:00:00 2001
From: Meghan Stewart <33289333+mestew@users.noreply.github.com>
Date: Thu, 27 Apr 2023 08:42:44 -0700
Subject: [PATCH 03/22] Update
 windows/deployment/update/check-release-health.md

---
 windows/deployment/update/check-release-health.md | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/windows/deployment/update/check-release-health.md b/windows/deployment/update/check-release-health.md
index b14769c0b8..c1f39d08e8 100644
--- a/windows/deployment/update/check-release-health.md
+++ b/windows/deployment/update/check-release-health.md
@@ -56,7 +56,11 @@ To be informed about the latest updates and releases, follow [@WindowsUpdate](ht
 
 ## Sign up for email notifications 
 
-You have the option to sign up for email notifications about Windows known issues and  information updates, such as a change in status, new workarounds, and resolutions released. To subscribe, go to the [Windows release health page](https://admin.microsoft.com/Adminportal/Home?#/windowsreleasehealth), select **Preferences > Email**, click **Send me email notifications about Windows release health**, and then specify: 
+You have the option to sign up for email notifications about Windows known issues and informational updates. Notifications include changes in issue status, new workarounds, and issue resolutions. To subscribe to notifications:
+
+1. Go to the [Windows release health page](https://admin.microsoft.com/Adminportal/Home?#/windowsreleasehealth).
+1. Select **Preferences** > **Email** then select **Send me email notifications about Windows release health**.
+1. Specify the following information: 
 - Up to two email addresses. Each admin can set their Preferences. The limit of two email addresses is per admin account. 
 - Which Windows versions you want to be notified about. If your organization has multiple versions of Windows, we recommend selecting all that apply. 
 Lastly, don’t forget to click on **Save**. It might take up to 8 hours for these changes to take effect. 

From 209d33c3ca182474ac91a29ca0b465f94420f4c5 Mon Sep 17 00:00:00 2001
From: Meghan Stewart <33289333+mestew@users.noreply.github.com>
Date: Thu, 27 Apr 2023 08:42:51 -0700
Subject: [PATCH 04/22] Update
 windows/deployment/update/check-release-health.md

---
 windows/deployment/update/check-release-health.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/deployment/update/check-release-health.md b/windows/deployment/update/check-release-health.md
index c1f39d08e8..93ee5ce2bc 100644
--- a/windows/deployment/update/check-release-health.md
+++ b/windows/deployment/update/check-release-health.md
@@ -62,7 +62,7 @@ You have the option to sign up for email notifications about Windows known issue
 1. Select **Preferences** > **Email** then select **Send me email notifications about Windows release health**.
 1. Specify the following information: 
 - Up to two email addresses. Each admin can set their Preferences. The limit of two email addresses is per admin account. 
-- Which Windows versions you want to be notified about. If your organization has multiple versions of Windows, we recommend selecting all that apply. 
+    - Windows versions to be notified about
 Lastly, don’t forget to click on **Save**. It might take up to 8 hours for these changes to take effect. 
 
 **Note:** If one known issue affects more than one version of Windows, you will receive only one email, even if you sign up for multiple Windows versions. We won’t send duplicate emails. 

From ee853f9f1868fbef05296eb4e6174dd81f6bde4e Mon Sep 17 00:00:00 2001
From: Meghan Stewart <33289333+mestew@users.noreply.github.com>
Date: Thu, 27 Apr 2023 08:42:57 -0700
Subject: [PATCH 05/22] Update
 windows/deployment/update/check-release-health.md

---
 windows/deployment/update/check-release-health.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/deployment/update/check-release-health.md b/windows/deployment/update/check-release-health.md
index 93ee5ce2bc..f2a8b72d00 100644
--- a/windows/deployment/update/check-release-health.md
+++ b/windows/deployment/update/check-release-health.md
@@ -63,7 +63,7 @@ You have the option to sign up for email notifications about Windows known issue
 1. Specify the following information: 
 - Up to two email addresses. Each admin can set their Preferences. The limit of two email addresses is per admin account. 
     - Windows versions to be notified about
-Lastly, don’t forget to click on **Save**. It might take up to 8 hours for these changes to take effect. 
+1. Select **Save** when you're finished specifying email addresses and Windows versions. It may take up to 8 hours for these changes to take effect. 
 
 **Note:** If one known issue affects more than one version of Windows, you will receive only one email, even if you sign up for multiple Windows versions. We won’t send duplicate emails. 
 

From f1db2b63a235aa3027ad7dda2636c59a446d0fb2 Mon Sep 17 00:00:00 2001
From: Meghan Stewart <33289333+mestew@users.noreply.github.com>
Date: Thu, 27 Apr 2023 08:43:02 -0700
Subject: [PATCH 06/22] Update
 windows/deployment/update/check-release-health.md

---
 windows/deployment/update/check-release-health.md | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/windows/deployment/update/check-release-health.md b/windows/deployment/update/check-release-health.md
index f2a8b72d00..57c9a29fb4 100644
--- a/windows/deployment/update/check-release-health.md
+++ b/windows/deployment/update/check-release-health.md
@@ -65,7 +65,8 @@ You have the option to sign up for email notifications about Windows known issue
     - Windows versions to be notified about
 1. Select **Save** when you're finished specifying email addresses and Windows versions. It may take up to 8 hours for these changes to take effect. 
 
-**Note:** If one known issue affects more than one version of Windows, you will receive only one email, even if you sign up for multiple Windows versions. We won’t send duplicate emails. 
+> [!Note]
+> When a single known issue affects multiple versions of Windows, you'll only receive one email notification, even if you've selected notifications for multiple versions. Duplicate emails won't be sent.
 
 ## Status definitions
 

From 4086081f6d56947aa48af50162d55218631584e9 Mon Sep 17 00:00:00 2001
From: Meghan Stewart <33289333+mestew@users.noreply.github.com>
Date: Thu, 27 Apr 2023 08:43:15 -0700
Subject: [PATCH 07/22] Update
 windows/deployment/update/check-release-health.md

---
 windows/deployment/update/check-release-health.md | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/windows/deployment/update/check-release-health.md b/windows/deployment/update/check-release-health.md
index 57c9a29fb4..c11f9576cf 100644
--- a/windows/deployment/update/check-release-health.md
+++ b/windows/deployment/update/check-release-health.md
@@ -61,7 +61,8 @@ You have the option to sign up for email notifications about Windows known issue
 1. Go to the [Windows release health page](https://admin.microsoft.com/Adminportal/Home?#/windowsreleasehealth).
 1. Select **Preferences** > **Email** then select **Send me email notifications about Windows release health**.
 1. Specify the following information: 
-- Up to two email addresses. Each admin can set their Preferences. The limit of two email addresses is per admin account. 
+    - Email address for the notifications
+        -Each admin account can specify up to two email addresses under their email preferences
     - Windows versions to be notified about
 1. Select **Save** when you're finished specifying email addresses and Windows versions. It may take up to 8 hours for these changes to take effect. 
 

From 4524005631d601b2d9a0ab58f82c9e4438f847b9 Mon Sep 17 00:00:00 2001
From: Meghan Stewart <33289333+mestew@users.noreply.github.com>
Date: Thu, 27 Apr 2023 08:51:29 -0700
Subject: [PATCH 08/22] Update
 windows/deployment/update/check-release-health.md

---
 windows/deployment/update/check-release-health.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/deployment/update/check-release-health.md b/windows/deployment/update/check-release-health.md
index c11f9576cf..1128f3e644 100644
--- a/windows/deployment/update/check-release-health.md
+++ b/windows/deployment/update/check-release-health.md
@@ -62,7 +62,7 @@ You have the option to sign up for email notifications about Windows known issue
 1. Select **Preferences** > **Email** then select **Send me email notifications about Windows release health**.
 1. Specify the following information: 
     - Email address for the notifications
-        -Each admin account can specify up to two email addresses under their email preferences
+        - Each admin account can specify up to two email addresses under their email preferences
     - Windows versions to be notified about
 1. Select **Save** when you're finished specifying email addresses and Windows versions. It may take up to 8 hours for these changes to take effect. 
 

From 5f2853513b787ffcbf756fad7286208069317d71 Mon Sep 17 00:00:00 2001
From: Meghan Stewart <33289333+mestew@users.noreply.github.com>
Date: Thu, 27 Apr 2023 08:58:41 -0700
Subject: [PATCH 09/22] Update
 windows/deployment/update/check-release-health.md

---
 windows/deployment/update/check-release-health.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/deployment/update/check-release-health.md b/windows/deployment/update/check-release-health.md
index 1128f3e644..c78b8d0dfb 100644
--- a/windows/deployment/update/check-release-health.md
+++ b/windows/deployment/update/check-release-health.md
@@ -59,7 +59,7 @@ To be informed about the latest updates and releases, follow [@WindowsUpdate](ht
 You have the option to sign up for email notifications about Windows known issues and informational updates. Notifications include changes in issue status, new workarounds, and issue resolutions. To subscribe to notifications:
 
 1. Go to the [Windows release health page](https://admin.microsoft.com/Adminportal/Home?#/windowsreleasehealth).
-1. Select **Preferences** > **Email** then select **Send me email notifications about Windows release health**.
+1. Select **Preferences** > **Email**, then select **Send me email notifications about Windows release health**.
 1. Specify the following information: 
     - Email address for the notifications
         - Each admin account can specify up to two email addresses under their email preferences

From 68a12d9c507c69242054a401c926bf2f59c1d334 Mon Sep 17 00:00:00 2001
From: Meghan Stewart <33289333+mestew@users.noreply.github.com>
Date: Thu, 27 Apr 2023 13:51:47 -0700
Subject: [PATCH 10/22] edits

---
 windows/deployment/update/check-release-health.md | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/windows/deployment/update/check-release-health.md b/windows/deployment/update/check-release-health.md
index c78b8d0dfb..5504be6122 100644
--- a/windows/deployment/update/check-release-health.md
+++ b/windows/deployment/update/check-release-health.md
@@ -1,7 +1,7 @@
 ---
 title: How to check Windows release health
 description: Check the release health status of Microsoft 365 services before you call support to see if there's an active service interruption.
-ms.date: 08/16/2022
+ms.date: 05/03/2023
 ms.author: mstewart
 author: mestew
 manager: aaroncz
@@ -13,7 +13,7 @@ ms.technology: itpro-updates
 
 # How to check Windows release health
 
-The Windows release health page in the Microsoft 365 admin center enables you to view the latest information on known issues for Windows monthly and feature updates. A known issue is an issue that has been identified in a Windows monthly update or feature update that impacts Windows devices. The Windows release health page is designed to inform you about known issues. You can use this information to troubleshoot issues your users may be experiencing. You can also determine when, and at what scale, to deploy an update in your organization.
+The Windows release health page in the Microsoft 365 admin center enables you to view the latest information on known issues for Windows monthly and feature updates. A known issue is an issue that impacts Windows devices and that has been identified in a Windows monthly update or feature update. The Windows release health page is designed to inform you about known issues. You can use this information to troubleshoot issues your users may be experiencing. You can also determine when, and at what scale, to deploy an update in your organization.
 
 If you're unable to sign in to the Microsoft 365 admin portal, check the [Microsoft 365 service health](https://status.office365.com) status page to check for known issues preventing you from signing into your tenant.
 
@@ -21,7 +21,7 @@ To be informed about the latest updates and releases, follow [@WindowsUpdate](ht
 
 ## How to review Windows release health information
 
-1. Go to the [Microsoft 365 admin center](https://admin.microsoft.com), and sign in with an administrator account.
+1. Go to the [Microsoft 365 admin center](https://admin.microsoft.com) and sign in with an administrator account.
 
     > [!NOTE]
     > By default, the Windows release health page is available to individuals who have been assigned the global admin or service administrator role for their tenant. To allow Exchange, SharePoint, and Skype for Business admins to view the Windows release health page, you must first assign them to a Service admin role. For more information about roles that can view service health, see [About admin roles](/microsoft-365/admin/add-users/about-admin-roles#commonly-used-microsoft-365-admin-center-roles).
@@ -67,7 +67,7 @@ You have the option to sign up for email notifications about Windows known issue
 1. Select **Save** when you're finished specifying email addresses and Windows versions. It may take up to 8 hours for these changes to take effect. 
 
 > [!Note]
-> When a single known issue affects multiple versions of Windows, you'll only receive one email notification, even if you've selected notifications for multiple versions. Duplicate emails won't be sent.
+> When a single known issue affects multiple versions of Windows, you'll receive only one email notification, even if you've selected notifications for multiple versions. Duplicate emails won't be sent.
 
 ## Status definitions
 

From cb37f4eb8c49bf39e4a1562afdca2e712e4546c4 Mon Sep 17 00:00:00 2001
From: Andre Della Monica <andredm@microsoft.com>
Date: Tue, 2 May 2023 22:11:53 -0500
Subject: [PATCH 11/22] More changes

---
 ...ws-autopatch-device-registration-overview.md |  2 +-
 ...-autopatch-groups-manage-autopatch-groups.md | 17 ++++++++++++++++-
 .../deploy/windows-autopatch-groups-overview.md |  5 ++++-
 ...ch-groups-windows-feature-update-overview.md |  9 +++++++++
 4 files changed, 30 insertions(+), 3 deletions(-)

diff --git a/windows/deployment/windows-autopatch/deploy/windows-autopatch-device-registration-overview.md b/windows/deployment/windows-autopatch/deploy/windows-autopatch-device-registration-overview.md
index a48c8331a6..3dab9cc693 100644
--- a/windows/deployment/windows-autopatch/deploy/windows-autopatch-device-registration-overview.md
+++ b/windows/deployment/windows-autopatch/deploy/windows-autopatch-device-registration-overview.md
@@ -1,7 +1,7 @@
 ---
 title: Device registration overview
 description: This article provides an overview on how to register devices in Autopatch
-ms.date: 05/01/2023
+ms.date: 05/02/2023
 ms.prod: windows-client
 ms.technology: itpro-updates
 ms.topic: conceptual
diff --git a/windows/deployment/windows-autopatch/deploy/windows-autopatch-groups-manage-autopatch-groups.md b/windows/deployment/windows-autopatch/deploy/windows-autopatch-groups-manage-autopatch-groups.md
index 85e9177b85..59f6ecb921 100644
--- a/windows/deployment/windows-autopatch/deploy/windows-autopatch-groups-manage-autopatch-groups.md
+++ b/windows/deployment/windows-autopatch/deploy/windows-autopatch-groups-manage-autopatch-groups.md
@@ -1,7 +1,7 @@
 ---
 title: Manage Windows Autopatch groups
 description: This article explains how to manage Autopatch groups
-ms.date: 05/01/2023
+ms.date: 05/02/2023
 ms.prod: windows-client
 ms.technology: itpro-updates
 ms.topic: how-to
@@ -26,6 +26,16 @@ Autopatch groups is a logical container or unit that groups several [Azure AD gr
 Before you start managing Autopatch groups, ensure you’ve met the following prerequisites:
 
 - Review [Windows Autopatch groups overview documentation](../deploy/windows-autopatch-groups-overview.md) to understand [key benefits](../deploy/windows-autopatch-groups-overview.md#key-benefits), [concepts](../deploy/windows-autopatch-groups-overview.md#key-concepts) and [common ways to use Autopatch groups](../deploy/windows-autopatch-groups-overview.md#common-ways-to-use-autopatch-groups) within your organization.
+- Ensure the following [update rings for Windows 10 and later policy in Intune](https://learn.microsoft.com/mem/intune/protect/windows-10-update-rings) are created in your tenant:
+	- Modern Workplace Update Policy [Test]-[Windows Autopatch]
+	- Modern Workplace Update Policy [First]-[Windows Autopatch]
+	- Modern Workplace Update Policy [Fast]-[Windows Autopatch]
+	- Modern Workplace Update Policy [Broad]-[Windows Autopatch]
+- Ensure the following [feature updates for Windows 10 and later policy in Intune](https://learn.microsoft.com/mem/intune/protect/windows-10-feature-updates) are created in your tenant:
+	- Windows Autopatch – DSS Policy [Test]
+	- Windows Autopatch – DSS Policy [First]
+	- Windows Autopatch – DSS Policy [Fast]
+	- Windows Autopatch – DSS Policy [Broad]
 - Ensure the following Azure AD assigned groups are in your tenant before using Autopatch groups. **Don’t** modify the Azure AD group membership types (Assigned or Dynamic). Otherwise, the Windows Autopatch service won’t be able to read the device group membership from these groups and causes the Autopatch groups feature and other service-related operations to not work properly.
     - Modern Workplace Devices-Windows Autopatch-Test
     - Modern Workplace Devices-Windows Autopatch-First
@@ -45,9 +55,14 @@ Before you start managing Autopatch groups, ensure you’ve met the following pr
     - Review your existing Azure AD group dynamic queries and direct device memberships to avoid having device membership overlaps in between device-based Azure AD groups that are going to be used with Autopatch groups. This can help prevent device conflicts within an Autopatch group or across several Autopatch groups. **Autopatch groups doesn't support user-based Azure AD groups**.
 - Ensure devices used with your existing Azure AD groups meet [device registration prerequisite checks](../deploy/windows-autopatch-register-devices.md#prerequisites-for-device-registration) when being registered with the service. Autopatch groups register devices on your behalf, and devices can be moved to **Registered** or **Not registered** tabs in the Devices blade accordingly.
 
+> [!TIP]
+> [Update rings](https://learn.microsoft.com/mem/intune/protect/windows-10-update-rings) and [feature updates](https://learn.microsoft.com/mem/intune/protect/windows-10-feature-updates) for Windows 10 and later policies created and managed by the Windows Autopatch service can now be restored using the [Policy health](../operate/windows-autopatch-policy-health-and-remediation.md) feature. See [restore Windows update policies](../operate/windows-autopatch-policy-health-and-remediation.md#restore-windows-update-policies) for more information on remediation actions.
+
 > [!NOTE]
 > During the public preview, Autopatch groups opt-in page will show a banner to let you know when one or more prerequisites are failing. Once you remediate the issue to meet the prerequisites, it can take up to an hour for your tenant to have the "Use preview" button available.
 
+
+
 ## Create a Custom Autopatch group
 
 > [!NOTE]
diff --git a/windows/deployment/windows-autopatch/deploy/windows-autopatch-groups-overview.md b/windows/deployment/windows-autopatch/deploy/windows-autopatch-groups-overview.md
index b87fdbe930..afe58bf5c8 100644
--- a/windows/deployment/windows-autopatch/deploy/windows-autopatch-groups-overview.md
+++ b/windows/deployment/windows-autopatch/deploy/windows-autopatch-groups-overview.md
@@ -1,7 +1,7 @@
 ---
 title: Windows Autopatch groups overview
 description: This article explains what Autopatch groups are
-ms.date: 05/01/2023
+ms.date: 05/02/2023
 ms.prod: windows-client
 ms.technology: itpro-updates
 ms.topic: conceptual
@@ -247,4 +247,7 @@ Autopatch groups works with the following software update workloads:
 
 Windows Autopatch will support up to 50 Autopatch groups in your tenant. You can create up to 49 [Custom Autopatch groups](#about-custom-autopatch-groups) in addition to the [Default Autopatch group](#about-the-default-autopatch-group). Each Autopatch group supports up to 15 deployment rings.
 
+> [!TIP]
+> If you reach the maximum number of Autopatch groups supported (50), and try to create more custom Autopatch groups, the "**Create**" button in the Autopatch groups blade will be greyed out.
+
 To manage your Autopatch groups, see [Manage Windows Autopatch groups](../deploy/windows-autopatch-groups-manage-autopatch-groups.md).
diff --git a/windows/deployment/windows-autopatch/operate/windows-autopatch-groups-windows-feature-update-overview.md b/windows/deployment/windows-autopatch/operate/windows-autopatch-groups-windows-feature-update-overview.md
index 6e84d0f62b..e3cb399b18 100644
--- a/windows/deployment/windows-autopatch/operate/windows-autopatch-groups-windows-feature-update-overview.md
+++ b/windows/deployment/windows-autopatch/operate/windows-autopatch-groups-windows-feature-update-overview.md
@@ -39,6 +39,15 @@ Windows Autopatch’s device eligibility criteria for Windows feature updates al
 
 ## Key benefits
 
+- Windows Autopatch makes it easier and less expensive for you to keep your Windows devices up to date. You can focus on running your core businesses while Windows Autopatch runs update management on your behalf.
+- You’re in control of telling Windows Autopatch when your organization is ready to move to the next Windows OS version.
+	- Combined with custom releases, Autopatch Groups gives your organization great control and flexibility to help you plan your gradual rollout in a way that works for your organization.
+- Simplified end-user experience with rich controls for gradual rollouts, deployment cadence and speed.
+- No need to manually modify the default Windows feature update policies (default release) to be on the Windows OS version your organization is currently ready for.
+- Enables scenarios where you can deploy a single release across several Autopatch groups and its deployment rings.
+
+## Key concepts
+
 - A release is made of one or more deployment phases and contains the required OS version to be gradually rolled out throughout its deployment phases.
 - A phase (deployment phase) is made of one or more Autopatch group deployment rings. A phase:
     - Works as an additional layer of deployment cadence settings that can be defined by IT admins (only for Windows feature updates) on top of Autopatch group deployment rings (Windows update rings policies).

From 2eb083115d5dc1f88846b1c081c049d83716d9a4 Mon Sep 17 00:00:00 2001
From: Tiara Quan <95256667+tiaraquan@users.noreply.github.com>
Date: Wed, 3 May 2023 07:58:18 -0700
Subject: [PATCH 12/22] Update
 windows-autopatch-groups-manage-autopatch-groups.md

---
 .../windows-autopatch-groups-manage-autopatch-groups.md   | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/windows/deployment/windows-autopatch/deploy/windows-autopatch-groups-manage-autopatch-groups.md b/windows/deployment/windows-autopatch/deploy/windows-autopatch-groups-manage-autopatch-groups.md
index 59f6ecb921..386ded613f 100644
--- a/windows/deployment/windows-autopatch/deploy/windows-autopatch-groups-manage-autopatch-groups.md
+++ b/windows/deployment/windows-autopatch/deploy/windows-autopatch-groups-manage-autopatch-groups.md
@@ -1,7 +1,7 @@
 ---
 title: Manage Windows Autopatch groups
 description: This article explains how to manage Autopatch groups
-ms.date: 05/02/2023
+ms.date: 05/03/2023
 ms.prod: windows-client
 ms.technology: itpro-updates
 ms.topic: how-to
@@ -26,12 +26,12 @@ Autopatch groups is a logical container or unit that groups several [Azure AD gr
 Before you start managing Autopatch groups, ensure you’ve met the following prerequisites:
 
 - Review [Windows Autopatch groups overview documentation](../deploy/windows-autopatch-groups-overview.md) to understand [key benefits](../deploy/windows-autopatch-groups-overview.md#key-benefits), [concepts](../deploy/windows-autopatch-groups-overview.md#key-concepts) and [common ways to use Autopatch groups](../deploy/windows-autopatch-groups-overview.md#common-ways-to-use-autopatch-groups) within your organization.
-- Ensure the following [update rings for Windows 10 and later policy in Intune](https://learn.microsoft.com/mem/intune/protect/windows-10-update-rings) are created in your tenant:
+- Ensure the following [update rings for Windows 10 and later policy in Intune](/mem/intune/protect/windows-10-update-rings) are created in your tenant:
 	- Modern Workplace Update Policy [Test]-[Windows Autopatch]
 	- Modern Workplace Update Policy [First]-[Windows Autopatch]
 	- Modern Workplace Update Policy [Fast]-[Windows Autopatch]
 	- Modern Workplace Update Policy [Broad]-[Windows Autopatch]
-- Ensure the following [feature updates for Windows 10 and later policy in Intune](https://learn.microsoft.com/mem/intune/protect/windows-10-feature-updates) are created in your tenant:
+- Ensure the following [feature updates for Windows 10 and later policy in Intune](/mem/intune/protect/windows-10-feature-updates) are created in your tenant:
 	- Windows Autopatch – DSS Policy [Test]
 	- Windows Autopatch – DSS Policy [First]
 	- Windows Autopatch – DSS Policy [Fast]
@@ -56,7 +56,7 @@ Before you start managing Autopatch groups, ensure you’ve met the following pr
 - Ensure devices used with your existing Azure AD groups meet [device registration prerequisite checks](../deploy/windows-autopatch-register-devices.md#prerequisites-for-device-registration) when being registered with the service. Autopatch groups register devices on your behalf, and devices can be moved to **Registered** or **Not registered** tabs in the Devices blade accordingly.
 
 > [!TIP]
-> [Update rings](https://learn.microsoft.com/mem/intune/protect/windows-10-update-rings) and [feature updates](https://learn.microsoft.com/mem/intune/protect/windows-10-feature-updates) for Windows 10 and later policies created and managed by the Windows Autopatch service can now be restored using the [Policy health](../operate/windows-autopatch-policy-health-and-remediation.md) feature. See [restore Windows update policies](../operate/windows-autopatch-policy-health-and-remediation.md#restore-windows-update-policies) for more information on remediation actions.
+> [Update rings](/mem/intune/protect/windows-10-update-rings) and [feature updates](/mem/intune/protect/windows-10-feature-updates) for Windows 10 and later policies that are created and managed by Windows Autopatch can be restored using the [Policy health](../operate/windows-autopatch-policy-health-and-remediation.md) feature. For more information on remediation actions, see [restore Windows update policies](../operate/windows-autopatch-policy-health-and-remediation.md#restore-windows-update-policies).
 
 > [!NOTE]
 > During the public preview, Autopatch groups opt-in page will show a banner to let you know when one or more prerequisites are failing. Once you remediate the issue to meet the prerequisites, it can take up to an hour for your tenant to have the "Use preview" button available.

From 442dcc211a67996e1195e069505b3829a71476f5 Mon Sep 17 00:00:00 2001
From: Tiara Quan <95256667+tiaraquan@users.noreply.github.com>
Date: Wed, 3 May 2023 07:59:38 -0700
Subject: [PATCH 13/22] Update
 windows-autopatch-groups-manage-autopatch-groups.md

---
 .../deploy/windows-autopatch-groups-manage-autopatch-groups.md  | 2 --
 1 file changed, 2 deletions(-)

diff --git a/windows/deployment/windows-autopatch/deploy/windows-autopatch-groups-manage-autopatch-groups.md b/windows/deployment/windows-autopatch/deploy/windows-autopatch-groups-manage-autopatch-groups.md
index 386ded613f..e1c138aaca 100644
--- a/windows/deployment/windows-autopatch/deploy/windows-autopatch-groups-manage-autopatch-groups.md
+++ b/windows/deployment/windows-autopatch/deploy/windows-autopatch-groups-manage-autopatch-groups.md
@@ -61,8 +61,6 @@ Before you start managing Autopatch groups, ensure you’ve met the following pr
 > [!NOTE]
 > During the public preview, Autopatch groups opt-in page will show a banner to let you know when one or more prerequisites are failing. Once you remediate the issue to meet the prerequisites, it can take up to an hour for your tenant to have the "Use preview" button available.
 
-
-
 ## Create a Custom Autopatch group
 
 > [!NOTE]

From 0d8dc62094cb0918e4b85072a126ffd3998a5864 Mon Sep 17 00:00:00 2001
From: Tiara Quan <95256667+tiaraquan@users.noreply.github.com>
Date: Wed, 3 May 2023 08:00:57 -0700
Subject: [PATCH 14/22] Update windows-autopatch-groups-overview.md

---
 .../deploy/windows-autopatch-groups-overview.md               | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/windows/deployment/windows-autopatch/deploy/windows-autopatch-groups-overview.md b/windows/deployment/windows-autopatch/deploy/windows-autopatch-groups-overview.md
index afe58bf5c8..730fc16ec4 100644
--- a/windows/deployment/windows-autopatch/deploy/windows-autopatch-groups-overview.md
+++ b/windows/deployment/windows-autopatch/deploy/windows-autopatch-groups-overview.md
@@ -1,7 +1,7 @@
 ---
 title: Windows Autopatch groups overview
 description: This article explains what Autopatch groups are
-ms.date: 05/02/2023
+ms.date: 05/03/2023
 ms.prod: windows-client
 ms.technology: itpro-updates
 ms.topic: conceptual
@@ -248,6 +248,6 @@ Autopatch groups works with the following software update workloads:
 Windows Autopatch will support up to 50 Autopatch groups in your tenant. You can create up to 49 [Custom Autopatch groups](#about-custom-autopatch-groups) in addition to the [Default Autopatch group](#about-the-default-autopatch-group). Each Autopatch group supports up to 15 deployment rings.
 
 > [!TIP]
-> If you reach the maximum number of Autopatch groups supported (50), and try to create more custom Autopatch groups, the "**Create**" button in the Autopatch groups blade will be greyed out.
+> If you reach the maximum number of Autopatch groups supported (50), and try to create more Custom Autopatch groups, the "**Create**" option in the Autopatch groups blade will be greyed out.
 
 To manage your Autopatch groups, see [Manage Windows Autopatch groups](../deploy/windows-autopatch-groups-manage-autopatch-groups.md).

From bdd5426929d394e9573fd40da26c20f74a6052b7 Mon Sep 17 00:00:00 2001
From: Tiara Quan <95256667+tiaraquan@users.noreply.github.com>
Date: Wed, 3 May 2023 08:02:24 -0700
Subject: [PATCH 15/22] Update
 windows-autopatch-groups-windows-feature-update-overview.md

---
 ...indows-autopatch-groups-windows-feature-update-overview.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/windows/deployment/windows-autopatch/operate/windows-autopatch-groups-windows-feature-update-overview.md b/windows/deployment/windows-autopatch/operate/windows-autopatch-groups-windows-feature-update-overview.md
index e3cb399b18..ef25e4b933 100644
--- a/windows/deployment/windows-autopatch/operate/windows-autopatch-groups-windows-feature-update-overview.md
+++ b/windows/deployment/windows-autopatch/operate/windows-autopatch-groups-windows-feature-update-overview.md
@@ -1,7 +1,7 @@
 ---
 title: Windows feature updates overview with Autopatch groups
 description: This article explains how Windows feature updates are managed with Autopatch groups
-ms.date: 05/01/2023
+ms.date: 05/03/2023
 ms.prod: windows-client
 ms.technology: itpro-updates
 ms.topic: conceptual
@@ -44,7 +44,7 @@ Windows Autopatch’s device eligibility criteria for Windows feature updates al
 	- Combined with custom releases, Autopatch Groups gives your organization great control and flexibility to help you plan your gradual rollout in a way that works for your organization.
 - Simplified end-user experience with rich controls for gradual rollouts, deployment cadence and speed.
 - No need to manually modify the default Windows feature update policies (default release) to be on the Windows OS version your organization is currently ready for.
-- Enables scenarios where you can deploy a single release across several Autopatch groups and its deployment rings.
+- Allows for scenarios where you can deploy a single release across several Autopatch groups and its deployment rings.
 
 ## Key concepts
 

From 12f777e8d871dda0d61d635e89900b899afb6c7a Mon Sep 17 00:00:00 2001
From: rekhanr <40372231+rekhanr@users.noreply.github.com>
Date: Wed, 3 May 2023 08:33:23 -0700
Subject: [PATCH 16/22] Update
 windows-autopatch-policy-health-and-remediation.md

@tiaraquan there is an update to the name of the tab that has alerts.
---
 .../windows-autopatch-policy-health-and-remediation.md        | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/windows/deployment/windows-autopatch/operate/windows-autopatch-policy-health-and-remediation.md b/windows/deployment/windows-autopatch/operate/windows-autopatch-policy-health-and-remediation.md
index 803ffa0560..8e4b4794f4 100644
--- a/windows/deployment/windows-autopatch/operate/windows-autopatch-policy-health-and-remediation.md
+++ b/windows/deployment/windows-autopatch/operate/windows-autopatch-policy-health-and-remediation.md
@@ -50,7 +50,7 @@ The minimum role required to restore configurations is **Intune Service Administ
 **To initiate remediation action for device configuration alerts:**
 
 1. Go to the [Microsoft Intune admin center](https://go.microsoft.com/fwlink/?linkid=2109431).
-1. Navigate to **Tenant administration** > **Tenant management** > **Alerts**.
+1. Navigate to **Tenant administration** > **Tenant management** > **Actions**.
 1. Select **Restore missing policy** to launch the workflow.
 1. Review the message and select **Restore policy**.
 1. If the **Change modified policy alert** appears, select this alert to launch the workflow.
@@ -83,7 +83,7 @@ There will be an alert for each policy that is missing or has deviated from the
 **To initiate remediation action for missing groups:**
 
 1. Go to the [Microsoft Intune admin center](https://go.microsoft.com/fwlink/?linkid=2109431).
-1. Navigate to **Tenant administration** > **Tenant management** > **Alerts**.
+1. Navigate to **Tenant administration** > **Tenant management** > **Actions**.
 1. Select **Restore missing group** to launch the workflow.
 1. Review the message and select **Restore group**.
 

From 6fee0482c30e21da7be117b35a22bb9e54a604d5 Mon Sep 17 00:00:00 2001
From: Andre Della Monica <andredm@microsoft.com>
Date: Wed, 3 May 2023 16:43:47 -0500
Subject: [PATCH 17/22] Changes

---
 ...topatch-groups-windows-feature-update-overview.md | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/windows/deployment/windows-autopatch/operate/windows-autopatch-groups-windows-feature-update-overview.md b/windows/deployment/windows-autopatch/operate/windows-autopatch-groups-windows-feature-update-overview.md
index ef25e4b933..b49b0c5ba4 100644
--- a/windows/deployment/windows-autopatch/operate/windows-autopatch-groups-windows-feature-update-overview.md
+++ b/windows/deployment/windows-autopatch/operate/windows-autopatch-groups-windows-feature-update-overview.md
@@ -80,12 +80,12 @@ If the device is registered with Windows Autopatch, and the device is:
 
 If your tenant is enrolled with Windows Autopatch, you can see the following default policies created by the service in the [Microsoft Intune admin center](https://go.microsoft.com/fwlink/?linkid=2109431):
 
-| Policy name | Feature update version | Rollout options | First deployment ring availability | Final deployment ring availability | Day between deployment rings | Support end date |
-| ----- | ----- | ----- | ----- | ----- | ----- | ----- |
-| Windows Autopatch – DSS Policy [Test] | Windows 10 21H2 | Make update available as soon as possible | May 9, 2023  | N/A | N/A | June 10, 2024 |
-| Windows Autopatch – DSS Policy [Ring1] | Windows 10 21H2 | Make update available as soon as possible | May 16, 2023  | N/A | N/A | June 10, 2024 |
-| Windows Autopatch – DSS Policy [Ring2] | Windows 10 21H2 | Make update available as soon as possible | May 23, 2023  | N/A | N/A | June 10, 2024 |
-| Windows Autopatch – DSS Policy [Ring3] | Windows 10 21H2 | Make update available as soon as possible | May 30, 2023  | N/A | N/A | June 10, 2024 |
+| Policy name | Phase mapping | Feature update version | Rollout options | First deployment ring availability | Final deployment ring availability | Day between deployment rings | Support end date |
+| ----- | ----- | ----- | ----- | ----- | ----- | ----- | ----- |
+| Windows Autopatch – DSS Policy [Test] | Phase 1 | Windows 10 21H2 | Make update available as soon as possible | May 9, 2023  | N/A | N/A | June 10, 2024 |
+| Windows Autopatch – DSS Policy [First] | Phase 2 | Windows 10 21H2 | Make update available as soon as possible | May 16, 2023  | N/A | N/A | June 10, 2024 |
+| Windows Autopatch – DSS Policy [Fast] | Phase 3 | Windows 10 21H2 | Make update available as soon as possible | May 23, 2023  | N/A | N/A | June 10, 2024 |
+| Windows Autopatch – DSS Policy [Broad] | Phase 4 | Windows 10 21H2 | Make update available as soon as possible | May 30, 2023  | N/A | N/A | June 10, 2024 |
 
 > [!NOTE]
 > Gradual rollout settings aren't configured in the default Windows Update feature policy. If the date of the final group availability is changed to a past date, all remaining devices are offered the update as soon as possible. For more information, see [rollout options for Windows Updates in Microsoft Intune](/mem/intune/protect/windows-update-rollout-options#make-updates-available-gradually).

From 3f1ad4208e68de474ccd428806215ab8ecc6ec98 Mon Sep 17 00:00:00 2001
From: Vinay Pamnani <37223378+vinaypamnani-msft@users.noreply.github.com>
Date: Thu, 4 May 2023 11:26:00 -0400
Subject: [PATCH 18/22] Minor changes for SmartScreen

---
 windows/security/TOC.yml                      |  4 +-
 ...defender-smartscreen-available-settings.md | 41 ++++++++-----------
 ...microsoft-defender-smartscreen-overview.md | 10 ++---
 ...otection-microsoft-defender-smartscreen.md | 12 +++---
 4 files changed, 29 insertions(+), 38 deletions(-)

diff --git a/windows/security/TOC.yml b/windows/security/TOC.yml
index 63adeb04ea..d71b135f49 100644
--- a/windows/security/TOC.yml
+++ b/windows/security/TOC.yml
@@ -39,7 +39,7 @@
           href: information-protection/tpm/switch-pcr-banks-on-tpm-2-0-devices.md
         - name: TPM recommendations
           href: information-protection/tpm/tpm-recommendations.md
-          
+
     - name: Hardware-based root of trust
       href: threat-protection/windows-defender-system-guard/how-hardware-based-root-of-trust-helps-protect-windows.md
     - name: System Guard Secure Launch and SMM protection
@@ -321,6 +321,8 @@
       items:
         - name: Enhanced Phishing Protection in Microsoft Defender SmartScreen
           href: threat-protection\microsoft-defender-smartscreen\phishing-protection-microsoft-defender-smartscreen.md
+        - name: Microsoft Defender SmartScreen Group Policy and mobile device management (MDM) settings
+          href: threat-protection\microsoft-defender-smartscreen\microsoft-defender-smartscreen-available-settings.md
     - name: Configure S/MIME for Windows
       href: identity-protection\configure-s-mime.md
     - name: Windows Credential Theft Mitigation Guide Abstract
diff --git a/windows/security/threat-protection/microsoft-defender-smartscreen/microsoft-defender-smartscreen-available-settings.md b/windows/security/threat-protection/microsoft-defender-smartscreen/microsoft-defender-smartscreen-available-settings.md
index 8723d513d2..2bfa4ab0c5 100644
--- a/windows/security/threat-protection/microsoft-defender-smartscreen/microsoft-defender-smartscreen-available-settings.md
+++ b/windows/security/threat-protection/microsoft-defender-smartscreen/microsoft-defender-smartscreen-available-settings.md
@@ -1,31 +1,27 @@
 ---
-title: Available Microsoft Defender SmartScreen Group Policy and mobile device management (MDM) settings (Windows)
+title: Available Microsoft Defender SmartScreen Group Policy and mobile device management (MDM) settings
 description: A list of all available settings for Microsoft Defender SmartScreen using Group Policy and mobile device management (MDM) settings.
 ms.prod: windows-client
-ms.mktglfcycl: explore
-ms.sitesec: library
-ms.pagetype: security
 author: vinaypamnani-msft
 ms.localizationpriority: medium
 ms.date: 09/28/2020
-ms.reviewer: 
+ms.reviewer:
 manager: aaroncz
 ms.author: vinpa
 ms.technology: itpro-security
 ms.topic: reference
+appliesto:
+- ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 11</a>
+- ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10</a>
 ---
 # Available Microsoft Defender SmartScreen Group Policy and mobile device management (MDM) settings
-**Applies to:**
-
-- Windows 10
-- Windows 11
 
 Microsoft Defender SmartScreen works with Intune, Group Policy, and mobile device management (MDM) settings to help you manage your organization's computer settings. Based on how you set up Microsoft Defender SmartScreen, you can show employees a warning page and let them continue to the site, or you can block the site entirely.
 
-See [Windows 10 (and Windows 11) settings to protect devices using Intune](/intune/endpoint-protection-windows-10#windows-defender-smartscreen-settings) for the controls you can use in Intune.
-
+See [Windows 10 and Windows 11 settings to protect devices using Intune](/intune/endpoint-protection-windows-10#windows-defender-smartscreen-settings) for the controls you can use in Intune.
 
 ## Group Policy settings
+
 SmartScreen uses registry-based Administrative Template policy settings.
 
 Setting|Supported on|Description|
@@ -39,21 +35,22 @@ Setting|Supported on|Description|
 |Administrative Templates\Windows Components\Internet Explorer\Prevent bypassing SmartScreen Filter warnings|Internet Explorer 8 or later|This policy setting determines whether an employee can bypass warnings from Microsoft Defender SmartScreen.<br/><br/>If you enable this policy setting, Microsoft Defender SmartScreen warnings block the employee.<br/><br/>If you disable or don't configure this policy setting, the employee can bypass Microsoft Defender SmartScreen warnings.|
 |Administrative Templates\Windows Components\Internet Explorer\Prevent bypassing SmartScreen Filter warnings about files that are not commonly downloaded from the Internet|Internet Explorer 9 or later|This policy setting determines whether the employee can bypass warnings from Microsoft Defender SmartScreen. Microsoft Defender SmartScreen warns the employee about executable files that Internet Explorer users do not commonly download from the Internet.<br/><br/>If you enable this policy setting, Microsoft Defender SmartScreen warnings block the employee.<br/><br/>If you disable or don't configure this policy setting, the employee can bypass Microsoft Defender SmartScreen warnings.|
 
-
 ## MDM settings
-If you manage your policies using Microsoft Intune, you'll want to use these MDM policy settings. All settings support  desktop computers running Windows 10 Pro or Windows 10 Enterprise, enrolled with Microsoft Intune.  <br><br> 
+
+If you manage your policies using Microsoft Intune, you'll want to use these MDM policy settings. All settings support  desktop computers running Windows 10 Pro or Windows 10 Enterprise, enrolled with Microsoft Intune.  <br><br>
 For Microsoft Defender SmartScreen Edge MDM policies, see [Policy CSP - Browser](/windows/client-management/mdm/policy-csp-browser).
 
 |Setting|Supported versions|Details|
 |--- |--- |--- |
-|AllowSmartScreen|Windows 10|<li>**URI full path.**  ./Vendor/MSFT/Policy/Config/Browser/AllowSmartScreen<li>**Data type.**  Integer**Allowed values:**<ul><li>**0 .**  Turns off Microsoft Defender SmartScreen in Edge.<li>**1.**  Turns on Microsoft Defender SmartScreen in Edge.|
-|EnableAppInstallControl|Windows 10, version 1703|<li>**URI full path.**  ./Vendor/MSFT/Policy/Config/SmartScreen/EnableAppInstallControl<li>**Data type.**  Integer**Allowed values:**<ul><li>**0 .**  Turns off Application Installation Control, allowing users to download and install files from anywhere on the web.<li>**1.**  Turns on Application Installation Control, allowing users to install apps from the Microsoft Store only.|
-|EnableSmartScreenInShell|Windows 10, version 1703|<li>**URI full path.**  ./Vendor/MSFT/Policy/Config/SmartScreen/EnableSmartScreenInShell<li>**Data type.**  Integer**Allowed values:**<ul><li>**0 .**  Turns off Microsoft Defender SmartScreen in Windows for app and file execution.<li>**1.**  Turns on Microsoft Defender SmartScreen in Windows for app and file execution.|
-|PreventOverrideForFilesInShell|Windows 10, version 1703|<li>**URI full path.**  ./Vendor/MSFT/Policy/Config/SmartScreen/PreventOverrideForFilesInShell<li>**Data type.**  Integer**Allowed values:**<ul><li>**0 .**  Employees can ignore Microsoft Defender SmartScreen warnings and run malicious files.<li>**1.**  Employees can't ignore Microsoft Defender SmartScreen warnings and run malicious files.|
-|PreventSmartScreenPromptOverride|Windows 10, Version 1511 and Windows 11|<li>**URI full path.**  ./Vendor/MSFT/Policy/Config/Browser/PreventSmartscreenPromptOverride<li>**Data type.**  Integer**Allowed values:**<ul><li>**0 .**  Employees can ignore Microsoft Defender SmartScreen warnings.<li>**1.**  Employees can't ignore Microsoft Defender SmartScreen warnings.|
-|PreventSmartScreenPromptOverrideForFiles|Windows 10, Version 1511 and Windows 11|<li>**URI full path.**  ./Vendor/MSFT/Policy/Config/Browser/PreventSmartScreenPromptOverrideForFiles<li>**Data type.**  Integer**Allowed values:**<ul><li>**0 .**  Employees can ignore Microsoft Defender SmartScreen warnings for files.<li>**1.**  Employees can't ignore Microsoft Defender SmartScreen warnings for files.|
+|AllowSmartScreen|Windows 10|<li>**URI full path.**  ./Vendor/MSFT/Policy/Config/Browser/AllowSmartScreen<li>**Data type.**  Integer<li>**Allowed values:**<ul><li>**0 .**  Turns off Microsoft Defender SmartScreen in Edge.<li>**1.**  Turns on Microsoft Defender SmartScreen in Edge.|
+|EnableAppInstallControl|Windows 10, version 1703|<li>**URI full path.**  ./Vendor/MSFT/Policy/Config/SmartScreen/EnableAppInstallControl<li>**Data type.**  Integer<li>**Allowed values:**<ul><li>**0 .**  Turns off Application Installation Control, allowing users to download and install files from anywhere on the web.<li>**1.**  Turns on Application Installation Control, allowing users to install apps from the Microsoft Store only.|
+|EnableSmartScreenInShell|Windows 10, version 1703|<li>**URI full path.**  ./Vendor/MSFT/Policy/Config/SmartScreen/EnableSmartScreenInShell<li>**Data type.**  Integer<li>**Allowed values:**<ul><li>**0 .**  Turns off Microsoft Defender SmartScreen in Windows for app and file execution.<li>**1.**  Turns on Microsoft Defender SmartScreen in Windows for app and file execution.|
+|PreventOverrideForFilesInShell|Windows 10, version 1703|<li>**URI full path.**  ./Vendor/MSFT/Policy/Config/SmartScreen/PreventOverrideForFilesInShell<li>**Data type.**  Integer<li>**Allowed values:**<ul><li>**0 .**  Employees can ignore Microsoft Defender SmartScreen warnings and run malicious files.<li>**1.**  Employees can't ignore Microsoft Defender SmartScreen warnings and run malicious files.|
+|PreventSmartScreenPromptOverride|Windows 10, Version 1511 and Windows 11|<li>**URI full path.**  ./Vendor/MSFT/Policy/Config/Browser/PreventSmartscreenPromptOverride<li>**Data type.**  Integer<li>**Allowed values:**<ul><li>**0 .**  Employees can ignore Microsoft Defender SmartScreen warnings.<li>**1.**  Employees can't ignore Microsoft Defender SmartScreen warnings.|
+|PreventSmartScreenPromptOverrideForFiles|Windows 10, Version 1511 and Windows 11|<li>**URI full path.**  ./Vendor/MSFT/Policy/Config/Browser/PreventSmartScreenPromptOverrideForFiles<li>**Data type.**  Integer<li>**Allowed values:**<ul><li>**0 .**  Employees can ignore Microsoft Defender SmartScreen warnings for files.<li>**1.**  Employees can't ignore Microsoft Defender SmartScreen warnings for files.|
 
 ## Recommended Group Policy and MDM settings for your organization
+
 By default, Microsoft Defender SmartScreen lets employees bypass warnings. Unfortunately, this feature can let employees continue to an unsafe site or to continue to download an unsafe file, even after being warned. Because of this possibility, we strongly recommend that you set up Microsoft Defender SmartScreen to block high-risk interactions instead of providing just a warning.
 
 To better help you protect your organization, we recommend turning on and using these specific Microsoft Defender SmartScreen Group Policy and MDM settings.
@@ -73,10 +70,6 @@ To better help you protect your organization, we recommend turning on and using
 |SmartScreen/EnableSmartScreenInShell|**1.**  Turns on Microsoft Defender SmartScreen in Windows.<br/><br/>Requires at least Windows 10, version 1703.|
 |SmartScreen/PreventOverrideForFilesInShell|**1.**  Stops employees from ignoring warning messages about malicious files downloaded from the Internet.<br/><br/>Requires at least Windows 10, version 1703.|
 
-## Related topics
-
-- [Threat protection](../index.md)
-
-- [Microsoft Defender SmartScreen overview](microsoft-defender-smartscreen-overview.md)
+## Related articles
 
 - [Available Group Policy and Mobile Device Management (MDM) settings for Microsoft Edge](/microsoft-edge/deploy/available-policies)
diff --git a/windows/security/threat-protection/microsoft-defender-smartscreen/microsoft-defender-smartscreen-overview.md b/windows/security/threat-protection/microsoft-defender-smartscreen/microsoft-defender-smartscreen-overview.md
index dbb586c517..f02f92e204 100644
--- a/windows/security/threat-protection/microsoft-defender-smartscreen/microsoft-defender-smartscreen-overview.md
+++ b/windows/security/threat-protection/microsoft-defender-smartscreen/microsoft-defender-smartscreen-overview.md
@@ -14,16 +14,14 @@ ms.collection:
   - highpri
 ms.date: 03/20/2023
 ms.topic: article
+appliesto:
+- ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 11</a>
+- ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10</a>
+- ✅ <a href="https://learn.microsoft.com/deployedge/microsoft-edge-support-lifecycle" target="_blank">Microsoft Edge</a>
 ---
 
 # Microsoft Defender SmartScreen
 
-**Applies to:**
-
-- Windows 10
-- Windows 11
-- Microsoft Edge
-
 Microsoft Defender SmartScreen protects against phishing or malware websites and applications, and the downloading of potentially malicious files.
 
 **Microsoft Defender SmartScreen determines whether a site is potentially malicious by:**
diff --git a/windows/security/threat-protection/microsoft-defender-smartscreen/phishing-protection-microsoft-defender-smartscreen.md b/windows/security/threat-protection/microsoft-defender-smartscreen/phishing-protection-microsoft-defender-smartscreen.md
index 8597ee9893..1a58e68eb5 100644
--- a/windows/security/threat-protection/microsoft-defender-smartscreen/phishing-protection-microsoft-defender-smartscreen.md
+++ b/windows/security/threat-protection/microsoft-defender-smartscreen/phishing-protection-microsoft-defender-smartscreen.md
@@ -10,12 +10,12 @@ manager: aaroncz
 ms.localizationpriority: medium
 ms.date: 10/07/2022
 adobe-target: true
-appliesto: 
-  - ✅ <b>Windows 11, version 22H2</b>
+appliesto:
+- ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 11, version 22H2</a>
 ms.topic: conceptual
 ---
 
-# Enhanced Phishing Protection in Microsoft Defender SmartScreen  
+# Enhanced Phishing Protection in Microsoft Defender SmartScreen
 
 Starting in Windows 11, version 22H2, Enhanced Phishing Protection in Microsoft Defender SmartScreen helps protect Microsoft school or work passwords against phishing and unsafe usage on sites and apps.
 
@@ -83,7 +83,7 @@ Enhanced Phishing Protection can be configured using the [WebThreatDefense CSP][
 
 ### Recommended settings for your organization
 
-By default, Enhanced Phishing Protection is deployed in audit mode, preventing notifications to the users for any protection scenarios. In audit mode, Enhanced Phishing Protection captures unsafe password entry events and sends diagnostic data through Microsoft Defender. Users aren't warned if they enter their work or school password into a phishing site, if they reuse their password, or if they unsafely store their password in applications. Because of this possibility, it's recommended that you configure Enhanced Phishing Protection to warn users during all protection scenarios.  
+By default, Enhanced Phishing Protection is deployed in audit mode, preventing notifications to the users for any protection scenarios. In audit mode, Enhanced Phishing Protection captures unsafe password entry events and sends diagnostic data through Microsoft Defender. Users aren't warned if they enter their work or school password into a phishing site, if they reuse their password, or if they unsafely store their password in applications. Because of this possibility, it's recommended that you configure Enhanced Phishing Protection to warn users during all protection scenarios.
 
 To better help you protect your organization, we recommend turning on and using these specific Microsoft Defender SmartScreen settings.
 
@@ -106,7 +106,7 @@ To better help you protect your organization, we recommend turning on and using
 |Administrative Templates\Windows Components\Windows Defender SmartScreen\Enhanced Phishing Protection\Notify Unsafe App|**Enable**: Enhanced Phishing Protection warns users if they store their password in Notepad and Microsoft 365 Office Apps.|
 
 #### [:::image type="icon" source="images/icons/windows-os.svg"::: **CSP**](#tab/csp)
-  
+
 |MDM setting|Recommendation|
 |---------|---------|
 |ServiceEnabled|**1**: Turns on Enhanced Phishing Protection in audit mode, which captures work or school password entry events and sends diagnostic data but doesn't show any notifications to your users.|
@@ -118,10 +118,8 @@ To better help you protect your organization, we recommend turning on and using
 
 ## Related articles
 
-- [Microsoft Defender SmartScreen](microsoft-defender-smartscreen-overview.md)
 - [SmartScreen Frequently Asked Questions](https://fb.smartscreen.microsoft.com/smartscreenfaq.aspx)
 - [Threat protection](../index.md)
-- [Available Microsoft Defender SmartScreen Group Policy and mobile device management (MDM) settings](microsoft-defender-smartscreen-available-settings.md)
 - [Configuration service provider reference](/windows/client-management/mdm/configuration-service-provider-reference)
 
 ------------

From 17dd310b02d40369bd0ab6cc12b2f68ae877e0e7 Mon Sep 17 00:00:00 2001
From: tiaraquan <tiaraquan@microsoft.com>
Date: Thu, 4 May 2023 09:28:03 -0700
Subject: [PATCH 19/22] Has the :coffee: kicked in yet?

---
 .../windows-autopatch/overview/windows-autopatch-faq.yml       | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/windows/deployment/windows-autopatch/overview/windows-autopatch-faq.yml b/windows/deployment/windows-autopatch/overview/windows-autopatch-faq.yml
index 0b990ea9b6..cab8689f58 100644
--- a/windows/deployment/windows-autopatch/overview/windows-autopatch-faq.yml
+++ b/windows/deployment/windows-autopatch/overview/windows-autopatch-faq.yml
@@ -77,6 +77,9 @@ sections:
       - question: Can you change the policies and configurations created by Windows Autopatch?
         answer: |
           No. Don't change, edit, add to, or remove any of the configurations. Doing so might cause unintended configuration conflicts and impact the Windows Autopatch service. For more information about policies and configurations, see [Changes made at tenant enrollment](/windows/deployment/windows-autopatch/references/windows-autopatch-changes-to-tenant).
+      - question: How can I represent our organizational structure with our own deployment cadence? 
+        answer: |
+          [Windows Autopatch groups](../deploy/windows-autopatch-groups-overview.md) helps you manage updates in a way that makes sense for your businesses. For more information, see [Windows Autopatch groups overview](../deploy/windows-autopatch-groups-overview.md) and [Manage Windows Autopatch groups](../deploy/windows-autopatch-groups-manage-autopatch-groups.md).
   - name: Update management
     questions: 
       - question: What systems does Windows Autopatch update?

From fdb174ffc2f07896e34e76ef25b5033bd8c08f13 Mon Sep 17 00:00:00 2001
From: tiaraquan <tiaraquan@microsoft.com>
Date: Thu, 4 May 2023 09:29:17 -0700
Subject: [PATCH 20/22] date

---
 .../windows-autopatch/overview/windows-autopatch-faq.yml        | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/deployment/windows-autopatch/overview/windows-autopatch-faq.yml b/windows/deployment/windows-autopatch/overview/windows-autopatch-faq.yml
index cab8689f58..7eaead607a 100644
--- a/windows/deployment/windows-autopatch/overview/windows-autopatch-faq.yml
+++ b/windows/deployment/windows-autopatch/overview/windows-autopatch-faq.yml
@@ -4,7 +4,7 @@ metadata:
   description: Answers to frequently asked questions about Windows Autopatch.
   ms.prod: windows-client
   ms.topic: faq
-  ms.date: 02/28/2023
+  ms.date: 05/04/2023
   audience: itpro
   ms.localizationpriority: medium
   manager: dougeby

From 410c541c72f349dbfd5341ad79fb41d9fff7e636 Mon Sep 17 00:00:00 2001
From: Vinay Pamnani <37223378+vinaypamnani-msft@users.noreply.github.com>
Date: Thu, 4 May 2023 14:16:38 -0400
Subject: [PATCH 21/22] Learn Editor: Update
 provisioning-script-to-install-app.md

---
 .../provisioning-script-to-install-app.md                | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/windows/configuration/provisioning-packages/provisioning-script-to-install-app.md b/windows/configuration/provisioning-packages/provisioning-script-to-install-app.md
index 00a55c6d95..e766825729 100644
--- a/windows/configuration/provisioning-packages/provisioning-script-to-install-app.md
+++ b/windows/configuration/provisioning-packages/provisioning-script-to-install-app.md
@@ -158,13 +158,14 @@ echo result: %ERRORLEVEL% >> %LOGFILE%
 
 ### Calling multiple scripts in the package
 
-Your provisioning package can include multiple CommandLines.
+Your provisioning package can include multiple **CommandFiles**.
 
-You are allowed one CommandLine per provisioning package. The batch files shown above are orchestrator scripts that manage the installation and call any other scripts included in the provisioning package. The orchestrator script is what should be invoked from the CommandLine specified in the package. 
+You are allowed one **CommandLine** per provisioning package. The batch files shown above are orchestrator scripts that manage the installation and call any other scripts included in the provisioning package. The orchestrator script is what should be invoked from the **CommandLine** specified in the package. 
 
 Here’s a table describing this relationship, using the PowerShell example from above:
 
 
+
 |ICD Setting | Value  | Description |
 | --- | --- | --- |
 | ProvisioningCommands/DeviceContext/CommandLine | cmd /c PowerShell_Example.bat | The command line needed to invoke the orchestrator script. |
@@ -194,6 +195,7 @@ In Windows Configuration Designer, that is done by adding files under the `Provi
 When you are done, [build the package](provisioning-create-package.md#build-package). 
  
 
+
 ### Remarks
 
 1. No user interaction or console output is supported via ProvisioningCommands. All work needs to be silent. If your script attempts to do any of the following it will cause undefined behavior, and could put the device in an unrecoverable state if executed during setup or the Out of Box Experience:
@@ -217,7 +219,6 @@ When you are done, [build the package](provisioning-create-package.md#build-pack
     >There is a timeout of 30 minutes for the provisioning process at this point. All scripts and installs need to complete within this time. 
 7. The scripts are executed in the background as the rest of provisioning continues to run. For packages added on existing systems using the double-click to install, there is no notification that provisioning or script execution has completed
 
-
 ## Related articles
 
 - [Provisioning packages for Windows client](provisioning-packages.md)
@@ -230,3 +231,5 @@ When you are done, [build the package](provisioning-create-package.md#build-pack
 - [Windows Configuration Designer command-line interface (reference)](provisioning-command-line.md)
 - [PowerShell cmdlets for provisioning Windows client (reference)](provisioning-powershell.md)
 - [Create a provisioning package with multivariant settings](provisioning-multivariant.md)
+
+

From 976610a5a9295b8546060666215dbf7b6009a3c4 Mon Sep 17 00:00:00 2001
From: Vinay Pamnani <37223378+vinaypamnani-msft@users.noreply.github.com>
Date: Thu, 4 May 2023 15:04:34 -0400
Subject: [PATCH 22/22] acro-fixes and remove events section

---
 ...defender-smartscreen-available-settings.md | 11 ++++---
 ...microsoft-defender-smartscreen-overview.md | 32 ++-----------------
 ...otection-microsoft-defender-smartscreen.md | 25 +++++++--------
 3 files changed, 20 insertions(+), 48 deletions(-)

diff --git a/windows/security/threat-protection/microsoft-defender-smartscreen/microsoft-defender-smartscreen-available-settings.md b/windows/security/threat-protection/microsoft-defender-smartscreen/microsoft-defender-smartscreen-available-settings.md
index 2bfa4ab0c5..3c1ed6dcea 100644
--- a/windows/security/threat-protection/microsoft-defender-smartscreen/microsoft-defender-smartscreen-available-settings.md
+++ b/windows/security/threat-protection/microsoft-defender-smartscreen/microsoft-defender-smartscreen-available-settings.md
@@ -27,22 +27,23 @@ SmartScreen uses registry-based Administrative Template policy settings.
 Setting|Supported on|Description|
 |--- |--- |--- |
 |**Windows 10, version 2004:** Administrative Templates\Windows Components\Windows Defender SmartScreen\Explorer\Configure Windows Defender SmartScreen|**Windows 10, version 1703:** Administrative Templates\Windows Components\Windows Defender SmartScreen\Explorer\Configure Windows Defender SmartScreen<br/><br/>**Windows 10, Version 1607 and earlier:** Administrative Templates\Windows Components\File Explorer\Configure Windows SmartScreen<br/><br/>**At least Windows Server 2012, Windows 8 or Windows RT**|This policy setting turns on Microsoft Defender SmartScreen. <br/><br/>If you enable this setting, it turns on Microsoft Defender SmartScreen and your employees are unable to turn it off. Additionally, when enabling this feature, you must also pick whether Microsoft Defender SmartScreen should Warn your employees or Warn and prevent bypassing the message (effectively blocking the employee from the site).<br/><br/>If you disable this setting, it turns off Microsoft Defender SmartScreen and your employees are unable to turn it on. <br/><br/>If you don't configure this setting, your employees can decide whether to use Microsoft Defender SmartScreen.|
-|**Windows 10, version 2004:** Administrative Templates\Windows Components\Windows Defender SmartScreen\Explorer\Configure App Install Control|**Windows 10, version 1703:** Administrative Templates\Windows Components\Windows Defender SmartScreen\Explorer\Configure App Install Control|This policy setting is intended to prevent malicious content from affecting your user's devices when downloading executable content from the internet.<br/><br/>This setting does not protect against malicious content from USB devices, network shares, or other non-internet sources.<br/><br/>**Important:**  Using a trustworthy browser helps ensure that these protections work as expected.|
+|**Windows 10, version 2004:** Administrative Templates\Windows Components\Windows Defender SmartScreen\Explorer\Configure App Install Control|**Windows 10, version 1703:** Administrative Templates\Windows Components\Windows Defender SmartScreen\Explorer\Configure App Install Control|This policy setting is intended to prevent malicious content from affecting your user's devices when downloading executable content from the internet.<br/><br/>This setting doesn't protect against malicious content from USB devices, network shares, or other non-internet sources.<br/><br/>**Important:**  Using a trustworthy browser helps ensure that these protections work as expected.|
 |**Windows 10, version 2004:** Administrative Templates\Windows Components\Windows Defender SmartScreen\Microsoft Edge\Configure Windows Defender SmartScreen (Microsoft Edge version 45 and earlier)<br/><br/>Administrative Templates\Microsoft Edge\SmartScreen settings\Configure Microsoft Defender SmartScreen (Microsoft Edge version 77 or later)<br/><br/>**Windows 10, version 1703:** Administrative Templates\Windows Components\Windows Defender SmartScreen\Microsoft Edge\Configure Windows Defender SmartScreen (Microsoft Edge version 45 and earlier)<br/><br/>Administrative Templates\Microsoft Edge\SmartScreen settings\Configure Microsoft Defender SmartScreen (Microsoft Edge version 77 or later)<br/><br/>**Windows 10, Version 1607 and earlier:** Administrative Templates\Windows Components\Microsoft Edge\Configure Windows SmartScreen|Microsoft Edge on Windows 10 or Windows 11|This policy setting turns on Microsoft Defender SmartScreen. <br/><br/>If you enable this setting, it turns on Microsoft Defender SmartScreen and your employees are unable to turn it off.<br/><br/>If you disable this setting, it turns off Microsoft Defender SmartScreen and your employees are unable to turn it on. <br/><br/>If you don't configure this setting, your employees can decide whether to use Microsoft Defender SmartScreen.|
 |**Windows 10, version 2004:** Administrative Templates\Windows Components\Windows Defender SmartScreen\Microsoft Edge\Prevent bypassing Windows Defender SmartScreen prompts for files (Microsoft Edge version 45 and earlier)<br/><br/>Administrative Templates\Microsoft Edge\SmartScreen settings\Prevent bypassing of Microsoft Defender SmartScreen warnings about downloads (Microsoft Edge version 77 or later)<br/><br/>**Windows 10, version 1703:** Administrative Templates\Windows Components\Windows Defender SmartScreen\Microsoft Edge\Prevent bypassing Windows Defender SmartScreen prompts for files (Microsoft Edge version 45 and earlier)<br/><br/>Administrative Templates\Microsoft Edge\SmartScreen settings\Prevent bypassing of Microsoft Defender SmartScreen warnings about downloads (Microsoft Edge version 77 or later)<br/><br/>**Windows 10, Version 1511 and 1607:** Administrative Templates\Windows Components\Microsoft Edge\Prevent bypassing Windows SmartScreen prompts for files|Microsoft Edge on Windows 10, version 1511 or later|This policy setting stops employees from bypassing the Microsoft Defender SmartScreen warnings about potentially malicious files.<br/><br/>If you enable this setting, it stops employees from bypassing the warning, stopping the file download.<br/><br/>If you disable or don't configure this setting, your employees can bypass the warnings and continue to download potentially malicious files.|
 |**Windows 10, version 2004:** Administrative Templates\Windows Components\Windows Defender SmartScreen\Microsoft Edge\Prevent bypassing Windows Defender SmartScreen prompts for sites (Microsoft Edge version 45 and earlier)<br/><br/>Administrative Templates\Microsoft Edge\SmartScreen settings\Prevent bypassing Microsoft Defender SmartScreen prompts for sites (Microsoft Edge version 77 or later)<br/><br/>**Windows 10, version 1703:** Administrative Templates\Windows Components\Windows Defender SmartScreen\Microsoft Edge\Prevent bypassing Windows Defender SmartScreen prompts for sites (Microsoft Edge version 45 and earlier)<br/><br/>Administrative Templates\Microsoft Edge\SmartScreen settings\Prevent bypassing Microsoft Defender SmartScreen prompts for sites (Microsoft Edge version 77 or later)<br/><br/>**Windows 10, Version 1511 and 1607:** Administrative Templates\Windows Components\Microsoft Edge\Prevent bypassing Windows SmartScreen prompts for sites|Microsoft Edge on Windows 10, version 1511 or later|This policy setting stops employees from bypassing the Microsoft Defender SmartScreen warnings about potentially malicious sites.<br/><br/>If you enable this setting, it stops employees from bypassing the warning, stopping them from going to the site.<br/><br/>If you disable or don't configure this setting, your employees can bypass the warnings and continue to visit a potentially malicious site.|
-|Administrative Templates\Windows Components\Internet Explorer\Prevent managing SmartScreen Filter|Internet Explorer 9 or later|This policy setting prevents the employee from managing Microsoft Defender SmartScreen.<br/><br/>If you enable this policy setting, the employee isn't prompted to turn on Microsoft Defender SmartScreen. All website addresses that are not on the filter's allow list are sent automatically to Microsoft without prompting the employee.<br/><br/>If you disable or don't configure this policy setting, the employee is prompted to decide whether to turn on Microsoft Defender SmartScreen during the first-run experience.|
+|Administrative Templates\Windows Components\Internet Explorer\Prevent managing SmartScreen Filter|Internet Explorer 9 or later|This policy setting prevents the employee from managing Microsoft Defender SmartScreen.<br/><br/>If you enable this policy setting, the employee isn't prompted to turn on Microsoft Defender SmartScreen. All website addresses that aren't on the filter's allowlist are sent automatically to Microsoft without prompting the employee.<br/><br/>If you disable or don't configure this policy setting, the employee is prompted to decide whether to turn on Microsoft Defender SmartScreen during the first-run experience.|
 |Administrative Templates\Windows Components\Internet Explorer\Prevent bypassing SmartScreen Filter warnings|Internet Explorer 8 or later|This policy setting determines whether an employee can bypass warnings from Microsoft Defender SmartScreen.<br/><br/>If you enable this policy setting, Microsoft Defender SmartScreen warnings block the employee.<br/><br/>If you disable or don't configure this policy setting, the employee can bypass Microsoft Defender SmartScreen warnings.|
-|Administrative Templates\Windows Components\Internet Explorer\Prevent bypassing SmartScreen Filter warnings about files that are not commonly downloaded from the Internet|Internet Explorer 9 or later|This policy setting determines whether the employee can bypass warnings from Microsoft Defender SmartScreen. Microsoft Defender SmartScreen warns the employee about executable files that Internet Explorer users do not commonly download from the Internet.<br/><br/>If you enable this policy setting, Microsoft Defender SmartScreen warnings block the employee.<br/><br/>If you disable or don't configure this policy setting, the employee can bypass Microsoft Defender SmartScreen warnings.|
+|Administrative Templates\Windows Components\Internet Explorer\Prevent bypassing SmartScreen Filter warnings about files that aren't commonly downloaded from the Internet|Internet Explorer 9 or later|This policy setting determines whether the employee can bypass warnings from Microsoft Defender SmartScreen. Microsoft Defender SmartScreen warns the employee about executable files that Internet Explorer users don't commonly download from the Internet.<br/><br/>If you enable this policy setting, Microsoft Defender SmartScreen warnings block the employee.<br/><br/>If you disable or don't configure this policy setting, the employee can bypass Microsoft Defender SmartScreen warnings.|
 
 ## MDM settings
 
-If you manage your policies using Microsoft Intune, you'll want to use these MDM policy settings. All settings support  desktop computers running Windows 10 Pro or Windows 10 Enterprise, enrolled with Microsoft Intune.  <br><br>
+If you manage your policies using Microsoft Intune, use these MDM policy settings. All settings support desktop computers running Windows 10/11 Pro or Windows 10/11 Enterprise, enrolled with Microsoft Intune.
+
 For Microsoft Defender SmartScreen Edge MDM policies, see [Policy CSP - Browser](/windows/client-management/mdm/policy-csp-browser).
 
 |Setting|Supported versions|Details|
 |--- |--- |--- |
-|AllowSmartScreen|Windows 10|<li>**URI full path.**  ./Vendor/MSFT/Policy/Config/Browser/AllowSmartScreen<li>**Data type.**  Integer<li>**Allowed values:**<ul><li>**0 .**  Turns off Microsoft Defender SmartScreen in Edge.<li>**1.**  Turns on Microsoft Defender SmartScreen in Edge.|
+|AllowSmartScreen|Windows 10|<li>**URI full path.**  ./Vendor/MSFT/Policy/Config/Browser/AllowSmartScreen<li>**Data type.**  Integer<li>**Allowed values:**<ul><li>**0 .**  Turns off Microsoft Defender SmartScreen in Microsoft Edge.<li>**1.**  Turns on Microsoft Defender SmartScreen in Microsoft Edge.|
 |EnableAppInstallControl|Windows 10, version 1703|<li>**URI full path.**  ./Vendor/MSFT/Policy/Config/SmartScreen/EnableAppInstallControl<li>**Data type.**  Integer<li>**Allowed values:**<ul><li>**0 .**  Turns off Application Installation Control, allowing users to download and install files from anywhere on the web.<li>**1.**  Turns on Application Installation Control, allowing users to install apps from the Microsoft Store only.|
 |EnableSmartScreenInShell|Windows 10, version 1703|<li>**URI full path.**  ./Vendor/MSFT/Policy/Config/SmartScreen/EnableSmartScreenInShell<li>**Data type.**  Integer<li>**Allowed values:**<ul><li>**0 .**  Turns off Microsoft Defender SmartScreen in Windows for app and file execution.<li>**1.**  Turns on Microsoft Defender SmartScreen in Windows for app and file execution.|
 |PreventOverrideForFilesInShell|Windows 10, version 1703|<li>**URI full path.**  ./Vendor/MSFT/Policy/Config/SmartScreen/PreventOverrideForFilesInShell<li>**Data type.**  Integer<li>**Allowed values:**<ul><li>**0 .**  Employees can ignore Microsoft Defender SmartScreen warnings and run malicious files.<li>**1.**  Employees can't ignore Microsoft Defender SmartScreen warnings and run malicious files.|
diff --git a/windows/security/threat-protection/microsoft-defender-smartscreen/microsoft-defender-smartscreen-overview.md b/windows/security/threat-protection/microsoft-defender-smartscreen/microsoft-defender-smartscreen-overview.md
index f02f92e204..e7f02d821d 100644
--- a/windows/security/threat-protection/microsoft-defender-smartscreen/microsoft-defender-smartscreen-overview.md
+++ b/windows/security/threat-protection/microsoft-defender-smartscreen/microsoft-defender-smartscreen-overview.md
@@ -26,20 +26,20 @@ Microsoft Defender SmartScreen protects against phishing or malware websites and
 
 **Microsoft Defender SmartScreen determines whether a site is potentially malicious by:**
 
-- Analyzing visited webpages and looking for indications of suspicious behavior. If Microsoft Defender SmartScreen determines that a page is suspicious, it will show a warning page to advise caution.
+- Analyzing visited webpages and looking for indications of suspicious behavior. If Microsoft Defender SmartScreen determines that a page is suspicious, it shows a warning page to advise caution.
 - Checking the visited sites against a dynamic list of reported phishing sites and malicious software sites. If it finds a match, Microsoft Defender SmartScreen shows a warning to let the user know that the site might be malicious.
 
 **Microsoft Defender SmartScreen determines whether a downloaded app or app installer is potentially malicious by:**
 
 - Checking downloaded files against a list of reported malicious software sites and programs known to be unsafe. If it finds a match, Microsoft Defender SmartScreen shows a warning to let the user know that the site might be malicious.
-- Checking downloaded files against a list of files that are well known and downloaded by many Windows users. If the file isn't on that list, Microsoft Defender SmartScreen shows a warning, advising caution.
+- Checking downloaded files against a list of files that are well known and downloaded frequently. If the file isn't on that list, Microsoft Defender SmartScreen shows a warning, advising caution.
 
 ## Benefits of Microsoft Defender SmartScreen
 
 Microsoft Defender SmartScreen provide an early warning system against websites that might engage in phishing attacks or attempt to distribute malware through a socially engineered attack. The primary benefits are:
 
 - **Anti-phishing and anti-malware support:** Microsoft Defender SmartScreen helps to protect users from sites that are reported to host phishing attacks or attempt to distribute malicious software. It can also help protect against deceptive advertisements, scam sites, and drive-by attacks. Drive-by attacks are web-based attacks that tend to start on a trusted site, targeting security vulnerabilities in commonly used software. Because drive-by attacks can happen even if the user doesn't select or download anything on the page, the danger often goes unnoticed. For more information about drive-by attacks, see [Evolving Microsoft Defender SmartScreen to protect you from drive-by attacks](https://blogs.windows.com/msedgedev/2015/12/16/SmartScreen-drive-by-improvements/).
-- **Reputation-based URL and app protection:** Microsoft Defender SmartScreen evaluates a website's URLs to determine if they're known to distribute or host unsafe content. It also provides reputation checks for apps, checking downloaded programs and the digital signature used to sign a file. If a URL, a file, an app, or a certificate has an established reputation, users won't see any warnings. If there's no reputation, the item is marked as a higher risk and presents a warning to the user.
+- **Reputation-based URL and app protection:** Microsoft Defender SmartScreen evaluates a website's URLs to determine if they're known to distribute or host unsafe content. It also provides reputation checks for apps, checking downloaded programs and the digital signature used to sign a file. If a URL, a file, an app, or a certificate has an established reputation, users don't see any warnings. If there's no reputation, the item is marked as a higher risk and presents a warning to the user.
 - **Operating system integration:** Microsoft Defender SmartScreen is integrated into the Windows 10 operating system. It checks any files an app (including 3rd-party browsers and email clients) that attempts to download and run.
 - **Improved heuristics and diagnostic data:** Microsoft Defender SmartScreen is constantly learning and endeavoring to stay up to date, so it can help to protect you against potentially malicious sites and files.
 - **Management through group policy and Microsoft Intune:** Microsoft Defender SmartScreen supports using both group policy and Microsoft Intune settings. For more info about all available settings, see [Available Microsoft Defender SmartScreen group policy and mobile device management (MDM) settings](microsoft-defender-smartscreen-available-settings.md).
@@ -56,32 +56,6 @@ When submitting a file for Microsoft Defender SmartScreen, make sure to select *
 
 ![Windows Security, Microsoft Defender SmartScreen controls.](images/Microsoft-defender-smartscreen-submission.png)
 
-## Viewing Microsoft Defender SmartScreen anti-phishing events
-
-> [!NOTE]
-> No SmartScreen events are logged when using Microsoft Edge version 77 or later.
-
-When Microsoft Defender SmartScreen warns or blocks a user from a website, it's logged as [Event 1035 - Anti-Phishing](/previous-versions/windows/internet-explorer/ie-developer/compatibility/dd565657(v=vs.85)).
-
-## Viewing Windows event logs for Microsoft Defender SmartScreen
-
-Microsoft Defender SmartScreen events appear in the Microsoft-Windows-SmartScreen/Debug log, in the Event Viewer.
-
-Windows event log for SmartScreen is disabled by default, users can use Event Viewer UI to enable the log or use the command line to enable it:
-
-```console
-wevtutil sl Microsoft-Windows-SmartScreen/Debug /e:true
-```
-
-> [!NOTE]
-> For information on how to use the Event Viewer, see [Windows Event Viewer](/host-integration-server/core/windows-event-viewer1).
-
-| EventID | Description |
-|---|---|
-| 1000 | Application Windows Defender SmartScreen Event |
-| 1001 | Uri Windows Defender SmartScreen Event |
-| 1002 | User Decision Windows Defender SmartScreen Event |
-
 ## Related articles
 
 - [SmartScreen frequently asked questions](https://fb.smartscreen.microsoft.com/smartscreenfaq.aspx)
diff --git a/windows/security/threat-protection/microsoft-defender-smartscreen/phishing-protection-microsoft-defender-smartscreen.md b/windows/security/threat-protection/microsoft-defender-smartscreen/phishing-protection-microsoft-defender-smartscreen.md
index 1a58e68eb5..aa2ffc3b9d 100644
--- a/windows/security/threat-protection/microsoft-defender-smartscreen/phishing-protection-microsoft-defender-smartscreen.md
+++ b/windows/security/threat-protection/microsoft-defender-smartscreen/phishing-protection-microsoft-defender-smartscreen.md
@@ -19,12 +19,10 @@ ms.topic: conceptual
 
 Starting in Windows 11, version 22H2, Enhanced Phishing Protection in Microsoft Defender SmartScreen helps protect Microsoft school or work passwords against phishing and unsafe usage on sites and apps.
 
-Enhanced Phishing Protection works alongside Windows security protections, and helps protect typed work or school passwords used to sign into Windows 11 in three ways:
-
-- If users type their work or school password on any Chromium browser, into a site deemed malicious by Microsoft Defender SmartScreen, Enhanced Phishing Protection will alert them. It will also prompt them to change their password so attackers can't gain access to their account.
+Enhanced Phishing Protection works alongside Windows security protections, and helps protect typed work or school passwords used to sign into Windows 11 in these ways:
 
+- If users type their work or school password on any Chromium browser, into a site deemed malicious by Microsoft Defender SmartScreen, Enhanced Phishing Protection alerts them. It also prompts them to change their password so attackers can't gain access to their account.
 - Reusing work or school passwords makes it easy for attackers who compromise a user's password to gain access to their other accounts. Enhanced Phishing Protection can warn users if they reuse their work or school Microsoft account password on sites and apps and prompt them to change their password.
-
 - Since it's unsafe to store plaintext passwords in text editors, Enhanced Phishing Protection can warn users if they store their work or school password in Notepad, Word, or any Microsoft 365 Office app, and recommends they delete their password from the file.
 
 ## Benefits of Enhanced Phishing Protection in Microsoft Defender SmartScreen
@@ -35,13 +33,13 @@ Enhanced Phishing Protection provides robust phishing protections for work or sc
 
 - **Secure operating system integration:** Enhanced Phishing Protection is integrated directly into the Windows 11 operating system, so it can understand users' password entry context (including process connections, URLs, certificate information) in any browser or app. Because Enhanced Phishing Protection has unparalleled insight into what is happening at the OS level, it can identify when users type their work or school password unsafely. If users do use their work or school password unsafely, the feature empowers users to change their password to minimize chances of their compromised credential being weaponized against them.
 
-- **Unparalleled telemetry shared throughout Microsoft's security suite:** Enhanced Phishing Protection is constantly learning from phishing attacks seen throughout the entire Microsoft security stack. It works alongside other Microsoft security products, to provide a layered approach to password security, especially for organizations early in their password-less authentication journey. If your organization uses Microsoft Defender for Endpoint, you'll be able to see valuable phishing sensors data in the Microsoft 365 Defender Portal. This portal lets you view Enhanced Phishing Protection alerts and reports for unsafe password usage in your environment.
+- **Unparalleled telemetry shared throughout Microsoft's security suite:** Enhanced Phishing Protection is constantly learning from phishing attacks seen throughout the entire Microsoft security stack. It works alongside other Microsoft security products, to provide a layered approach to password security, especially for organizations early in their password-less authentication journey. If your organization uses Microsoft Defender for Endpoint, you can see valuable phishing sensors data in the Microsoft 365 Defender Portal. This portal lets you view Enhanced Phishing Protection alerts and reports for unsafe password usage in your environment.
 
-- **Easy management through Group Policy and Microsoft Intune:** Enhanced Phishing Protection works with Group Policy and mobile device management (MDM) settings to help you manage your organization's computer settings. Based on how you set up Enhanced Phishing Protection, you can customize which phishing protection scenarios will show users warning dialogs. For example, the Service Enabled setting determines whether the Enhanced Phishing Protection service is on or off. The feature will be in audit mode if the other settings, which correspond to notification policies, aren't enabled.
+- **Easy management through Group Policy and Microsoft Intune:** Enhanced Phishing Protection works with Group Policy and mobile device management (MDM) settings to help you manage your organization's computer settings. Based on how you set up Enhanced Phishing Protection, you can customize which phishing protection scenarios show users warning dialogs. For example, the Service Enabled setting determines whether the Enhanced Phishing Protection service is on or off. The feature is in audit mode if the other settings, which correspond to notification policies, aren't enabled.
 
 ## Configure Enhanced Phishing Protection for your organization
 
-Enhanced Phishing Protection can be configured via Microsoft Intune, Group Policy Objects (GPO) or Configuration Service Providers (CSP) with an MDM service. Follow the instructions below to configure your devices using either Microsoft Intune, GPO or CSP.
+Enhanced Phishing Protection can be configured via Microsoft Intune, Group Policy Objects (GPO) or Configuration Service Providers (CSP) with an MDM service. Follow these instructions to configure your devices using either Microsoft Intune, GPO or CSP.
 
 #### [:::image type="icon" source="images/icons/intune.svg"::: **Intune**](#tab/intune)
 
@@ -50,10 +48,9 @@ To configure devices using Microsoft Intune, create a [**Settings catalog** poli
 |Setting|Description|
 |---------|---------|
 |Service Enabled |This policy setting determines whether Enhanced Phishing Protection is in audit mode or off. Users don't see any notifications for any protection scenarios when Enhanced Phishing Protection is in audit mode. In audit mode, Enhanced Phishing Protection captures unsafe password entry events and sends diagnostic data through Microsoft Defender.<li> If you enable or don't configure this setting, Enhanced Phishing Protection is enabled in audit mode, preventing users to turn it off.</li><li> If you disable this policy setting, Enhanced Phishing Protection is off. When off, Enhanced Phishing Protection doesn't capture events, send data, or notify users. Additionally, your users are unable to turn it on.</li>|
-|Notify Malicious|This policy setting determines whether Enhanced Phishing Protection warns your users if they type their work or school password into one of the following malicious scenarios: into a reported phishing site, into a sign-in URL with an invalid certificate, or into an application connecting to either a reported phishing site or a sign-in URL with an invalid certificate<li> If you enable this policy setting, Enhanced Phishing Protection warns your users if they type their work or school password into one of the malicious scenarios described above and encourages them to change their password.</li><li> If you disable or don't configure this policy setting, Enhanced Phishing Protection won't warn your users if they type their work or school password into one of the malicious scenarios described above.|
-|Notify Password Reuse |This policy setting determines whether Enhanced Phishing Protection warns your users if they reuse their work or school password.<li> If you enable this policy setting, Enhanced Phishing Protection warns users if they reuse their work or school password and encourages them to change it.</li><li> If you disable or don't configure this policy setting, Enhanced Phishing Protection won't warn users if they reuse their work or school password.|
-|Notify Unsafe App|This policy setting determines whether Enhanced Phishing Protection warns your users if they type their work or school passwords in Notepad or Microsoft 365 Office Apps.<li> If you enable this policy setting, Enhanced Phishing Protection warns your users if they store their password in Notepad or Microsoft 365 Office Apps.</li><li> If you disable or don't configure this policy setting, Enhanced Phishing Protection won't warn users if they store their password in Notepad or Microsoft 365 Office Apps.|
-
+|Notify Malicious|This policy setting determines whether Enhanced Phishing Protection warns your users if they type their work or school password into one of the following malicious scenarios: into a reported phishing site, into a sign-in URL with an invalid certificate, or into an application connecting to either a reported phishing site or a sign-in URL with an invalid certificate<li> If you enable this policy setting, Enhanced Phishing Protection warns your users if they type their work or school password into one of the malicious scenarios described above and encourages them to change their password.</li><li> If you disable or don't configure this policy setting, Enhanced Phishing Protection doesn't warn users if they type their work or school password into one of the malicious scenarios described above.|
+|Notify Password Reuse |This policy setting determines whether Enhanced Phishing Protection warns your users if they reuse their work or school password.<li> If you enable this policy setting, Enhanced Phishing Protection warns users if they reuse their work or school password and encourages them to change it.</li><li> If you disable or don't configure this policy setting, Enhanced Phishing Protection doesn't warn users if they reuse their work or school password.|
+|Notify Unsafe App|This policy setting determines whether Enhanced Phishing Protection warns your users if they type their work or school passwords in Notepad or Microsoft 365 Office Apps.<li> If you enable this policy setting, Enhanced Phishing Protection warns your users if they store their password in Notepad or Microsoft 365 Office Apps.</li><li> If you disable or don't configure this policy setting, Enhanced Phishing Protection doesn't warn users if they store their password in Notepad or Microsoft 365 Office Apps.|
 
 Assign the policy to a security group that contains as members the devices or users that you want to configure.
 
@@ -64,9 +61,9 @@ Enhanced Phishing Protection can be configured using the following Administrativ
 |Setting|Description|
 |---------|---------|
 |Administrative Templates\Windows Components\Windows Defender SmartScreen\Enhanced Phishing Protection\Service Enabled |This policy setting determines whether Enhanced Phishing Protection is in audit mode or off. Users don't see any notifications for any protection scenarios when Enhanced Phishing Protection is in audit mode. In audit mode, Enhanced Phishing Protection captures unsafe password entry events and sends diagnostic data through Microsoft Defender.<li> If you enable or don't configure this setting, Enhanced Phishing Protection is enabled in audit mode, preventing users to turn it off.</li><li> If you disable this policy setting, Enhanced Phishing Protection is off. When off, Enhanced Phishing Protection doesn't capture events, send data, or notify users. Additionally, your users are unable to turn it on.</li>|
-|Administrative Templates\Windows Components\Windows Defender SmartScreen\Enhanced Phishing Protection\Notify Malicious|This policy setting determines whether Enhanced Phishing Protection warns your users if they type their work or school password into one of the following malicious scenarios: into a reported phishing site, into a sign-in URL with an invalid certificate, or into an application connecting to either a reported phishing site or a sign-in URL with an invalid certificate<li> If you enable this policy setting, Enhanced Phishing Protection warns your users if they type their work or school password into one of the malicious scenarios described above and encourages them to change their password.</li><li> If you disable or don't configure this policy setting, Enhanced Phishing Protection won't warn your users if they type their work or school password into one of the malicious scenarios described above.|
-|Administrative Templates\Windows Components\Windows Defender SmartScreen\Enhanced Phishing Protection\Notify Password Reuse |This policy setting determines whether Enhanced Phishing Protection warns your users if they reuse their work or school password.<li> If you enable this policy setting, Enhanced Phishing Protection warns users if they reuse their work or school password and encourages them to change it.</li><li> If you disable or don't configure this policy setting, Enhanced Phishing Protection won't warn users if they reuse their work or school password.|
-|Administrative Templates\Windows Components\Windows Defender SmartScreen\Enhanced Phishing Protection\Notify Unsafe App|This policy setting determines whether Enhanced Phishing Protection warns your users if they type their work or school passwords in Notepad or Microsoft 365 Office Apps.<li> If you enable this policy setting, Enhanced Phishing Protection warns your users if they store their password in Notepad or Microsoft 365 Office Apps.</li><li> If you disable or don't configure this policy setting, Enhanced Phishing Protection won't warn users if they store their password in Notepad or Microsoft 365 Office Apps.|
+|Administrative Templates\Windows Components\Windows Defender SmartScreen\Enhanced Phishing Protection\Notify Malicious|This policy setting determines whether Enhanced Phishing Protection warns your users if they type their work or school password into one of the following malicious scenarios: into a reported phishing site, into a sign-in URL with an invalid certificate, or into an application connecting to either a reported phishing site or a sign-in URL with an invalid certificate<li> If you enable this policy setting, Enhanced Phishing Protection warns your users if they type their work or school password into one of the malicious scenarios described above and encourages them to change their password.</li><li> If you disable or don't configure this policy setting, Enhanced Phishing Protection doesn't warn users if they type their work or school password into one of the malicious scenarios described above.|
+|Administrative Templates\Windows Components\Windows Defender SmartScreen\Enhanced Phishing Protection\Notify Password Reuse |This policy setting determines whether Enhanced Phishing Protection warns your users if they reuse their work or school password.<li> If you enable this policy setting, Enhanced Phishing Protection warns users if they reuse their work or school password and encourages them to change it.</li><li> If you disable or don't configure this policy setting, Enhanced Phishing Protection doesn't warn users if they reuse their work or school password.|
+|Administrative Templates\Windows Components\Windows Defender SmartScreen\Enhanced Phishing Protection\Notify Unsafe App|This policy setting determines whether Enhanced Phishing Protection warns your users if they type their work or school passwords in Notepad or Microsoft 365 Office Apps.<li> If you enable this policy setting, Enhanced Phishing Protection warns your users if they store their password in Notepad or Microsoft 365 Office Apps.</li><li> If you disable or don't configure this policy setting, Enhanced Phishing Protection doesn't warn users if they store their password in Notepad or Microsoft 365 Office Apps.|
 
 #### [:::image type="icon" source="images/icons/windows-os.svg"::: **CSP**](#tab/csp)