>**|
| Prevent the First Run webpage from opening on Microsoft Edge | HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\MicrosoftEdge\\Main
REG_DWORD name: PreventFirstRunPage
Value: **1**|
@@ -875,7 +875,7 @@ To turn off **Let apps use my advertising ID for experiences across apps (turnin
- Create a REG_DWORD registry setting named **DisabledByGroupPolicy** in **HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\AdvertisingInfo** with a value of 1 (one).
-To turn off **Turn on SmartScreen Filter to check web content (URLs) that Microsoft Store apps use**:
+To turn off **Turn on Windows Defender SmartScreen to check web content (URLs) that Microsoft Store apps use**:
- Turn off the feature in the UI.
diff --git a/windows/security/information-protection/secure-the-windows-10-boot-process.md b/windows/security/information-protection/secure-the-windows-10-boot-process.md
index 73692e6065..3184dad28e 100644
--- a/windows/security/information-protection/secure-the-windows-10-boot-process.md
+++ b/windows/security/information-protection/secure-the-windows-10-boot-process.md
@@ -25,7 +25,7 @@ ms.author: dansimp
The Windows operating system has many features to help protect you from malware, and it does an amazingly good job. Except for apps that businesses develop and use internally, all Microsoft Store apps must meet a series of requirements to be certified and included in the Microsoft Store. This certification process examines several criteria, including security, and is an effective means of preventing malware from entering the Microsoft Store. Even if a malicious app does get through, the Windows 10 operating system includes a series of security features that can mitigate the impact. For instance, Microsoft Store apps are sandboxed and lack the privileges necessary to access user data or change system settings.
-Windows 10 has multiple levels of protection for desktop apps and data, too. Windows Defender uses signatures to detect and quarantine apps that are known to be malicious. The SmartScreen Filter warns users before allowing them to run an untrustworthy app, even if it’s recognized as malware. Before an app can change system settings, the user would have to grant the app administrative privileges by using User Account Control.
+Windows 10 has multiple levels of protection for desktop apps and data, too. Windows Defender uses signatures to detect and quarantine apps that are known to be malicious. The Windows Defender SmartScreen warns users before allowing them to run an untrustworthy app, even if it’s recognized as malware. Before an app can change system settings, the user would have to grant the app administrative privileges by using User Account Control.
Those are just some of the ways that Windows 10 protects you from malware. However, those security features protect you only after Windows 10 starts. Modern malware—and bootkits specifically—are capable of starting before Windows, completely bypassing operating system security, and remaining completely hidden.
diff --git a/windows/security/threat-protection/windows-defender-antivirus/configure-real-time-protection-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/configure-real-time-protection-windows-defender-antivirus.md
index 90c2964d84..0e03c92c86 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/configure-real-time-protection-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/configure-real-time-protection-windows-defender-antivirus.md
@@ -43,7 +43,7 @@ To configure these settings:
Location | Setting | Description | Default setting (if not configured)
---|---|---|---
Real-time protection | Monitor file and program activity on your computer | The Windows Defender Antivirus engine makes note of any file changes (file writes, such as moves, copies, or modifications) and general program activity (programs that are opened or running and that cause other programs to run) | Enabled
-Real-time protection | Scan all downloaded files and attachments | Downloaded files and attachments are automatically scanned. This operates in addition to the SmartScreen filter, which scans files before and during downloading | Enabled
+Real-time protection | Scan all downloaded files and attachments | Downloaded files and attachments are automatically scanned. This operates in addition to the Windows Defender SmartScreen, which scans files before and during downloading | Enabled
Real-time protection | Turn on process scanning whenever real-time protection is enabled | You can independently enable the Windows Defender Antivirus engine to scan running processes for suspicious modifications or behaviors. This is useful if you have temporarily disabled real-time protection and want to automatically scan processes that started while it was disabled | Enabled
Real-time protection | Turn on behavior monitoring | The AV engine will monitor file processes, file and registry changes, and other events on your endpoints for suspicious and known malicious activity | Enabled
Real-time protection | Turn on raw volume write notifications | Information about raw volume writes will be analyzed by behavior monitoring | Enabled
diff --git a/windows/security/threat-protection/windows-defender-smartscreen/windows-defender-smartscreen-available-settings.md b/windows/security/threat-protection/windows-defender-smartscreen/windows-defender-smartscreen-available-settings.md
index 1a7b1eae79..2df19534c7 100644
--- a/windows/security/threat-protection/windows-defender-smartscreen/windows-defender-smartscreen-available-settings.md
+++ b/windows/security/threat-protection/windows-defender-smartscreen/windows-defender-smartscreen-available-settings.md
@@ -1,7 +1,7 @@
---
title: Available Windows Defender SmartScreen Group Policy and mobile device management (MDM) settings (Windows 10)
description: A list of all available setttings for Windows Defender SmartScreen using Group Policy and mobile device management (MDM) settings.
-keywords: SmartScreen Filter, Windows SmartScreen
+keywords: SmartScreen Filter, Windows SmartScreen, Windows Defender SmartScreen
ms.prod: w10
ms.mktglfcycl: explore
ms.sitesec: library
@@ -60,17 +60,17 @@ SmartScreen uses registry-based Administrative Template policy settings. For mor
| Administrative Templates\Windows Components\Internet Explorer\Prevent managing SmartScreen Filter |
Internet Explorer 9 or later |
-This policy setting prevents the employee from managing SmartScreen Filter. If you enable this policy setting, the employee isn't prompted to turn on SmartScreen Filter. All website addresses that are not on the filter's allow list are sent automatically to Microsoft without prompting the employee. If you disable or don't configure this policy setting, the employee is prompted to decide whether to turn on SmartScreen Filter during the first-run experience. |
+This policy setting prevents the employee from managing Windows Defender SmartScreen. If you enable this policy setting, the employee isn't prompted to turn on Windows Defender SmartScreen. All website addresses that are not on the filter's allow list are sent automatically to Microsoft without prompting the employee. If you disable or don't configure this policy setting, the employee is prompted to decide whether to turn on Windows Defender SmartScreen during the first-run experience. |
| Administrative Templates\Windows Components\Internet Explorer\Prevent bypassing SmartScreen Filter warnings |
Internet Explorer 8 or later |
-This policy setting determines whether an employee can bypass warnings from SmartScreen Filter. If you enable this policy setting, SmartScreen Filter warnings block the employee. If you disable or don't configure this policy setting, the employee can bypass SmartScreen Filter warnings. |
+This policy setting determines whether an employee can bypass warnings from Windows Defender SmartScreen. If you enable this policy setting, Windows Defender SmartScreen warnings block the employee. If you disable or don't configure this policy setting, the employee can bypass Windows Defender SmartScreen warnings. |
| Administrative Templates\Windows Components\Internet Explorer\Prevent bypassing SmartScreen Filter warnings about files that are not commonly downloaded from the Internet |
Internet Explorer 9 or later |
-This policy setting determines whether the employee can bypass warnings from SmartScreen Filter. SmartScreen Filter warns the employee about executable files that Internet Explorer users do not commonly download from the Internet. If you enable this policy setting, SmartScreen Filter warnings block the employee. If you disable or don't configure this policy setting, the employee can bypass SmartScreen Filter warnings. |
+This policy setting determines whether the employee can bypass warnings from Windows Defender SmartScreen. Windows Defender SmartScreen warns the employee about executable files that Internet Explorer users do not commonly download from the Internet. If you enable this policy setting, Windows Defender SmartScreen warnings block the employee. If you disable or don't configure this policy setting, the employee can bypass Windows Defender SmartScreen warnings. |
diff --git a/windows/security/threat-protection/windows-defender-smartscreen/windows-defender-smartscreen-overview.md b/windows/security/threat-protection/windows-defender-smartscreen/windows-defender-smartscreen-overview.md
index 9d214a2b3c..f20aafd724 100644
--- a/windows/security/threat-protection/windows-defender-smartscreen/windows-defender-smartscreen-overview.md
+++ b/windows/security/threat-protection/windows-defender-smartscreen/windows-defender-smartscreen-overview.md
@@ -1,7 +1,7 @@
---
title: Windows Defender SmartScreen overview (Windows 10)
description: Conceptual info about Windows Defender SmartScreen.
-keywords: SmartScreen Filter, Windows SmartScreen
+keywords: SmartScreen Filter, Windows SmartScreen, Windows Defender SmartScreen
ms.prod: w10
ms.mktglfcycl: explore
ms.sitesec: library
@@ -35,7 +35,7 @@ Windows Defender SmartScreen helps to protect your employees if they try to visi
- Checking downloaded files against a list of files that are well known and downloaded by many Windows users. If the file isn't on that list, SmartScreen shows a warning, advising caution.
>[!NOTE]
- >Before Windows 10, version 1703 this feature was called the SmartScreen Filter when used within the browser and Windows SmartScreen when used outside of the browser.
+ >Before Windows 10, version 1703 this feature was called the Windows Defender SmartScreen when used within the browser and Windows SmartScreen when used outside of the browser.
## Benefits of Windows Defender SmartScreen
Windows Defender SmartScreen helps to provide an early warning system against websites that might engage in phishing attacks or attempt to distribute malware through a socially-engineered attack. The primary benefits are:
diff --git a/windows/security/threat-protection/windows-defender-smartscreen/windows-defender-smartscreen-set-individual-device.md b/windows/security/threat-protection/windows-defender-smartscreen/windows-defender-smartscreen-set-individual-device.md
index ca7c0039c1..484268a209 100644
--- a/windows/security/threat-protection/windows-defender-smartscreen/windows-defender-smartscreen-set-individual-device.md
+++ b/windows/security/threat-protection/windows-defender-smartscreen/windows-defender-smartscreen-set-individual-device.md
@@ -1,7 +1,7 @@
---
title: Set up and use Windows Defender SmartScreen on individual devices (Windows 10)
description: Steps about what happens when an employee tries to run an app, how employees can report websites as safe or unsafe, and how employees can use the Windows Security to set Windows Defender SmartScreen for individual devices.
-keywords: SmartScreen Filter, Windows SmartScreen
+keywords: SmartScreen Filter, Windows SmartScreen, Windows Defender SmartScreen
ms.prod: w10
ms.mktglfcycl: explore
ms.sitesec: library
diff --git a/windows/security/threat-protection/windows-security-configuration-framework/level-1-enterprise-basic-security.md b/windows/security/threat-protection/windows-security-configuration-framework/level-1-enterprise-basic-security.md
index fe043e036b..375900d1d6 100644
--- a/windows/security/threat-protection/windows-security-configuration-framework/level-1-enterprise-basic-security.md
+++ b/windows/security/threat-protection/windows-security-configuration-framework/level-1-enterprise-basic-security.md
@@ -199,8 +199,8 @@ Microsoft recommends using [the rings methodology](https://docs.microsoft.com/wi
| Windows Components / Event Log Service / Application | Specify the maximum log file size (KB) | 32768 | Specifies the maximum size of the log file in kilobytes. |
| Windows Components / Event Log Service / Security | Specify the maximum log file size (KB) | 196608 | Specifies the maximum size of the log file in kilobytes. |
| Windows Components / Event Log Service / System | Specify the maximum log file size (KB) | Enabled: 32768 | Specifies the maximum size of the log file in kilobytes. |
-| Windows Components / File Explorer | Configure Windows Defender SmartScreen | [[[main setting]]] = Enabled
Pick one of the following settings = Warn and prevent bypass | Configure whether to turn on Windows Defender SmartScreen to provide warning messages to help protect your employees from potential phishing scams and malicious software|
-| Windows Components / Internet Explorer | Prevent managing SmartScreen Filter | On | Prevents the user from managing SmartScreen Filter, which warns the user if the website being visited is known for fraudulent attempts to gather personal information through "phishing," or is known to host malware. |
+| Windows Components / File Explorer | Configure SmartScreen Filter | [[[main setting]]] = Enabled
Pick one of the following settings = Warn and prevent bypass | Configure whether to turn on Windows Defender SmartScreen to provide warning messages to help protect your employees from potential phishing scams and malicious software|
+| Windows Components / Internet Explorer | Prevent managing SmartScreen Filter | On | Prevents the user from managing Windows Defender SmartScreen, which warns the user if the website being visited is known for fraudulent attempts to gather personal information through "phishing," or is known to host malware. |
| Windows Components / Internet Explorer | Specify use of ActiveX Installer Service for installation of ActiveX controls | Enabled | This policy setting allows you to specify how ActiveX controls are installed. If you enable this policy setting, ActiveX controls are installed only if the ActiveX Installer Service is present and has been configured to allow the installation of ActiveX controls. If you disable or do not configure this policy setting, ActiveX controls, including per-user controls, are installed through the standard installation process. |
| Windows Components / Internet Explorer | Turn off the Security Settings Check feature | Disabled | This policy setting turns off the Security Settings Check feature, which checks Internet Explorer security settings to determine when the settings put Internet Explorer at risk. If you enable this policy setting, the feature is turned off. If you disable or do not configure this policy setting, the feature is turned on. |
| Windows Components / Internet Explorer / Internet Control Panel | Prevent ignoring certificate errors | Enabled | This policy setting prevents the user from ignoring Secure Sockets Layer/Transport Layer Security (SSL/TLS) certificate errors that interrupt browsing (such as "expired", "revoked", or "name mismatch" errors) in Internet Explorer. |
@@ -236,7 +236,7 @@ Microsoft recommends using [the rings methodology](https://docs.microsoft.com/wi
| Windows Components / Internet Explorer / Internet Control Panel / Security Page / Internet Zone | Show security warning for potentially unsafe files | Prompt | This policy setting controls whether the "Open File - Security Warning" message appears when the user tries to open executable files or other potentially unsafe files (from an intranet file share by using File Explorer, for example). |
| Windows Components / Internet Explorer / Internet Control Panel / Security Page / Internet Zone | Turn on Cross-Site Scripting Filter | Enabled: Enable | Controls whether the Cross-Site Scripting (XSS) Filter will detect and prevent cross-site script injections into websites in this zone. |
| Windows Components / Internet Explorer / Internet Control Panel / Security Page / Internet Zone | Turn on Protected Mode | Enable | Allows you to turn on Protected Mode. Protected Mode helps protect Internet Explorer from exploited vulnerabilities by reducing the locations that Internet Explorer can write to in the registry and the file system. |
-| Windows Components / Internet Explorer / Internet Control Panel / Security Page / Internet Zone | Turn on SmartScreen Filter scan | Enable | Controls whether SmartScreen Filter scans pages in this zone for malicious content. |
+| Windows Components / Internet Explorer / Internet Control Panel / Security Page / Internet Zone | Turn on SmartScreen Filter scan | Enable | Controls whether Windows Defender SmartScreen scans pages in this zone for malicious content. |
| Windows Components / Internet Explorer / Internet Control Panel / Security Page / Internet Zone | Use Pop-up Blocker | Enabled: Enable | Allows you to manage whether unwanted pop-up windows appear. Pop-up windows that are opened when the end user clicks a link are not blocked. |
| Windows Components / Internet Explorer / Internet Control Panel / Security Page / Internet Zone | Userdata persistence | Disable | This policy setting allows you to manage the preservation of information in the browser's history, in favorites, in an XML store, or directly within a Web page saved to disk. When a user returns to a persisted page, the state of the page can be restored if this policy setting is appropriately configured. |
| Windows Components / Internet Explorer / Internet Control Panel / Security Page / Internet Zone | Web sites in less privileged Web content zones can navigate into this zone | Disable | This policy setting allows you to manage whether Web sites from less privileged zones, such as Restricted Sites, can navigate into this zone. |
@@ -245,11 +245,11 @@ Microsoft recommends using [the rings methodology](https://docs.microsoft.com/wi
| Windows Components / Internet Explorer / Internet Control Panel / Security Page / Intranet Zone | Java permissions | Enabled: High Safety | Allows you to manage permissions for Java applets. High Safety enables applets to run in their sandbox. Disable Java to prevent any applets from running. |
| Windows Components / Internet Explorer / Internet Control Panel / Security Page / Local Machine Zone | Don't run antimalware programs against ActiveX controls | Disable | Determines whether Internet Explorer runs antimalware programs against ActiveX controls, to check if they're safe to load on pages. |
| Windows Components / Internet Explorer / Internet Control Panel / Security Page / Local Machine Zone | Java permissions | Disable Java | This policy setting allows you to manage permissions for Java applets. If you enable this policy setting, you can choose options from the drop-down box. Custom, to control permissions settings individually. Disable Java to prevent any applets from running. |
-| Windows Components / Internet Explorer / Internet Control Panel / Security Page / Locked-down Internet Zone | Turn on SmartScreen Filter scan | Enable | Controls whether SmartScreen Filter scans pages in this zone for malicious content. |
+| Windows Components / Internet Explorer / Internet Control Panel / Security Page / Locked-down Internet Zone | Turn on SmartScreen Filter scan | Enable | Controls whether Windows Defender SmartScreen scans pages in this zone for malicious content. |
| Windows Components / Internet Explorer / Internet Control Panel / Security Page / Locked-Down Intranet Zone | Java permissions | Disable Java | This policy setting allows you to manage permissions for Java applets. If you enable this policy setting, you can choose options from the drop-down box. Custom, to control permissions settings individually. Disable Java to prevent any applets from running. |
| Windows Components / Internet Explorer / Internet Control Panel / Security Page / Locked-Down Local Machine Zone | Java permissions | Disable Java | This policy setting allows you to manage permissions for Java applets. If you enable this policy setting, you can choose options from the drop-down box. Custom, to control permissions settings individually. Disable Java to prevent any applets from running. |
| Windows Components / Internet Explorer / Internet Control Panel / Security Page / Locked-Down Restricted Sites Zone | Java permissions | Disable Java | This policy setting allows you to manage permissions for Java applets. If you enable this policy setting, you can choose options from the drop-down box. Custom, to control permissions settings individually. Disable Java to prevent any applets from running. |
-| Windows Components / Internet Explorer / Internet Control Panel / Security Page / Locked-Down Restricted Sites Zone | Turn on SmartScreen Filter scan | Enabled: Enable | Controls whether SmartScreen Filter scans pages in this zone for malicious content. |
+| Windows Components / Internet Explorer / Internet Control Panel / Security Page / Locked-Down Restricted Sites Zone | Turn on SmartScreen Filter scan | Enabled: Enable | Controls whether Windows Defender SmartScreen scans pages in this zone for malicious content. |
| Windows Components / Internet Explorer / Internet Control Panel / Security Page / Locked-Down Trusted Sites Zone | Java permissions | Disable Java | Allows you to configure policy settings according to the default for the selected security level, such Low, Medium, or High. |
| Windows Components / Internet Explorer / Internet Control Panel / Security Page / Restricted Sites Zone | Access data sources across domains | Enabled: Disable | This policy setting allows you to manage whether Internet Explorer can access data from another security zone using the Microsoft XML Parser (MSXML) or ActiveX Data Objects (ADO). |
| Windows Components / Internet Explorer / Internet Control Panel / Security Page / Restricted Sites Zone | Allow active scripting | Disable | This policy setting allows you to manage whether script code on pages in the zone is run. |
@@ -286,7 +286,7 @@ Microsoft recommends using [the rings methodology](https://docs.microsoft.com/wi
| Windows Components / Internet Explorer / Internet Control Panel / Security Page / Restricted Sites Zone | Show security warning for potentially unsafe files | Disable | This policy setting controls whether the "Open File - Security Warning" message appears when the user tries to open executable files or other potentially unsafe files (from an intranet file share by using File Explorer, for example). If you disable this policy setting, these files do not open. |
| Windows Components / Internet Explorer / Internet Control Panel / Security Page / Restricted Sites Zone | Turn on Cross-Site Scripting Filter | Enable | Controls whether the Cross-Site Scripting (XSS) Filter will detect and prevent cross-site script injections into websites in this zone. |
| Windows Components / Internet Explorer / Internet Control Panel / Security Page / Restricted Sites Zone | Turn on Protected Mode | Enable | Allows you to turn on Protected Mode. Protected Mode helps protect Internet Explorer from exploited vulnerabilities by reducing the locations that Internet Explorer can write to in the registry and the file system. |
-| Windows Components / Internet Explorer / Internet Control Panel / Security Page / Restricted Sites Zone | Turn on SmartScreen Filter scan | Enabled: Enable | Controls whether SmartScreen Filter scans pages in this zone for malicious content. |
+| Windows Components / Internet Explorer / Internet Control Panel / Security Page / Restricted Sites Zone | Turn on SmartScreen Filter scan | Enabled: Enable | Controls whether Windows Defender SmartScreen scans pages in this zone for malicious content. |
| Windows Components / Internet Explorer / Internet Control Panel / Security Page / Restricted Sites Zone | Use Pop-up Blocker | Enable | Allows you to manage whether unwanted pop-up windows appear. Pop-up windows that are opened when the end user clicks a link are not blocked. |
| Windows Components / Internet Explorer / Internet Control Panel / Security Page / Restricted Sites Zone | Userdata persistence | Disable | This policy setting allows you to manage the preservation of information in the browser's history, in favorites, in an XML store, or directly within a Web page saved to disk. When a user returns to a persisted page, the state of the page can be restored if this policy setting is appropriately configured. |
| Windows Components / Internet Explorer / Internet Control Panel / Security Page / Restricted Sites Zone | Web sites in less privileged Web content zones can navigate into this zone | Disable | This policy setting allows you to manage whether Web sites from less privileged zones, such as Internet sites, can navigate into this zone. |
@@ -304,7 +304,7 @@ Microsoft recommends using [the rings methodology](https://docs.microsoft.com/wi
| Windows Components / Internet Explorer / Security Features / Restrict ActiveX Install | Internet Explorer Processes | Enabled | This policy setting enables blocking of ActiveX control installation prompts for Internet Explorer processes. If you enable this policy setting, prompting for ActiveX control installations will be blocked for Internet Explorer processes. |
| Windows Components / Internet Explorer / Security Features / Restrict File Download | Internet Explorer Processes | Enabled | This policy setting enables blocking of file download prompts that are not user initiated. If you enable this policy setting, file download prompts that are not user initiated will be blocked for Internet Explorer processes. |
| Windows Components / Internet Explorer / Security Features / Scripted Window Security Restrictions | Internet Explorer Processes | Enabled | Internet Explorer allows scripts to programmatically open, resize, and reposition windows of various types. The Window Restrictions security feature restricts popup windows and prohibits scripts from displaying windows in which the title and status bars are not visible to the user or obfuscate other Windows' title and status bars. If you enable this policy setting, popup windows and other restrictions apply for File Explorer and Internet Explorer processes. |
-| Windows Components / Microsoft Edge | Configure Windows Defender SmartScreen | Enabled | Configures whether to turn on Windows Defender SmartScreen. Windows Defender SmartScreen provides warning messages to help protect your employees from potential phishing scams and malicious software. By default, Windows Defender SmartScreen is turned on. If you enable this setting, Windows Defender SmartScreen is turned on and employees can't turn it off. If you disable this setting, Windows Defender SmartScreen is turned off and employees can't turn it on. If you don't configure this setting, employees can choose whether to use Windows Defender SmartScreen. |
+| Windows Components / Microsoft Edge | Configure SmartScreen Filter | Enabled | Configures whether to turn on Windows Defender SmartScreen. Windows Defender SmartScreen provides warning messages to help protect your employees from potential phishing scams and malicious software. By default, Windows Defender SmartScreen is turned on. If you enable this setting, Windows Defender SmartScreen is turned on and employees can't turn it off. If you disable this setting, Windows Defender SmartScreen is turned off and employees can't turn it on. If you don't configure this setting, employees can choose whether to use Windows Defender SmartScreen. |
| Windows Components / Microsoft Edge | Prevent certificate error overrides | Enabled | Web security certificates are used to ensure a site your users go to is legitimate, and in some circumstances encrypts the data. With this policy, you can specify whether to prevent users from bypassing the security warning to sites that have SSL errors. If enabled, overriding certificate errors are not allowed. If disabled or not configured, overriding certificate errors are allowed. |
| Windows Components / Remote Desktop Services / Remote Desktop Connection Client | Do not allow passwords to be saved | Enabled | Controls whether passwords can be saved on this computer from Remote Desktop Connection. |
| Windows Components / Remote Desktop Services / Remote Desktop Session Host / Security | Always prompt for password upon connection | Enabled | This policy setting specifies whether Remote Desktop Services always prompts the client for a password upon connection. You can use this setting to enforce a password prompt for users logging on to Remote Desktop Services, even if they already provided the password in the Remote Desktop Connection client. |
@@ -319,8 +319,8 @@ Microsoft recommends using [the rings methodology](https://docs.microsoft.com/wi
| Windows Components / Windows Defender Antivirus / Real-time Protection | Turn on behavior monitoring | Enabled | Allows you to configure behavior monitoring. |
| Windows Components / Windows Defender Antivirus / Scan | Scan removable drives | Enabled | Allows you to manage whether to scan for malicious software and unwanted software in the contents of removable drives, such as USB flash drives, when running a full scan. |
| Windows Components / Windows Defender Antivirus / Scan | Specify the interval to run quick scans per day | 24 | Allows you to specify an interval at which to perform a quick scan. The time value is represented as the number of hours between quick scans. Valid values range from 1 (every hour) to 24 (once per day). |
-| Windows Components / Windows Defender SmartScreen / Explorer | Configure Windows Defender SmartScreen | [[[main setting]]] = Enabled
Pick one of the following settings = Warn and prevent bypass | Turn Windows Defender SmartScreen on or off. SmartScreen helps protect PCs by warning users before running potentially malicious programs downloaded from the Internet. This warning is presented as an interstitial dialog shown before running an app that has been downloaded from the Internet and is unrecognized or known to be malicious. No dialog is shown for apps that do not appear to be suspicious. Some information is sent to Microsoft about files and programs run on PCs with this feature enabled. If you enable this policy, SmartScreen will be turned on for all users. Its behavior can be controlled by the following options:
- Warn and prevent bypass
- Warn
If you enable this policy with the "Warn and prevent bypass" option, SmartScreen's dialogs will not present the user with the option to disregard the warning and run the app. SmartScreen will continue to show the warning on subsequent attempts to run the app. If you enable this policy with the "Warn" option, SmartScreen's dialogs will warn the user that the app appears suspicious, but will permit the user to disregard the warning and run the app anyway. SmartScreen will not warn the user again for that app if the user tells SmartScreen to run the app. If you disable this policy, SmartScreen will be turned off for all users. Users will not be warned if they try to run suspicious apps from the Internet. If you do not configure this policy, SmartScreen will be enabled by default, but users may change their settings. |
-| Windows Components / Windows Defender SmartScreen / Microsoft Edge | Configure Windows Defender SmartScreen | Enabled | Turn Windows Defender SmartScreen on or off. SmartScreen helps protect PCs by warning users before running potentially malicious programs downloaded from the Internet. This warning is presented as an interstitial dialog shown before running an app that has been downloaded from the Internet and is unrecognized or known to be malicious. No dialog is shown for apps that do not appear to be suspicious. Some information is sent to Microsoft about files and programs run on PCs with this feature enabled. If you enable this policy, SmartScreen will be turned on for all users. |
+| Windows Components / SmartScreen Filter / Explorer | Configure SmartScreen Filter | [[[main setting]]] = Enabled
Pick one of the following settings = Warn and prevent bypass | Turn Windows Defender SmartScreen on or off. Windows Defender SmartScreen helps protect PCs by warning users before running potentially malicious programs downloaded from the Internet. This warning is presented as an interstitial dialog shown before running an app that has been downloaded from the Internet and is unrecognized or known to be malicious. No dialog is shown for apps that do not appear to be suspicious. Some information is sent to Microsoft about files and programs run on PCs with this feature enabled. If you enable this policy, Windows Defender SmartScreen will be turned on for all users. Its behavior can be controlled by the following options:
- Warn and prevent bypass
- Warn
If you enable this policy with the "Warn and prevent bypass" option, Windows Defender SmartScreen's dialogs will not present the user with the option to disregard the warning and run the app. Windows Defender SmartScreen will continue to show the warning on subsequent attempts to run the app. If you enable this policy with the "Warn" option, Windows Defender SmartScreen's dialogs will warn the user that the app appears suspicious, but will permit the user to disregard the warning and run the app anyway. Windows Defender SmartScreen will not warn the user again for that app if the user tells Windows Defender SmartScreen to run the app. If you disable this policy, Windows Defender SmartScreen will be turned off for all users. Users will not be warned if they try to run suspicious apps from the Internet. If you do not configure this policy, Windows Defender SmartScreen will be enabled by default, but users may change their settings. |
+| Windows Components / SmartScreen Filter / Microsoft Edge | Configure SmartScreen Filter | Enabled | Turn Windows Defender SmartScreen on or off. Windows Defender SmartScreen helps protect PCs by warning users before running potentially malicious programs downloaded from the Internet. This warning is presented as an interstitial dialog shown before running an app that has been downloaded from the Internet and is unrecognized or known to be malicious. No dialog is shown for apps that do not appear to be suspicious. Some information is sent to Microsoft about files and programs run on PCs with this feature enabled. If you enable this policy, Windows Defender SmartScreen will be turned on for all users. |
| Windows Components / Windows Ink Workspace | Allow Windows Ink Workspace | On, but disallow access above lock | Allow Windows Ink Workspace |
| Windows Components / Windows Installer | Allow user control over installs | Disabled | Permits users to change installation options that typically are available only to system administrators |
| Windows Components / Windows Installer | Always install with elevated privileges | Disabled | Directs Windows Installer to use elevated permissions when it installs any program on the system |
diff --git a/windows/security/threat-protection/windows-security-configuration-framework/level-2-enterprise-enhanced-security.md b/windows/security/threat-protection/windows-security-configuration-framework/level-2-enterprise-enhanced-security.md
index 3671675351..be492474e1 100644
--- a/windows/security/threat-protection/windows-security-configuration-framework/level-2-enterprise-enhanced-security.md
+++ b/windows/security/threat-protection/windows-security-configuration-framework/level-2-enterprise-enhanced-security.md
@@ -63,8 +63,8 @@ than the process in level 1.
| System / Remote Assistance | Configure Solicited Remote Assistance | - [[[main setting]]] = Disabled
- Maximum ticket time (value) = [[[delete]]]
- Maximum ticket time (units) = [[[delete]]]
- Method for sending email invitations = [[[delete]]]
- Permit remote control of this computer = [[[delete]]] | This policy setting allows you to turn on or turn off Solicited (Ask for) Remote Assistance on this computer. |
| Windows Components / App Privacy | Let Windows apps activate with voice while the system is locked | Force Deny | Specifies whether Windows apps can be activated by voice while the system is locked. If you choose the "User is in control" option, employees in your organization can decide whether users can interact with applications using speech while the system is locked by using Settings > Privacy on the device. If you choose the "Force Allow" option, users can interact with applications using speech while the system is locked and employees in your organization cannot change it. If you choose the "Force Deny" option, users cannot interact with applications using speech while the system is locked and employees in your organization cannot change it. If you disable or do not configure this policy setting, employees in your organization can decide whether users can interact with applications using speech while the system is locked by using Settings > Privacy on the device. This policy is applied to Windows apps and Cortana. It takes precedence of the Allow Cortana above lock policy. This policy is applicable only when Allow voice activation policy is configured to allow applications to be activated with voice. |
| Windows Components / BitLocker Drive Encryption / Removable Data Drives | Deny write access to removable drives not protected by BitLocker | Enabled | This policy setting configures whether BitLocker protection is required for a computer to be able to write data to a removable data drive. If you enable this policy setting, all removable data drives that are not BitLocker-protected will be mounted as read-only. If the drive is protected by BitLocker, it will be mounted with read and write access. If the "Deny write access to devices configured in another organization" option is selected, only drives with identification fields matching the computer's identification fields will be given write access. When a removable data drive is accessed, it will be checked for valid identification field and allowed identification fields. These fields are defined by the "Provide the unique identifiers for your organization" policy setting. If you disable or do not configure this policy setting, all removable data drives on the computer will be mounted with read and write access. Note: This policy setting can be overridden by the policy settings under User Configuration\\Administrative Templates\\System\\Removable Storage Access. If the "Removable Disks: Deny write access" policy setting is enabled, this policy setting will be ignored. |
-| Windows Components / Internet Explorer | Prevent bypassing SmartScreen Filter warnings | Enabled | This policy setting determines whether the user can bypass warnings from SmartScreen Filter. SmartScreen Filter prevents the user from browsing to or downloading from sites that are known to host malicious content. SmartScreen Filter also prevents the execution of files that are known to be malicious. |
-| Windows Components / Internet Explorer | Prevent bypassing SmartScreen Filter warnings about files that are not commonly downloaded from the Internet | Enabled | This policy setting determines whether the user can bypass warnings from SmartScreen Filter. SmartScreen Filter warns the user about executable files that Internet Explorer users do not commonly download from the Internet. |
+| Windows Components / Internet Explorer | Prevent bypassing SmartScreen Filter warnings | Enabled | This policy setting determines whether the user can bypass warnings from Windows Defender SmartScreen. Windows Defender SmartScreen prevents the user from browsing to or downloading from sites that are known to host malicious content. Windows Defender SmartScreen also prevents the execution of files that are known to be malicious. |
+| Windows Components / Internet Explorer | Prevent bypassing SmartScreen Filter warnings about files that are not commonly downloaded from the Internet | Enabled | This policy setting determines whether the user can bypass warnings from Windows Defender SmartScreen. Windows Defender SmartScreen warns the user about executable files that Internet Explorer users do not commonly download from the Internet. |
| Windows Components / Internet Explorer | Prevent per-user installation of ActiveX controls | Enabled | This policy setting allows you to prevent the installation of ActiveX controls on a per-user basis. If you enable this policy setting, ActiveX controls cannot be installed on a per-user basis. |
| Windows Components / Internet Explorer | Security Zones: Do not allow users to add/delete sites | Enabled | Prevents users from adding or removing sites from security zones. A security zone is a group of Web sites with the same security level. If you enable this policy, the site management settings for security zones are disabled. |
| Windows Components / Internet Explorer | Security Zones: Do not allow users to change policies | Enabled | Prevents users from changing security zone settings. A security zone is a group of Web sites with the same security level. If you enable this policy, the Custom Level button and security-level slider on the Security tab in the Internet Options dialog box are disabled. |
@@ -72,7 +72,7 @@ than the process in level 1.
| Windows Components / Internet Explorer | Turn off Crash Detection | Enabled | This policy setting allows you to manage the crash detection feature of add-on Management. If you enable this policy setting, a crash in Internet Explorer will exhibit behavior found in Windows XP Professional Service Pack 1 and earlier, namely, to invoke Windows Error Reporting. All policy settings for Windows Error Reporting continue to apply. |
| Windows Components / Internet Explorer / Internet Control Panel / Security Page / Internet Zone | Download signed ActiveX controls | Disable | This policy setting allows you to manage whether users may download signed ActiveX controls from a page in the zone. |
| Windows Components / Microsoft Edge | Prevent bypassing Windows Defender SmartScreen prompts for files | Enabled | This policy setting lets you decide whether employees can override the Windows Defender SmartScreen warnings about downloading unverified files. If you enable this setting, employees can't ignore Windows Defender SmartScreen warnings and they are blocked from downloading the unverified files. If you disable or don't configure this setting, employees can ignore Windows Defender SmartScreen warnings and continue the download process. |
-| Windows Components / Windows Defender SmartScreen / Microsoft Edge | Prevent bypassing Windows Defender SmartScreen prompts for sites | Enabled | Lets you decide whether employees can override the Windows Defender SmartScreen warnings about potentially malicious websites |
+| Windows Components / SmartScreen Filter / Microsoft Edge | Prevent bypassing SmartScreen Filter prompts for sites | Enabled | Lets you decide whether employees can override the Windows Defender SmartScreen warnings about potentially malicious websites |
| Windows Components / Remote Desktop Services / Remote Desktop | Do not allow drive redirection | Enabled | This policy setting specifies whether to prevent the mapping of client drives in a Remote Desktop Services session (drive redirection). By default, an RD Session Host server maps client drives automatically upon connection. Mapped drives appear in the session folder tree in File Explorer or Computer in the format \ on \. You can use this policy setting to override this behavior. if you enable this policy setting, client drive redirection is not allowed in Remote Desktop Services sessions and Clipboard file copy redirection is not allowed on computers running Windows Server 2003 Windows 8 and Windows XP. If you disable this policy setting client drive redirection is always allowed. In addition, Clipboard file copy redirection is always allowed if Clipboard redirection is allowed. If you do not configure this policy setting client drive redirection and Clipboard file copy redirection are not specified at the Group Policy level. |
| Windows Components / Windows Defender Antivirus | Configure detection for potentially unwanted applications | Enabled: Audit | Enable or disable detection for potentially unwanted applications. You can choose to block, audit, or allow when potentially unwanted software is being downloaded or attempts to install itself on your computer. |
| Windows Components / Windows Game Recording and Broadcasting | Enables or disables Windows Game Recording and Broadcasting | Disabled | This setting enables or disables the Windows Game Recording and Broadcasting features. If you disable this setting, Windows Game Recording will not be allowed. |