From eda883b7c0179d23f75b3f6e8113209f9cabdd4b Mon Sep 17 00:00:00 2001 From: Payge Winfield Date: Tue, 25 Feb 2020 11:21:19 -0800 Subject: [PATCH 01/15] Added FAQ security link to FAQ doc. Also added "Back to list" link to FAQ doc --- devices/hololens/hololens-FAQ.md | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/devices/hololens/hololens-FAQ.md b/devices/hololens/hololens-FAQ.md index 3a194dc014..03bed1bfc3 100644 --- a/devices/hololens/hololens-FAQ.md +++ b/devices/hololens/hololens-FAQ.md @@ -44,6 +44,7 @@ This FAQ addresses the following questions and issues: - [I can't connect to Wi-Fi](#i-cant-connect-to-wi-fi) - [My HoloLens isn't running well, is unresponsive, or won't start](#my-hololens-isnt-running-well-is-unresponsive-or-wont-start) - [HoloLens Management Questions](#hololens-management-questions) +- [HoloLens Security Questions](#hololens-security-questions) - [How do I delete all spaces?](#how-do-i-delete-all-spaces) - [I cannot find or use the keyboard to type in the HoloLens 2 Emulator](#i-cannot-find-or-use-the-keyboard-to-type-in-the-hololens-2-emulator) - [I can't log in to a HoloLens because it was previously set up for someone else](#i-cant-log-in-to-a-hololens-because-it-was-previously-set-up-for-someone-else) @@ -230,6 +231,14 @@ If your device was previously set up for someone else, either a client or former 1. **What logging capabilities are available on HL1 and HL2?** 1. Logging is limited to traces captured in developer/troubleshooting scenarios or telemetry sent to Microsoft servers. +[Back to list](#list) + +## HoloLens Security Questions + +Frequently asked security questions can be found [here](hololens-faq-security.md). + +[Back to list](#list) + ## How do I delete all spaces? *Coming soon* @@ -241,4 +250,3 @@ If your device was previously set up for someone else, either a client or former *Coming soon* [Back to list](#list) - From ec729d063856a6935252d4e065747504f92bda07 Mon Sep 17 00:00:00 2001 From: Payge Winfield Date: Tue, 25 Feb 2020 11:32:08 -0800 Subject: [PATCH 02/15] added additional instructional note to the infastructure doc --- devices/hololens/hololens-commercial-infrastructure.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/devices/hololens/hololens-commercial-infrastructure.md b/devices/hololens/hololens-commercial-infrastructure.md index 757084bb86..476398d791 100644 --- a/devices/hololens/hololens-commercial-infrastructure.md +++ b/devices/hololens/hololens-commercial-infrastructure.md @@ -163,6 +163,8 @@ Directions for upgrading to the commercial suite can be found [here](https://doc 1. Check your app settings 1. Log into your Microsoft Store Business account 1. **Manage > Products and Services > Apps and Software > Select the app you want to sync > Private Store Availability > Select “Everyone” or “Specific Groups”** + >[!NOTE] + >If you don't see the app you want, you will have to "get" the app by searching the store for your app. **Click the "Search" bar in the upper right-hand corner > type in the name of the app > click on the app > select "Get"**. 1. If you do not see your apps in **Intune > Client Apps > Apps** , you may have to [sync your apps](https://docs.microsoft.com/intune/apps/windows-store-for-business#synchronize-apps) again. 1. [Create a device profile for Kiosk mode](https://docs.microsoft.com/intune/configuration/kiosk-settings#create-the-profile) From 3be3280caa840ff5c22dc37f926ce6d94da0b16c Mon Sep 17 00:00:00 2001 From: John Liu <49762389+ShenLanJohn@users.noreply.github.com> Date: Tue, 25 Feb 2020 11:33:53 -0800 Subject: [PATCH 03/15] CAT Auto Pulish for Windows Release Messages - CAT_AutoPublish_20200225102549 (#2135) Co-authored-by: Direesh Kumar Kandakatla --- .../status-windows-10-1607-and-windows-server-2016.yml | 2 -- windows/release-information/status-windows-10-1709.yml | 10 ---------- windows/release-information/status-windows-10-1803.yml | 10 ---------- .../status-windows-10-1809-and-windows-server-2019.yml | 10 ---------- ...status-windows-7-and-windows-server-2008-r2-sp1.yml | 2 -- .../status-windows-server-2008-sp2.yml | 2 -- windows/release-information/windows-message-center.yml | 3 +-- 7 files changed, 1 insertion(+), 38 deletions(-) diff --git a/windows/release-information/status-windows-10-1607-and-windows-server-2016.yml b/windows/release-information/status-windows-10-1607-and-windows-server-2016.yml index a70457e0ab..7aa6de52e5 100644 --- a/windows/release-information/status-windows-10-1607-and-windows-server-2016.yml +++ b/windows/release-information/status-windows-10-1607-and-windows-server-2016.yml @@ -62,7 +62,6 @@ sections: - @@ -109,7 +108,6 @@ sections: - type: markdown text: "
SummaryOriginating updateStatusLast updated
“Reset this PC” feature might fail
“Reset this PC” feature is also called “Push Button Reset” or PBR.

See details >		N/A
February 11, 2020
KB4524244		Mitigated
February 15, 2020
01:22 AM PT
You might encounter issues with KB4524244
You might encounter issues trying to install or after installing KB4524244

See details >		N/A
February 11, 2020
KB4524244		Mitigated
February 15, 2020
01:22 AM PT
Windows may not start on certain Lenovo and Fujitsu laptops with less than 8GB of RAM
Windows may fail to start on certain Lenovo and Fujitsu laptops that have less than 8 GB of RAM.

See details >		OS Build 14393.2608

November 13, 2018
KB4467691		Resolved External
January 23, 2020
02:08 PM PT
TLS connections might fail or timeout
Transport Layer Security (TLS) connections might fail or timeout when connecting or attempting a resumption.

See details >		OS Build 14393.3274

October 08, 2019
KB4519998		Mitigated External
November 05, 2019
03:36 PM PT
Certain operations performed on a Cluster Shared Volume may fail
Operations performed on files or folders on a CSV may fail with the error: STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5).

See details >		OS Build 14393.2724

January 08, 2019
KB4480961		Mitigated
April 25, 2019
02:00 PM PT
Cluster service may fail if the minimum password length is set to greater than 14
The cluster service may fail to start if “Minimum Password Length” is configured with greater than 14 characters.

See details >		OS Build 14393.2639

November 27, 2018
KB4467684		Mitigated
April 25, 2019
02:00 PM PT
-
DetailsOriginating updateStatusHistory
Windows may not start on certain Lenovo and Fujitsu laptops with less than 8GB of RAM
After installing KB4467691, Windows may fail to start on certain Lenovo and Fujitsu laptops that have less than 8 GB of RAM.

Affected platforms:
  • Client: Windows 10, version 1607; Windows 10 Enterprise LTSC 2016
  • Server: Windows Server 2016
Workaround: Restart the affected machine using the Unified Extensible Firmware Interface (UEFI). Disable Secure Boot and then restart.

If BitLocker is enabled on your machine, you may have to go through BitLocker recovery after Secure Boot has been disabled.

Resolution: Lenovo and Fujitsu are aware of this issue. Please contact your OEM to ask if there is a firmware update available for your device.

Back to top		OS Build 14393.2608

November 13, 2018
KB4467691		Resolved External
Last updated:
January 23, 2020
02:08 PM PT

Opened:
November 13, 2018
10:00 AM PT
Cluster service may fail if the minimum password length is set to greater than 14
After installing KB4467684, the cluster service may fail to start with the error \"2245 (NERR_PasswordTooShort)\" if the Group Policy \"Minimum Password Length\" is configured with greater than 14 characters.

Affected platforms:
  • Client: Windows 10, version 1607; Windows 10 Enterprise LTSC 2016
  • Server: Windows Server 2016
Workaround: Set the domain default \"Minimum Password Length\" policy to less than or equal to 14 characters.

Next steps: Microsoft is working on a resolution and will provide an update in an upcoming release.

Back to top		OS Build 14393.2639

November 27, 2018
KB4467684		Mitigated
Last updated:
April 25, 2019
02:00 PM PT

Opened:
November 27, 2018
10:00 AM PT
" diff --git a/windows/release-information/status-windows-10-1709.yml b/windows/release-information/status-windows-10-1709.yml index de65b88d9b..8938c52372 100644 --- a/windows/release-information/status-windows-10-1709.yml +++ b/windows/release-information/status-windows-10-1709.yml @@ -62,7 +62,6 @@ sections: -
SummaryOriginating updateStatusLast updated
“Reset this PC” feature might fail
“Reset this PC” feature is also called “Push Button Reset” or PBR.

See details >		N/A
February 11, 2020
KB4524244		Mitigated
February 15, 2020
01:22 AM PT
You might encounter issues with KB4524244
You might encounter issues trying to install or after installing KB4524244

See details >		N/A
February 11, 2020
KB4524244		Mitigated
February 15, 2020
01:22 AM PT
Unable to create local users in Chinese, Japanese and Korean during device setup
You might be unable to create users in Chinese, Japanese and Korean using Input Method Editor (IME) during OOBE.

See details >		OS Build 16299.1387

September 10, 2019
KB4516066		Resolved
KB4534318		January 23, 2020
02:00 PM PT
TLS connections might fail or timeout
Transport Layer Security (TLS) connections might fail or timeout when connecting or attempting a resumption.

See details >		OS Build 16299.1451

October 08, 2019
KB4520004		Mitigated External
November 05, 2019
03:36 PM PT
Certain operations performed on a Cluster Shared Volume may fail
Operations performed on files or folders on a CSV may fail with the error: STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5).

See details >		OS Build 16299.904

January 08, 2019
KB4480978		Mitigated
April 25, 2019
02:00 PM PT
@@ -94,15 +93,6 @@ sections: " -- title: October 2019 -- items: - - type: markdown - text: " - - -
DetailsOriginating updateStatusHistory
Unable to create local users in Chinese, Japanese and Korean during device setup
When setting up a new Windows device using the Out of Box Experience (OOBE), you might be unable to create a local user when using Input Method Editor (IME). This issue might affect you if you are using the IME for Chinese, Japanese, or Korean languages.

Note This issue does not affect using a Microsoft Account during OOBE.

Affected platforms:
  • Client: Windows 10, version 1909; Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709
  • Server: Windows Server, version 1909; Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709
Resolution: This issue was resolved in KB4534318.

Back to top		OS Build 16299.1387

September 10, 2019
KB4516066		Resolved
KB4534318		Resolved:
January 23, 2020
02:00 PM PT

Opened:
October 29, 2019
05:15 PM PT
- " - - title: January 2019 - items: - type: markdown diff --git a/windows/release-information/status-windows-10-1803.yml b/windows/release-information/status-windows-10-1803.yml index db738bc8ee..1baf22a6b0 100644 --- a/windows/release-information/status-windows-10-1803.yml +++ b/windows/release-information/status-windows-10-1803.yml @@ -66,7 +66,6 @@ sections: -
SummaryOriginating updateStatusLast updated
“Reset this PC” feature might fail
“Reset this PC” feature is also called “Push Button Reset” or PBR.

See details >		N/A
February 11, 2020
KB4524244		Mitigated
February 15, 2020
01:22 AM PT
You might encounter issues with KB4524244
You might encounter issues trying to install or after installing KB4524244

See details >		N/A
February 11, 2020
KB4524244		Mitigated
February 15, 2020
01:22 AM PT
Unable to create local users in Chinese, Japanese and Korean during device setup
You might be unable to create users in Chinese, Japanese and Korean using Input Method Editor (IME) during OOBE.

See details >		OS Build 17134.1006

September 10, 2019
KB4516058		Resolved
KB4534308		January 23, 2020
02:00 PM PT
TLS connections might fail or timeout
Transport Layer Security (TLS) connections might fail or timeout when connecting or attempting a resumption.

See details >		OS Build 17134.1069

October 08, 2019
KB4520008		Mitigated External
November 05, 2019
03:36 PM PT
Certain operations performed on a Cluster Shared Volume may fail
Operations performed on files or folders on a CSV may fail with the error: STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5).

See details >		OS Build 17134.523

January 08, 2019
KB4480966		Mitigated
April 25, 2019
02:00 PM PT
@@ -98,15 +97,6 @@ sections: " -- title: October 2019 -- items: - - type: markdown - text: " - - -
DetailsOriginating updateStatusHistory
Unable to create local users in Chinese, Japanese and Korean during device setup
When setting up a new Windows device using the Out of Box Experience (OOBE), you might be unable to create a local user when using Input Method Editor (IME). This issue might affect you if you are using the IME for Chinese, Japanese, or Korean languages.

Note This issue does not affect using a Microsoft Account during OOBE.

Affected platforms:
  • Client: Windows 10, version 1909; Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709
  • Server: Windows Server, version 1909; Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709
Resolution: This issue was resolved in KB4534308.

Back to top		OS Build 17134.1006

September 10, 2019
KB4516058		Resolved
KB4534308		Resolved:
January 23, 2020
02:00 PM PT

Opened:
October 29, 2019
05:15 PM PT
- " - - title: January 2019 - items: - type: markdown diff --git a/windows/release-information/status-windows-10-1809-and-windows-server-2019.yml b/windows/release-information/status-windows-10-1809-and-windows-server-2019.yml index b1fc3e7ceb..a684f5350f 100644 --- a/windows/release-information/status-windows-10-1809-and-windows-server-2019.yml +++ b/windows/release-information/status-windows-10-1809-and-windows-server-2019.yml @@ -66,7 +66,6 @@ sections: - @@ -99,15 +98,6 @@ sections:
SummaryOriginating updateStatusLast updated
“Reset this PC” feature might fail
“Reset this PC” feature is also called “Push Button Reset” or PBR.

See details >		N/A
February 11, 2020
KB4524244		Mitigated
February 15, 2020
01:22 AM PT
You might encounter issues with KB4524244
You might encounter issues trying to install or after installing KB4524244

See details >		N/A
February 11, 2020
KB4524244		Mitigated
February 15, 2020
01:22 AM PT
Unable to create local users in Chinese, Japanese and Korean during device setup
You might be unable to create users in Chinese, Japanese and Korean using Input Method Editor (IME) during OOBE.

See details >		OS Build 17763.737

September 10, 2019
KB4512578		Resolved
KB4534321		January 23, 2020
02:00 PM PT
TLS connections might fail or timeout
Transport Layer Security (TLS) connections might fail or timeout when connecting or attempting a resumption.

See details >		OS Build 17763.805

October 08, 2019
KB4519338		Mitigated External
November 05, 2019
03:36 PM PT
Devices with some Asian language packs installed may receive an error
Devices with Asian language packs installed may receive the error, \"0x800f0982 - PSFX_E_MATCHING_COMPONENT_NOT_FOUND.\"

See details >		OS Build 17763.437

April 09, 2019
KB4493509		Mitigated
May 03, 2019
10:59 AM PT
Certain operations performed on a Cluster Shared Volume may fail
Operations performed on files or folders on a CSV may fail with the error: STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5).

See details >		OS Build 17763.253

January 08, 2019
KB4480116		Mitigated
April 09, 2019
10:00 AM PT
" -- title: October 2019 -- items: - - type: markdown - text: " - - -
DetailsOriginating updateStatusHistory
Unable to create local users in Chinese, Japanese and Korean during device setup
When setting up a new Windows device using the Out of Box Experience (OOBE), you might be unable to create a local user when using Input Method Editor (IME). This issue might affect you if you are using the IME for Chinese, Japanese, or Korean languages.

Note This issue does not affect using a Microsoft Account during OOBE.

Affected platforms:
  • Client: Windows 10, version 1909; Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709
  • Server: Windows Server, version 1909; Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709
Resolution: This issue was resolved in KB4534321.

Back to top		OS Build 17763.737

September 10, 2019
KB4512578		Resolved
KB4534321		Resolved:
January 23, 2020
02:00 PM PT

Opened:
October 29, 2019
05:15 PM PT
- " - - title: May 2019 - items: - type: markdown diff --git a/windows/release-information/status-windows-7-and-windows-server-2008-r2-sp1.yml b/windows/release-information/status-windows-7-and-windows-server-2008-r2-sp1.yml index d47c63c516..d7e5928590 100644 --- a/windows/release-information/status-windows-7-and-windows-server-2008-r2-sp1.yml +++ b/windows/release-information/status-windows-7-and-windows-server-2008-r2-sp1.yml @@ -62,7 +62,6 @@ sections: -
SummaryOriginating updateStatusLast updated
After installing an update and restarting, you might receive an error
You might receive the error, “Failure to configure Windows updates. Reverting Changes.” or \"Failed\" in Update History.

See details >		February 11, 2020
KB4537820		Resolved
February 12, 2020
05:37 PM PT
Custom wallpaper displays as black
Using a custom image set to \"Stretch\" might not display as expected.

See details >		January 14, 2020
KB4534310		Resolved
KB4539601		February 07, 2020
10:00 AM PT
MSRT might fail to install and be re-offered from Windows Update or WSUS
The November 2019 update for Windows Malicious Software Removal Tool (MSRT) might fail to install from WU/WSUS.

See details >
Resolved
January 23, 2020
02:08 PM PT
TLS connections might fail or timeout
Transport Layer Security (TLS) connections might fail or timeout when connecting or attempting a resumption.

See details >		October 08, 2019
KB4519976		Mitigated External
November 05, 2019
03:36 PM PT
IA64 and x64 devices may fail to start after installing updates
After installing updates released on or after August 13, 2019, IA64 and x64 devices using EFI Boot may fail to start.

See details >		August 13, 2019
KB4512506		Mitigated
August 17, 2019
12:59 PM PT
@@ -98,7 +97,6 @@ sections: - type: markdown text: " -
DetailsOriginating updateStatusHistory
MSRT might fail to install and be re-offered from Windows Update or WSUS
The November 2019 update for Windows Malicious Software Removal Tool (MSRT) might fail to install from Windows Update (WU), Windows Server Update Services (WSUS) or Configuration Manager and might be re-offered. If you use WU or WSUS, you might also receive the following error in the WindowsUpdate.log, “Misc  WARNING: Digital Signatures on file C:\\Windows\\SoftwareDistribution\\Download\\XXXX are not trusted: Error 0x800b0109”. If you use Configuration Manager, you might also receive the following error in the WUAHandler.log, \"Failed to download updates to the WUAgent datastore. Error = 0x800b0109.     WUAHandler   14/11/2019 16:33:23        980 (0x03D4)\". Note All Configuration Manager information also applies to System Center Configuration Manager (SCCM) and Microsoft Endpoint Configuration Manager.

Affected platforms:
  • Client: Windows 7 SP1
  • Server: Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in the December 2019 release of Windows Malicious Software Removal Tool (MSRT).

Back to top
Resolved
Resolved:
January 23, 2020
02:08 PM PT

Opened:
November 15, 2019
05:59 PM PT
TLS connections might fail or timeout
Updates for Windows released October 8, 2019 or later provide protections, tracked by CVE-2019-1318, against an attack that could allow unauthorized access to information or data within TLS connections. This type of attack is known as a man-in-the-middle exploit. Windows might fail to connect to TLS clients and servers that do not support Extended Master Secret for resumption (RFC 7627). Lack of RFC support might cause one or more of the following errors or logged events:
  • \"The request was aborted: Could not create SSL/TLS secure Channel\"
  • SCHANNEL event 36887 is logged in the System event log with the description, \"A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 20.​\"
Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2

Next Steps: Connections between two devices running any supported version of Windows should not have this issue when fully updated. There is no update for Windows needed for this issue. These changes are required to address a security issue and security compliance. For information, see KB4528489.

Back to top		October 08, 2019
KB4519976		Mitigated External
Last updated:
November 05, 2019
03:36 PM PT

Opened:
November 05, 2019
03:36 PM PT
" diff --git a/windows/release-information/status-windows-server-2008-sp2.yml b/windows/release-information/status-windows-server-2008-sp2.yml index 44b16a1a5e..cf035b38eb 100644 --- a/windows/release-information/status-windows-server-2008-sp2.yml +++ b/windows/release-information/status-windows-server-2008-sp2.yml @@ -61,7 +61,6 @@ sections: text: "
This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.

-
SummaryOriginating updateStatusLast updated
After installing an update and restarting, you might receive an error
You might receive the error, “Failure to configure Windows updates. Reverting Changes.” or \"Failed\" in Update History.

See details >		February 11, 2020
KB4537810		Resolved
February 12, 2020
05:37 PM PT
MSRT might fail to install and be re-offered from Windows Update or WSUS
The November 2019 update for Windows Malicious Software Removal Tool (MSRT) might fail to install from WU/WSUS.

See details >
Resolved
January 23, 2020
02:08 PM PT
TLS connections might fail or timeout
Transport Layer Security (TLS) connections might fail or timeout when connecting or attempting a resumption.

See details >		October 08, 2019
KB4520002		Mitigated External
November 05, 2019
03:36 PM PT
" @@ -87,7 +86,6 @@ sections: - type: markdown text: " -
DetailsOriginating updateStatusHistory
MSRT might fail to install and be re-offered from Windows Update or WSUS
The November 2019 update for Windows Malicious Software Removal Tool (MSRT) might fail to install from Windows Update (WU), Windows Server Update Services (WSUS) or Configuration Manager and might be re-offered. If you use WU or WSUS, you might also receive the following error in the WindowsUpdate.log, “Misc  WARNING: Digital Signatures on file C:\\Windows\\SoftwareDistribution\\Download\\XXXX are not trusted: Error 0x800b0109”. If you use Configuration Manager, you might also receive the following error in the WUAHandler.log, \"Failed to download updates to the WUAgent datastore. Error = 0x800b0109.     WUAHandler   14/11/2019 16:33:23        980 (0x03D4)\". Note All Configuration Manager information also applies to System Center Configuration Manager (SCCM) and Microsoft Endpoint Configuration Manager.

Affected platforms:
  • Client: Windows 7 SP1
  • Server: Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in the December 2019 release of Windows Malicious Software Removal Tool (MSRT).

Back to top
Resolved
Resolved:
January 23, 2020
02:08 PM PT

Opened:
November 15, 2019
05:59 PM PT
TLS connections might fail or timeout
Updates for Windows released October 8, 2019 or later provide protections, tracked by CVE-2019-1318, against an attack that could allow unauthorized access to information or data within TLS connections. This type of attack is known as a man-in-the-middle exploit. Windows might fail to connect to TLS clients and servers that do not support Extended Master Secret for resumption (RFC 7627). Lack of RFC support might cause one or more of the following errors or logged events:
  • \"The request was aborted: Could not create SSL/TLS secure Channel\"
  • SCHANNEL event 36887 is logged in the System event log with the description, \"A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 20.​\"
Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2

Next Steps: Connections between two devices running any supported version of Windows should not have this issue when fully updated. There is no update for Windows needed for this issue. These changes are required to address a security issue and security compliance. For information, see KB4528489.

Back to top		October 08, 2019
KB4520002		Mitigated External
Last updated:
November 05, 2019
03:36 PM PT

Opened:
November 05, 2019
03:36 PM PT
" diff --git a/windows/release-information/windows-message-center.yml b/windows/release-information/windows-message-center.yml index 30fd3229a9..1393cd0b82 100644 --- a/windows/release-information/windows-message-center.yml +++ b/windows/release-information/windows-message-center.yml @@ -50,6 +50,7 @@ sections: text: " + @@ -82,8 +83,6 @@ sections: - -
MessageDate
February 2020 Windows \"C\" optional release is available.
The February 2020 optional monthly “C” release for all supported versions of Windows prior to Windows 10, version 1903 is now available. For more information on the different types of monthly quality updates, see our Windows 10 update servicing cadence primer. Follow @WindowsUpdate for the latest on the availability of this release.
February 25, 2020
08:00 AM PT
Status of February 2020 “C” release
The optional monthly “C” release for February 2020 for all supported versions of Windows and Windows Server prior to Windows 10, version 1903 and Windows Server, version 1903 will be available in the near term. For more information on the different types of monthly quality updates, see our Windows 10 update servicing cadence primer. Follow @WindowsUpdate for the latest on the availability of this release.
February 21, 2020
12:00 PM PT
Compatibility issue with some Windows Server container images
If you are encountering issues with Windows Server container images, please see KB4542617.
February 13, 2020
03:21 PM PT
Take action: February 2020 security update available for all supported versions of Windows
The February 2020 security update release, referred to as our “B” release, is now available for Windows 10, version 1909 and all supported versions of Windows. We recommend that you install these updates promptly. For more information on the different types of monthly quality updates, see our Windows 10 update servicing cadence primer. To be informed about the latest updates and releases, follow us on Twitter @WindowsUpdate.
February 11, 2020
08:00 AM PT
Status update: Windows 10, version 1903 \"D\" optional release available August 30th
The August optional monthly “D” release for Windows 10, version 1903 is now available. Follow @WindowsUpdate for the latest on the availability of this release.
August 30, 2019
08:00 AM PT
Feature update install notification on Windows 10, version 1809 (the October 2018 Update)
We've had reports on August 29th that some customers running Windows 10, version 1809 (the October 2018 Update) have received notification to install the latest feature update (version 1903) early. Updating remains in your control. To install the update, you must select one of the following options: \"Pick a Time\", \"Restart Tonight,\" or \"Restart Now\". If you are not ready to update at this time, simply dismiss the notification by clicking the arrow in the top right corner. If you have updated to Windows 10, version 1903 and would like to go back to your previous version, see the instructions here.
August 29, 2019
04:39 PM PT
Take Action: Internet Explorer 11 now available on Windows Update/WSUS for Windows Server 2012 and Windows Embedded 8 Standard
Internet Explorer 11 (KB 4492872) is now available via Windows Update (WU) and Windows Server Update Services (WSUS) for commercial customers running Windows Server 2012 and Windows Embedded 8 Standard. For details about these changes and end of support for IE10, please refer to the IT Pro blog
August 29, 2019
08:00 AM PT
Take action: SHA-2 code signing support guidance for Windows 7 SP1 and Windows Server 2008 RS2 SP1
Windows 7 SP1 and Windows Server 2008 R2 SP1 update signatures are now SHA-2 based signatures and requires that SHA-2 support to be installed. For important customer guidance on installation and troubleshooting tips, please read the knowledge base article 2019 SHA-2 Code Signing Support requirement for Windows and WSUS.
August 23, 2019
03:35 PM PT
Take action: Windows 10, version 1703 (the Windows 10 Creators Update) reaches end of life on October 9, 2019
The Enterprise and Education editions of Windows 10, version 1703 (the Windows 10 Creators Update) will reach end of life on October 9, 2019. The Home, Pro, Pro for Workstations, and IoT Core editions reached end of service on October 8, 2018.

There is no extended support available for any edition of Windows 10, version 1703. Therefore, it will no longer be supported after October 9, 2019 and will not receive monthly security and quality updates containing protections from the latest security threats.

To continue receiving security and quality updates, Microsoft recommends that you update your devices to the latest version of Windows 10. For more information on end of service dates and currently supported versions of Windows 10, see the Windows lifecycle fact sheet.
August 23, 2019
02:17 PM PT
Windows 10, version 1903 rollout begins
The Windows 10 May 2019 Update (Windows 10, version 1903) is available today to commercial customers via Windows Server Update Services (WSUS), Windows Update for Business, and the Volume Licensing Service Center (VLSC)—and to end users who manually select “Check for updates.” We are slowly throttling up availability while we carefully monitor data and feedback.		May 21, 2019
10:00 AM PT
" From 0bde1c9b95677a856edfe4e1d14484bddedf6750 Mon Sep 17 00:00:00 2001 From: Teresa-Motiv Date: Tue, 25 Feb 2020 11:53:46 -0800 Subject: [PATCH 04/15] Correction --- .../troubleshoot-stop-error-on-broadcom-driver-update.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/client-management/troubleshoot-stop-error-on-broadcom-driver-update.md b/windows/client-management/troubleshoot-stop-error-on-broadcom-driver-update.md index 6092ae3bc8..fb99d5d919 100644 --- a/windows/client-management/troubleshoot-stop-error-on-broadcom-driver-update.md +++ b/windows/client-management/troubleshoot-stop-error-on-broadcom-driver-update.md @@ -23,7 +23,7 @@ This issue affects computers that meet the following criteria: - The network adapter is a Broadcom NX1 Gigabit Ethernet network adapter. - The number of logical processors is large (for example, a computer that has more than 38 logical processors). -On such a computer, when you update the in-box Broadcom network adapter driver to a later version, the computer experiences a Stop error (also known as a blue screen error or bug check error). +On such a computer, when you update the in-box Broadcom network adapter driver to a later version or when you install the Intel chipset driver, the computer experiences a Stop error (also known as a blue screen error or bug check error). ## Cause From 4c9bcfed700bd173597cf1cbad2b7e891e6b4ed2 Mon Sep 17 00:00:00 2001 From: AmitEnoch <45037036+AmitEnoch@users.noreply.github.com> Date: Tue, 25 Feb 2020 22:03:45 +0200 Subject: [PATCH 05/15] [device tags] Update mac-preferences * Added usage example for Device tags * Added more description for the tag usage. --- .../microsoft-defender-atp/mac-preferences.md | 26 +++++++++++++++++++ 1 file changed, 26 insertions(+) diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-preferences.md b/windows/security/threat-protection/microsoft-defender-atp/mac-preferences.md index 315ec0f230..fe70932641 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/mac-preferences.md +++ b/windows/security/threat-protection/microsoft-defender-atp/mac-preferences.md @@ -325,6 +325,8 @@ Specify whether to enable EDR early preview features. Specify a tag name and its value. +- The GROUP tag, tags the machine with the specified value, this tag is reflected in the portal under machine page and can be used for filtering and groupping machines. + ||| |:---|:---| | **Domain** | `com.microsoft.wdav` | @@ -569,6 +571,18 @@ The following configuration profile contains entries for all settings described automaticSampleSubmission + edr + + tags + + + key + GROUP + value + ExampleTag + + + userInterface hideStatusMenuIcon @@ -695,6 +709,18 @@ The following configuration profile contains entries for all settings described automaticSampleSubmission + edr + + tags + + + key + GROUP + value + ExampleTag + + + userInterface hideStatusMenuIcon From b10a8fcf7e77017231a0effdc45a1a865d39dabe Mon Sep 17 00:00:00 2001 From: AmitEnoch <45037036+AmitEnoch@users.noreply.github.com> Date: Tue, 25 Feb 2020 22:07:28 +0200 Subject: [PATCH 06/15] Update mac-preferences.md --- .../threat-protection/microsoft-defender-atp/mac-preferences.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-preferences.md b/windows/security/threat-protection/microsoft-defender-atp/mac-preferences.md index fe70932641..eab8001eb6 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/mac-preferences.md +++ b/windows/security/threat-protection/microsoft-defender-atp/mac-preferences.md @@ -325,7 +325,7 @@ Specify whether to enable EDR early preview features. Specify a tag name and its value. -- The GROUP tag, tags the machine with the specified value, this tag is reflected in the portal under machine page and can be used for filtering and groupping machines. +- The GROUP tag, tags the machine with the specified value. The tag is reflected in the portal under the machine page and can be used for filtering and grouping machines. ||| |:---|:---| From d5445e8f07a8b416bc656b22d8c5989d806ab440 Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Tue, 25 Feb 2020 12:25:25 -0800 Subject: [PATCH 07/15] Update linux-install-manually.md https://github.com/MicrosoftDocs/windows-itpro-docs/issues/6117 --- .../linux-install-manually.md | 67 +++++++++++-------- 1 file changed, 38 insertions(+), 29 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/linux-install-manually.md b/windows/security/threat-protection/microsoft-defender-atp/linux-install-manually.md index 24930516c6..f58a697cb3 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/linux-install-manually.md +++ b/windows/security/threat-protection/microsoft-defender-atp/linux-install-manually.md @@ -24,7 +24,7 @@ ms.topic: conceptual - [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP) for Linux](microsoft-defender-atp-linux.md) -This topic describes how to deploy Microsoft Defender ATP for Linux manually. A successful deployment requires the completion of all of the following tasks: +This article describes how to deploy Microsoft Defender ATP for Linux manually. A successful deployment requires the completion of all of the following tasks: - [Configure the Linux software repository](#configure-the-linux-software-repository) - [Application installation](#application-installation) @@ -33,7 +33,7 @@ This topic describes how to deploy Microsoft Defender ATP for Linux manually. A ## Prerequisites and system requirements -Before you get started, see [the main Microsoft Defender ATP for Linux page](microsoft-defender-atp-linux.md) for a description of prerequisites and system requirements for the current software version. +Before you get started, see [Microsoft Defender ATP for Linux](microsoft-defender-atp-linux.md) for a description of prerequisites and system requirements for the current software version. ## Configure the Linux software repository @@ -53,26 +53,29 @@ In order to preview new features and provide early feedback, it is recommended t > In case of Oracle EL and CentOS 8, replace *[distro]* with “rhel”. ```bash - $ sudo yum-config-manager --add-repo=https://packages.microsoft.com/config/[distro]/[version]/[channel].repo + sudo yum-config-manager --add-repo=https://packages.microsoft.com/config/[distro]/[version]/[channel].repo ``` For example, if you are running CentOS 7 and wish to deploy MDATP for Linux from the *insider-fast* channel: ```bash - $ sudo yum-config-manager --add-repo=https://packages.microsoft.com/config/centos/7/insiders-fast.repo + sudo yum-config-manager --add-repo=https://packages.microsoft.com/config/centos/7/insiders-fast.repo ``` - Install the Microsoft GPG public key: ```bash - $ curl https://packages.microsoft.com/keys/microsoft.asc > microsoft.asc - $ sudo rpm --import microsoft.asc + curl https://packages.microsoft.com/keys/microsoft.asc > microsoft.asc + ``` + + ```bash + sudo rpm --import microsoft.asc ``` - Download and make usable all the metadata for the currently enabled yum repositories: ```bash - $ yum makecache + yum makecache ``` ### SLES and variants @@ -82,20 +85,23 @@ In order to preview new features and provide early feedback, it is recommended t In the following commands, replace *[distro]* and *[version]* with the information you've identified: ```bash - $ sudo zypper addrepo -c -f -n microsoft-[channel] https://packages.microsoft.com/config/[distro]/[version]/[channel].repo + sudo zypper addrepo -c -f -n microsoft-[channel] https://packages.microsoft.com/config/[distro]/[version]/[channel].repo ``` For example, if you are running SLES 12 and wish to deploy MDATP for Linux from the *insider-fast* channel: ```bash - $ sudo zypper addrepo -c -f -n microsoft-insiders-fast https://packages.microsoft.com/config/sles/12/insiders-fast.repo + sudo zypper addrepo -c -f -n microsoft-insiders-fast https://packages.microsoft.com/config/sles/12/insiders-fast.repo ``` - Install the Microsoft GPG public key: ```bash - $ curl https://packages.microsoft.com/keys/microsoft.asc > microsoft.asc - $ rpm --import microsoft.asc + curl https://packages.microsoft.com/keys/microsoft.asc > microsoft.asc + ``` + + ```bash + rpm --import microsoft.asc ``` ### Ubuntu and Debian systems @@ -103,7 +109,7 @@ In order to preview new features and provide early feedback, it is recommended t - Install `curl` if it is not already installed: ```bash - $ sudo apt-get install curl + sudo apt-get install curl ``` - Note your distribution and version, and identify the closest entry for it under `https://packages.microsoft.com/config`. @@ -111,45 +117,48 @@ In order to preview new features and provide early feedback, it is recommended t In the below command, replace *[distro]* and *[version]* with the information you've identified: ```bash - $ curl -o microsoft.list https://packages.microsoft.com/config/[distro]/[version]/[channel].list + curl -o microsoft.list https://packages.microsoft.com/config/[distro]/[version]/[channel].list ``` For example, if you are running Ubuntu 18.04 and wish to deploy MDATP for Linux from the *insider-fast* channel: ```bash - $ curl -o microsoft.list https://packages.microsoft.com/config/ubuntu/18.04/insiders-fast.list + curl -o microsoft.list https://packages.microsoft.com/config/ubuntu/18.04/insiders-fast.list ``` - Install the repository configuration: ```bash - $ sudo mv ./microsoft.list /etc/apt/sources.list.d/microsoft-[channel].list + sudo mv ./microsoft.list /etc/apt/sources.list.d/microsoft-[channel].list ``` - Install the gpg package if not already installed: ```bash - $ sudo apt-get install gpg + sudo apt-get install gpg ``` - Install the Microsoft GPG public key: ```bash - $ curl https://packages.microsoft.com/keys/microsoft.asc | gpg --dearmor > microsoft.gpg - $ sudo mv microsoft.gpg /etc/apt/trusted.gpg.d/ + curl https://packages.microsoft.com/keys/microsoft.asc | gpg --dearmor > microsoft.gpg + ``` + + ```bash + sudo mv microsoft.gpg /etc/apt/trusted.gpg.d/ ``` - Install the https driver if it's not already present: ```bash - $ sudo apt-get install apt-transport-https + sudo apt-get install apt-transport-https ``` - Update the repository metadata: ```bash - $ sudo apt-get update + sudo apt-get update ``` ## Application installation @@ -186,11 +195,11 @@ Download the onboarding package from Microsoft Defender Security Center: Extract the contents of the archive: ```bash - $ ls -l + ls -l total 8 -rw-r--r-- 1 test staff 5752 Feb 18 11:22 WindowsDefenderATPOnboardingPackage.zip - $ unzip WindowsDefenderATPOnboardingPackage.zip + unzip WindowsDefenderATPOnboardingPackage.zip Archive: WindowsDefenderATPOnboardingPackage.zip inflating: WindowsDefenderATPOnboarding.py ``` @@ -202,26 +211,26 @@ Download the onboarding package from Microsoft Defender Security Center: Initially the client machine is not associated with an organization. Note that the *orgId* attribute is blank: ```bash - $ mdatp --health orgId + mdatp --health orgId ``` 2. Run WindowsDefenderATPOnboarding.py, and note that, in order to run this command, you must have `python` installed on the device: ```bash - $ python WindowsDefenderATPOnboarding.py + python WindowsDefenderATPOnboarding.py ``` 3. Verify that the machine is now associated with your organization and reports a valid organization identifier: ```bash - $ mdatp --health orgId + mdatp --health orgId [your organization identifier] ``` 4. A few minutes after you complete the installation, you can see the status by running the following command. A return value of `1` denotes that the product is functioning as expected: ```bash - $ mdatp --health healthy + mdatp --health healthy 1 ``` @@ -230,20 +239,20 @@ Download the onboarding package from Microsoft Defender Security Center: - Ensure that real-time protection is enabled (denoted by a result of `1` from running the following command): ```bash - $ mdatp --health realTimeProtectionEnabled + mdatp --health realTimeProtectionEnabled 1 ``` - Open a Terminal window. Copy and execute the following command: ``` bash - $ curl -o ~/Downloads/eicar.com.txt http://www.eicar.org/download/eicar.com.txt + curl -o ~/Downloads/eicar.com.txt http://www.eicar.org/download/eicar.com.txt ``` - The file should have been quarantined by Microsoft Defender ATP for Linux. Use the following command to list all the detected threats: ```bash - $ mdatp --threat --list --pretty + mdatp --threat --list --pretty ``` ## Log installation issues From 4a9c37eaff8ceb3797f38a07a3d7b7a1a5191268 Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Tue, 25 Feb 2020 12:39:17 -0800 Subject: [PATCH 08/15] Update mac-preferences.md --- .../threat-protection/microsoft-defender-atp/mac-preferences.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-preferences.md b/windows/security/threat-protection/microsoft-defender-atp/mac-preferences.md index eab8001eb6..84b0a77870 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/mac-preferences.md +++ b/windows/security/threat-protection/microsoft-defender-atp/mac-preferences.md @@ -24,7 +24,7 @@ ms.topic: conceptual - [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP) for Mac](microsoft-defender-atp-mac.md) >[!IMPORTANT] ->This article contains instructions for how to set preferences for Microsoft Defender ATP for Mac in enterprise organizations. To configure Microsoft Defender ATP for Mac using the command-line interface, see the [Resources](mac-resources.md#configuring-from-the-command-line) page. +>This article contains instructions for how to set preferences for Microsoft Defender ATP for Mac in enterprise organizations. To configure Microsoft Defender ATP for Mac using the command-line interface, see [Resources](mac-resources.md#configuring-from-the-command-line). ## Summary From 18c543b90f497387a57a8a83a76c3cd8515cabcc Mon Sep 17 00:00:00 2001 From: Payge Winfield Date: Tue, 25 Feb 2020 13:27:08 -0800 Subject: [PATCH 09/15] Rearranged order of steps in --- devices/hololens/hololens-requirements.md | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/devices/hololens/hololens-requirements.md b/devices/hololens/hololens-requirements.md index 139648349b..cfc6da7a4d 100644 --- a/devices/hololens/hololens-requirements.md +++ b/devices/hololens/hololens-requirements.md @@ -33,6 +33,14 @@ This document also assumes that the HoloLens has been evaluated by security team Before deploying the HoloLens in your environment, it is important to first determine what features, apps, and type of identities are needed. It is also important to ensure that your security team has approved of the use of the HoloLens on the company's network. Please see [Frequently ask security questions](hololens-faq-security.md) for additional security information. +### Type of identity + +Determine the type of identity that will be used to sign into the device. + +1. **Local Accounts:** This account is local to the device (like a local admin account on a windows PC). This will allow only 1 user to log into the device. +2. **MSA:** This is a personal account (like outlook, hotmail, gmail, yahoo, etc.) This will allow only 1 user to log into the device. +3. **Azure Active Directory (Azure AD) accounts:** This is an account created in Azure AD. This grants your corporation the ability to manage the HoloLens device. This will allow multiple users to log into the HoloLens 1st Gen Commercial Suite/the HoloLens 2 device. + ### Type of Features Your feature requirements will determine which HoloLens you need. One popular feature that we see deployed in customer environments frequently is Kiosk Mode. A list of HoloLens key features, and the editions of HoloLens that support them, can be found [here](hololens-commercial-features.md). @@ -66,18 +74,10 @@ The majority of the steps found in this document will also apply to the followin 2. Guides 3. Customer Apps -### Type of identity - -Determine the type of identity that will be used to sign into the device. - -1. **Local Accounts:** This account is local to the device (like a local admin account on a windows PC). This will allow only 1 user to log into the device. -2. **MSA:** This is a personal account (like outlook, hotmail, gmail, yahoo, etc.) This will allow only 1 user to log into the device. -3. **Azure Active Directory (Azure AD) accounts:** This is an account created in Azure AD. This grants your corporation the ability to manage the HoloLens device. This will allow multiple users to log into the HoloLens 1st Gen Commercial Suite/the HoloLens 2 device. - ### Determine your enrollment method 1. Bulk enrollment with a security token in a provisioning package. - Pros: this is the most automated approach + Pros: this is the most automated approach k Cons: takes initial server-side setup 1. Auto-enroll on user sign in. Pros: easiest approach From 944a9af082de3b4b537f23350dbe7da062a39b59 Mon Sep 17 00:00:00 2001 From: Gary Moore Date: Tue, 25 Feb 2020 13:55:56 -0800 Subject: [PATCH 10/15] Deleted "k", hoping for a line break --- devices/hololens/hololens-requirements.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/devices/hololens/hololens-requirements.md b/devices/hololens/hololens-requirements.md index cfc6da7a4d..b536f6426d 100644 --- a/devices/hololens/hololens-requirements.md +++ b/devices/hololens/hololens-requirements.md @@ -77,7 +77,7 @@ The majority of the steps found in this document will also apply to the followin ### Determine your enrollment method 1. Bulk enrollment with a security token in a provisioning package. - Pros: this is the most automated approach k + Pros: this is the most automated approach Cons: takes initial server-side setup 1. Auto-enroll on user sign in. Pros: easiest approach From d8b3fffac8f8b5522ec931c5eb52dd25c8425019 Mon Sep 17 00:00:00 2001 From: Joey Caparas Date: Tue, 25 Feb 2020 14:00:17 -0800 Subject: [PATCH 11/15] add video --- .../microsoft-defender-atp/microsoft-defender-atp-linux.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-linux.md b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-linux.md index 6497259a59..1ce2e65c36 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-linux.md +++ b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-linux.md @@ -26,6 +26,8 @@ This topic describes how to install, configure, update, and use Microsoft Defend > Running other third-party endpoint protection products alongside Microsoft Defender ATP for Linux is likely to cause performance problems and unpredictable system errors. +> [!VIDEO https://www.microsoft.com/en-us/videoplayer/embed/RE4q3yP] + ## How to install Microsoft Defender ATP for Linux ### Prerequisites From f0128f599efe23a433e89d0b58653ae8109cd953 Mon Sep 17 00:00:00 2001 From: Gary Moore Date: Tue, 25 Feb 2020 14:19:07 -0800 Subject: [PATCH 12/15] Trying to fix a line break MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit I don't know why the second and third item under "Determine your enrollment method" doesn't seem to need a line break to be specified, but the first item apparently needs one—added now. --- devices/hololens/hololens-requirements.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/devices/hololens/hololens-requirements.md b/devices/hololens/hololens-requirements.md index b536f6426d..6c370939da 100644 --- a/devices/hololens/hololens-requirements.md +++ b/devices/hololens/hololens-requirements.md @@ -77,7 +77,7 @@ The majority of the steps found in this document will also apply to the followin ### Determine your enrollment method 1. Bulk enrollment with a security token in a provisioning package. - Pros: this is the most automated approach + Pros: this is the most automated approach\ Cons: takes initial server-side setup 1. Auto-enroll on user sign in. Pros: easiest approach From 53698ae3bbcaf20c07f391718b634ddd36daef62 Mon Sep 17 00:00:00 2001 From: Gary Moore Date: Tue, 25 Feb 2020 14:39:23 -0800 Subject: [PATCH 13/15] Try to indent code blocks in second-level list items --- .../linux-install-manually.md | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/linux-install-manually.md b/windows/security/threat-protection/microsoft-defender-atp/linux-install-manually.md index f58a697cb3..37657f8f60 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/linux-install-manually.md +++ b/windows/security/threat-protection/microsoft-defender-atp/linux-install-manually.md @@ -238,22 +238,22 @@ Download the onboarding package from Microsoft Defender Security Center: - Ensure that real-time protection is enabled (denoted by a result of `1` from running the following command): - ```bash - mdatp --health realTimeProtectionEnabled - 1 + ```bash + mdatp --health realTimeProtectionEnabled + 1 ``` - Open a Terminal window. Copy and execute the following command: - ``` bash - curl -o ~/Downloads/eicar.com.txt http://www.eicar.org/download/eicar.com.txt - ``` + ``` bash + curl -o ~/Downloads/eicar.com.txt http://www.eicar.org/download/eicar.com.txt + ``` - The file should have been quarantined by Microsoft Defender ATP for Linux. Use the following command to list all the detected threats: - ```bash - mdatp --threat --list --pretty - ``` + ```bash + mdatp --threat --list --pretty + ``` ## Log installation issues From 255cdb8346354a4cbdc462ea9e1ffc808e5952d2 Mon Sep 17 00:00:00 2001 From: Gary Moore Date: Tue, 25 Feb 2020 14:46:38 -0800 Subject: [PATCH 14/15] Indenting a code block in a list item --- .../microsoft-defender-atp/microsoft-defender-atp-linux.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-linux.md b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-linux.md index 1ce2e65c36..333d426aa0 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-linux.md +++ b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-linux.md @@ -41,9 +41,9 @@ This topic describes how to install, configure, update, and use Microsoft Defend - Logged on users do not appear in the ATP portal. - In SUSE distributions, if the installation of *libatomic1* fails, you should validate that your OS is registered: -```bash -$ sudo SUSEConnect --status-text -``` + ```bash + $ sudo SUSEConnect --status-text + ``` ### Installation instructions From 28cc6f4cdbd23c78707634a83dcfd13e04fd2aa4 Mon Sep 17 00:00:00 2001 From: Gary Moore Date: Tue, 25 Feb 2020 14:52:39 -0800 Subject: [PATCH 15/15] Second fix-up (indented backticks) --- .../microsoft-defender-atp/linux-install-manually.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/linux-install-manually.md b/windows/security/threat-protection/microsoft-defender-atp/linux-install-manually.md index 37657f8f60..79bae6b394 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/linux-install-manually.md +++ b/windows/security/threat-protection/microsoft-defender-atp/linux-install-manually.md @@ -241,7 +241,7 @@ Download the onboarding package from Microsoft Defender Security Center: ```bash mdatp --health realTimeProtectionEnabled 1 - ``` + ``` - Open a Terminal window. Copy and execute the following command: