From 907db156baedc473bc5116cb2dbd27d9531cd6b9 Mon Sep 17 00:00:00 2001
From: Brian Lich <brianlic@microsoft.com>
Date: Fri, 20 May 2016 15:22:54 -0700
Subject: [PATCH 01/32] first draft for review

---
 windows/keep-secure/TOC.md | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/windows/keep-secure/TOC.md b/windows/keep-secure/TOC.md
index 56f8c27db1..ab0867bbe6 100644
--- a/windows/keep-secure/TOC.md
+++ b/windows/keep-secure/TOC.md
@@ -25,6 +25,9 @@
 ### [General guidance and best practices for enterprise data protection (EDP)](guidance-and-best-practices-edp.md)
 #### [Enlightened apps for use with enterprise data protection (EDP)](enlightened-microsoft-apps-and-edp.md)
 #### [Testing scenarios for enterprise data protection (EDP)](testing-scenarios-for-edp.md)
+## [Use security baselines in your organization](security-baselines.md)
+### [Windows 10 security baselines](windows-10-security-baselines.md)
+### [Windows Server security baselines](windows-server-security-baselines.md)
 ## [Use Windows Event Forwarding to help with intrusion detection](use-windows-event-forwarding-to-assist-in-instrusion-detection.md)
 ## [VPN profile options](vpn-profile-options.md)
 ## [Security technologies](security-technologies.md)
@@ -406,7 +409,6 @@
 #### [Minimum requirements](minimum-requirements-windows-defender-advanced-threat-protection.md)
 #### [Data storage and privacy](data-storage-privacy-windows-defender-advanced-threat-protection.md)
 #### [Onboard endpoints and set up access](onboard-configure-windows-defender-advanced-threat-protection.md)
-<!--##### [Service onboarding](service-onboarding-windows-defender-advanced-threat-protection.md)-->
 ##### [Configure endpoints](configure-endpoints-windows-defender-advanced-threat-protection.md)
 ##### [Configure proxy and Internet settings](configure-proxy-internet-windows-defender-advanced-threat-protection.md)
 ##### [Additional configuration settings](additional-configuration-windows-defender-advanced-threat-protection.md)

From 617ef4a2975bfb78216229b51f11b7b1fe0696cf Mon Sep 17 00:00:00 2001
From: Brian Lich <brianlic@microsoft.com>
Date: Fri, 20 May 2016 15:23:08 -0700
Subject: [PATCH 02/32] first draft for review

---
 windows/keep-secure/security-baselines.md     | 70 +++++++++++++++++++
 .../windows-10-security-baselines.md          | 37 ++++++++++
 .../windows-server-security-baselines.md      | 56 +++++++++++++++
 3 files changed, 163 insertions(+)
 create mode 100644 windows/keep-secure/security-baselines.md
 create mode 100644 windows/keep-secure/windows-10-security-baselines.md
 create mode 100644 windows/keep-secure/windows-server-security-baselines.md

diff --git a/windows/keep-secure/security-baselines.md b/windows/keep-secure/security-baselines.md
new file mode 100644
index 0000000000..e8d268ffdb
--- /dev/null
+++ b/windows/keep-secure/security-baselines.md
@@ -0,0 +1,70 @@
+---
+title: Use security baselines in your organization (Windows 10)
+description: Use this topic to learn what security baselines are and how you can use them in your organization to help keep your devices secure.
+ms.prod: W10
+ms.mktglfcycl: deploy
+ms.sitesec: library
+ms.pagetype: security
+author: brianlic-msft
+---
+
+# Use security baselines in your organization
+
+**Applies to**
+-   Windows 10
+-   Windows Server 2016 Technical Preview
+-   Windows Server 2012 R2
+
+Microsoft is dedicated to provide our customers with a secure operating system, such as Windows 10 and Windows Server, as well as secure apps, such as Microsoft Office. In addition to the security assurance of its products, Microsoft also enables you to have fine control of your environments by providing various configuration capabilities. Even though Windows and Windows Server is designed to be secure out-of-the-box, a large number of organizations still want a higher level of security. Therefore, organizations need guidance on how to best use the security features.
+
+Microsoft security baselines give organizations the security guidance they need to protect their devices and apps.  
+ 
+<!-- ## How do you manage apps and devices?
+
+Before you can apply a security baseline, you should determine how apps and devices are managed within your organization. Knowing this helps you identify the role security baselines play in your organization. 
+
+Windows 10 is more manageable than previous versions of Windows in the following ways:
+
+- Provides more management granularity, which allows you to have finer control over the Windows user experience and security.
+- Allows you to use a wide variety of management solutions, such as Mobile Device Management (MDM) services, provisioning packages, Exchange ActiveSync, System Center Configuration Manager, Windows Management Instrumentation (WMI), and Group Policy. 
+
+![Windows management architecture](images/windows-management-architecture.png)
+
+*Figure 1 Windows 10 management architecture*
+
+Historically, Microsoft customers have used Group Policy, System Center Configuration Manager, and WMI to manage their devices. Some government customers relied on the Security Content Automation Protocol (SCAP) for management. However, newer management solutions can address modern requirements.
+-->
+
+## What are security baselines?
+
+Every organization faces security threats. However, the types of security threats that are of most concern to one organization can be completely different from another organization. For example, an e-commerce company may focus on protecting their Internet-facing web apps, while a hospital may focus on protecting confidential patient information. The one thing that all organizations have in common is a need to keep their apps and devices secure. These devices must be compliant with the security standards (or security baselines) defined by the organization.
+
+A security baseline is a collection of settings that have a security impact and include Microsoft’s recommended value for configuring those settings along with guidance on the security impact of those settings. These settings are based on feedback from Microsoft product groups, partners, and 
+customers.  
+
+## Why are security baselines needed?
+
+The expert knowledge that Microsoft, partners, and other customers bring together in a security baseline is an essential benefit to customers.
+
+For example, there are over 3,000 Group Policy settings for Windows 10, which does not include over 1,800 Internet Explorer 11 settings. Of those 3,800 settings, only some of them are security-related. While Microsoft provides extensive guidance on different security features, going through each of them can take a long time. You would have to determine the security impact of each setting on your own. After you've done that, you still need to determine what values each of these settings should be. 
+
+In modern organizations, the security threat landscape is constantly evolving and you must keep current with security threats and changes to Windows security settings to help mitigate these threats. 
+
+To help faster deployments and increase the ease of managing Windows, Microsoft provides customers with security baselines that are available in formats that can be consumed, such as Group Policy Objects backups and DCM packs.
+ 
+ ## How can you use security baselines?
+ 
+ You can use security baselines to:
+ 
+ - Ensure that user and device configuration settings are compliant with the baseline. 
+ - Set configuration settings. For example, you can use Group Policy, System Center Configuration Manager, or Microsoft Intune to configure a device with the setting values specified in the baseline.
+ 
+ 
+ ## Where can I get the security baselines?
+ 
+ Here's a list of security baselines that are currently available:
+ 
+ -  [Windows 10, version 1511 security baseline](windows-10-version-1511-security-baseline.md)
+ -  [Windows 10, version 1507 security baseline](windows-10-version-1507-security-baseline.md)
+ -  [Windows Server 2012 R2 security baseline](windows-server-2012-r2-security-baseline.md)
+
diff --git a/windows/keep-secure/windows-10-security-baselines.md b/windows/keep-secure/windows-10-security-baselines.md
new file mode 100644
index 0000000000..b98d77b385
--- /dev/null
+++ b/windows/keep-secure/windows-10-security-baselines.md
@@ -0,0 +1,37 @@
+---
+title: Windows 10 security baselines (Windows 10)
+description: Use this topic to learn about updates to the Windows 10 security baselines and where to download it from.
+ms.prod: W10
+ms.mktglfcycl: deploy
+ms.sitesec: library
+ms.pagetype: security
+author: brianlic-msft
+---
+
+# Windows 10 security baselines
+
+**Applies to**
+-   Windows 10
+
+Use the sections in this topic to learn and what has changed in the Windows 10 security baselines as well as a link to download them.
+
+## Windows 10, Version 1511 security baseline
+
+The Windows 10, Version 1507 security baseline is available on the [Microsoft Download Center](http://go.microsoft.com/fwlink/p/?LinkID=799381).
+
+Here's a list of updates that were made to this version:
+
+-   Added the **Turn off Microsoft consumer experiences** setting.
+
+## Windows 10, Version 1507 security baseline
+
+The Windows 10, Version 1507 security baseline is available on the [Microsoft Download Center](http://go.microsoft.com/fwlink/p/?LinkID=799380).
+
+Here's a list of updates that were made to this version:
+
+-   Removed configuration of **Allow unicast response** from the domain, private, and public Windows Firewall profiles. If you do not allow unicast responses, DHCP address acquisition will not work.
+-   Removed the restrictions on the number of cached logons.
+-   Removed the screen saver timeout from the user configuration because **Interactive logon: Machine inactivity limit** is configured at the device level.
+-   Removed Enhanced Mitigation Experience Toolkit settings.
+-   Removed the **Recovery console: Allow automatic administrative logon** setting.
+
diff --git a/windows/keep-secure/windows-server-security-baselines.md b/windows/keep-secure/windows-server-security-baselines.md
new file mode 100644
index 0000000000..ae6b5e01c8
--- /dev/null
+++ b/windows/keep-secure/windows-server-security-baselines.md
@@ -0,0 +1,56 @@
+---
+title: Windows Server security baselines (Windows 10)
+description: Use this topic to learn about updates to the Windows Server security baselines and where to download them.
+ms.prod: W10
+ms.mktglfcycl: deploy
+ms.sitesec: library
+ms.pagetype: security
+author: brianlic-msft
+---
+
+# Windows Server security baselines
+
+**Applies to**
+-   Windows Server 2012 R2
+
+Use the sections in this topic to learn and what has changed in the Windows Server security baselines as well as a link to download them.
+
+## Windows Server 2012 R2 security baseline
+
+The Windows Server 2012 R2 security baseline is available on the [Microsoft Download Center](http://go.microsoft.com/fwlink/p/?LinkID=799382).
+
+> **Note:**  For Windows Server 2012 R2, we do not recommend applying this baseline to servers that are running the following server roles:
+- Hyper-V
+- Active Directory Certificate Services
+- DHCP
+- DNS
+- File Services
+- Network Policy and Access
+- Print Server 
+- Remote Access Services
+- Remote Desktop Services
+- Web Server  
+
+Here's a list of updates that were made to this version:
+
+-   Added the **Prevent enabling lock screen camera** setting.
+-   Added the **Prevent enabling lock screen slide show** setting.
+-   Added the **Include command line in process creation events** setting.
+-   Added the **Do not display network selection UI** setting.
+-   Added the **Allow Microsoft accounts to be optional** setting.
+-   Added the **Sign-in last interactive user automatically after a system-initiated restart** setting.
+-   Added the **Deny access to this computer from the network** setting.
+-   Added the **Deny log on through Remote Desktop Services** setting.
+-   Added the **Lsass.exe audit mode** (HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\LSASS.exe!AuditLevel) setting.
+-   Added the **Enable LSA Protection** (HKLM\SYSTEM\CurrentControlSet\Control\Lsa\RunAsPPL) setting.
+-   Added the **Turn off toast notifications on the lock screen** setting.
+
+Additionally, you can change the following settings to help mitigate Pass-the-hash attacks:
+
+-   Configure the **Apply UAC restrictions to local accounts on network logons** setting to 0.
+-   Add **Local account** to the **Deny access to this computer from the network** security policy setting.
+-   Add **Local account** to the **Deny log on through Remote Desktop Services** security policy setting.
+-   Add **Enterprise Admins** and **Domain Admins** to the **Deny log on as a batch job** security policy setting on all devices except for domain controllers and privileged access workstations.
+-   Add **Enterprise Admins** and **Domain Admins** to the **Deny log on as a service** security policy setting on all devices except for domain controllers and privileged access workstations.
+-   Add **Enterprise Admins** and **Domain Admins** to the **Deny log on locally** security policy setting on all devices except for domain controllers and privileged access workstations.
+-   Disable the **WDigest Authentication** setting.

From ca1ec0275279a2597f1673eb07e5ea3679f925fc Mon Sep 17 00:00:00 2001
From: Brian Lich <brianlic@microsoft.com>
Date: Fri, 20 May 2016 15:43:26 -0700
Subject: [PATCH 03/32] fixing links

---
 windows/keep-secure/security-baselines.md | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/windows/keep-secure/security-baselines.md b/windows/keep-secure/security-baselines.md
index e8d268ffdb..9f01af2bbb 100644
--- a/windows/keep-secure/security-baselines.md
+++ b/windows/keep-secure/security-baselines.md
@@ -64,7 +64,6 @@ To help faster deployments and increase the ease of managing Windows, Microsoft
  
  Here's a list of security baselines that are currently available:
  
- -  [Windows 10, version 1511 security baseline](windows-10-version-1511-security-baseline.md)
- -  [Windows 10, version 1507 security baseline](windows-10-version-1507-security-baseline.md)
- -  [Windows Server 2012 R2 security baseline](windows-server-2012-r2-security-baseline.md)
+ -  [Windows 10 security baselines](windows-10-security-baselines.md)
+ -  [Windows Server security baselines](windows-server=security-baselines.md)
 

From 7972a612a2018171a7c547b14bf159ca0173c2d7 Mon Sep 17 00:00:00 2001
From: Brian Lich <brianlic@microsoft.com>
Date: Fri, 20 May 2016 15:52:08 -0700
Subject: [PATCH 04/32] typo

---
 windows/keep-secure/security-baselines.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/keep-secure/security-baselines.md b/windows/keep-secure/security-baselines.md
index 9f01af2bbb..2bb96282e9 100644
--- a/windows/keep-secure/security-baselines.md
+++ b/windows/keep-secure/security-baselines.md
@@ -65,5 +65,5 @@ To help faster deployments and increase the ease of managing Windows, Microsoft
  Here's a list of security baselines that are currently available:
  
  -  [Windows 10 security baselines](windows-10-security-baselines.md)
- -  [Windows Server security baselines](windows-server=security-baselines.md)
+ -  [Windows Server security baselines](windows-server-security-baselines.md)
 

From 8060c79a00f2410e50eaed0db79f81c2b2d3369d Mon Sep 17 00:00:00 2001
From: Brian Lich <brianlic@microsoft.com>
Date: Fri, 20 May 2016 16:05:44 -0700
Subject: [PATCH 05/32] tweaks

---
 .../keep-secure/windows-10-security-baselines.md |  3 +++
 .../windows-server-security-baselines.md         | 16 +++++-----------
 2 files changed, 8 insertions(+), 11 deletions(-)

diff --git a/windows/keep-secure/windows-10-security-baselines.md b/windows/keep-secure/windows-10-security-baselines.md
index b98d77b385..ac48c7dec7 100644
--- a/windows/keep-secure/windows-10-security-baselines.md
+++ b/windows/keep-secure/windows-10-security-baselines.md
@@ -35,3 +35,6 @@ Here's a list of updates that were made to this version:
 -   Removed Enhanced Mitigation Experience Toolkit settings.
 -   Removed the **Recovery console: Allow automatic administrative logon** setting.
 
+## Related topics
+
+- [Use security baselines in your organization](security-baselines.md)
diff --git a/windows/keep-secure/windows-server-security-baselines.md b/windows/keep-secure/windows-server-security-baselines.md
index ae6b5e01c8..32552f4ace 100644
--- a/windows/keep-secure/windows-server-security-baselines.md
+++ b/windows/keep-secure/windows-server-security-baselines.md
@@ -19,17 +19,7 @@ Use the sections in this topic to learn and what has changed in the Windows Serv
 
 The Windows Server 2012 R2 security baseline is available on the [Microsoft Download Center](http://go.microsoft.com/fwlink/p/?LinkID=799382).
 
-> **Note:**  For Windows Server 2012 R2, we do not recommend applying this baseline to servers that are running the following server roles:
-- Hyper-V
-- Active Directory Certificate Services
-- DHCP
-- DNS
-- File Services
-- Network Policy and Access
-- Print Server 
-- Remote Access Services
-- Remote Desktop Services
-- Web Server  
+> **Note:**  For Windows Server 2012 R2, we do not recommend applying this baseline to servers that are running the following server roles, such as Hyper-V, Active Directory Certificate Services, DHCP, DNS, File Services, Network Policy and Access, Print Server, Remote Access Services, Remote Desktop Services, and Web Server.  
 
 Here's a list of updates that were made to this version:
 
@@ -54,3 +44,7 @@ Additionally, you can change the following settings to help mitigate Pass-the-ha
 -   Add **Enterprise Admins** and **Domain Admins** to the **Deny log on as a service** security policy setting on all devices except for domain controllers and privileged access workstations.
 -   Add **Enterprise Admins** and **Domain Admins** to the **Deny log on locally** security policy setting on all devices except for domain controllers and privileged access workstations.
 -   Disable the **WDigest Authentication** setting.
+
+## Related topics
+
+- [Use security baselines in your organization](security-baselines.md)
\ No newline at end of file

From 23758bb53f172c9a2c73c776e89ab85cc5f564fd Mon Sep 17 00:00:00 2001
From: Brian Lich <brianlic@microsoft.com>
Date: Wed, 1 Jun 2016 09:36:13 -0700
Subject: [PATCH 06/32] tech review feedback

---
 windows/keep-secure/security-baselines.md | 28 +++++------------------
 1 file changed, 6 insertions(+), 22 deletions(-)

diff --git a/windows/keep-secure/security-baselines.md b/windows/keep-secure/security-baselines.md
index 2bb96282e9..2b72f77eab 100644
--- a/windows/keep-secure/security-baselines.md
+++ b/windows/keep-secure/security-baselines.md
@@ -15,42 +15,26 @@ author: brianlic-msft
 -   Windows Server 2016 Technical Preview
 -   Windows Server 2012 R2
 
-Microsoft is dedicated to provide our customers with a secure operating system, such as Windows 10 and Windows Server, as well as secure apps, such as Microsoft Office. In addition to the security assurance of its products, Microsoft also enables you to have fine control of your environments by providing various configuration capabilities. Even though Windows and Windows Server is designed to be secure out-of-the-box, a large number of organizations still want a higher level of security. Therefore, organizations need guidance on how to best use the security features.
+Microsoft is dedicated to provide our customers with a secure operating system, such as Windows 10 and Windows Server, as well as secure apps, such as Microsoft Edge. In addition to the security assurance of its products, Microsoft also enables you to have fine control of your environments by providing various configuration capabilities. Even though Windows and Windows Server are designed to be secure out-of-the-box, a large number of organizations still want more granular control of their security configurations. To navigate these large number fo controls, organizations need guidance for configuring various security features. Microsoft provides this guidance in the form of security baselines.
 
-Microsoft security baselines give organizations the security guidance they need to protect their devices and apps.  
- 
-<!-- ## How do you manage apps and devices?
-
-Before you can apply a security baseline, you should determine how apps and devices are managed within your organization. Knowing this helps you identify the role security baselines play in your organization. 
-
-Windows 10 is more manageable than previous versions of Windows in the following ways:
-
-- Provides more management granularity, which allows you to have finer control over the Windows user experience and security.
-- Allows you to use a wide variety of management solutions, such as Mobile Device Management (MDM) services, provisioning packages, Exchange ActiveSync, System Center Configuration Manager, Windows Management Instrumentation (WMI), and Group Policy. 
-
-![Windows management architecture](images/windows-management-architecture.png)
-
-*Figure 1 Windows 10 management architecture*
-
-Historically, Microsoft customers have used Group Policy, System Center Configuration Manager, and WMI to manage their devices. Some government customers relied on the Security Content Automation Protocol (SCAP) for management. However, newer management solutions can address modern requirements.
--->
+We recommend implementing an industry-standard configuration that is broadly known and well-tested, such as a Mirosoft security baseline, as opposed to creating one yourself. This helps increase flexibility and reduce costs.  
 
 ## What are security baselines?
 
 Every organization faces security threats. However, the types of security threats that are of most concern to one organization can be completely different from another organization. For example, an e-commerce company may focus on protecting their Internet-facing web apps, while a hospital may focus on protecting confidential patient information. The one thing that all organizations have in common is a need to keep their apps and devices secure. These devices must be compliant with the security standards (or security baselines) defined by the organization.
 
-A security baseline is a collection of settings that have a security impact and include Microsoft’s recommended value for configuring those settings along with guidance on the security impact of those settings. These settings are based on feedback from Microsoft product groups, partners, and 
+A security baseline is a collection of settings that have a security impact and include Microsoft’s recommended value for configuring those settings along with guidance on the security impact of those settings. These settings are based on feedback from Microsoft security engineering teams, product groups, partners, and 
 customers.  
 
 ## Why are security baselines needed?
 
-The expert knowledge that Microsoft, partners, and other customers bring together in a security baseline is an essential benefit to customers.
+Security baselines are an essential benefit to customers because they bring together expert knowlege from Microsoft, partners, and customers.
 
 For example, there are over 3,000 Group Policy settings for Windows 10, which does not include over 1,800 Internet Explorer 11 settings. Of those 3,800 settings, only some of them are security-related. While Microsoft provides extensive guidance on different security features, going through each of them can take a long time. You would have to determine the security impact of each setting on your own. After you've done that, you still need to determine what values each of these settings should be. 
 
-In modern organizations, the security threat landscape is constantly evolving and you must keep current with security threats and changes to Windows security settings to help mitigate these threats. 
+In modern organizations, the security threat landscape is constantly evolving. IT pros and policy makers must keep current with security threats and changes to Windows security settings to help mitigate these threats. 
 
-To help faster deployments and increase the ease of managing Windows, Microsoft provides customers with security baselines that are available in formats that can be consumed, such as Group Policy Objects backups and DCM packs.
+To help faster deployments and increase the ease of managing Windows, Microsoft provides customers with security baselines that are available in formats that can be consumed, such as Group Policy Objects backups.
  
  ## How can you use security baselines?
  

From 9ca14e4949ba66d01206fd857f891c22179afff4 Mon Sep 17 00:00:00 2001
From: Brian Lich <brianlic@microsoft.com>
Date: Wed, 1 Jun 2016 10:24:52 -0700
Subject: [PATCH 07/32] tech review feedback

---
 windows/keep-secure/security-baselines.md | 9 ++-------
 1 file changed, 2 insertions(+), 7 deletions(-)

diff --git a/windows/keep-secure/security-baselines.md b/windows/keep-secure/security-baselines.md
index 2b72f77eab..5158753d53 100644
--- a/windows/keep-secure/security-baselines.md
+++ b/windows/keep-secure/security-baselines.md
@@ -1,5 +1,5 @@
 ---
-title: Use security baselines in your organization (Windows 10)
+title: Windows Security Baselines (Windows 10)
 description: Use this topic to learn what security baselines are and how you can use them in your organization to help keep your devices secure.
 ms.prod: W10
 ms.mktglfcycl: deploy
@@ -8,12 +8,7 @@ ms.pagetype: security
 author: brianlic-msft
 ---
 
-# Use security baselines in your organization
-
-**Applies to**
--   Windows 10
--   Windows Server 2016 Technical Preview
--   Windows Server 2012 R2
+# Windows Security Baselines
 
 Microsoft is dedicated to provide our customers with a secure operating system, such as Windows 10 and Windows Server, as well as secure apps, such as Microsoft Edge. In addition to the security assurance of its products, Microsoft also enables you to have fine control of your environments by providing various configuration capabilities. Even though Windows and Windows Server are designed to be secure out-of-the-box, a large number of organizations still want more granular control of their security configurations. To navigate these large number fo controls, organizations need guidance for configuring various security features. Microsoft provides this guidance in the form of security baselines.
 

From a647e798b3344c0a16ac74e060308f41890f86a3 Mon Sep 17 00:00:00 2001
From: Brian Lich <brianlic@microsoft.com>
Date: Wed, 1 Jun 2016 10:40:51 -0700
Subject: [PATCH 08/32] changing TOC title for security baseline

---
 windows/keep-secure/TOC.md                | 2 +-
 windows/keep-secure/security-baselines.md | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/windows/keep-secure/TOC.md b/windows/keep-secure/TOC.md
index ab0867bbe6..ddd82153a3 100644
--- a/windows/keep-secure/TOC.md
+++ b/windows/keep-secure/TOC.md
@@ -25,7 +25,7 @@
 ### [General guidance and best practices for enterprise data protection (EDP)](guidance-and-best-practices-edp.md)
 #### [Enlightened apps for use with enterprise data protection (EDP)](enlightened-microsoft-apps-and-edp.md)
 #### [Testing scenarios for enterprise data protection (EDP)](testing-scenarios-for-edp.md)
-## [Use security baselines in your organization](security-baselines.md)
+## [Windows security baselines](security-baselines.md)
 ### [Windows 10 security baselines](windows-10-security-baselines.md)
 ### [Windows Server security baselines](windows-server-security-baselines.md)
 ## [Use Windows Event Forwarding to help with intrusion detection](use-windows-event-forwarding-to-assist-in-instrusion-detection.md)
diff --git a/windows/keep-secure/security-baselines.md b/windows/keep-secure/security-baselines.md
index 5158753d53..e6799bf6dc 100644
--- a/windows/keep-secure/security-baselines.md
+++ b/windows/keep-secure/security-baselines.md
@@ -1,5 +1,5 @@
 ---
-title: Windows Security Baselines (Windows 10)
+title: Windows security baselines (Windows 10)
 description: Use this topic to learn what security baselines are and how you can use them in your organization to help keep your devices secure.
 ms.prod: W10
 ms.mktglfcycl: deploy
@@ -8,7 +8,7 @@ ms.pagetype: security
 author: brianlic-msft
 ---
 
-# Windows Security Baselines
+# Windows security baselines
 
 Microsoft is dedicated to provide our customers with a secure operating system, such as Windows 10 and Windows Server, as well as secure apps, such as Microsoft Edge. In addition to the security assurance of its products, Microsoft also enables you to have fine control of your environments by providing various configuration capabilities. Even though Windows and Windows Server are designed to be secure out-of-the-box, a large number of organizations still want more granular control of their security configurations. To navigate these large number fo controls, organizations need guidance for configuring various security features. Microsoft provides this guidance in the form of security baselines.
 

From e8071be32f800518eb890b6f3bdba2f3642f01f2 Mon Sep 17 00:00:00 2001
From: Brian Lich <brianlic@microsoft.com>
Date: Wed, 1 Jun 2016 10:47:20 -0700
Subject: [PATCH 09/32] added change history entry

---
 .../change-history-for-keep-windows-10-secure.md            | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/windows/keep-secure/change-history-for-keep-windows-10-secure.md b/windows/keep-secure/change-history-for-keep-windows-10-secure.md
index 53fc6a0ef7..3c88804390 100644
--- a/windows/keep-secure/change-history-for-keep-windows-10-secure.md
+++ b/windows/keep-secure/change-history-for-keep-windows-10-secure.md
@@ -12,6 +12,12 @@ author: brianlic-msft
 # Change history for Keep Windows 10 secure
 This topic lists new and updated topics in the [Keep Windows 10 secure](index.md) documentation for [Windows 10 and Windows 10 Mobile](../index.md).
 
+## June 2016
+
+|New or changed topic | Description |
+|----------------------|-------------|
+| [Windows security baselines](security-baselines.md) | New |
+
 ## May 2016
 
 |New or changed topic | Description |

From 1baf961721afd02a8a3e57a844baaa7d5eb4badf Mon Sep 17 00:00:00 2001
From: Brian Lich <brianlic@microsoft.com>
Date: Thu, 2 Jun 2016 16:19:58 -0700
Subject: [PATCH 10/32] updating TOC

---
 windows/keep-secure/TOC.md                |  4 +-
 windows/keep-secure/security-baselines.md | 48 -----------------------
 2 files changed, 1 insertion(+), 51 deletions(-)
 delete mode 100644 windows/keep-secure/security-baselines.md

diff --git a/windows/keep-secure/TOC.md b/windows/keep-secure/TOC.md
index ddd82153a3..f62765ff7f 100644
--- a/windows/keep-secure/TOC.md
+++ b/windows/keep-secure/TOC.md
@@ -25,9 +25,7 @@
 ### [General guidance and best practices for enterprise data protection (EDP)](guidance-and-best-practices-edp.md)
 #### [Enlightened apps for use with enterprise data protection (EDP)](enlightened-microsoft-apps-and-edp.md)
 #### [Testing scenarios for enterprise data protection (EDP)](testing-scenarios-for-edp.md)
-## [Windows security baselines](security-baselines.md)
-### [Windows 10 security baselines](windows-10-security-baselines.md)
-### [Windows Server security baselines](windows-server-security-baselines.md)
+## [Windows security baselines](windows-security-baselines.md)
 ## [Use Windows Event Forwarding to help with intrusion detection](use-windows-event-forwarding-to-assist-in-instrusion-detection.md)
 ## [VPN profile options](vpn-profile-options.md)
 ## [Security technologies](security-technologies.md)
diff --git a/windows/keep-secure/security-baselines.md b/windows/keep-secure/security-baselines.md
deleted file mode 100644
index e6799bf6dc..0000000000
--- a/windows/keep-secure/security-baselines.md
+++ /dev/null
@@ -1,48 +0,0 @@
----
-title: Windows security baselines (Windows 10)
-description: Use this topic to learn what security baselines are and how you can use them in your organization to help keep your devices secure.
-ms.prod: W10
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
-author: brianlic-msft
----
-
-# Windows security baselines
-
-Microsoft is dedicated to provide our customers with a secure operating system, such as Windows 10 and Windows Server, as well as secure apps, such as Microsoft Edge. In addition to the security assurance of its products, Microsoft also enables you to have fine control of your environments by providing various configuration capabilities. Even though Windows and Windows Server are designed to be secure out-of-the-box, a large number of organizations still want more granular control of their security configurations. To navigate these large number fo controls, organizations need guidance for configuring various security features. Microsoft provides this guidance in the form of security baselines.
-
-We recommend implementing an industry-standard configuration that is broadly known and well-tested, such as a Mirosoft security baseline, as opposed to creating one yourself. This helps increase flexibility and reduce costs.  
-
-## What are security baselines?
-
-Every organization faces security threats. However, the types of security threats that are of most concern to one organization can be completely different from another organization. For example, an e-commerce company may focus on protecting their Internet-facing web apps, while a hospital may focus on protecting confidential patient information. The one thing that all organizations have in common is a need to keep their apps and devices secure. These devices must be compliant with the security standards (or security baselines) defined by the organization.
-
-A security baseline is a collection of settings that have a security impact and include Microsoft’s recommended value for configuring those settings along with guidance on the security impact of those settings. These settings are based on feedback from Microsoft security engineering teams, product groups, partners, and 
-customers.  
-
-## Why are security baselines needed?
-
-Security baselines are an essential benefit to customers because they bring together expert knowlege from Microsoft, partners, and customers.
-
-For example, there are over 3,000 Group Policy settings for Windows 10, which does not include over 1,800 Internet Explorer 11 settings. Of those 3,800 settings, only some of them are security-related. While Microsoft provides extensive guidance on different security features, going through each of them can take a long time. You would have to determine the security impact of each setting on your own. After you've done that, you still need to determine what values each of these settings should be. 
-
-In modern organizations, the security threat landscape is constantly evolving. IT pros and policy makers must keep current with security threats and changes to Windows security settings to help mitigate these threats. 
-
-To help faster deployments and increase the ease of managing Windows, Microsoft provides customers with security baselines that are available in formats that can be consumed, such as Group Policy Objects backups.
- 
- ## How can you use security baselines?
- 
- You can use security baselines to:
- 
- - Ensure that user and device configuration settings are compliant with the baseline. 
- - Set configuration settings. For example, you can use Group Policy, System Center Configuration Manager, or Microsoft Intune to configure a device with the setting values specified in the baseline.
- 
- 
- ## Where can I get the security baselines?
- 
- Here's a list of security baselines that are currently available:
- 
- -  [Windows 10 security baselines](windows-10-security-baselines.md)
- -  [Windows Server security baselines](windows-server-security-baselines.md)
-

From 98d7e73292556b684596f440b884393955f346d2 Mon Sep 17 00:00:00 2001
From: Brian Lich <brianlic@microsoft.com>
Date: Thu, 2 Jun 2016 16:20:07 -0700
Subject: [PATCH 11/32] updating TOC

---
 .../keep-secure/windows-security-baselines.md | 53 +++++++++++++++++++
 1 file changed, 53 insertions(+)
 create mode 100644 windows/keep-secure/windows-security-baselines.md

diff --git a/windows/keep-secure/windows-security-baselines.md b/windows/keep-secure/windows-security-baselines.md
new file mode 100644
index 0000000000..475e2050b8
--- /dev/null
+++ b/windows/keep-secure/windows-security-baselines.md
@@ -0,0 +1,53 @@
+---
+title: Windows security baselines (Windows 10)
+description: Use this topic to learn what security baselines are and how you can use them in your organization to help keep your devices secure.
+ms.prod: w10
+ms.mktglfcycl: deploy
+ms.sitesec: library
+ms.pagetype: security
+author: brianlic-msft
+---
+
+# Windows security baselines
+
+Microsoft is dedicated to provide our customers with a secure operating system, such as Windows 10 and Windows Server, as well as secure apps, such as Microsoft Edge. In addition to the security assurance of its products, Microsoft also enables you to have fine control of your environments by providing various configuration capabilities. Even though Windows and Windows Server are designed to be secure out-of-the-box, a large number of organizations still want more granular control of their security configurations. To navigate these large number fo controls, organizations need guidance for configuring various security features. Microsoft provides this guidance in the form of security baselines.
+
+We recommend implementing an industry-standard configuration that is broadly known and well-tested, such as a Mirosoft security baseline, as opposed to creating one yourself. This helps increase flexibility and reduce costs.  
+
+## What are security baselines?
+
+Every organization faces security threats. However, the types of security threats that are of most concern to one organization can be completely different from another organization. For example, an e-commerce company may focus on protecting their Internet-facing web apps, while a hospital may focus on protecting confidential patient information. The one thing that all organizations have in common is a need to keep their apps and devices secure. These devices must be compliant with the security standards (or security baselines) defined by the organization.
+
+A security baseline is a collection of settings that have a security impact and include Microsoft’s recommended value for configuring those settings along with guidance on the security impact of those settings. These settings are based on feedback from Microsoft security engineering teams, product groups, partners, and 
+customers.  
+
+## Why are security baselines needed?
+
+Security baselines are an essential benefit to customers because they bring together expert knowlege from Microsoft, partners, and customers.
+
+For example, there are over 3,000 Group Policy settings for Windows 10, which does not include over 1,800 Internet Explorer 11 settings. Of those 3,800 settings, only some of them are security-related. While Microsoft provides extensive guidance on different security features, going through each of them can take a long time. You would have to determine the security impact of each setting on your own. After you've done that, you still need to determine what values each of these settings should be. 
+
+In modern organizations, the security threat landscape is constantly evolving. IT pros and policy makers must keep current with security threats and changes to Windows security settings to help mitigate these threats. 
+
+To help faster deployments and increase the ease of managing Windows, Microsoft provides customers with security baselines that are available in formats that can be consumed, such as Group Policy Objects backups.
+ 
+ ## How can you use security baselines?
+ 
+ You can use security baselines to:
+ 
+ - Ensure that user and device configuration settings are compliant with the baseline. 
+ - Set configuration settings. For example, you can use Group Policy, System Center Configuration Manager, or Microsoft Intune to configure a device with the setting values specified in the baseline.
+ 
+ 
+ ## Where can I get the security baselines?
+ 
+ Here's a list of security baselines that are currently available.
+ 
+ ### Windows 10 security baselines
+ 
+ -  [Windows 10, Version 1511 security baseline](http://go.microsoft.com/fwlink/p/?LinkID=799381)
+ -  [Windows 10, Version 1507 security baseline](http://go.microsoft.com/fwlink/p/?LinkID=799380)
+ 
+ ### Windows Server security baselines
+ 
+ -  [Windows Server 2012 R2 security baseline](http://go.microsoft.com/fwlink/p/?LinkID=799382)

From 29939e2a0f5c8a514163141151a3672f4fee1481 Mon Sep 17 00:00:00 2001
From: Brian Lich <brianlic@microsoft.com>
Date: Thu, 2 Jun 2016 16:31:35 -0700
Subject: [PATCH 12/32] added baselines link to index

---
 windows/keep-secure/index.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/windows/keep-secure/index.md b/windows/keep-secure/index.md
index b605acb372..c400267003 100644
--- a/windows/keep-secure/index.md
+++ b/windows/keep-secure/index.md
@@ -27,6 +27,7 @@ Learn about keeping Windows 10 and Windows 10 Mobile secure.
 | [Protect your enterprise data using enterprise data protection (EDP)](protect-enterprise-data-using-edp.md) | With the increase of employee-owned devices in the enterprise, there’s also an increasing risk of accidental data leak through apps and services, like email, social media, and the public cloud, which are outside of the enterprise’s control. For example, when an employee sends the latest engineering pictures from their personal email account, copies and pastes product info into a tweet, or saves an in-progress sales report to their public cloud storage. |
 | [Use Windows Event Forwarding to help with intrusion detection](use-windows-event-forwarding-to-assist-in-instrusion-detection.md) | Learn about an approach to collect events from devices in your organization. This article talks about events in both normal operations and when an intrusion is suspected. |
 | [VPN profile options](vpn-profile-options.md) | Virtual private networks (VPN) let you give your users secure remote access to your company network. Windows 10 adds useful new VPN profile options to help you manage how users connect. |
+| [Windows security baselines](windows-security-baselines.md) | Learn why you should use security baselines in your organization. |
 | [Security technologies](security-technologies.md) | Learn more about the different security technologies that are available in Windows 10 and Windows 10 Mobile. |
 | [Enterprise security guides](windows-10-enterprise-security-guides.md) | Get proven guidance to help you better secure and protect your enterprise by using technologies such as Credential Guard, Device Guard, Microsoft Passport, and Windows Hello. This section offers technology overviews and step-by-step guides. |
  

From 19ea65a3bbfa1ec9e42750dd9da0c85e54ef424e Mon Sep 17 00:00:00 2001
From: Brian Lich <brianlic@microsoft.com>
Date: Thu, 2 Jun 2016 16:41:56 -0700
Subject: [PATCH 13/32] fixing heading

---
 windows/keep-secure/windows-security-baselines.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/windows/keep-secure/windows-security-baselines.md b/windows/keep-secure/windows-security-baselines.md
index 475e2050b8..9f38fe080b 100644
--- a/windows/keep-secure/windows-security-baselines.md
+++ b/windows/keep-secure/windows-security-baselines.md
@@ -43,11 +43,11 @@ To help faster deployments and increase the ease of managing Windows, Microsoft
  
  Here's a list of security baselines that are currently available.
  
- ### Windows 10 security baselines
+### Windows 10 security baselines
  
  -  [Windows 10, Version 1511 security baseline](http://go.microsoft.com/fwlink/p/?LinkID=799381)
  -  [Windows 10, Version 1507 security baseline](http://go.microsoft.com/fwlink/p/?LinkID=799380)
  
- ### Windows Server security baselines
+### Windows Server security baselines
  
  -  [Windows Server 2012 R2 security baseline](http://go.microsoft.com/fwlink/p/?LinkID=799382)

From 50c04276882b065559919db1cd0d92a2df36566d Mon Sep 17 00:00:00 2001
From: Brian Lich <brianlic@microsoft.com>
Date: Thu, 2 Jun 2016 16:44:29 -0700
Subject: [PATCH 14/32] moving baselines topic in TOC

---
 windows/keep-secure/TOC.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/keep-secure/TOC.md b/windows/keep-secure/TOC.md
index c8cc7cf7b3..88c8cc1e70 100644
--- a/windows/keep-secure/TOC.md
+++ b/windows/keep-secure/TOC.md
@@ -25,9 +25,9 @@
 ### [General guidance and best practices for enterprise data protection (EDP)](guidance-and-best-practices-edp.md)
 #### [Enlightened apps for use with enterprise data protection (EDP)](enlightened-microsoft-apps-and-edp.md)
 #### [Testing scenarios for enterprise data protection (EDP)](testing-scenarios-for-edp.md)
-## [Windows security baselines](windows-security-baselines.md)
 ## [Use Windows Event Forwarding to help with intrusion detection](use-windows-event-forwarding-to-assist-in-instrusion-detection.md)
 ## [VPN profile options](vpn-profile-options.md)
+## [Windows security baselines](windows-security-baselines.md)
 ## [Security technologies](security-technologies.md)
 ### [AppLocker](applocker-overview.md)
 #### [Administer AppLocker](administer-applocker.md)

From b93bdff8139244c6dc7232e3abba38011b5f5c39 Mon Sep 17 00:00:00 2001
From: Brian Lich <brianlic@microsoft.com>
Date: Fri, 10 Jun 2016 11:03:32 -0700
Subject: [PATCH 15/32] tech review feedback

---
 .../windows-10-security-baselines.md          | 40 ---------------
 .../keep-secure/windows-security-baselines.md |  5 +-
 .../windows-server-security-baselines.md      | 50 -------------------
 3 files changed, 4 insertions(+), 91 deletions(-)
 delete mode 100644 windows/keep-secure/windows-10-security-baselines.md
 delete mode 100644 windows/keep-secure/windows-server-security-baselines.md

diff --git a/windows/keep-secure/windows-10-security-baselines.md b/windows/keep-secure/windows-10-security-baselines.md
deleted file mode 100644
index ac48c7dec7..0000000000
--- a/windows/keep-secure/windows-10-security-baselines.md
+++ /dev/null
@@ -1,40 +0,0 @@
----
-title: Windows 10 security baselines (Windows 10)
-description: Use this topic to learn about updates to the Windows 10 security baselines and where to download it from.
-ms.prod: W10
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
-author: brianlic-msft
----
-
-# Windows 10 security baselines
-
-**Applies to**
--   Windows 10
-
-Use the sections in this topic to learn and what has changed in the Windows 10 security baselines as well as a link to download them.
-
-## Windows 10, Version 1511 security baseline
-
-The Windows 10, Version 1507 security baseline is available on the [Microsoft Download Center](http://go.microsoft.com/fwlink/p/?LinkID=799381).
-
-Here's a list of updates that were made to this version:
-
--   Added the **Turn off Microsoft consumer experiences** setting.
-
-## Windows 10, Version 1507 security baseline
-
-The Windows 10, Version 1507 security baseline is available on the [Microsoft Download Center](http://go.microsoft.com/fwlink/p/?LinkID=799380).
-
-Here's a list of updates that were made to this version:
-
--   Removed configuration of **Allow unicast response** from the domain, private, and public Windows Firewall profiles. If you do not allow unicast responses, DHCP address acquisition will not work.
--   Removed the restrictions on the number of cached logons.
--   Removed the screen saver timeout from the user configuration because **Interactive logon: Machine inactivity limit** is configured at the device level.
--   Removed Enhanced Mitigation Experience Toolkit settings.
--   Removed the **Recovery console: Allow automatic administrative logon** setting.
-
-## Related topics
-
-- [Use security baselines in your organization](security-baselines.md)
diff --git a/windows/keep-secure/windows-security-baselines.md b/windows/keep-secure/windows-security-baselines.md
index 9f38fe080b..7e5a5f4b9e 100644
--- a/windows/keep-secure/windows-security-baselines.md
+++ b/windows/keep-secure/windows-security-baselines.md
@@ -10,7 +10,7 @@ author: brianlic-msft
 
 # Windows security baselines
 
-Microsoft is dedicated to provide our customers with a secure operating system, such as Windows 10 and Windows Server, as well as secure apps, such as Microsoft Edge. In addition to the security assurance of its products, Microsoft also enables you to have fine control of your environments by providing various configuration capabilities. Even though Windows and Windows Server are designed to be secure out-of-the-box, a large number of organizations still want more granular control of their security configurations. To navigate these large number fo controls, organizations need guidance for configuring various security features. Microsoft provides this guidance in the form of security baselines.
+Microsoft is dedicated to provide our customers with a secure operating system, such as Windows 10 and Windows Server, as well as secure apps, such as Microsoft Edge. In addition to the security assurance of its products, Microsoft also enables you to have fine control of your environments by providing various configuration capabilities. Even though Windows and Windows Server are designed to be secure out-of-the-box, a large number of organizations still want more granular control of their security configurations. To navigate these large number of controls, organizations need guidance for configuring various security features. Microsoft provides this guidance in the form of security baselines.
 
 We recommend implementing an industry-standard configuration that is broadly known and well-tested, such as a Mirosoft security baseline, as opposed to creating one yourself. This helps increase flexibility and reduce costs.  
 
@@ -42,6 +42,8 @@ To help faster deployments and increase the ease of managing Windows, Microsoft
  ## Where can I get the security baselines?
  
  Here's a list of security baselines that are currently available.
+
+ If you want to know what has changed with each security baseline, or if you want to stay up-to-date on what’s happening with them, check out the Microsoft Security Guidance blog.
  
 ### Windows 10 security baselines
  
@@ -51,3 +53,4 @@ To help faster deployments and increase the ease of managing Windows, Microsoft
 ### Windows Server security baselines
  
  -  [Windows Server 2012 R2 security baseline](http://go.microsoft.com/fwlink/p/?LinkID=799382)
+
diff --git a/windows/keep-secure/windows-server-security-baselines.md b/windows/keep-secure/windows-server-security-baselines.md
deleted file mode 100644
index 32552f4ace..0000000000
--- a/windows/keep-secure/windows-server-security-baselines.md
+++ /dev/null
@@ -1,50 +0,0 @@
----
-title: Windows Server security baselines (Windows 10)
-description: Use this topic to learn about updates to the Windows Server security baselines and where to download them.
-ms.prod: W10
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
-author: brianlic-msft
----
-
-# Windows Server security baselines
-
-**Applies to**
--   Windows Server 2012 R2
-
-Use the sections in this topic to learn and what has changed in the Windows Server security baselines as well as a link to download them.
-
-## Windows Server 2012 R2 security baseline
-
-The Windows Server 2012 R2 security baseline is available on the [Microsoft Download Center](http://go.microsoft.com/fwlink/p/?LinkID=799382).
-
-> **Note:**  For Windows Server 2012 R2, we do not recommend applying this baseline to servers that are running the following server roles, such as Hyper-V, Active Directory Certificate Services, DHCP, DNS, File Services, Network Policy and Access, Print Server, Remote Access Services, Remote Desktop Services, and Web Server.  
-
-Here's a list of updates that were made to this version:
-
--   Added the **Prevent enabling lock screen camera** setting.
--   Added the **Prevent enabling lock screen slide show** setting.
--   Added the **Include command line in process creation events** setting.
--   Added the **Do not display network selection UI** setting.
--   Added the **Allow Microsoft accounts to be optional** setting.
--   Added the **Sign-in last interactive user automatically after a system-initiated restart** setting.
--   Added the **Deny access to this computer from the network** setting.
--   Added the **Deny log on through Remote Desktop Services** setting.
--   Added the **Lsass.exe audit mode** (HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\LSASS.exe!AuditLevel) setting.
--   Added the **Enable LSA Protection** (HKLM\SYSTEM\CurrentControlSet\Control\Lsa\RunAsPPL) setting.
--   Added the **Turn off toast notifications on the lock screen** setting.
-
-Additionally, you can change the following settings to help mitigate Pass-the-hash attacks:
-
--   Configure the **Apply UAC restrictions to local accounts on network logons** setting to 0.
--   Add **Local account** to the **Deny access to this computer from the network** security policy setting.
--   Add **Local account** to the **Deny log on through Remote Desktop Services** security policy setting.
--   Add **Enterprise Admins** and **Domain Admins** to the **Deny log on as a batch job** security policy setting on all devices except for domain controllers and privileged access workstations.
--   Add **Enterprise Admins** and **Domain Admins** to the **Deny log on as a service** security policy setting on all devices except for domain controllers and privileged access workstations.
--   Add **Enterprise Admins** and **Domain Admins** to the **Deny log on locally** security policy setting on all devices except for domain controllers and privileged access workstations.
--   Disable the **WDigest Authentication** setting.
-
-## Related topics
-
-- [Use security baselines in your organization](security-baselines.md)
\ No newline at end of file

From b094dfa222a22c4900b857371448d01c6494bbd1 Mon Sep 17 00:00:00 2001
From: Greg Lindsay <greglin@microsoft.com>
Date: Mon, 20 Jun 2016 15:25:58 -0700
Subject: [PATCH 16/32] testing upgrade path bug

---
 windows/deploy/images/check_grn.png           | Bin 0 -> 20444 bytes
 windows/deploy/images/x_blk.png               | Bin 0 -> 20437 bytes
 windows/deploy/windows-10-edition-upgrades.md |  12 +-
 windows/deploy/windows-10-upgrade-paths.md    | 151 ++++++++++++++++++
 4 files changed, 157 insertions(+), 6 deletions(-)
 create mode 100644 windows/deploy/images/check_grn.png
 create mode 100644 windows/deploy/images/x_blk.png
 create mode 100644 windows/deploy/windows-10-upgrade-paths.md

diff --git a/windows/deploy/images/check_grn.png b/windows/deploy/images/check_grn.png
new file mode 100644
index 0000000000000000000000000000000000000000..f9f04cd6bd96ce6898c426f9071b25c0e94fa35c
GIT binary patch
literal 20444
zcmeI4c|4Ts-^XuMc1pBKXH1f0cH0aFGuDu7(cYN3jR`YjOpzp%5|yN~MWv9nMJb^~
zQQ1<b4N;aP(Q~4s4bMH6lF^*=JJ0V~Ue9ah^_uPby*}UTy59G-e6RbDd;hAHma<X{
zqyPYrwYD;Igua(T??n=#&?oHjVR7h7l5Mrd4*;}mcyEz3qvM$XAZ5=WlUJ?sWN}%3
zo-8)ZnoNeVIV=x`HwXX$4arV)XQ!??Mgz_LB%6qkqc$u@B?*`#DJn!UMqN`?a^{K%
z)zi<F9B$1rH=m|__f&+~p+g}DlpM5VBBh>*x2vWe+I=P>^8VLXJI;7LDIR!TGj!!C
zu`{PHIloT4R6^#s70y8?L?)B8Xx7W!mA5NiwIfYJrPSEKOo@D&s^8#Z5#Up>q2Y3P
zsrU^*B;b*>1W;<1REl1>Z&>~<DPg@x$R3eWZj8Q-M2I3_5_pJ|4wzVoge1qSI{~Mr
z0h_C+?rp#-1h9GOuGf!%kmOGZJ4AqWM^%+XPQ?JQ*<gej;AsHl)UA#*2i(wrqKD0G
zJn#$wpsig!tbhwwfzsNU(w6`U8364N5xxwVwgcFFck$u?U{3;|Xz{_-@Q>wrGdndQ
zQVEv~3)S%Eq3a|NzT&Q~$VD2p)^nFD>QY20i6+Rh?FsX-q1y5<`>FxpRE!eT+rGho
zTDiR1THQkha+?ruZ_XHoySujyb<}0EO#t8(H@JRC3zfeh#9&5<&rs@;-f5m2rB7`g
zi1N53Z*m1V)z#qI$L6syKYh6H`SXtU_Gc?@lh#r0yY3vKmu)I_9rXSjZ1`>9<I5YZ
zYN6N-p_bD=y)3Klw@q7EcSLfJd(-P^%Wqeuhrg*jg5S1wFLcvXY;#cXJ!F=6pbwh{
z-%mQS?9P&h!?e~Gt*>Il79HTi7NW?G7{s{^RIxv8md<qJmbMN6z=tB%t=}~y#6moG
zzpC>ees4Tzd1?s|;$eNn7XUVzsUe;3=Nnf_0D#%4P|XXb%Kf+IX_d}ccx!soE$MHY
zb@!0eZkLf}lB8%M3ptyY<%E$m_SRfb(cFys-9$yZ)WLIaEL#p)=5kHWh%NtxB9U@S
zqc~J@n(1AM*%Z}=2od*4x5bAf<|c%HQoUt0O(9ARb}vHF0d5ncV})^ybcVTDseCZv
zh~oFHx40f-a2LRaecM}Xi8&g2$-(G%nJeVNb9xK*Sfolnpm8yY(Q{5EJ>XnkV01wD
zbmxO?Px*#uBDoS>`evRu?zT4?Sy4{9sIMg%ORc&H&ymTlSa4x=j#$zDkJP%0{?imf
z%}XV9r}>j$ltrdiZnkbKpIM!QEmYH<)gY-SDYnO<Y$-hUoXutR>$5)Jp68Cm>~piy
zTKq&IdNyk2jtKH?JvD{>WbD$y!=ly~&pJO;cxdsE>A1K{D>F&kYQf^zdkr+NOXB#W
zTCnAJ!`qYF%iD47%I&Hj)=4G1oA{pn<kYI+cz?@^`5iMmv^!>i@mN!rGl`Bb&YgCi
zr4zlDlzY0s@w~&nbF;O#CgN*$&#|^i%S}D@Xo2Tk&jH5yH{9#9UL0GrGVX!v!>TUJ
zH*s&o`u$~O_bTnKjG$}GPnst_k3Qdj-uZaj^!bmX=2tqS^)TJ>oeA;@EEhM;0?i<$
znEO)4Rvc45rmTr_&df^BYR-~&>2s-aj?UcZv@_4b1?SY3Df#>HY?rL$Roza?PV`KJ
zbNjOB=UC3hXM@)a?w_%y+_v1FeAeOA#Z7I+6)<V){QLkdRWI4>y<0<dZmVCcc^<S)
zvnYO0r6|fMEAup-j9Y<o&3EiO>R~M27VrD%1b3xmr$$CxUvOlz;`?Q-%aqf#Z3{8r
zdatbGamU@Vt+E}mExSu}^LjFp(@V^Y)_e_>Gp$^)bp29GdUWmd<W8sOPA@W~GUnJB
z5kBT2v%J!jPZyc_-(+U=#;4ra7?NVk%4ptR()nfKPSl|DpwE|#kCrlSGxBBBW;Dvw
z&NIBD<I6HsK~*;X;XvL{ZbD9@9HYd&+7nY)Z+Pah#X$@C1B{CGZE9^k6+RVb)Mu!x
zs@vGTwd+lEv@1+smTq8cU|U&JU6We#Bta+12=f%%nbeu|G^yq4=CuK9wF=G^Tm!8y
zwXaQI(_2u?3}1_1lji2Kc0;~JZgTFDCq=nM8M879SH`Z)PI*Evzwk%Fy@JfE^DlHf
zo6(q8;8U=ZLU*4_zj`OHyf?NacIWk-2M3MBW%oUo%T`&d66|-GqexgyXils>(QCZ(
zPXF;P6y2?EX5BMfTfywAWw#m0PDzg}>2v9Ye!Kf3qW0T_RUzYu$Ry>87k5kAS8zZ2
zZg>^=@MCgPeo|S_xyJLoy1k6veN88;wNEZfS%dR?P=1&E(xIc?So-8Kv{y?`uszv6
zlzydiF^Y<cam{^t;cA+H)&S-GT;iWZ&dD}no1tDawt3B_YQ55{cdu62m$Onfg}0D*
zEgq%~2M*T*86itV=wkarO+(j-e*F{}q<Zs^F`*Is^V0Jk(*vgpO_fZe!*atqZsn?a
z-hFpCS9PE>zBZ<oAs4<X_|20C;*{5vsPbT$rQ!R+UH2LvVn?_wsK><V_}4d){aVbv
zm>oB3PNHM%@#hgMbTo-s$SsBqde^nD8&@Db)>J=sOLnvNwpoZrYUb%Oy>GO9>*?Fq
zn%pYgwqtHQ>h1>i_S3ax{oxsNGLZ^egySZ*5i9kN{)g#I&2w`OEcr0of5{=K?PV%u
zbU3PBw?5(-dA;VMl^?7$?E;Uyiz(LGu675PrqxlnXKCi)Vq00;7fFPaIf>g~K3F3{
z31;_^n8UuLELFSM0{UC}YmaSJIbisup*zf|tEffC#P50KAI_P+1|d~IN`K?LR^zFr
z_$4~%>T$DX|9$-N?3Cp-J=OX58xQN9cz<%ZN1;sN)scd<y*9206}Q(VIa~0T41KpZ
zO0_9XU%q$sj2y#jkp-GQkL|O2T;uYBOVk7Hyh1nLx*vAyiilUYw2M?n_|ER8r#&0&
z-B4><u28=0O;#o<?T^e;Y@8dXwCkBhQ$UCEKGyx42~9^YXJ+3nq}6#m^yqrsj7V80
zcRVZZb(|bi_Ibl)*_PFpdp`bY-iV5;(P%8%T|h28bJOrzF_>|$w#LBN`K)ul^A~5`
z-iI%)P@aBb*7qv!DE?FX-Q&h}#RG%Hdp8<gL|p71dprieT7S(SFwWbb)%EH4SDy{J
zD}8)>D#ad(4T>+8D|lM?`(u@dM$V4WPnLIE%2ob$V<`E(KSEYl*5%-diq^$!v+eC&
z1ClKRi)0B6+Yao=c_senw{0qP71S0|;)g_wB&Wo$>)h8}x34DFKY806_|3BMH~ACV
zhHJL3=ySfuXy^)i6ife5cOdy#^3Gu7=cdh#sRcVaskJRz<XP{p&*Z*(Xg(a(X;5rX
zyZ*y9?uSc_9kX4pxh9?`Z1Q=_eQP)r`^dhs=tNOsUg3JL!rs7=D?2;}x|CD&YG3r1
zZ2x1<@RP?Wc%v63eSxfjI|CnE=DY~zEFG+^Dthj}v^TfdzIao=NssAs@{4_sjn@q|
zJ$v7@YfGvBslNIq%Yhl;yX%HxK1R!vr$;A5SM8PE+nu6M#N%6yIfGr_GRSqbI`x#f
zL#abmd2{EWf<Ha(ep*`}Uw=C8LtN}lpP;nCx24_l&o@?-RV=!3F93(x*uVN~&n^EZ
zf0g%VTIB89gJ8QfhCM%D{OI%`<7@2v*x2D|V)1?7s5nF;0GMuIIJ<G(>}&~CmJgCb
zW4VLK03SA#hysA2aR8e_^#ZvtcaY9t8o}Qe-Gsv!G$XjHjvd;LO$I#~R)HMQDR8AT
zHPDNSr@@VhQicHpD1Z;hrN9DwyqSK403-NFTmtl)XGXzcBSpAgMsQPJg)ld}RWLG(
z1HyEWItVHni-GCkkr*9qJO-l$!=f=b6b6mL;t?1OL0gZ2(S?n@;6y3tmm!DdL2xv)
z7^@EYX9V};a@hnF%HQ7~>5oIQICK;SkH@3XSQHkEfJz|zwlleu00h%-@o13oIA)+9
zmBV0j87wA@7nkDB+R8P8!+8~be~tCahizx~y(*^P7(Iw1DuBX9VUTE)j}K}pr61RP
z8x(Y`ky9%DoVT+<lq2ZJ+RCAV=G#Cfck$Gr9Kj#`{Trd6;!_5qQNK5cy_MrV!i+{m
zf!?4GRJR}09n6${VUM3mzRQ1V#CP`ykEwb94VI~;;}EA3aTy-J=rzyt%eue-#xG<%
z&!}u<OpRV@L#S<bb_6pPbt?~owHZ-In}o$<Nmw%3!dzb)gCSwacpOfjj3r^v+PbD#
zLlmFn$H*BAXU+8EQkYZ_3I`QNG8i-hjjE5v>*Fa1ERCX%pi;Fx5O^95gU|=DI1d_y
zN~7ZN<Dn<W`9j-s7|=wec>jYIPa)+CZ^iKAvN+o(5P~?3Og|^k_h;+4!<#WOjo1{9
zAIKZhM)2`5{e9kjpH@80$kZTEsJsbC^rLJ8X@;nuY(E<HT{k9T@N-3Daa4T|JQ_i9
zr+^53cWnwn--D`$(4$cCXuLbdgQ|}kk3T{F>pJ{BK_(Gek#rGgT?7{G46R65Z2|^^
zK<g3E=<!e^rG6d6kLAJjr*J@1Iy9(=qf6kA!@c>~jDultNHk2tmBFO3{QZ`V$NpLT
z>q@Ae6eb;{5mDp9al>SZA&R%oc{BbSt{;`f+y-*E|H3td#t8-5BS4NH(SyVCfiZk2
zbP%<L4bov;*4RHblRn<33B~^hyF~*zjDKZdPH5$KBC!9v-TN=kIvfp}bvk$q0z`Yz
zpoI)t&D`~MXb3$t6$IU>SS+ZgJAMU)v+nycHu_^^IsM;VHUHjjG`cGP)9Z)B5}-`%
z|J$lLx|aUD8IJGU{F~=^dNI13Sn$?6-ctP6dnL5tL1`Re0{ihq;_q&FljJ`wo@3Ez
z|4P;~+Mo%NsUoueNp><Cc?#)|8pa8m{Qx;(Gc%-72_7tt4~0t{-AzXJj~~VfalR+3
z1TxE;#j#`2Kq8bMOl6)@1>KilHF{f~=;vrjf?1oBbuoBdC{sXUCWe_%ZbBUB8WPAH
zkirGcp!eh~0}Uk_<MU-w$w@JwW-~mtPZ8s%Ime4Jq2%Nk&^e7p;Zpuql!;|0#Tn@j
zi{s2<dH?-H=X>|YgcD-&vU`FxFDY<k(72vNU0%{P**Il+TaZbI1URhDM8TMKvVz3m
z`mF*vP81)uH#lJ|@iJ826#aRI|Fm!u_5UiN`sXF4US3AJ|Em@oj(A71ODM16FsRl{
zD7#{FplddgVnZjEzbG-84Rla|($-NmG^$6`6K#{rk3!_(T*U|gy?GOAL^IhwS?9((
zD0pujZKb|G8hSyu0if5IexiS}cFkXCC;BIAe@I=J3@&jT&?NH&74PUsFo!-?Luo7T
z*n-AlAuxRA$&!&Z#tFK^0uslIPcTg`Jp#|oi~$`)M=IeR2uG@z?3hxxW`Ym`_(M3s
zF(w=xWE1X#jEw(LD|D9yy1|3`euwAhsWB;&`M3T3(W8G`Nd7>=O8A)wun2JpfWz++
z;^Jo_z#_yY01m%Ph>M?z0E-Zp066?EAufI<0xUvY0^snwgt+*b2(Soo34p`z65`@#
zBETZVB>)b;ONfh~i2#cbmjF2YE+H;{CIT!%Tms<myM(y-nFz25aS4FK?-JtTXClBN
z#3cX@ze|XVpNRmA5SIWr{4OCbekKAeLR<pi@VkV#_?ZZ>2yqF3!|xK};%6ejBE%&C
z4!=u?i=T-Aix8IpIQ%XlE`BBgEJ9oY;PAVIxcHd}un2JpfWz++;^Jo_z#_yY01m%P
zh>M?z0E-Zp066?EAufI<0xSY?N&R?c0?33Ol;96N5n=6eRyp)E1sK)J(GCCtmjFP>
zZUFc^41IS2z*aN>yxj}{gm?g$%Q~{@js*aSrC6JpItMhobG7kSc2V5<`I+x)yGL^}
zr6WV&MDq)8(rNXw5#Tuj)nHLwlDg()jX~*YvI=nNv#VW>r6XF4-h@e=&PolRE{#^m
zTChs*Y-(R~@_y^}=^yQVPrPm;EUNtTKt|Lpr7TUgR^R7rovIA~{$8Vj6S%v+Cjv`)
z4Vy@{yBu=OujB^i#dF@~TI3pZwJL77W*8HF@$+)}!K)SN;(0Z9s^4;QS7$y~swyxv
z88le(y5`-}%$V{o(qH>C<hzo@-RzCKpJf|=P9OT@78Vq1h>3}+QOZv#c?>-;>+>dJ
ze4zPR4N>BJQH4I6m-6HylX~{IH0ez0XUBBM<wY-;UviIAwJt^v2T^A}`Is*!`ogSD
z@})$#;xdBv=hn39dqG`8^{MI^0T`p}t~)fPHYj|O*gQR8zJ6%x(^vH@+!-5>W~$uN
zcW=|G_nQW&RX5OHN^DN0NPY{8JY*N8CtdxuCi7W`J+o)^=7YCI_fSL^Qi39`EYIn5
z{}NE>9(eP-Qc+L?EG#m0CM@JdMWl=@BT1cExi(e7Wk<(l({1M>fDGV$Fq~}JT9Vmu
z@3?0y_>^cP=i?e9vrr@jSPeue%2w{^tnSxTsxNr=+ohA8wr#ieTuDCf_&!QA@_Lg<
z4uD$4Rckg_w?fD4%+UK)^vDX!io6@$Z>stY<cnJ~67p5A*zHB8QbglR7sRCcx2>bs
zv}-;dUNQ7-Q4b~tE*T_tq1WQoz}MQY@J;@t=-WZP%O%;Sk#e4O9yPb$8g(AMm~U^6
z)Cp5mu`6Dk?ebpbep15jFR#&FPD5es<jXs)T8^&Yn|@;D@&h*2zl8%LD`z0B>iwU`
z9watW^=P5+=>e&f>1<=JTv=cNyO6Of*WhGxQ^{`l)g21mN9LbL95gu8*H%5(G?Ml*
zqGDMHI41(#Qitm-_Wc-stVv`r0o@HNo&Ay|bI|r?4r-%HVh~(3S!%Orv5ecPH>B6(
z%0H1d2kMgLAL`D(F3FyDq57K91<d{Hy}9Wo_2*`7O@5AZuDWzc{mUMUlal|T@CkgW
zSZY>IdE(3d@VT)gXQ1$&MwZwGqG+&a(C&-RROm;yl|Kx~e%LTjh!ZuxRG~wQb_$v6
z%tabCl^t-qqFFgR%w$$Qx?W#2C?fT0+qxBx-MwPFauS-(8(&R^@BeHbDX~uZrr$?O
z`>V`5EfzxoTjzQQpl<Xu1XcfWdFWo({l`ZfLJXEi4G;TjJNSzOS5Zrnob^9>@g9<5
NZNAbhkF+`LKLHH-DG&ev

literal 0
HcmV?d00001

diff --git a/windows/deploy/images/x_blk.png b/windows/deploy/images/x_blk.png
new file mode 100644
index 0000000000000000000000000000000000000000..69432ff71cfcc2a5a57dab4801e792beae02bdc4
GIT binary patch
literal 20437
zcmeI4c|4Ts`^O(CBuXVMQe&wkvyWk>F*0Kfl`XUyvzaV2jVVhd3Tc%T;gFPss3;|r
ztyDsi%9bPBQPBydvVEVil#J$_@A-Xy%j@@=dA(-4uKRP{_x--N>v{fo4sTdzEGxZ8
z8UO%UQxgL#@LLUhFP54Deg>HxnFW4L=a@Kn0D!_W{#(q{O6^YokY3LslQ(Q|X7kt{
z&TJ0EluU+jxNHW?l@0)2H8Ivq8|!uj-QL$dB(q?@(`Ia|c~TH7(osM8(B&G+)8*C%
zE1$2PXPH0S&~U2a!?<Aa6DRzR&9l^$IU@Z^vROI)#K8-}M;`Yz?z!OdBB!^tbnxa&
zV%wGOn2d7CJSmxQ6SSq4pG*>I$?V?`78gBeY=*7zmsaBda#9&IWsd<>G2n|Yfv`#?
zPx3Ax=2baE3dpmF&O<CdG&JiiDRPULUw~L1FI2}&%1<6x<8y*^30Pw!<`;8zxit_s
z6>uz}IyC_spn&6w{jHUNU(A=tJz~J-)5`P2;z9w)Tzaqp;Jg~RQoiwsAz+UH<QZl~
zIN%i&K$zMwOn_^*fV?uf8R>wO41ll<4qORL-2*s2R8{o?0wMu<qb@tb$5m-^Z5kk{
z$aF%M8qUyvvlMivq@5jXiF%po{8jQ;$`ne}8d!mM<U*7`X4dcBPXHh;bRO8-?g6i|
znQ3KZ*b|vEw?p6FlNeHQa%viEDNo_70f0uHZ^fV{JY$jHY6(BL!T4pJQ=PZXh}+eB
zl#xDb%}pS#y~eJa!)If7{$y5lbxU*etF=X>&6LM>`v#c>+w<%OT)+Af`g=e9e)o-<
zKWeML@zgKB7d+`PPgq=jYI=ZEU2BMO|E(EA{YsT8MW#+!_8Rg{mUDKVFo-(VjY?2C
zOggpl{<3F7v^Nc!ed5FhE#TS?qS&5L=;f_c@y})}<m`EQZ+ZcsE1RAFTwO}s&-q|u
zx#!Ray#eF6Wq=>U^wdrO*k+&xvw57MS1bhp266rx*Yp*8@)v04Ni5EvR+m4c-w_)?
zQY$JT$&sXKev7$|E3X_NsRxx_Q_^sRKVPGS$+L703ggU#71-XMsmq!5jUpABub$&S
zeX9OLsks#8nqV=fBlfB%q~=Ekeo@XhnL6jF8st&1yrqg+sFn%R>WB@*)<mgGmpcV_
zXp7OE(A5tC)Peq>9Ao5Z|8z^;=Q20RS(mjJ1sKK8cuM0Tqe2woqMveaEYdxOJ>T{;
z#d%gu2$5Wj$ope~B)Z5I0eetLx~`)+J&am%UFC{Q%7aDMHeM0WKKzMVe%*8G9Dl>S
z>DZ~BBnV}RzKOlL{km5smm!PQFtcl>Yfl#suq;@i5_Z|_#_~I}zZNZULLm>?n`o-O
zm=iJ=F1II`T%@fw=P((yBJ1Q7)9V*)p3Qk?^vvB#wOunQ8e_6ZHSAFh%_UtDcUlv&
z>S17WOmkr~x>>PVxofj@jMJK(7r$7)QMY=$W9`BgxfV=|1pO>Z-}XY3RsH4jHnX)t
zHjz@#XIfpgJal<3W>*xh^q_*NSwd?3naV}Z^PPKHSO4JMnO%Qo$-0QAcF#)MjsJ-F
zL%hdRMmA{P!Qx=1`oic1k_(s%Jr`U(Ykp~A<<W)3HVAFxyR&VPvm)8H_8OTQd*_8d
zmOiug%<?me8gQGW<V(q~lV{j=+m_gbByF?amu6&(wr)zA{yaRzHaTX)J8MO2X42}*
zhmx6>**1C?eH{i4OE?so7p^B?w2ZsHy(#AbWCnF%hL@(Yi)>2JE`P0}<=0EA_wLrn
zK0Bb4eN;C&={$~%UW>NNu<Aa|(35OByYtI$ymiyt)Dt7ReUH4B|FH7SO2tbU^DHEN
zi%W8NM7Vv5Ns48P@w;4XT1R5crCh^ohd%$A`o(KkY*}H<3@Muy(`H?5U7skOs9>Rs
z|C9zxc1ch?pKaiI&pom8Z0y}_ezE54#Mj=rZQmB}gAdpYxP43fWGrJZks+fdQ7con
zfN)=HC!3%IFRuM)N#0txhMYh-Ly2e%2+gV>T&OZSZZzu{>%o>LwI;U*ZVxUjmsqa6
z+|1&wMQ4<iMb@R2msXpvHZLxHQW{_SB2p__7x@y^7Tp&8GP>cG<0h|7nwgg~Z_`cF
zn>Sr@=*-M<58Q-vNU*ovv^B#hH70f0i|o|w#My~i>%!Kh#J*q_Ui+B&C^PBS!fP$B
zBx=(#-7@!4m`?MVx9+DEc82AK?Ypz@_<*jY?4jzJDN37^d_8V(<?$QwucOL->(twK
zzbCvM&a^L=D}RM<%A8xWvWOL99bIY6oX^biIM^M0^sw215?BNg7OnW8{$XzOTHdFf
zTN{0zeTs?Bh%V^3Tzj<>+sW!YRCn$P=G@9y2eil2!iVJFEn6z|W}G{NaA~;WyPmw>
zpLw%Q6;6eR+NHj{b}PX%xtH=`KJhb=d#;JtM9_YXdhM|NiFV$thqp@B7qVlw2R4xR
zs}9kIe1<B3M89QXO!341`u>}z^nLN!t9<W-9=?|TIla0=|5#j>{yhDV1E~jE@>7+a
zAHF}Cs@&Ulwk))aH8XI7?;kIoN>W-WM+<#rRs<djv<uQZ!3nlsRDq1p@~o&Mdo&n)
zGYB_$9nD0p$6bZ4)zTm)!*&pAwC`Z<=skcj9G+C!$Jm>?nk~k`G}5r{u6G;yJGu|O
ziFq@lY0vz#@P}JD-sj5-dIA#_l3;T*@!@OCgV*Vt{!?F0<FdlBWnFVUmz|LIE>J39
zs=zC-6~V8_TQrue>oU=>@HzE9G)K!@?LIm|vn4BFMbgO}b6NBHXnd?f)NY6yN*AAt
zJa{Vf<W5quvPD=X^DVQLvAg67JurRnzWdQz@Fiy?AGu_lyfV!JDxFEX^oPwR^_Low
z=}fvE<6i0E$GGs6*j1$+Pck0Yp49&B!?~f3IR$eXPh}<qnb|>=>|1lM?7*cHc6!%J
zH_e;2Drlp`6~gT!nHp|Y>r*=HBGP<wm-|?__;1U9d?5d(n9I8vw$d$u``*>P?AW^A
z9`4X^lkzPnMv*x0@R2n6+W8Ul_P<iE^J-B%#D07)vhMVaq?Dp8S~=qxqrLStG<NgM
z@Z^Zrh?(xP)ipO{8#dnP`1IMZ79LTmUYmU|lbm(o9^rNlJ@HXl>1sWji#9zr-)yj*
z&+2bdUVd?}=v3U3^BMELs&;cu?*Q@9-CA2QTZ<}26}`{2FQZp4?QnAYm+(Hft*PtW
zc6JntKNBC2RGpdmGV6Jj(lcEftB@C~-Wks<UV3*h=7T3x7AtFe{I>^hR5=FT&F#I@
z8+w<>;%jyv+jFH+vU2HeC8iR52Pvv6$|%}8s&BK?<~!@35G!81eeKh4T)TAEZy17u
z_u6ioN35Fm1C?RSuJU6sXJYpG!oJoy*2ZV<X`_}k?3l&=a7T{U_{?zVXxr+X)n!|{
zZu7d*Yg^{p-L{Lmir?<`miLx07*@HyIQzHksI;stE?J#Exi|MPdfOFawae;za=kw)
z485p|#p%}PcKfh<@ArOcP^kCit{5mQ$*%TX(V3dFK4*K+nhyPHa{Zwyz0HGluRhf6
z-;w7T*IiL(+$#}yuzWD|Q^+jxw2;V<k|5cjcd<G|9PW)Ccc8sLkz7tIUmiPuFn+Kk
zZN38B_e<5gmt_@aE6zuBMTFgR+nX@(Ht*fStF;db9xS>0$P10!*0Zs%Bj2;mQ|ZHn
zhFR;I_d@oo4>^Cm{>l1jVqe(8u&|-2;%B@2sc2{|0O)UJ+1T^!EzI#$wi}E>V>{7d
zUTz#P5d{E(o)?Egb)oYhPIM;AU03Bp_B|B{i>9k$r)7b#;E?IgEE69t-P&iJ4b{hm
zileFM5v2)Ucrbt)okxLqxw*P~;JtKJhU4PF-+VJ%1u|TO=c22k&#w?-Z?OSFW^?Hf
zEtnRRia;SD+Bg_e3xh)<H6bVj5)DTp;3ymviNs^H@klIW^rb?S27eK_GzQ+vz-Y8O
z@Sm=VGmpo?!{MHuo-j`|jLl`jkvJR<jzGatC@5G0>f!Cqqj*8xJyb`6jKwjadr-M7
z4v)olhw$T4oY=c~x+*ICioU-_`{l;5u=rk;yT>R!kR#lS!hs`U2)LUYd@`j6&u}*w
zbhMF^Dm`qxIdr%c-GjZ0OQjp`rn~c0Cl6&s|Iy#S5eh6mX&@T)dxJQ;xUR#@XjC}e
zmF@=C?E!WNIcZ-wV^<~L<v%szyL*_&WIX^U%jD8Ah?9wUEXFT-&G-DWF1i=%7c#zQ
zL^eF9MuwUIw#~u<Z@{MR;zKYsAZlSqC>)A}B9n~_budUI2}#DG(K=)l35md9^-%=4
zfaJ%_84YLZ?!lwDQ|VwhurQ3pqT!Kr9Ve_73JIm?XgNW3oG@r8MH{6JMIoHDa9Y|p
z4241)3q4LQ5PChA1uj&I>py7mBvOI!CM*vgo9jJ}5XfnG`B~F<{%jp{xUz<q5r@L{
zp!27+uFBY){=V+MFDt%gcxm7%RQ>`adQf)L!G8Z_`_ZWHx=|5JkSkV4n~G&1Fi<o`
z3klVxVsxN51{Mj$Vi`JA9VY~xibapbA1D8H9iGl~cOtkWVW9{tI65}qj)c;}V{lM}
zHXeZ(3pHHo*Fikk44x;2OV?+DlZrU91^&3WHymAY5F{FgfT-KC+-Yo2kCkJwe-{6`
z5~?%Bok^z=;bX!v!$b)I&fn);S^o{=M`gS3rgM4!#u$S0gaV!sbgl=H!DYKaSZ)+1
z9lnD@XF_=F(SICw=2)M`75^XX7LCqj{W}wLTr0m5f&Aa?-hX-3>CkkX&^RY5ltITZ
zpfoyvH=|N$P&xylqm4vrp|mMZV<RY9b>FwKksrg`>HqGo`S(tvkzM(pjvpF@*V6ib
zw`-2<r9U5rW9PQu;W?IGjBF=H{QZu<760{F2_AT08iyapek_sry9eF``A?hYXmr}Y
zll6==Xq;rSi0proos2}DMEawKF~SBvK#n`i2sA35!RESAc*K#@Wcd8}VH_9dd$Nir
zvt8L-3pR~T1oMN*%#*6X`|=w`Zp#xrtc*zzQ$sQqiNk`K0t`7m%(!yn;(%j_Cv)i(
z9^C+ZPs}n9cob%Ay-X-MAqLoN7Q=gz7(cB!evEM?C&mD;(`XbP<!?n9Uv@&A;r_6>
zHf*-*-%oVDcW+cUE+#*_$D8t#0y`Fs=S;-%ldg%zNz0ql-I<^OjnWz~7`0ARkXSsA
z4Ro$G#f{@iA2*ly87hB?{=C9}+PH~2f0a=E^AeM9FT>scRf`G3-r?*L%&WL8s;N7e
zU2(YJm<^}c;1$bXl$gi{yifqs))6&0tB2L&Z4=9nK;+}x!1AKI@)y*wW}<zf&Ypjv
z;JRzLl}HQ*0lvW70N`s>Ki)r4>+l!a@&1Y0A5vR)7LPavXo7j1iht>dHv~U6f@v%N
zvIT)cfnWs86D7lYj5T<Ng-#qRKF&0;^e{Yo0~UB8I$Q}FJ6gp=$D~4sA3_v3L5JHm
zEF9+;6^=}@arZ%n=l_TmyvqXK;DLX?!}Igfn2^c*$Nv84(SIzYU?5Q?f=q;1M7V^&
z5p;=g2{I945#bU7N6;n0CCEgGMTAQT96^@|mmm`%77;EXa0Fc<T!Ku5SVXvlz!7wb
za0xOIViDmI0!Pp#!X?N=h(&};2pmC|2$vueAr=uXA#em;B3yz@gjhtlguoGWiEs%r
z5n>VH5&}oiCBh}hM2JO%O9&i6mk5_26CoB6E+KFPT_Rk9OoUiOxP-tFbct{YG7(}C
z;SvHz&?Ukp$V7-mgi8n<L6-=ZAQK@L5iTKc1YIIrf=q;1M7V^&5p;=g2{I945#bU7
zN6;n0CCEgGMTAQT96^@|mmm`%7NNMLe>^jR?hZaE!4rHU0{m(v7JQllglb}C0RTSW
zgT4F?0>IZH@VgxVb|C=Zts?;7&jP@F_NndnjQ~JA!qh<D#;c|-T;B}kB46BaRW1yD
z;sm;zfIgKOoSweLATrP_-<Gcb+(}{1JT)u18#|OuDw2t7OrMq=pB8FxGFrh1!LmAa
zMrCC<j*i<sU)&=%H<wZG<^4go#Jh~3H`vx+-uU(7H^rvn{Y%2vC0<QSTbp2&wIyx(
zZZ0=HGjrqWxDD!32jq?$d1Tc!Hd0WL@`l&#HGO4j>*`$D>|zA?aTQONH;iq2`SPXi
zlJYli;%hrTf8Cq!h=?@5d-twy-22wnpeCII5X>T3eYxdf?eE{e-)fGHuCK3;iHYfG
zZ?9<QF*2&1F}ry@otSm!%G-MTnm*oEKT_prY;3G^B24WOLZ%S0Ajl#0g)4S*q^cAN
zB6qE}!{|b2y!vq?apeHHXBZ2)sfL!~;^LB$l380isRwUwfyorAEeMbUpRe=rV{x%@
zJ8#dPT1G}Y4}VI{^i+V{+DMEAb-|0LPZ4NzVRyfx#l3)*ZttV_<E@ftv83~VdJ#T)
z)phJ9OYK~o$cjpmk|~4)R903J%J<iN>+9>2H+-Z$1-P-vjmb>3O4@tSGNnr6%nl9*
zAuqjeUs=vJ_>uUo1OUhil_|WYIRn_BE)RCs_uf!_{Jtrl`}+xaeDcPW$X-%%b6wq*
z<zZiAWz%ooG?WW)70U{gBW2ewk&(FPwsqPR|IAG6k@(ln@#@J53CluF_SU-BRaaNM
z`*bf^SzoTOuuw0g!p<?@@!Iw4mKQ1>ZiASff=Gqa=}V5pFD`EB{<?qKY9i6y%`Nr$
zMH>x^<<@LAyTup)EGomo!ocy`9?-(gx_g(nxOmxY&60Tanudm@$Bn4h&*nRx47u3K
zy16N$<jmRxqU;`T@16LVu6U;fm%t%)cK+k@=Z$Nn0!bDY7F~Z{*EFld0FJJ%?|XWB
z=3d)N)YH-mY`X2r3nVpibUHgbH8KhtuT||Zl$#1b-l3yQSFKvr$gzKYZfV|}!v=PC
z^AAAeNJ&034>b)A4z?{tMLsDi3b0B#y-7;>`MXc5s;Vg|Deb&(U0vzYT^~@FtX3vg
z9*%e3x;3V1M{4K$<HuzW=KDdUOiuxRt*xysEiEQ$bB^9mw(nUgu`;5>%*;&TXhQgs
zqNa~uzk26x3xP-#BDP)Co^zN0zI1iL?rmx_mkX$=f70DwP;j7>(WC>DlafDbXer;2
yBXRfZt}~?!I1E-+UOpqRVCY-@7vsFaMSvmP_@Sg#bus_xD5i$%4AMxB2mS?RWg27v

literal 0
HcmV?d00001

diff --git a/windows/deploy/windows-10-edition-upgrades.md b/windows/deploy/windows-10-edition-upgrades.md
index 8b20a8f77c..df7b532ff3 100644
--- a/windows/deploy/windows-10-edition-upgrades.md
+++ b/windows/deploy/windows-10-edition-upgrades.md
@@ -15,17 +15,17 @@ author: greg-lindsay
 -   Windows 10
 -   Windows 10 Mobile
 
-With Windows 10, you can quickly upgrade from one edition of Windows 10 to another, provided the upgrade path is supported. For information on what edition of Windows 10 is right for you, see [Compare Windows 10 Editions](http://go.microsoft.com/fwlink/p/?LinkID=690882).
+With Windows 10, you can quickly upgrade from one edition of Windows 10 to another, provided the upgrade path is supported. For information on what edition of Windows 10 is right for you, see [Compare Windows 10 Editions](http://go.microsoft.com/fwlink/p/?LinkID=690882). For information about upgrading to Windows 10 from another version of Windows, see [Windows 10 upgrade paths](windows10-upgrade-paths.md).
 
 The following table shows the methods you can use to upgrade editions of Windows 10.
 
 |Method |Home > Pro |Home > Education |Pro > Education |Pro > Enterprise |Ent > Education |Mobile > Mobile Enterprise |
 |-------|-----------|-----------------|----------------|-----------------|----------------|--------|
-| Using mobile device management (MDM) |![unsupported](images/crossmark.png) |![supported](images/checkmark.png) |![supported](images/checkmark.png) |![supported](images/checkmark.png) |![supported](images/checkmark.png) |![supported](images/checkmark.png) |
-| Using a provisioning package |![unsupported](images/crossmark.png) |![supported](images/checkmark.png) |![supported](images/checkmark.png) |![supported](images/checkmark.png) |![supported](images/checkmark.png) |![supported](images/checkmark.png) |
-| Using a command-line tool |![unsupported](images/crossmark.png) |![supported](images/checkmark.png) |![supported](images/checkmark.png) |![supported](images/checkmark.png) |![supported](images/checkmark.png) |![unsupported](images/crossmark.png) |
-| Entering a product key manually |![supported](images/checkmark.png) |![supported](images/checkmark.png) |![supported](images/checkmark.png) |![supported](images/checkmark.png) |![supported](images/checkmark.png) |![unsupported](images/crossmark.png) |
-| Purchasing a license from the Windows Store |![supported](images/checkmark.png) |![unsupported](images/crossmark.png) |![unsupported](images/crossmark.png) |![unsupported](images/crossmark.png) |![unsupported](images/crossmark.png) |![unsupported](images/crossmark.png) |
+| Using mobile device management (MDM) |![unsupported](images/x_blk.png) |![supported](images/check_grn.png) |![supported](images/check_grn.png) |![supported](images/check_grn.png) |![supported](images/check_grn.png) |![supported](images/check_grn.png) |
+| Using a provisioning package |![unsupported](images/x_blk.png) |![supported](images/check_grn.png) |![supported](images/check_grn.png) |![supported](images/check_grn.png) |![supported](images/check_grn.png) |![supported](images/check_grn.png) |
+| Using a command-line tool |![unsupported](images/x_blk.png) |![supported](images/check_grn.png) |![supported](images/check_grn.png) |![supported](images/check_grn.png) |![supported](images/check_grn.png) |![unsupported](images/x_blk.png) |
+| Entering a product key manually |![supported](images/check_grn.png) |![supported](images/check_grn.png) |![supported](images/check_grn.png) |![supported](images/check_grn.png) |![supported](images/check_grn.png) |![unsupported](images/x_blk.png) |
+| Purchasing a license from the Windows Store |![supported](images/check_grn.png) |![unsupported](images/x_blk.png) |![unsupported](images/x_blk.png) |![unsupported](images/x_blk.png) |![unsupported](images/x_blk.png) |![unsupported](images/x_blk.png) |
 
 **Note**<br>Each desktop edition in the table also has an N and KN edition. These editions have had media-related functionality removed. Devices with N or KN editions installed can be upgraded to corresponding N or KN editions using the same methods.
 
diff --git a/windows/deploy/windows-10-upgrade-paths.md b/windows/deploy/windows-10-upgrade-paths.md
new file mode 100644
index 0000000000..f0e1c5cc88
--- /dev/null
+++ b/windows/deploy/windows-10-upgrade-paths.md
@@ -0,0 +1,151 @@
+---
+title: Windows 10 upgrade paths (Windows 10)
+description: You can upgrade to Windows 10 from a previous version of Windows, providing the upgrade path is supported.
+ms.prod: w10
+ms.mktglfcycl: deploy
+ms.sitesec: library
+ms.pagetype: mobile
+author: greg-lindsay
+---
+
+# Windows 10 upgrade paths
+**Applies to**
+
+-   Windows 10
+-   Windows 10 Mobile
+
+The following table shows the available upgrade paths for Windows 10.
+
+<table border="1" cellpadding="3">
+    <tr>
+        <td>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</td>
+        <td>From</td>
+        <td>To</td>
+    </tr>
+    <tr>
+        <td BGCOLOR="#a0e4fa" colspan="3">Windows Vista</td>
+    </tr>
+    <tr>
+        <td></td>
+        <td>Windows Vista (all versions)</td>
+        <td>&nbsp;X&nbsp;</td>
+    </tr>
+    <tr>
+        <td BGCOLOR="#a0e4fa" colspan="3">Windows 7</td>
+    </tr>
+    <tr>
+        <td></td>
+        <td>Windows 7 Starter</td>
+        <td rowspan="3">Windows 10 Home</td>
+    </tr>
+    <tr>
+        <td>&nbsp;</td>
+        <td>Windows 7 Home Basic</td>
+    </tr>
+    <tr>
+        <td>&nbsp;</td>
+        <td>Windows 7 Home Premium</td>
+    </tr>
+    <tr>
+        <td></td>
+        <td>Windows 7 Professional</td>
+        <td rowspan="2">Windows 10 Pro</td>
+    </tr>
+    <tr>
+        <td>&nbsp;</td>
+        <td>Windows 7 Ultimate</td>
+    </tr>
+	    <tr>
+	        <td></td>
+	        <td>Windows 7 Enterprise<sup>1</sup></td>
+	        <td>Windows 10 Enterprise</td>
+       </tr>
+        <tr>
+	        <td BGCOLOR="#a0e4fa" colspan="3">Windows 8/8.1</td>
+	    </tr>
+	    <tr>
+	        <td></td>
+	        <td>Windows Phone 8.0</td>
+	        <td>&nbsp;X&nbsp;</td>
+       </tr>
+	    <tr>
+	        <td></td>
+	        <td>Windows Phone 8.1</td>
+	        <td>Windows 10 Mobile</td>
+       </tr>
+	    <tr>
+	        <td></td>
+	        <td>Windows 8/8.1</td>
+	        <td>Windows 10 Home</td>
+       </tr>
+    <tr>
+        <td></td>
+        <td>Windows 8/8.1 Pro Professional</td>
+        <td rowspan="2">Windows 10 Pro</td>
+    </tr>
+    <tr>
+        <td>&nbsp;</td>
+        <td>Windows 8/8.1 Pro for Students</td>
+    </tr>
+	    <tr>
+	        <td></td>
+	        <td>Windows 8/8.1 Enterprise<sup>1</sup></td>
+	        <td>Windows 10 Enterprise</td>
+       </tr>
+	    <tr>
+	        <td></td>
+	        <td>Windows RT</td>
+	        <td>&nbsp;X&nbsp;</td>
+       </tr>
+        <tr>
+	        <td BGCOLOR="#a0e4fa" colspan="3">Windows 10</td>
+	    </tr>
+	    <tr>
+	        <td></td>
+	        <td>Windows 10 Home</td>
+	        <td>Windows 10 Pro<BR>Windows 10 Education</td>
+       </tr>
+	    <tr>
+	        <td></td>
+	        <td>Windows 10 Pro</td>
+	        <td>Windows 10 Education<BR>Windows 10 Enterprise</td>
+       </tr>
+       	<tr>
+	   	    <td></td>
+	   	    <td>Windows 10 Enterprise</td>
+	   	    <td>Windows 10 Education</td>
+       </tr>
+       	<tr>
+	   	    <td></td>
+	   	    <td>Windows 10 Education</td>
+	   	    <td>&nbsp;X&nbsp;</td>
+       </tr>
+       	<tr>
+	   	    <td></td>
+	   	    <td>Windows 10 Mobile</td>
+	   	    <td>Windows 10 Mobile Enterprise</td>
+       </tr>
+       	<tr>
+	   	    <td></td>
+	   	    <td>Windows 10 Mobile Enterprise</td>
+	   	    <td>&nbsp;X&nbsp;</td>
+       </tr>
+       	<tr>
+	   	    <td></td>
+	   	    <td>Windows 10 IoT</td>
+	   	    <td>&nbsp;X&nbsp;</td>
+       </tr>
+</table>
+
+**Upgrade notes**<br>The following restrictions are associated with the indicated upgrade paths. 
+
+ <sup>1</sup>Upgrade of Windows 7/8/8.1 Enterprise to Windows 10 Enterprise is not available using the Windows Update free upgrade offer, expiring 7/29/2016.
+
+ 
+
+ 
+
+
+
+
+

From 5428dff4ade5da869b5f9f3696850810ef14dd32 Mon Sep 17 00:00:00 2001
From: Greg Lindsay <greglin@microsoft.com>
Date: Mon, 20 Jun 2016 16:20:37 -0700
Subject: [PATCH 17/32] added to index

---
 windows/deploy/index.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/windows/deploy/index.md b/windows/deploy/index.md
index c6b8e27ed1..d4254111b1 100644
--- a/windows/deploy/index.md
+++ b/windows/deploy/index.md
@@ -23,6 +23,7 @@ Learn about deploying Windows 10 for IT professionals.
 |[Upgrade to Windows 10 with System Center Configuration Manager](upgrade-to-windows-10-with-system-center-configuraton-manager.md) |The simplest path to upgrade PCs currently running Windows 7, Windows 8, or Windows 8.1 to Windows 10 is through an in-place upgrade. You can use a System Center Configuration Manager task sequence to completely automate the process. |
 |[Configure a PXE server to load Windows PE](configure-a-pxe-server-to-load-windows-pe.md) |This guide describes how to configure a PXE server to load Windows PE by booting a client computer from the network. |
 |[Windows 10 edition upgrade](windows-10-edition-upgrades.md) |With Windows 10, you can quickly upgrade from one edition of Windows 10 to another, provided the upgrade path is supported. |
+|[Windows 10 upgrade paths](windows-10-upgrade-paths.md) |You can upgrade directly to Windows 10 from a previous operating system. |
 |[Deploy Windows To Go in your organization](deploy-windows-to-go.md) |This topic helps you to deploy Windows To Go in your organization. Before you begin deployment, make sure that you have reviewed the topics [Windows To Go: feature overview](../plan/windows-to-go-overview.md) and [Prepare your organization for Windows To Go](../plan/prepare-your-organization-for-windows-to-go.md) to ensure that you have the correct hardware and are prepared to complete the deployment. You can then use the steps in this topic to start your Windows To Go deployment. |
 |[Update Windows 10 images with provisioning packages](update-windows-10-images-with-provisioning-packages.md) |Use a provisioning package to apply settings, profiles, and file assets to a Windows 10 image. |
 |[Upgrade a Windows Phone 8.1 to Windows 10 Mobile with Mobile Device Management](upgrade-windows-phone-8-1-to-10.md) |This topic describes how to upgrade eligible Windows Phone 8.1 devices to Windows 10 Mobile. |

From 77998e826b9afcb23951710dc5dd2a8b3805471d Mon Sep 17 00:00:00 2001
From: Greg Lindsay <greglin@microsoft.com>
Date: Tue, 21 Jun 2016 10:30:16 -0700
Subject: [PATCH 18/32] fixed link

---
 windows/deploy/windows-10-edition-upgrades.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/deploy/windows-10-edition-upgrades.md b/windows/deploy/windows-10-edition-upgrades.md
index df7b532ff3..a5ec204a39 100644
--- a/windows/deploy/windows-10-edition-upgrades.md
+++ b/windows/deploy/windows-10-edition-upgrades.md
@@ -15,7 +15,7 @@ author: greg-lindsay
 -   Windows 10
 -   Windows 10 Mobile
 
-With Windows 10, you can quickly upgrade from one edition of Windows 10 to another, provided the upgrade path is supported. For information on what edition of Windows 10 is right for you, see [Compare Windows 10 Editions](http://go.microsoft.com/fwlink/p/?LinkID=690882). For information about upgrading to Windows 10 from another version of Windows, see [Windows 10 upgrade paths](windows10-upgrade-paths.md).
+With Windows 10, you can quickly upgrade from one edition of Windows 10 to another, provided the upgrade path is supported. For information on what edition of Windows 10 is right for you, see [Compare Windows 10 Editions](http://go.microsoft.com/fwlink/p/?LinkID=690882). For information about upgrading to Windows 10 from another version of Windows, see [Windows 10 upgrade paths](windows-10-upgrade-paths.md).
 
 The following table shows the methods you can use to upgrade editions of Windows 10.
 

From 532dc89591a21bdbe52433b978752e8bd84d40e3 Mon Sep 17 00:00:00 2001
From: Jan Backstrom <v-jaback@microsoft.com>
Date: Thu, 23 Jun 2016 14:27:20 -0700
Subject: [PATCH 19/32] fix figure titles

---
 .../manage-surface-dock-firmware-updates.md   |  2 +-
 .../surface/manage-surface-uefi-settings.md   | 32 +++++++++----------
 .../surface/microsoft-surface-data-eraser.md  | 20 ++++++------
 ...-by-step-surface-deployment-accelerator.md | 10 +++---
 devices/surface/surface-dock-updater.md       | 32 +++++++++----------
 5 files changed, 48 insertions(+), 48 deletions(-)

diff --git a/devices/surface/manage-surface-dock-firmware-updates.md b/devices/surface/manage-surface-dock-firmware-updates.md
index 9428200756..f11c5fefe8 100644
--- a/devices/surface/manage-surface-dock-firmware-updates.md
+++ b/devices/surface/manage-surface-dock-firmware-updates.md
@@ -43,7 +43,7 @@ The Surface Dock firmware update process shown in Figure 1 follows these steps:
 
 8.  When the Surface Dock is disconnected for a second time, the Surface dock installs the firmware update to the DisplayPort chipset. This process takes up to 3 minutes to apply.
 
-![figure 1](images/manage-surface-dock-fig1-updateprocess.png)
+![Surface Dock firmware update process](images/manage-surface-dock-fig1-updateprocess.png "Surface Dock firmware update process")
 
 *1- Driver installation can be performed by Windows Update, manual installation, or automatically downloaded with Microsoft Surface Dock Updater*
 
diff --git a/devices/surface/manage-surface-uefi-settings.md b/devices/surface/manage-surface-uefi-settings.md
index 44428903c1..e36486bfa4 100644
--- a/devices/surface/manage-surface-uefi-settings.md
+++ b/devices/surface/manage-surface-uefi-settings.md
@@ -39,9 +39,9 @@ You will also find detailed information about the firmware of your Surface devic
 
 - Touch Firmware 
 
-*Figure 1. System information and firmware version information*
+![System information and firmware version information](images/manage-surface-uefi-figure-1.png "System information and firmware version information")
 
-![figure 1](images/manage-surface-uefi-figure-1.png)
+*Figure 1. System information and firmware version information*
 
 You can find up-to-date information about the latest firmware version for your Surface device in the [Surface Update History](https://www.microsoft.com/surface/en-us/support/install-update-activate/surface-update-history) for your device. 
 
@@ -59,21 +59,21 @@ On the **Security** page of Surface UEFI settings, you can set a password to pro
 
 The password must be at least 6 characters and is case sensitive. 
 
-*Figure 2. Add a password to protect Surface UEFI settings*
+![Add a password to protect Surface UEFI settings](images/manage-surface-uefi-fig2.png "Add a password to protect Surface UEFI settings")
 
-![figure 2](images/manage-surface-uefi-fig2.png)
+*Figure 2. Add a password to protect Surface UEFI settings*
 
 On the **Security** page you can also change the configuration of Secure Boot on your Surface device. Secure Boot technology prevents unauthorized boot code from booting on your Surface device, which protects against bootkit and rootkit-type malware infections. You can disable Secure Boot to allow your Surface device to boot third-party operating systems or bootable media. You can also configure Secure Boot to work with third-party certificates, as shown in Figure 3. Read more about [Secure Boot](https://msdn.microsoft.com/windows/hardware/commercialize/manufacture/desktop/secure-boot-overview) in the TechNet Library.
 
-*Figure 3. Configure Secure Boot* 
+![Configure Secure Boot](images/manage-surface-uefi-fig3.png "Configure Secure Boot")
 
-![figure 3](images/manage-surface-uefi-fig3.png)
+*Figure 3. Configure Secure Boot*
 
 You can also enable or disable the Trusted Platform Module (TPM) device on the **Security** page, as shown in Figure 4. The TPM is used to authenticate encryption for your device’s data with BitLocker. Read more about [BitLocker](https://technet.microsoft.com/en-us/itpro/windows/keep-secure/bitlocker-overview) in the TechNet Library. 
 
-*Figure 4. Configure Surface UEFI security settings*
+![Configure Surface UEFI security settings](images/manage-surface-uefi-fig4.png "Configure Surface UEFI security settings")
 
-![figure 4](images/manage-surface-uefi-fig4.png)
+*Figure 4. Configure Surface UEFI security settings*
 
 ##Devices 
 
@@ -95,9 +95,9 @@ On the **Devices** page you can enable or disable specific devices and component
 
 Each device is listed with a slider button that you can move to **On** (enabled) or **Off** (disabled) position, as shown in Figure 5. 
 
-*Figure 5. Enable and disable specific devices*
+![Enable and disable specific devices](images/manage-surface-uefi-fig5.png "Enable and disable specific devices")
 
-![figure 5](images/manage-surface-uefi-fig5.png)
+*Figure 5. Enable and disable specific devices*
 
 ##Boot configuration 
 
@@ -115,9 +115,9 @@ You can boot from a specific device immediately, or you can swipe left on that d
 
 For the specified boot order to take effect, you must set the **Enable Alternate Boot Sequence** option to **On**, as shown in Figure 6. 
 
-*Figure 6. Configure the boot order for your Surface device* 
+![Configure the boot order for your Surface device](images/manage-surface-uefi-fig6.png "Configure the boot order for your Surface device")
 
-![figure 6](images/manage-surface-uefi-fig6.png)
+*Figure 6. Configure the boot order for your Surface device* 
 
 You can also turn on and off IPv6 support for PXE with the **Enable IPv6 for PXE Network Boot** option, for example when performing a Windows deployment using PXE where the PXE server is configured for IPv4 only.  
 
@@ -125,14 +125,14 @@ You can also turn on and off IPv6 support for PXE with the **Enable IPv6 for PXE
 
 The **About** page displays regulatory information, such as compliance with FCC rules, as shown in Figure 7. 
 
-*Figure 7. Regulatory information is displayed on the About page*
+![Regulatory information displayed on the About page](images/manage-surface-uefi-fig7.png "Regulatory information displayed on the About page")
 
-![figure 7](images/manage-surface-uefi-fig7.png)
+*Figure 7. Regulatory information displayed on the About page*
 
 ##Exit 
 
 Use the **Restart Now** button on the **Exit** page to exit UEFI settings, as shown in Figure 8. 
 
-*Figure 8. Click Restart Now to exit Surface UEFI and restart the device*
+![Exit Surface UEFI and restart the device](images/manage-surface-uefi-fig8.png "Exit Surface UEFI and restart the device")
 
-![figure 8](images/manage-surface-uefi-fig8.png)
+*Figure 8. Click Restart Now to exit Surface UEFI and restart the device*
diff --git a/devices/surface/microsoft-surface-data-eraser.md b/devices/surface/microsoft-surface-data-eraser.md
index 6f76da2a15..1fde46555c 100644
--- a/devices/surface/microsoft-surface-data-eraser.md
+++ b/devices/surface/microsoft-surface-data-eraser.md
@@ -65,24 +65,24 @@ After the creation tool is installed, follow these steps to create a Microsoft S
 
 3.  Click **Start** to acknowledge that you have a USB stick of at least 4 GB connected, as shown in Figure 1.
 
-    ![figure 1](images/dataeraser-start-tool.png)
+    ![Start the Microsoft Surface Data Eraser tool](images/dataeraser-start-tool.png "Start the Microsoft Surface Data Eraser tool")
 
-    Figure 1. Start the Microsoft Surface Data Eraser tool
+    *Figure 1. Start the Microsoft Surface Data Eraser tool*
 
 4.  Select the USB drive of your choice from the **USB Thumb Drive Selection** page as shown in Figure 2, and then click **Start** to begin the USB creation process. The drive you select will be formatted and any existing data on this drive will be lost.
   >**Note:**&nbsp;&nbsp;If the Start button is disabled, check that your removable drive has a total capacity of at least 4 GB.
   
-    ![figure 2](images/dataeraser-usb-selection.png)
+    ![USB thumb drive selection](images/dataeraser-usb-selection.png "USB thumb drive selection")
 
-    Figure 2. USB thumb drive selection
+    *Figure 2. USB thumb drive selection*
 
 5.  After the creation process is finished, the USB drive has been formatted and all binaries are copied to the USB drive. Click **Success**.
 
 6.  When the **Congratulations** screen is displayed, you can eject and remove the thumb drive. This thumb drive is now ready to be inserted into a Surface device, booted from, and wipe any data on the device. Click **Complete** to finish the USB creation process, as shown in Figure 3.
 
-    ![figure 3](images/dataeraser-complete-process.png)
+    ![Surface Data Eraser USB creation process](images/dataeraser-complete-process.png "Surface Data Eraser USB creation process")
 
-    Figure 3. Complete the Microsoft Surface Data Eraser USB creation process
+    *Figure 3. Complete the Microsoft Surface Data Eraser USB creation process*
 
 7.  Click **X** to close Microsoft Surface Data Eraser.
 
@@ -105,9 +105,9 @@ After you create a Microsoft Surface Data Eraser USB stick, you can boot a suppo
 
 3.  When the Surface device boots, a **SoftwareLicenseTerms** text file is displayed.
 
-    ![](images/data-eraser-3.png)
+    ![Booting the Microsoft Surface Data Eraser USB stick](images/data-eraser-3.png "Booting the Microsoft Surface Data Eraser USB stick")
 
-    Figure 4. Booting the Microsoft Surface Data Eraser USB stick
+    *Figure 4. Booting the Microsoft Surface Data Eraser USB stick*
 
 4.  Read the software license terms, and then close the notepad file.
 
@@ -123,9 +123,9 @@ After you create a Microsoft Surface Data Eraser USB stick, you can boot a suppo
 
 7.  If you typed **S** to begin the data erase process, the partition that will be erased is displayed, as shown in Figure 5. If this is correct, press **Y** to continue, or **N** to shut down the device.
 
-    ![](images/sda-fig5-erase.png)
+    ![Partition to be erased is displayed](images/sda-fig5-erase.png "Partition to be erased is displayed")
 
-    Figure 5. Partition to be erased is displayed in Microsoft Surface Data Eraser
+    *Figure 5. Partition to be erased is displayed in Microsoft Surface Data Eraser*
 
 8.  If you pressed **Y** in step 7, due to the destructive nature of the data erasure process, an additional dialog box is displayed to confirm your choice.
 
diff --git a/devices/surface/step-by-step-surface-deployment-accelerator.md b/devices/surface/step-by-step-surface-deployment-accelerator.md
index d6eb5d208f..016c7ddfbd 100644
--- a/devices/surface/step-by-step-surface-deployment-accelerator.md
+++ b/devices/surface/step-by-step-surface-deployment-accelerator.md
@@ -60,7 +60,7 @@ The following steps show you how to create a deployment share for Windows 10 th
   >**Note:**&nbsp;&nbsp;As of SDA version 1.96.0405, SDA will install only the components of the Windows ADK that are required for deployment, as follows:
     * Deployment tools
     * User State Migration Tool (USMT)
-    * Windows Preinstallation Environment (WinPE)</br>
+    * Windows Preinstallation Environment (WinPE)</br></br>
 
   >**Note:**&nbsp;&nbsp;As of SDA version 1.96.0405, SDA will install and use MDT 2013 Update 2. Earlier versions of SDA are compatible only with MDT 2013 Update 1.
 
@@ -116,7 +116,7 @@ The following steps show you how to create a deployment share for Windows 10 th
 
     ![The installatin progress window](images/sdasteps-fig5-installwindow.png "The installatin progress window")
 
-    *Figure 5. The **Installation Progress** window*
+    *Figure 5. The Installation Progress window*
 
 8.  When the SDA process completes the creation of your deployment share, a **Success** window is displayed. Click **Finish** to close the window. At this point your deployment share is now ready to perform a Windows deployment to Surface devices.
 
@@ -250,7 +250,7 @@ After you have prepared the USB drive for boot, the next step is to generate off
 
     ![Select the Update Media Content option](images/sdasteps-fig12-updatemedia.png "Select the Update Media Content option")
     
-    *Figure 12. Select the **Update Media Content** option*
+    *Figure 12. Select the Update Media Content option*
 
 22. The **Update Media Content** window is displayed and shows the progress as the media files are created. When the process completes, click **Finish.**
 
@@ -358,7 +358,7 @@ To run the Deploy Microsoft Surface task sequence:
 
     ![Select the task sequence](images/sdasteps-fig15-deploy.png "Select the task sequence")
 
-    *Figure 15. Select the **1 – Deploy Microsoft Surface** task sequence*
+    *Figure 15. Select the 1 – Deploy Microsoft Surface task sequence*
 
 2.  On the **Computer Details** page, type a name for the Surface device in the **Computer Name** box. In the **Join a domain** section, type your domain name and credentials as shown in Figure 16, and then click **Next**.
 
@@ -378,7 +378,7 @@ To run the Deploy Microsoft Surface task sequence:
 
     ![Installation progress window](images/sdasteps-fig17-installprogresswindow.png "Installation progress window")
 
-    *Figure 17. The **Installation Progress** window*
+    *Figure 17. The Installation Progress window*
 
 8.  When the deployment task sequence completes, a **Success** window is displayed. Click **Finish** to complete the deployment and begin using your Surface device.
 
diff --git a/devices/surface/surface-dock-updater.md b/devices/surface/surface-dock-updater.md
index ea56c4cc95..4020a499aa 100644
--- a/devices/surface/surface-dock-updater.md
+++ b/devices/surface/surface-dock-updater.md
@@ -34,15 +34,15 @@ To update a Surface Dock with Microsoft Surface Dock Updater, follow these steps
 
     -   If the tool determines that the firmware of your Surface Dock is up to date, a **You have the latest firmware for this Surface Dock** message is displayed, as shown in Figure 1.
 
-        ![figure 1](images/surfacedockupdater-fig1-uptodate-568pix.png)
+        ![Screen that shows your Surface Dock firmware is up to date](images/surfacedockupdater-fig1-uptodate-568pix.png "Screen that shows your Surface Dock firmware is up to date")
 
-        Figure 1. Your Surface Dock firmware is up to date.
+        *Figure 1. Your Surface Dock firmware is up to date*
 
     -   If Microsoft Surface Dock Updater determines that the firmware of your Surface Dock is not up to date, a **This Surface Dock is not running the latest firmware** message is displayed, as shown in Figure 2.
 
-        ![figure 2](images/surfacedockupdater-fig2a-needsupdating.png)
+        ![Screen that shows your Surface Dock firmware needs to be updated](images/surfacedockupdater-fig2a-needsupdating.png "Screen that shows your Surface Dock firmware needs to be updated")
 
-        Figure 2. Your Surface Dock firmware needs to be updated
+        *Figure 2. Your Surface Dock firmware needs to be updated*
 
 3.  To begin the firmware update process, click **Update** on the **Surface Dock Firmware** page.
 
@@ -50,27 +50,27 @@ To update a Surface Dock with Microsoft Surface Dock Updater, follow these steps
 
 5.  As the firmware update is uploaded to the Surface Dock, a **Progress** page is displayed, as shown in Figure 3. Do not disconnect the Surface Dock while firmware is being uploaded.
 
-    ![figure 3](images/surfacedockupdater-fig3-progress.png)
+    ![Progress of firmware update upload](images/surfacedockupdater-fig3-progress.png "Progress of firmware update upload")
 
-    Figure 3. Progress of firmware update upload to Surface Dock
+    *Figure 3. Progress of firmware update upload to Surface Dock*
 
 6.  After the firmware update has successfully uploaded to the Surface Dock, you are prompted to disconnect and then reconnect the Surface Dock from the Surface device, as shown in Figure 4. The main chipset firmware update will be applied while the Surface Dock is disconnected.
 
-    ![figure 4](images/surfacedockupdater-fig4-disconnect.png)
+    ![Disconnect and reconnect Surface Dock when prompted](images/surfacedockupdater-fig4-disconnect.png "Disconnect and reconnect Surface Dock when prompted")
 
-    Figure 4. Disconnect and reconnect Surface Dock when prompted
+    *Figure 4. Disconnect and reconnect Surface Dock when prompted*
 
 7.  When the main chipset firmware update is verified, the DisplayPort chipset firmware update will be uploaded to the Surface Dock. Upon completion, a **Success** page is displayed and you will again be prompted to disconnect the Surface Dock, as shown in Figure 5.
 
-    ![figure 5](images/surfacedockupdater-fig5-success.png)
+    ![Screen showing successful upload](images/surfacedockupdater-fig5-success.png "Screen showing successful upload")
 
-    Figure 5. Successful upload of Surface Dock firmware
+    *Figure 5. Successful upload of Surface Dock firmware*
 
 8.  After you disconnect the Surface Dock the DisplayPort firmware update will be installed. This process occurs on the Surface Dock hardware while it is disconnected. The Surface Dock must remain powered for up to 3 minutes after it has been disconnected for the firmware update to successfully install. An **Update in Progress** page is displayed (as shown in Figure 6), with a countdown timer to show the estimated time remaining to complete the firmware update installation.
 
-    ![figure 6](images/surfacedockupdater-fig6-countdown.png)
+    ![Countdown timer to complete firmware installation](images/surfacedockupdater-fig6-countdown.png "Countdown timer to complete firmware installation")
 
-    Figure 6. Countdown timer to complete firmware installation on Surface Dock
+    *Figure 6. Countdown timer to complete firmware installation on Surface Dock*
 
 9.  If you want to update multiple Surface Docks in one sitting, you can click the **Update another Surface Dock** button to begin the process on the next Surface Dock.
 
@@ -83,9 +83,9 @@ To update a Surface Dock with Microsoft Surface Dock Updater, follow these steps
 
 If the Surface Dock firmware update process encounters an installation error with either firmware update, the **Encountered an unexpected error** page may be displayed, as shown in Figure 7.
 
-![figure 7](images/surfacedockupdater-fig7-error.png)
+![Firmware update installation error](images/surfacedockupdater-fig7-error.png "Firmware update installation error")
 
-Figure 7. Firmware update installation has encountered an error
+*Figure 7. Firmware update installation has encountered an error*
 
 Microsoft Surface Dock Updater logs its progress into the Event Log, as shown in Figure 8. If you need to troubleshoot an update through this tool, you will find Surface Dock events recorded with the following event IDs:
 
@@ -97,9 +97,9 @@ Microsoft Surface Dock Updater logs its progress into the Event Log, as shown in
 | 12105    | Error                                                    |
 
 
-Figure 8. Surface Dock Updater events in Event Viewer
+![Surface Dock Updater events in Event Viewer](images/surfacedockupdater-fig8-737test.png "Surface Dock Updater events in Event Viewer")
 
-![figure 8](images/surfacedockupdater-fig8-737test.png)
+*Figure 8. Surface Dock Updater events in Event Viewer*
 
 
 ## Related topics

From e735a0ec8c506208675d80afc7e2c0d4ade91bfc Mon Sep 17 00:00:00 2001
From: JanKeller1 <v-jak@microsoft.com>
Date: Thu, 23 Jun 2016 14:39:58 -0700
Subject: [PATCH 20/32] Updated 2 lines of Tbl 3, added headings

---
 windows/keep-secure/device-guard-deployment-guide.md | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/windows/keep-secure/device-guard-deployment-guide.md b/windows/keep-secure/device-guard-deployment-guide.md
index f98d7216ea..cefd614f3c 100644
--- a/windows/keep-secure/device-guard-deployment-guide.md
+++ b/windows/keep-secure/device-guard-deployment-guide.md
@@ -752,7 +752,7 @@ To modify the policy rule options of an existing code integrity policy, use the
 
 You can set several rule options within a code integrity policy. Table 2 lists each rule and its high-level meaning.
 
-Table 2. Code integrity policy - policy rule options
+#### Table 2. Code integrity policy - policy rule options
 
 | Rule option | Description |
 |------------ | ----------- |
@@ -769,15 +769,15 @@ Table 2. Code integrity policy - policy rule options
 | **10 Enabled:Boot Audit on Failure** | Used when the code integrity policy is in enforcement mode. When a driver fails during startup, the code integrity policy will be placed in audit mode so that Windows will load. Administrators can validate the reason for the failure in the CodeIntegrity event log. |
 File rule levels allow administrators to specify the level at which they want to trust their applications. This level of trust could be as low as the hash of each binary and as high as a PCA certificate. File rule levels are specified both when you create a new code integrity policy from a scan and when you create a policy from audit events. In addition, to combine rule levels found in multiple policies, you can merge the policies. When merged, code integrity policies combine their file rules. Each file rule level has its benefit and disadvantage. Use Table 3 to select the appropriate protection level for your available administrative resources and Device Guard deployment scenario.
 
-Table 3. Code integrity policy - file rule levels
+#### Table 3. Code integrity policy - file rule levels
 
 | Rule level | Description |
 |----------- | ----------- |
 | **Hash** | Specifies individual hash values for each discovered binary. Although this level is specific, it can cause additional administrative overhead to maintain the current product versions’ hash values. Each time a binary is updated, the hash value changes, therefore requiring a policy update. |
 | **FileName** | Specifies individual binary file names. Although the hash values for an application are modified when updated, the file names are typically not. This offers less specific security than the hash level but does not typically require a policy update when any binary is modified. |
-| **SignedVersion** | This combines the publisher rule with a file version number. This option allows anything from the specified publisher, with a file version at or above the specified version number, to run. |
+| **SignedVersion** | This combines the publisher rule with a version number. This option allows anything from the specified publisher, with a version at or above the specified version number, to run. |
 | **Publisher** | This is a combination of the PCA certificate and the common name (CN) on the leaf certificate. In the scenario that a PCA certificate is used to sign multiple companies’ applications (such as VeriSign), this rule level allows organizations to trust the PCA certificate but only for the company whose name is on the leaf certificate (for example, Intel for device drivers). This level trusts a certificate with a long validity period but only when combined with a trusted leaf certificate. |
-| **FilePublisher** | This is a combination of the publisher file rule level and the SignedVersion rule level. Any signed file from the trusted publisher that is the specified version or newer is trusted. |
+| **FilePublisher** | This is a combination of “FileName” plus “Publisher” (PCA certificate with CN of leaf) plus a minimum version number. This option trusts specific files from the specified publisher, with a version at or above the specified version number. |
 | **LeafCertificate** | Adds trusted signers at the individual signing certificate level. The benefit of using this level versus the individual hash level is that new versions of the product will have different hash values but typically the same signing certificate. Using this level, no policy update would be needed to run the new version of the application. However, leaf certificates have much shorter validity periods than PCA certificates, so additional administrative overhead is associated with updating the code integrity policy when these certificates expire. |
 | **PcaCertificate** | Adds the highest certificate in the provided certificate chain to signers. This is typically one certificate below the root certificate, because the scan does not validate anything above the presented signature by going online or checking local root stores. |
 | **RootCertificate** | Currently unsupported. |

From 994e2f2e6315f4eb02871a69db21b85bfcbaa6a3 Mon Sep 17 00:00:00 2001
From: Greg Lindsay <greglin@microsoft.com>
Date: Thu, 23 Jun 2016 15:30:31 -0700
Subject: [PATCH 21/32] completed new topic

---
 windows/deploy/windows-10-edition-upgrades.md |   4 +-
 windows/deploy/windows-10-upgrade-paths.md    | 406 +++++++++++++++---
 2 files changed, 338 insertions(+), 72 deletions(-)

diff --git a/windows/deploy/windows-10-edition-upgrades.md b/windows/deploy/windows-10-edition-upgrades.md
index a5ec204a39..cbc6ee73c5 100644
--- a/windows/deploy/windows-10-edition-upgrades.md
+++ b/windows/deploy/windows-10-edition-upgrades.md
@@ -15,9 +15,9 @@ author: greg-lindsay
 -   Windows 10
 -   Windows 10 Mobile
 
-With Windows 10, you can quickly upgrade from one edition of Windows 10 to another, provided the upgrade path is supported. For information on what edition of Windows 10 is right for you, see [Compare Windows 10 Editions](http://go.microsoft.com/fwlink/p/?LinkID=690882). For information about upgrading to Windows 10 from another version of Windows, see [Windows 10 upgrade paths](windows-10-upgrade-paths.md).
+With Windows 10, you can quickly upgrade from one edition of Windows 10 to another, provided the upgrade path is supported. For information on what edition of Windows 10 is right for you, see [Compare Windows 10 Editions](http://go.microsoft.com/fwlink/p/?LinkID=690882). For a comprehensive list of all possible upgrade paths to Windows 10, see [Windows 10 upgrade paths](windows-10-upgrade-paths.md).
 
-The following table shows the methods you can use to upgrade editions of Windows 10.
+The following table shows the methods and paths available to change the edition of Windows 10 that is running on your computer.
 
 |Method |Home > Pro |Home > Education |Pro > Education |Pro > Enterprise |Ent > Education |Mobile > Mobile Enterprise |
 |-------|-----------|-----------------|----------------|-----------------|----------------|--------|
diff --git a/windows/deploy/windows-10-upgrade-paths.md b/windows/deploy/windows-10-upgrade-paths.md
index f0e1c5cc88..b2ad80ac12 100644
--- a/windows/deploy/windows-10-upgrade-paths.md
+++ b/windows/deploy/windows-10-upgrade-paths.md
@@ -14,7 +14,339 @@ author: greg-lindsay
 -   Windows 10
 -   Windows 10 Mobile
 
-The following table shows the available upgrade paths for Windows 10.
+## Available upgrade paths
+
+The following table provides a summary of available upgrade paths to Windows 10. The table includes information about upgrading from an existing release of Windows 10 to a newer release of Windows 10. Migration from one edition of Windows 10 to a different edition is also supported. For more information about methods used to upgrade the edition of Windows 10, see [Windows 10 edition upgrade](windows-10-edition-upgrades.md).
+
+**Note**: Windows "N" and "KN" editions follow the same upgrade paths shown below. If the pre-upgrade and post-upgrade editions are not the the same type (e.g. Windows 8.1 Pro N to Windows 10 Pro), personal data will be kept but applications and settings will be removed during the upgrade process.  
+
+Some upgrade paths qualify for a free upgrade. For a list of upgrade paths that are available as part of the free upgrade offer, see [Free upgrade paths](## Free upgrade paths).
+
+✔ = Full upgrade is supported including personal data, settings, and applications.<BR>
+D = Edition downgrade; personal data is maintained, applications and settings are removed.
+
+<table border="1" cellpadding="3">
+    <tr>
+        <td>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</td>
+        <td></td>
+        <td>Windows 10 Home</td>
+        <td>Windows 10 Pro</td>
+        <td>Windows 10 Pro for Education</td>
+        <td>Windows 10 Education</td>
+        <td>Windows 10 Enterprise</td>
+        <td>Windows 10 Mobile</td>
+        <td>Windows 10 Mobile Enterprise</td>
+    </tr>
+    <tr>
+        <td rowspan="7">Windows 7</td>
+    </tr>
+    <tr>
+        <td>Starter</td>
+        <td>✔</td>
+        <td>✔</td>
+        <td>✔</td>
+        <td>✔</td>
+        <td></td>
+        <td></td>
+        <td></td>
+    </tr>
+    <tr>
+        <td>Home Basic</td>
+        <td>✔</td>
+        <td>✔</td>
+        <td>✔</td>
+        <td>✔</td>
+        <td></td>
+        <td></td>
+        <td></td>
+    </tr>
+    <tr>
+        <td>Home Premium</td>
+        <td>✔</td>
+        <td>✔</td>
+        <td>✔</td>
+        <td>✔</td>
+        <td></td>
+        <td></td>
+        <td></td>
+    </tr>
+    <tr>
+        <td>Professional</td>
+        <td>D</td>
+        <td>✔</td>
+        <td>✔</td>
+        <td>✔</td>
+        <td>✔</td>
+        <td></td>
+        <td></td>
+    </tr>
+    <tr>
+        <td>Ultimate</td>
+        <td>D</td>
+        <td>✔</td>
+        <td>✔</td>
+        <td>✔</td>
+        <td>✔</td>
+        <td></td>
+        <td></td>
+    </tr>
+    <tr>
+        <td>Enterprise</td>
+        <td></td>
+        <td></td>
+        <td></td>
+        <td>✔</td>
+        <td>✔</td>
+        <td></td>
+        <td></td>
+    </tr>
+    <tr>
+        <td rowspan="8">Windows 8</td>
+    </tr>
+    <tr>
+        <td>(Core)</td>
+        <td>✔</td>
+        <td>✔</td>
+        <td>✔</td>
+        <td>✔</td>
+        <td></td>
+        <td></td>
+        <td></td>
+    </tr>
+    <tr>
+        <td>Professional</td>
+        <td>D</td>
+        <td>✔</td>
+        <td>✔</td>
+        <td>✔</td>
+        <td>✔</td>
+        <td></td>
+        <td></td>
+    </tr>
+    <tr>
+        <td>Professional WMC</td>
+        <td>D</td>
+        <td>✔</td>
+        <td>✔</td>
+        <td>✔</td>
+        <td>✔</td>
+        <td></td>
+        <td></td>
+    </tr>
+    <tr>
+        <td>Enterprise</td>
+        <td></td>
+        <td></td>
+        <td></td>
+        <td>✔</td>
+        <td>✔</td>
+        <td></td>
+        <td></td>
+    </tr>
+    <tr>
+        <td>Embedded Industry</td>
+        <td></td>
+        <td></td>
+        <td></td>
+        <td></td>
+        <td>✔</td>
+        <td></td>
+        <td></td>
+    </tr>
+    <tr>
+        <td>Windows RT</td>
+        <td></td>
+        <td></td>
+        <td></td>
+        <td></td>
+        <td></td>
+        <td></td>
+        <td></td>
+    </tr>
+    <tr>
+        <td>Windows Phone 8</td>
+        <td></td>
+        <td></td>
+        <td></td>
+        <td></td>
+        <td></td>
+        <td></td>
+        <td></td>
+    </tr>
+    <tr>
+        <td rowspan="10">Windows 8.1</td>
+    </tr>
+    <tr>
+        <td>(Core)</td>
+        <td>✔</td>
+        <td>✔</td>
+        <td>✔</td>
+        <td>✔</td>
+        <td></td>
+        <td></td>
+        <td></td>
+    </tr>
+    <tr>
+        <td>Connected</td>
+        <td>✔</td>
+        <td>✔</td>
+        <td>✔</td>
+        <td>✔</td>
+        <td></td>
+        <td></td>
+        <td></td>
+    </tr>
+    <tr>
+        <td>Professional</td>
+        <td>D</td>
+        <td>✔</td>
+        <td>✔</td>
+        <td>✔</td>
+        <td>✔</td>
+        <td></td>
+        <td></td>
+    </tr>
+    <tr>
+        <td>Professional Student</td>
+        <td>D</td>
+        <td>✔</td>
+        <td>✔</td>
+        <td>✔</td>
+        <td>✔</td>
+        <td></td>
+        <td></td>
+    </tr>
+    <tr>
+        <td>Professional WMC</td>
+        <td>D</td>
+        <td>✔</td>
+        <td>✔</td>
+        <td>✔</td>
+        <td>✔</td>
+        <td></td>
+        <td></td>
+    </tr>
+    <tr>
+        <td>Enterprise</td>
+        <td></td>
+        <td></td>
+        <td></td>
+        <td>✔</td>
+        <td>✔</td>
+        <td></td>
+        <td></td>
+    </tr>
+    <tr>
+        <td>Embedded Industry</td>
+        <td></td>
+        <td></td>
+        <td></td>
+        <td></td>
+        <td>✔</td>
+        <td></td>
+        <td></td>
+    </tr>
+    <tr>
+        <td>Windows RT</td>
+        <td></td>
+        <td></td>
+        <td></td>
+        <td></td>
+        <td></td>
+        <td></td>
+        <td></td>
+    </tr>
+    <tr>
+        <td>Windows Phone 8.1</td>
+        <td></td>
+        <td></td>
+        <td></td>
+        <td></td>
+        <td></td>
+        <td>✔</td>
+        <td>✔</td>
+    </tr>
+    <tr>
+        <td rowspan="7">Windows 10</td>
+    </tr>
+    <tr>
+        <td>Home</td>
+        <td>✔</td>
+        <td>✔</td>
+        <td>✔</td>
+        <td>✔</td>
+        <td></td>
+        <td></td>
+        <td></td>
+    </tr>
+    <tr>
+        <td>Professional</td>
+        <td>D</td>
+        <td>✔</td>
+        <td>✔</td>
+        <td>✔</td>
+        <td>✔</td>
+        <td></td>
+        <td></td>
+    </tr>
+    <tr>
+        <td>Education</td>
+        <td></td>
+        <td></td>
+        <td></td>
+        <td>✔</td>
+        <td>D</td>
+        <td></td>
+        <td></td>
+    </tr>
+    <tr>
+        <td>Enterprise</td>
+        <td></td>
+        <td></td>
+        <td></td>
+        <td>✔</td>
+        <td>✔</td>
+        <td></td>
+        <td></td>
+    </tr>
+    <tr>
+        <td>Mobile</td>
+        <td></td>
+        <td></td>
+        <td></td>
+        <td></td>
+        <td></td>
+        <td>✔</td>
+        <td>✔</td>
+    </tr>
+    <tr>
+        <td>Mobile Enterprise</td>
+        <td></td>
+        <td></td>
+        <td></td>
+        <td></td>
+        <td></td>
+        <td>✔</td>
+        <td>✔</td>
+    </tr>
+</table>
+
+## Free upgrade paths
+
+Windows 10 is offered as a free upgrade for the first year after launch of Windows 10, with the following restrictions: 
+- The offer expires on July 29th, 2016.
+- The offer applies to devices connected to the Internet with Windows Update enabled.
+- Upgrading to Windows 10 Pro requires a computer running the Pro or Ultimate version of Windows 7/8/8.1.
+- Windows Phone 8.0 users must update to Windows 8.1 before upgrading to Windows 10 Mobile<sup>1</sup>. 
+- Editions that are excluded from the free upgrade offer include: Windows 7 Enterprise, Windows 8/8.1 Enterprise, and Windows RT/RT 8.1<sup>2</sup>. 
+
+<sup>1</sup>The availability of Windows 10 Mobile for Windows 8.1 devices will vary by device manufacturer, device model, country or region, mobile operator or service provider, hardware limitations, and other factors. For a list of eligible phones and important info about the upgrade and Windows 10 Mobile, see [Windows 10 specifications](http://windows.com/specsmobile)
+
+<sup>2</sup>Active Software Assurance customers in volume licensing have the benefit to upgrade to Windows 10 Enterprise outside of this offer. Windows 10 is not supported on devices running the RT versions of Windows 8.
+
+For a list of frequently asked questions about the free upgrade to Windows 10, see [Upgrade to Windows 10: FAQ](http://windows.microsoft.com/en-us/windows-10/upgrade-to-windows-10-faq)
+
+The following table summarizes the free upgrade paths to Windows 10.
 
 <table border="1" cellpadding="3">
     <tr>
@@ -22,14 +354,6 @@ The following table shows the available upgrade paths for Windows 10.
         <td>From</td>
         <td>To</td>
     </tr>
-    <tr>
-        <td BGCOLOR="#a0e4fa" colspan="3">Windows Vista</td>
-    </tr>
-    <tr>
-        <td></td>
-        <td>Windows Vista (all versions)</td>
-        <td>&nbsp;X&nbsp;</td>
-    </tr>
     <tr>
         <td BGCOLOR="#a0e4fa" colspan="3">Windows 7</td>
     </tr>
@@ -55,19 +379,9 @@ The following table shows the available upgrade paths for Windows 10.
         <td>&nbsp;</td>
         <td>Windows 7 Ultimate</td>
     </tr>
-	    <tr>
-	        <td></td>
-	        <td>Windows 7 Enterprise<sup>1</sup></td>
-	        <td>Windows 10 Enterprise</td>
-       </tr>
         <tr>
 	        <td BGCOLOR="#a0e4fa" colspan="3">Windows 8/8.1</td>
 	    </tr>
-	    <tr>
-	        <td></td>
-	        <td>Windows Phone 8.0</td>
-	        <td>&nbsp;X&nbsp;</td>
-       </tr>
 	    <tr>
 	        <td></td>
 	        <td>Windows Phone 8.1</td>
@@ -87,60 +401,12 @@ The following table shows the available upgrade paths for Windows 10.
         <td>&nbsp;</td>
         <td>Windows 8/8.1 Pro for Students</td>
     </tr>
-	    <tr>
-	        <td></td>
-	        <td>Windows 8/8.1 Enterprise<sup>1</sup></td>
-	        <td>Windows 10 Enterprise</td>
-       </tr>
-	    <tr>
-	        <td></td>
-	        <td>Windows RT</td>
-	        <td>&nbsp;X&nbsp;</td>
-       </tr>
-        <tr>
-	        <td BGCOLOR="#a0e4fa" colspan="3">Windows 10</td>
-	    </tr>
-	    <tr>
-	        <td></td>
-	        <td>Windows 10 Home</td>
-	        <td>Windows 10 Pro<BR>Windows 10 Education</td>
-       </tr>
-	    <tr>
-	        <td></td>
-	        <td>Windows 10 Pro</td>
-	        <td>Windows 10 Education<BR>Windows 10 Enterprise</td>
-       </tr>
-       	<tr>
-	   	    <td></td>
-	   	    <td>Windows 10 Enterprise</td>
-	   	    <td>Windows 10 Education</td>
-       </tr>
-       	<tr>
-	   	    <td></td>
-	   	    <td>Windows 10 Education</td>
-	   	    <td>&nbsp;X&nbsp;</td>
-       </tr>
-       	<tr>
-	   	    <td></td>
-	   	    <td>Windows 10 Mobile</td>
-	   	    <td>Windows 10 Mobile Enterprise</td>
-       </tr>
-       	<tr>
-	   	    <td></td>
-	   	    <td>Windows 10 Mobile Enterprise</td>
-	   	    <td>&nbsp;X&nbsp;</td>
-       </tr>
-       	<tr>
-	   	    <td></td>
-	   	    <td>Windows 10 IoT</td>
-	   	    <td>&nbsp;X&nbsp;</td>
-       </tr>
+
 </table>
 
-**Upgrade notes**<br>The following restrictions are associated with the indicated upgrade paths. 
-
- <sup>1</sup>Upgrade of Windows 7/8/8.1 Enterprise to Windows 10 Enterprise is not available using the Windows Update free upgrade offer, expiring 7/29/2016.
+## Related Topics
 
+[Windows 10 deployment scenarios](windows-10-deployment-scenarios.md)
  
 
  

From 7008893959cad3c13700fa4befc19e7ae7090f76 Mon Sep 17 00:00:00 2001
From: Greg Lindsay <greglin@microsoft.com>
Date: Thu, 23 Jun 2016 16:12:29 -0700
Subject: [PATCH 22/32] minor changes

---
 windows/deploy/windows-10-upgrade-paths.md | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/windows/deploy/windows-10-upgrade-paths.md b/windows/deploy/windows-10-upgrade-paths.md
index b2ad80ac12..9d7dfadceb 100644
--- a/windows/deploy/windows-10-upgrade-paths.md
+++ b/windows/deploy/windows-10-upgrade-paths.md
@@ -14,13 +14,13 @@ author: greg-lindsay
 -   Windows 10
 -   Windows 10 Mobile
 
-## Available upgrade paths
+## Upgrade paths
 
-The following table provides a summary of available upgrade paths to Windows 10. The table includes information about upgrading from an existing release of Windows 10 to a newer release of Windows 10. Migration from one edition of Windows 10 to a different edition is also supported. For more information about methods used to upgrade the edition of Windows 10, see [Windows 10 edition upgrade](windows-10-edition-upgrades.md).
+This topic provides a summary of available upgrade paths to Windows 10. You can upgrade to Windows 10 from Windows 7 or a later operating system. This includes upgrading from one release of Windows 10 to later release of Windows 10. Migrating from one edition of Windows 10 to a different edition of the same release is also supported. For more information about migrating to a different edition of Windows 10, see [Windows 10 edition upgrade](windows-10-edition-upgrades.md).
 
-**Note**: Windows "N" and "KN" editions follow the same upgrade paths shown below. If the pre-upgrade and post-upgrade editions are not the the same type (e.g. Windows 8.1 Pro N to Windows 10 Pro), personal data will be kept but applications and settings will be removed during the upgrade process.  
+>**Windows N/KN**: Windows "N" and "KN" editions follow the same upgrade paths shown below. If the pre-upgrade and post-upgrade editions are not the the same type (e.g. Windows 8.1 Pro N to Windows 10 Pro), personal data will be kept but applications and settings will be removed during the upgrade process.  
 
-Some upgrade paths qualify for a free upgrade. For a list of upgrade paths that are available as part of the free upgrade offer, see [Free upgrade paths](## Free upgrade paths).
+>**Free upgrade**: Some upgrade paths qualify for a free upgrade using Windows Update. For a list of upgrade paths that are available as part of the free upgrade offer, see [Free upgrade paths](#bkmk-free-table).
 
 ✔ = Full upgrade is supported including personal data, settings, and applications.<BR>
 D = Edition downgrade; personal data is maintained, applications and settings are removed.
@@ -348,6 +348,8 @@ For a list of frequently asked questions about the free upgrade to Windows 10, s
 
 The following table summarizes the free upgrade paths to Windows 10.
 
+## <a href="" id="bkmk-free-table"></a>
+
 <table border="1" cellpadding="3">
     <tr>
         <td>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</td>

From cd9c80d249a93a86b099e81cdc21eb8f40262b91 Mon Sep 17 00:00:00 2001
From: Greg Lindsay <greglin@microsoft.com>
Date: Thu, 23 Jun 2016 16:42:17 -0700
Subject: [PATCH 23/32] minor changes

---
 windows/deploy/windows-10-upgrade-paths.md | 18 +++++++++---------
 1 file changed, 9 insertions(+), 9 deletions(-)

diff --git a/windows/deploy/windows-10-upgrade-paths.md b/windows/deploy/windows-10-upgrade-paths.md
index 9d7dfadceb..78ee99dd11 100644
--- a/windows/deploy/windows-10-upgrade-paths.md
+++ b/windows/deploy/windows-10-upgrade-paths.md
@@ -38,7 +38,7 @@ D = Edition downgrade; personal data is maintained, applications and settings ar
         <td>Windows 10 Mobile Enterprise</td>
     </tr>
     <tr>
-        <td rowspan="7">Windows 7</td>
+        <td rowspan="7" nowrap="nowrap">Windows 7</td>
     </tr>
     <tr>
         <td>Starter</td>
@@ -101,7 +101,7 @@ D = Edition downgrade; personal data is maintained, applications and settings ar
         <td></td>
     </tr>
     <tr>
-        <td rowspan="8">Windows 8</td>
+        <td rowspan="8" nowrap="nowrap">Windows 8</td>
     </tr>
     <tr>
         <td>(Core)</td>
@@ -174,7 +174,7 @@ D = Edition downgrade; personal data is maintained, applications and settings ar
         <td></td>
     </tr>
     <tr>
-        <td rowspan="10">Windows 8.1</td>
+        <td rowspan="10" nowrap="nowrap">Windows 8.1</td>
     </tr>
     <tr>
         <td>(Core)</td>
@@ -267,7 +267,7 @@ D = Edition downgrade; personal data is maintained, applications and settings ar
         <td>✔</td>
     </tr>
     <tr>
-        <td rowspan="7">Windows 10</td>
+        <td rowspan="7" nowrap="nowrap">Windows 10</td>
     </tr>
     <tr>
         <td>Home</td>
@@ -333,6 +333,8 @@ D = Edition downgrade; personal data is maintained, applications and settings ar
 
 ## Free upgrade paths
 
+## <a href="" id="bkmk-free-table"></a>
+
 Windows 10 is offered as a free upgrade for the first year after launch of Windows 10, with the following restrictions: 
 - The offer expires on July 29th, 2016.
 - The offer applies to devices connected to the Internet with Windows Update enabled.
@@ -340,16 +342,14 @@ Windows 10 is offered as a free upgrade for the first year after launch of Windo
 - Windows Phone 8.0 users must update to Windows 8.1 before upgrading to Windows 10 Mobile<sup>1</sup>. 
 - Editions that are excluded from the free upgrade offer include: Windows 7 Enterprise, Windows 8/8.1 Enterprise, and Windows RT/RT 8.1<sup>2</sup>. 
 
-<sup>1</sup>The availability of Windows 10 Mobile for Windows 8.1 devices will vary by device manufacturer, device model, country or region, mobile operator or service provider, hardware limitations, and other factors. For a list of eligible phones and important info about the upgrade and Windows 10 Mobile, see [Windows 10 specifications](http://windows.com/specsmobile)
+><sup>1</sup>The availability of Windows 10 Mobile for Windows 8.1 devices will vary by device manufacturer, device model, country or region, mobile operator or service provider, hardware limitations, and other factors. For a list of eligible phones and important info about the upgrade and Windows 10 Mobile, see [Windows 10 specifications](http://windows.com/specsmobile).
 
-<sup>2</sup>Active Software Assurance customers in volume licensing have the benefit to upgrade to Windows 10 Enterprise outside of this offer. Windows 10 is not supported on devices running the RT versions of Windows 8.
+><sup>2</sup>Active Software Assurance customers in volume licensing have the benefit to upgrade to Windows 10 Enterprise outside of this offer. Windows 10 is not supported on devices running the RT versions of Windows 8.
 
-For a list of frequently asked questions about the free upgrade to Windows 10, see [Upgrade to Windows 10: FAQ](http://windows.microsoft.com/en-us/windows-10/upgrade-to-windows-10-faq)
+For a list of frequently asked questions about the free upgrade to Windows 10, see [Upgrade to Windows 10: FAQ](http://windows.microsoft.com/en-us/windows-10/upgrade-to-windows-10-faq).
 
 The following table summarizes the free upgrade paths to Windows 10.
 
-## <a href="" id="bkmk-free-table"></a>
-
 <table border="1" cellpadding="3">
     <tr>
         <td>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</td>

From ffb6082871c94285debfb273790af9464c9b962f Mon Sep 17 00:00:00 2001
From: Greg Lindsay <greglin@microsoft.com>
Date: Thu, 23 Jun 2016 16:47:40 -0700
Subject: [PATCH 24/32] minor changes

---
 windows/deploy/windows-10-upgrade-paths.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/deploy/windows-10-upgrade-paths.md b/windows/deploy/windows-10-upgrade-paths.md
index 78ee99dd11..9e1f79a8f7 100644
--- a/windows/deploy/windows-10-upgrade-paths.md
+++ b/windows/deploy/windows-10-upgrade-paths.md
@@ -18,7 +18,7 @@ author: greg-lindsay
 
 This topic provides a summary of available upgrade paths to Windows 10. You can upgrade to Windows 10 from Windows 7 or a later operating system. This includes upgrading from one release of Windows 10 to later release of Windows 10. Migrating from one edition of Windows 10 to a different edition of the same release is also supported. For more information about migrating to a different edition of Windows 10, see [Windows 10 edition upgrade](windows-10-edition-upgrades.md).
 
->**Windows N/KN**: Windows "N" and "KN" editions follow the same upgrade paths shown below. If the pre-upgrade and post-upgrade editions are not the the same type (e.g. Windows 8.1 Pro N to Windows 10 Pro), personal data will be kept but applications and settings will be removed during the upgrade process.  
+>**Windows N/KN**: Windows "N" and "KN" editions follow the same upgrade paths shown below. If the pre-upgrade and post-upgrade editions are not the same type (e.g. Windows 8.1 Pro N to Windows 10 Pro), personal data will be kept but applications and settings will be removed during the upgrade process.  
 
 >**Free upgrade**: Some upgrade paths qualify for a free upgrade using Windows Update. For a list of upgrade paths that are available as part of the free upgrade offer, see [Free upgrade paths](#bkmk-free-table).
 

From 98a80482ec0e8e76906914131f28e674cb60266c Mon Sep 17 00:00:00 2001
From: Greg Lindsay <greglin@microsoft.com>
Date: Thu, 23 Jun 2016 16:57:51 -0700
Subject: [PATCH 25/32] minor changes

---
 windows/deploy/TOC.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/windows/deploy/TOC.md b/windows/deploy/TOC.md
index ff58491fd1..a6d2e9d108 100644
--- a/windows/deploy/TOC.md
+++ b/windows/deploy/TOC.md
@@ -35,6 +35,7 @@
 ## [Upgrade to Windows 10 with the Microsoft Deployment Toolkit](upgrade-to-windows-10-with-the-microsoft-deployment-toolkit.md)
 ## [Upgrade to Windows 10 with System Center Configuration Manager](upgrade-to-windows-10-with-system-center-configuraton-manager.md)
 ## [Configure a PXE server to load Windows PE](configure-a-pxe-server-to-load-windows-pe.md)
+## [Windows 10 upgrade paths](windows-10-upgrade-paths.md)
 ## [Windows 10 edition upgrade](windows-10-edition-upgrades.md)
 ## [Deploy Windows To Go in your organization](deploy-windows-to-go.md)
 ## [Update Windows 10 images with provisioning packages](update-windows-10-images-with-provisioning-packages.md)

From 634c2320443a0ea1e11fd9eee57d90fd3b3a001a Mon Sep 17 00:00:00 2001
From: Greg Lindsay <greglin@microsoft.com>
Date: Thu, 23 Jun 2016 17:20:41 -0700
Subject: [PATCH 26/32] minor changes

---
 windows/deploy/windows-10-upgrade-paths.md | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/windows/deploy/windows-10-upgrade-paths.md b/windows/deploy/windows-10-upgrade-paths.md
index 9e1f79a8f7..0f2958d2a5 100644
--- a/windows/deploy/windows-10-upgrade-paths.md
+++ b/windows/deploy/windows-10-upgrade-paths.md
@@ -330,10 +330,8 @@ D = Edition downgrade; personal data is maintained, applications and settings ar
         <td>✔</td>
     </tr>
 </table>
-
-## Free upgrade paths
-
 ## <a href="" id="bkmk-free-table"></a>
+## Free upgrade paths
 
 Windows 10 is offered as a free upgrade for the first year after launch of Windows 10, with the following restrictions: 
 - The offer expires on July 29th, 2016.

From e2544fa991dfd70385694f06b7689cbffebe820e Mon Sep 17 00:00:00 2001
From: Trudy Hakala <Trudy.Hakala@microsoft.com>
Date: Fri, 24 Jun 2016 08:59:28 -0700
Subject: [PATCH 27/32] adding note about time required for device reset

---
 devices/surface-hub/device-reset-suface-hub.md | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/devices/surface-hub/device-reset-suface-hub.md b/devices/surface-hub/device-reset-suface-hub.md
index e4f36616da..7b79afbb8a 100644
--- a/devices/surface-hub/device-reset-suface-hub.md
+++ b/devices/surface-hub/device-reset-suface-hub.md
@@ -27,7 +27,10 @@ Initiating a reset will return the device to the last cumulative Windows update,
 -   MDM enrollment
 -   Domain join or Azure AD join information
 -   Local admins on the device
--   Configurations from MDM or the Settings app.
+-   Configurations from MDM or the Settings app
+
+**Important Note**</br>
+Performing a device reset may take up to 6 hours. Do not interrupt the reset process. Interrupting the process will render the device inoperable, requiring warranty service to return to normal functionality.
 
 After the reset, you'll be taken through the [first run program](first-run-program-surface-hub.md) again.
 

From 9e96b4e84c981b9512f53dbda3b01f291e381f5e Mon Sep 17 00:00:00 2001
From: Brian Lich <brianlic@microsoft.com>
Date: Fri, 24 Jun 2016 09:14:06 -0700
Subject: [PATCH 28/32] adding link to secguide blog

---
 windows/keep-secure/windows-security-baselines.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/keep-secure/windows-security-baselines.md b/windows/keep-secure/windows-security-baselines.md
index 7e5a5f4b9e..b6fb29abb1 100644
--- a/windows/keep-secure/windows-security-baselines.md
+++ b/windows/keep-secure/windows-security-baselines.md
@@ -43,7 +43,7 @@ To help faster deployments and increase the ease of managing Windows, Microsoft
  
  Here's a list of security baselines that are currently available.
 
- If you want to know what has changed with each security baseline, or if you want to stay up-to-date on what’s happening with them, check out the Microsoft Security Guidance blog.
+ > **Note:**  If you want to know what has changed with each security baseline, or if you want to stay up-to-date on what’s happening with them, check out the [Microsoft Security Guidance](http://blogs.technet.microsoft.com/secguide) blog.
  
 ### Windows 10 security baselines
  

From 58e1d31f5c491adcd3fd9946e0eccb9af0cc23ae Mon Sep 17 00:00:00 2001
From: Trudy Hakala <Trudy.Hakala@microsoft.com>
Date: Fri, 24 Jun 2016 09:16:38 -0700
Subject: [PATCH 29/32] renaming topic and redirecting old topic

---
 devices/surface-hub/TOC.md                    |  2 +-
 .../surface-hub/device-reset-suface-hub.md    |  1 +
 .../surface-hub/device-reset-surface-hub.md   | 42 +++++++++++++++++++
 3 files changed, 44 insertions(+), 1 deletion(-)
 create mode 100644 devices/surface-hub/device-reset-surface-hub.md

diff --git a/devices/surface-hub/TOC.md b/devices/surface-hub/TOC.md
index 485c432a26..b127e38f53 100644
--- a/devices/surface-hub/TOC.md
+++ b/devices/surface-hub/TOC.md
@@ -19,7 +19,7 @@
 ### [Manage Microsoft Surface Hub](manage-surface-hub.md)
 #### [Accessibility](accessibility-surface-hub.md)
 #### [Change the Surface Hub device account](change-surface-hub-device-account.md)
-#### [Device reset](device-reset-suface-hub.md)
+#### [Device reset](device-reset-surface-hub.md)
 #### [End a Surface Hub meeting with I'm Done](i-am-done-finishing-your-surface-hub-meeting.md)
 #### [Install apps on your Surface Hub](install-apps-on-surface-hub.md)
 #### [Manage settings with a local admin account](manage-settings-with-local-admin-account-surface-hub.md)
diff --git a/devices/surface-hub/device-reset-suface-hub.md b/devices/surface-hub/device-reset-suface-hub.md
index 7b79afbb8a..b90a11ada6 100644
--- a/devices/surface-hub/device-reset-suface-hub.md
+++ b/devices/surface-hub/device-reset-suface-hub.md
@@ -2,6 +2,7 @@
 title: Device reset (Surface Hub)
 description: You may wish to reset your Microsoft Surface Hub.
 ms.assetid: 44E82EEE-1905-464B-A758-C2A1463909FF
+redirect_url: https://technet.microsoft.com/en-us/itpro/surface-hub/device-reset-surface-hub
 keywords: reset Surface Hub
 ms.prod: w10
 ms.mktglfcycl: manage
diff --git a/devices/surface-hub/device-reset-surface-hub.md b/devices/surface-hub/device-reset-surface-hub.md
new file mode 100644
index 0000000000..e630d1f23b
--- /dev/null
+++ b/devices/surface-hub/device-reset-surface-hub.md
@@ -0,0 +1,42 @@
+---
+title: Device reset (Surface Hub)
+description: You may wish to reset your Microsoft Surface Hub.
+ms.assetid: 44E82EEE-1905-464B-A758-C2A1463909FF
+keywords: reset Surface Hub
+ms.prod: w10
+ms.mktglfcycl: manage
+ms.sitesec: library
+ms.pagetype: surfacehub
+author: TrudyHa
+---
+
+# Device reset (Surface Hub)
+
+
+You may wish to reset your Microsoft Surface Hub.
+
+Typical reasons for a reset include:
+
+-   The device isn’t running well after installing an update.
+-   You’re repurposing the device for a new meeting space and want to reconfigure it.
+-   You want to change how you locally manage the device.
+
+Initiating a reset will return the device to the last cumulative Windows update, and remove all local user files and configuration, including:
+
+-   The device account
+-   MDM enrollment
+-   Domain join or Azure AD join information
+-   Local admins on the device
+-   Configurations from MDM or the Settings app
+
+**Important Note**</br>
+Performing a device reset may take up to 6 hours. Do not interrupt the reset process. Interrupting the process will render the device inoperable, requiring warranty service to return to normal functionality.
+
+After the reset, you'll be taken through the [first run program](first-run-program-surface-hub.md) again.
+
+## Related topics
+
+
+[Manage Microsoft Surface Hub](manage-surface-hub.md)
+
+[Microsoft Surface Hub administrator's guide](surface-hub-administrators-guide.md)
\ No newline at end of file

From 3dc2cdc7bb7a7cb58686dd70e6eb3673a36595dd Mon Sep 17 00:00:00 2001
From: Greg Lindsay <greglin@microsoft.com>
Date: Fri, 24 Jun 2016 10:20:40 -0700
Subject: [PATCH 30/32] fixes

---
 windows/deploy/windows-10-upgrade-paths.md         |  7 ++++---
 ...windows-upgrade-and-migration-considerations.md | 14 +++++++-------
 2 files changed, 11 insertions(+), 10 deletions(-)

diff --git a/windows/deploy/windows-10-upgrade-paths.md b/windows/deploy/windows-10-upgrade-paths.md
index 0f2958d2a5..a4ad2dda59 100644
--- a/windows/deploy/windows-10-upgrade-paths.md
+++ b/windows/deploy/windows-10-upgrade-paths.md
@@ -20,7 +20,7 @@ This topic provides a summary of available upgrade paths to Windows 10. You can
 
 >**Windows N/KN**: Windows "N" and "KN" editions follow the same upgrade paths shown below. If the pre-upgrade and post-upgrade editions are not the same type (e.g. Windows 8.1 Pro N to Windows 10 Pro), personal data will be kept but applications and settings will be removed during the upgrade process.  
 
->**Free upgrade**: Some upgrade paths qualify for a free upgrade using Windows Update. For a list of upgrade paths that are available as part of the free upgrade offer, see [Free upgrade paths](#bkmk-free-table).
+>**Free upgrade**: Some upgrade paths qualify for a free upgrade using Windows Update. For a list of upgrade paths that are available as part of the free upgrade offer, see [Free upgrade paths](#Free-upgrade-paths).
 
 ✔ = Full upgrade is supported including personal data, settings, and applications.<BR>
 D = Edition downgrade; personal data is maintained, applications and settings are removed.
@@ -330,7 +330,7 @@ D = Edition downgrade; personal data is maintained, applications and settings ar
         <td>✔</td>
     </tr>
 </table>
-## <a href="" id="bkmk-free-table"></a>
+
 ## Free upgrade paths
 
 Windows 10 is offered as a free upgrade for the first year after launch of Windows 10, with the following restrictions: 
@@ -406,7 +406,8 @@ The following table summarizes the free upgrade paths to Windows 10.
 
 ## Related Topics
 
-[Windows 10 deployment scenarios](windows-10-deployment-scenarios.md)
+[Windows 10 deployment scenarios](windows-10-deployment-scenarios.md)<BR>
+[Windows upgrade and migration considerations](windows-upgrade-and-migration-considerations.md)
  
 
  
diff --git a/windows/deploy/windows-upgrade-and-migration-considerations.md b/windows/deploy/windows-upgrade-and-migration-considerations.md
index 7763b0502d..ae1843d86a 100644
--- a/windows/deploy/windows-upgrade-and-migration-considerations.md
+++ b/windows/deploy/windows-upgrade-and-migration-considerations.md
@@ -8,13 +8,13 @@ ms.sitesec: library
 author: greg-lindsay
 ---
 
-# Windows Upgrade and Migration Considerations
+# Windows upgrade and migration considerations
 Files and application settings can be migrated to new hardware running the Windows® operating system, or they can be maintained during an operating system upgrade on the same computer. This topic summarizes the Microsoft® tools you can use to move files and settings between installations in addition to special considerations for performing an upgrade or migration.
 
-## Upgrade from a Previous Version of Windows
+## Upgrade from a previous version of Windows
 You can upgrade from an earlier version of Windows, which means you can install the new version of Windows and retain your applications, files, and settings as they were in your previous version of Windows. If you decide to perform a custom installation of Windows instead of an upgrade, your applications and settings will not be maintained. Your personal files, and all Windows files and directories, will be moved to a Windows.old folder. You can access your data in the Windows.old folder after Windows Setup is complete.
 
-## Migrate Files and Settings
+## Migrate files and settings
 Migration tools are available to transfer settings from one computer that is running Windows to another. These tools transfer only the program settings, not the programs themselves.
 
 For more information about application compatibility, see the [Application Compatibility Toolkit (ACT)](http://go.microsoft.com/fwlink/p/?LinkId=131349).
@@ -29,13 +29,13 @@ With Windows Easy Transfer, files and settings can be transferred using a netwo
 ### Migrate with the User State Migration Tool
 You can use USMT to automate migration during large deployments of the Windows operating system. USMT uses configurable migration rule (.xml) files to control exactly which user accounts, user files, operating system settings, and application settings are migrated and how they are migrated. You can use USMT for both *side-by-side* migrations, where one piece of hardware is being replaced, or *wipe-and-load* (or *refresh*) migrations, when only the operating system is being upgraded.
 
-## Upgrade and Migration Considerations
+## Upgrade and migration monsiderations
 Whether you are upgrading or migrating to a new version of Windows, you must be aware of the following issues and considerations:
 
-### Application Compatibility
+### Application compatibility
 For more information about application compatibility in Windows, see the [Application Compatibility Toolkit (ACT)](http://go.microsoft.com/fwlink/p/?LinkId=131349).
 
-### Multilingual Windows Image Upgrades
+### Multilingual Windows image upgrades
 When performing multilingual Windows upgrades, cross-language upgrades are not supported by USMT. If you are upgrading or migrating an operating system with multiple language packs installed, you can upgrade or migrate only to the system default user interface (UI) language. For example, if English is the default but you have a Spanish language pack installed, you can upgrade or migrate only to English.
 
 If you are using a single-language Windows image that matches the system default UI language of your multilingual operating system, the migration will work. However, all of the language packs will be removed, and you will have to reinstall them after the upgrade is completed.
@@ -43,7 +43,7 @@ If you are using a single-language Windows image that matches the system default
 ### Errorhandler.cmd
 When upgrading from an earlier version of Windows, if you intend to use Errorhandler.cmd, you must copy this file into the %WINDIR%\\Setup\\Scripts directory on the old installation. This makes sure that if there are errors during the down-level phase of Windows Setup, the commands in Errorhandler.cmd will run.
 
-### Data Drive ACL Migration
+### Data drive ACL migration
 During the configuration pass of Windows Setup, the root access control list (ACL) on drives formatted for NTFS that do not appear to have an operating system will be changed to the default Windows XP ACL format. The ACLs on these drives are changed to enable authenticated users to modify access on folders and files.
 
 Changing the ACLs may affect the performance of Windows Setup if the default Windows XP ACLs are applied to a partition with a large amount of data. Because of these performance concerns, you can change the following registry value to disable this feature:

From 08542b0c390f5e9716f3a025fc63003b79237c7a Mon Sep 17 00:00:00 2001
From: Greg Lindsay <greglin@microsoft.com>
Date: Fri, 24 Jun 2016 11:12:47 -0700
Subject: [PATCH 31/32] updated links

---
 windows/deploy/windows-10-upgrade-paths.md                   | 4 +---
 .../deploy/windows-upgrade-and-migration-considerations.md   | 5 ++++-
 2 files changed, 5 insertions(+), 4 deletions(-)

diff --git a/windows/deploy/windows-10-upgrade-paths.md b/windows/deploy/windows-10-upgrade-paths.md
index a4ad2dda59..5ba3907e03 100644
--- a/windows/deploy/windows-10-upgrade-paths.md
+++ b/windows/deploy/windows-10-upgrade-paths.md
@@ -344,9 +344,7 @@ Windows 10 is offered as a free upgrade for the first year after launch of Windo
 
 ><sup>2</sup>Active Software Assurance customers in volume licensing have the benefit to upgrade to Windows 10 Enterprise outside of this offer. Windows 10 is not supported on devices running the RT versions of Windows 8.
 
-For a list of frequently asked questions about the free upgrade to Windows 10, see [Upgrade to Windows 10: FAQ](http://windows.microsoft.com/en-us/windows-10/upgrade-to-windows-10-faq).
-
-The following table summarizes the free upgrade paths to Windows 10.
+The following table summarizes the free upgrade paths to Windows 10. For a list of frequently asked questions about the free upgrade to Windows 10, see [Upgrade to Windows 10: FAQ](http://windows.microsoft.com/en-us/windows-10/upgrade-to-windows-10-faq).
 
 <table border="1" cellpadding="3">
     <tr>
diff --git a/windows/deploy/windows-upgrade-and-migration-considerations.md b/windows/deploy/windows-upgrade-and-migration-considerations.md
index ae1843d86a..fc4c69a980 100644
--- a/windows/deploy/windows-upgrade-and-migration-considerations.md
+++ b/windows/deploy/windows-upgrade-and-migration-considerations.md
@@ -57,7 +57,10 @@ Value: "DDACLSys_Disabled" = 1
 This feature is disabled if this registry key value exists and is configured to `1`.
 
 ## Related topics
-- [User State Migration Tool (USMT) Overview Topics](usmt-topics.md)
+[User State Migration Tool (USMT) Overview Topics](usmt-topics.md)<BR>
+[Windows 10 upgrade paths](windows-10-upgrade-paths.md)<BR>
+[Windows 10 edition upgrade](windows-10-edition-upgrades.md)
+
 
  
 

From 03f3eee7368e99677b0dc98b1723569927d52f62 Mon Sep 17 00:00:00 2001
From: Greg Lindsay <greglin@microsoft.com>
Date: Fri, 24 Jun 2016 11:22:33 -0700
Subject: [PATCH 32/32] updated change history

---
 windows/deploy/change-history-for-deploy-windows-10.md | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/windows/deploy/change-history-for-deploy-windows-10.md b/windows/deploy/change-history-for-deploy-windows-10.md
index ce380b474a..3276e429b0 100644
--- a/windows/deploy/change-history-for-deploy-windows-10.md
+++ b/windows/deploy/change-history-for-deploy-windows-10.md
@@ -15,7 +15,8 @@ This topic lists new and updated topics in the [Deploy Windows 10](index.md) doc
 | New or changed topic | Description |
 |----------------------|-------------|
 | [Configure a PXE server to load Windows PE](configure-a-pxe-server-to-load-windows-pe.md) | New |
-| [User State Migration Tool Technical Reference](usmt-technical-reference.md) | Updated |
+| [User State Migration Tool Technical Reference](usmt-technical-reference.md) | Updated support statement for Office 2016 |
+| [Windows 10 upgrade paths](windows-10-upgrade-paths.md) | New |
 
 ## May 2016
 | New or changed topic | Description |